Commonwealth Consolidated Regulations Commonwealth Consolidated Regulations(regulation 3)
Contents
Part 1--Preliminary
1 Citation and purpose
2 Commencement
3 What the Intelligent Access Program is
4 Definitions
5 Act to be read with Compliance and Enforcement Act
6 Other means of enforcement not excluded
Part 2--Powers and duties of Authority in relation to IAP
7 What IAP conditions do
8 Authority may specify IAP conditions
9 Issue of IAP identifiers
Part 3--Duties and obligations of operators of vehicles
10 Offence--providing false or misleading information to IAP service provider
11 Operators' obligation to tell drivers about collection of personal information and other matters
12 System malfunctions--duties of operators of IAP vehicles
Part 4--Duties of vehicle drivers
13 System malfunctions--drivers' duties
Part 5--Duties, powers and obligations of IAP service providers
14 IAP service providers' duties in regard to use and disclosure of information
15 IAP service providers' powers to collect, store, use and disclose IAP information
16 IAP service providers' duties in regard to recording use and disclosure of information
17 IAP service providers' obligations in regard to quality and security of IAP information
18 IAP service providers' obligations to keep records of monitoring
19 IAP service providers' obligation to make individuals aware of personal information held
20 IAP service providers' obligation to make non - compliance reports
21 IAP service providers' obligation to report tampering
22 Offence--IAP service provider providing false or misleading information to Authority or TCA
Part 6--Duties, powers and obligations of TCA
23 Functions of TCA
24 TCA's duties in regard to use and disclosure of information
25 TCA's powers to collect, store, use and disclose IAP information
26 Disclosure of information for law - enforcement purposes etc
27 Use of information for research
28 TCA's obligations in regard to collecting IAP information
29 TCA's obligation to keep information secure
30 TCA's obligation to make individuals aware of personal information held
31 TCA's obligation to keep records of transactions
32 TCA's obligation to correct errors etc
33 TCA's obligation to report tampering
Part 7--Duties, powers and obligations of IAP auditors
34 What IAP audit is
35 IAP auditors' duties in regard to use and disclosure of information
36 IAP auditors' powers to collect, store, use and disclose IAP information
37 IAP auditors' obligations in regard to collecting IAP information
38 IAP auditors' obligation to keep information secure
39 IAP auditors' obligation to make individuals aware of personal information held
40 IAP auditors' obligation to keep records of transactions
41 IAP auditors' obligation to correct errors etc
42 IAP auditors' obligation to report breaches by IAP service providers
43 IAP auditors' obligation to report tampering
Part 8--Tampering with approved intelligent transport systems
44 Meaning of tampering
45 Offence--tampering with approved intelligent transport system
Part 9--Evidence
46 References to particular time etc
47 Certificates by the Authority
48 Certificate as to intelligent access map
49 Other certificates by TCA
50 Presumption of correct operation
51 Evidence as to vehicle's position
52 IAP information generated etc by approved intelligent transport system
53 Reports by approved intelligent transport system
54 Results of mathematical procedures
Part 10--Miscellaneous
55 Regulations
A Bill for an Act to make provision in relation to the use of a n intelligent transport system known as the Intelligent Access Program as part of a system of nationally consistent road transport laws
Enacting formula
1 Citation and purpose
This Act may be cited as the Road Transport (Intelligent Access Program) Act 200 5 .
This Act commences on a day or days to be fixed by proclamation.
Drafting note: Commencement of the legislation in a jurisdiction will be as determined by the jurisdiction.
3 What the Intelligent Access Program is
The Intelligent Access Program is a program to allow heavy vehicles to have access, or improved access, to the road network in return for monitoring, by an intelligent transport system , of their compliance with specified access conditions.
(1) In this Act :
"approved intelligent transport system" means an intelligent transport system approved for the purposes of the IAP by TCA.
Note: Intelligent transport system is defined in the [Act corresponding to the Road Transport Reform (Compliance and Enforcement) Act 2003 ].
"IAP" is the acronym for Intelligent Access Program .
"IAP agreement" means a n agreement between the operator of a vehicle and an IAP service provider under which the IAP service provider agrees to provide IAP monitoring services to the operator.
"IAP audit" -- see section 34 .
"IAP auditor" means a person approved as an IAP auditor by TCA .
"IAP condition" -- see section 7 .
"IAP information" means information that has been generated or collected for any purpose relating to the IAP.
"IAP service provider" means a person that is certified as an IAP service provider by TCA .
"IAP vehicle" means a vehicle that is subject to an IAP condition, is equipped for monitoring under the IAP, and is covered by an IAP agreement.
"intelligent access map" means the spatial data set , issued by TCA from time to time , that defines the national public road system.
Note: The intelligent access map may not include some private roads.
"Intelligent Access Program" -- see section 3 .
"law-enforcement purposes" means the purposes of investigating or prosecuting an offence (whether summary or indictable) against :
(a ) a road law; or
( b ) [the law corresponding to the Australian Road Rules]; or
( c ) a law relating to the transport by road of dangerous goods; or
( d ) a law prescribed for the purposes of this paragrap h.
"malfunction" of an approved intelligent transport system -- see subsection ( 4 ).
"non-compliance report" -- see subsection ( 2 ).
"participating operator" means a n operator of a vehicle or vehicles that has entered into an IAP agreement, and operates at least 1 IAP vehicle.
"personal information" means information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.
"tampering" with an approved intelligent transport system -- see section 44 .
"TCA" means Transport Certification Austr alia Ltd ACN 113 379 936.
