Data minimisation

The privacy-by-design principle of collecting only the personal information that is reasonably necessary for the function or activity at hand. Baked into APP 3 of the Privacy Act 1988 (Cth) as the "reasonable necessity" test for collection. For FRT in clubs, data minimisation prefers template-only storage over raw imagery, narrow retention windows, and limited downstream sharing — each of which reduces APP 11 exposure and NDB-scheme blast radius if a breach occurs.

This term sits in the FRT & privacy section of the working glossary — vocabulary covering facial-recognition controls and the Privacy Act 1988 (Cth), including the Australian Privacy Principles and the Notifiable Data Breaches scheme.

• FRT vendor selection 101 for Australian gaming venues
• Privacy Act ADM reform & gaming venues — FRT, AML automation, automated decisions

• Facial Recognition Technology (FRT)

  Computer-vision systems that detect and match faces against a registered list. In NSW gaming, FRT is increasin…

• NSW voluntary FRT Code of Practice

  A voluntary code approved under s.48 of the Gaming Machines Act 2001 (NSW) covering FRT deployments in gaming …

• Politically Exposed Person (PEP)

  An individual in a prominent public function — and their close family and close associates. The AML/CTF Rules …

• Privacy Act ADM reform

  The automated-decision-making reform to the Privacy Act 1988 (Cth). Requires APP entities to update their priv…

• Australian Privacy Principle 1 (APP 1)

  Schedule 1, Part 1 of the Privacy Act 1988 (Cth) — open and transparent management of personal information. Re…

• Biometric data

  A sensitive-category personal-information class under the Privacy Act 1988 (Cth) covering facial geometry, fin…