FRT and privacy vocabulary covers facial-recognition technology controls and the Privacy Act 1988 (Cth) framework that constrains how venues collect, store, and disclose patron biometric data. Core terms come from the Australian Privacy Principles (especially APP 11 on security of personal information, APP 3 on collection necessity), the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act, and OAIC guidance. Vocabulary in this section is what venues need when evaluating an FRT vendor, drafting a privacy-impact assessment, or responding to a data-breach event.
15 terms in this section. Part of the 120-term Venue Axis compliance glossary.
Computer-vision systems that detect and match faces against a registered list. In NSW gaming, FRT is increasingly used to support self-exclusion participant identification at the g…
A voluntary code approved under s.48 of the Gaming Machines Act 2001 (NSW) covering FRT deployments in gaming venues. Addresses privacy impact assessments, Australia-only data stor…
An individual in a prominent public function — and their close family and close associates. The AML/CTF Rules 2025 recognise three categories: foreign PEP (mandatory ECDD + senior-…
The automated-decision-making reform to the Privacy Act 1988 (Cth). Requires APP entities to update their privacy policies to explain certain uses of personal information in substa…
Schedule 1, Part 1 of the Privacy Act 1988 (Cth) — open and transparent management of personal information. Requires APP entities to have a clearly expressed and up-to-date privacy…
A sensitive-category personal-information class under the Privacy Act 1988 (Cth) covering facial geometry, fingerprints, voiceprints, and similar physiological identifiers. Collect…
A structured pre-deployment analysis of a system's privacy risks — what personal information is collected, how it's used, who can access it, how long it's retained, what controls p…
In the FRT context, the registered list of subjects the system is configured to detect — typically self-excluded participants (and sometimes barred patrons or persons of interest f…
The FRT performance metric measuring how often the system incorrectly flags a non-watchlist person as a match. High FMR creates false-positive harm (wrongful refusal of entry, emba…
The FRT performance metric measuring how often the system fails to detect a person who IS on the watchlist. High FNMR means self-excluded patrons walk past the door unnoticed — def…
Under the Notifiable Data Breaches (NDB) scheme in Part IIIC of the Privacy Act 1988 (Cth), an eligible data breach is one likely to result in serious harm to any individual whose …
The Commonwealth regulator administering the Privacy Act 1988, the Australian Privacy Principles, the Notifiable Data Breaches scheme, and the Freedom of Information Act 1982. The …
APP 11 of the Privacy Act 1988 (Cth) requires reporting entities to take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modi…
The privacy-by-design principle of collecting only the personal information that is reasonably necessary for the function or activity at hand. Baked into APP 3 of the Privacy Act 1…
The vendor-selection risk frame the `/frt-vendor-selection` pillar walks: data-residency (AU on-shore vs offshore template store), control surface (encryption, access logs, key rot…