Victoria Police must establish clear and definitive procedures for the identification and classification of law enforcement data requiring confidentiality.

Victoria Police must ensure that Agreements with Approved Third Parties include the requirement to establish clear and definitive procedures for the identification and classification of law enforcement data requiring confidentiality.

Statement of Objective

Law enforcement data requires confidentiality provisions where its unauthorised compromise or misuse could result in harm or damage to government, the public interest, private entities or individuals.  By identifying a security classification for such data, Victoria Police will have an understood and agreed mechanism for immediately identifying the level of security required to protect that data.

Implementation Guidance

The person responsible for preparing the information must decide its security classification.  This person is called the originator.  When information is created, the originator must assess the consequences of damage from unauthorised compromise or misuse of the information.  If adverse consequences could occur, the information must be security classified.

Security classified information should be kept to a minimum, where possible.  Information requiring increased protection is identified by considering the consequences of its unauthorised disclosure or misuse.

Australian Government Security Classified information is any official resource (including equipment) that records information about, or is associated with Australia’s:

a) security from espionage, sabotage, politically motivated violence, promotion of communal violence, attacks on Australia’s defence system or acts of foreign interference;

b) defence plans and operations;

c) international relations, significant political and economic relations with international organisations and foreign governments; and

d) national interest that relates to economic, scientific or technological matters vital to Australia’s stability and integrity.

Not all information about these matters needs to be security classified.  Information must only be national security classified if its compromise could damage national security.

Non-national security information is any official resource (including equipment) that requires increased protection and does not meet the definition of national security information.  Most often this will be information about:

a) Victoria Police business where compromise could affect the Force’s capacity to make decisions or operate or the public’s confidence in Victoria Police;

b) law enforcement operations where compromise could hamper or render useless crime prevention strategies or particular investigations or adversely affect personal safety; or

c) personal information that is required to be protected under the Privacy Act, the Archives Act or other legislation.

The Australian Government Protective Security Manual (PSM) provides the definitive policy for
the classification and handling of all official information (including law enforcement data). 
Victoria Police should refer to the PSM for detailed guidance on effective implementation of
a Classification system.