Australian Government - Attorney-General's Department

Security Policy

Achieving a Just and Secure Society

Skip breadcrumbHome » Governance » Legislation


The protective security mandatory requirements are based on legislation relating to protective security and reflect the aims and objectives of the Australian Government.

Where legislation requires a non-corporate Commonwealth entity (agency) to manage protective security in a manner contrary to the Protective Security Policy Framework (PSPF), that legislation is to take precedence.

Crimes Act 1914 and the Criminal Code

The combined effect of sections 70 and 79 of the Crimes Act 1914 and section 91.1 of the Criminal Code is that the unauthorised disclosure of information held by the Australian Government is subject to the sanction of criminal law. All staff, including contractors who handle official government material, need to be aware of this legislation and how it applies to their roles.

GOV-9: Agencies must give all employees, including contractors, guidance on sections 70 and 79 of the Crimes Act 1914, section 91.1 of the Criminal Code, the Freedom of Information Act 1982 (Cth) and the Australian Privacy Principles contained in the Privacy Act 1988 including how this legislation relates to their role.

Commonwealth legislation applicable to entities include:

Entities may also have specific protective security obligations under their enabling legislation.