( 2 ) A non - compliance report :
(a) is a report, generated by an approved intelligent transport system, of a contravention by an IAP vehicle of an IAP condition; and
(b) may include information, about apparent tampering with that system , electronically generated by the system itself .
(3 ) A reference in a provision of this Act to an approved form is a reference to the form approved by the Authority for the purposes of the provision.
(4 ) An approved intelligent transport system malfunctions if:
(a) it ceases to work at all, or works only intermittently; or
(b) it does not perform 1 or more functions required under the IAP, or performs any such function only intermittently; or
(c) it performs such a function in such a way that the results of its doing so are inaccurate or unreliable (including intermittently inaccurate or unreliable).
( 5 ) An expression used in this Act that is also used (whether or not defined) in the [Act corresponding to the Road Transport Reform (Compliance and Enforcement) Act 2003 ] has , unless the contrary intention appears, the same meaning in this Act as in that Act.
Note: The following significant terms are defined in the [Act corresponding to the Road Transport Reform (Compliance and Enforcement) Act 2003 ]:
authorised officer
Authority
combination
compliance purposes
conduct
driver
engage in conduct
intelligent transport system
mass, dimension or load restraint concession
operator
road
road law
road - related area
two - up driver
vehicle
5 Act to be read with Compliance and Enforcement Act
This Act is to be read as one with the [Act corresponding to the Road Transport Reform (Compliance and Enforcement) Act 2003 ].
6 Other means of enforcement not excluded
Nothing in this Act has the effect of preventing or excluding any other method of enforcement of a road law.
Part 2 -- Powers and duties of Authority in relation to IAP
7 What IAP conditions do
(1 ) In this section:
"IAP road" means a road or road - related area specified in an IAP condition for use by IAP vehicles.
(2 ) An IAP condition is the specification of the conditions in relation to the IAP under which IAP vehicle s are allowed to be used on an IAP road .
(3 ) An IAP condition:
(a) must specify at least 1 IAP road ( spatial data ); and
(b) may specify:
(i ) periods during which IAP vehicle s are permitted to use the specified IAP road ( temporal data ); and
(i i ) maximum speeds at which IAP vehicle s may travel during that use ( speed data ); and
(iii) any other condition of access to the IAP road (for example, a condition about mass limits); and
(c) may specify a period within which an approved intelligent transport system must generate, and send to the Authority, a non - compliance report after the system detects a non - compliance with the condition by an IAP vehicle .
(4 ) If an IAP condition does not specify speed data, it is taken to authorise the use of IAP vehicle s on the IAP road at any speed at which a non - IAP vehicle of the same class could be used on the IAP road.
(5 ) A n IAP condition that specifies speed data does not authorise an IAP vehicle to travel at a speed in excess of a speed limit that applies to vehicle s generally .
(6 ) If an IAP condition does not specify temporal data, it is taken to authorise the use of IAP vehicle s on the IAP road at any time at which a non - IAP vehicle of the same class could be used on the IAP road.
(7 ) An IAP condition may require an IAP vehicle to be monitored whether or not it uses an IAP road.
Drafting note: In any legislation of a jurisdiction that incorporates this model legislation, a note should be inserted stating where copies of the standard conditions of monitoring can be obtained.
8 Authority may specify IAP conditions
(1) The Authority may specify IAP conditions.
(2) The Authority may combine an IAP condition with a mass, dimension or load restraint concession (within the meaning given by [ the relevant provision of the Act corresponding to the Road Transport Reform (Compliance and Enforcement) Act 2003 ] .
(3) An IAP condition not combined with such a concession must be published in ...
Drafting note: An IAP condition not included in a mass, dimension or load restraint concession could be published in the Gazette or in some other way -- this is to be left up to each jurisdiction.
(1) The Authority may issue an IAP identifier for an IAP vehicle.
(2) If an IAP identifier is , or becomes , known to a person or entity that has the ability to associate it with a particular individual, the person or entity must treat the identifier as personal information for the purposes of a law relating to privacy.
Part 3 -- Duties and obligations of operators of vehicles
10 Offence -- providing false or misleading information to IAP service provider
(1) The operator of an IAP vehicle commits an offence if:
(a) the operator gives information to an IAP service provider with which the operator has entered into an IAP agreement; and
(b) the information is relevant to the operation of the vehicle; and
(c) the information:
(i) is false or misleading; or
(ii) omits anything without which the information is false or misleading.
Maximum p enalty: $10 000.
Drafting note : The penalty specified for an offence in this Bill is intended to be indicative only, as a general guide to the offence' s perceived seriousness.
(2) Subsection ( 1) does not apply because of subparagraph ( 1)(c) (i) if the information was not false or misleading in a material particular.
(3) Subsection ( 1) does not apply because of subparagraph ( 1)(c) (ii) if the information omitted did not render the information given false or misleading in a material particular.
(4) Without limiting paragraph ( 1) (b), information about an IAP condition that applies, or is capable of applying, to a vehicle is relevant to the operation of the vehicle.
(5 ) The operator of a vehicle commits an offence if:
(a ) the operator gives information to an IAP service provider; and
(b ) the operator intends that the IAP service provider will enter into an IAP agreement with the operator in reliance on the information; and
(c ) the information:
(i) is false or misleading; or
(ii) omits anything without which the information is false or misleading.
Maximum p enalty: $10 000.
(6) Subsection ( 5 ) does not apply bec ause of subparagraph ( 5 )(c) (i) if the information was not false or misleading in a material particular.
(7) Subsection ( 5 ) does not apply because of subparagraph ( 5 )(c) (ii) if the information omitted did not render the information given false or misleading in a material particular.
Drafting note: The fact situation envisaged by subsections ( 5), (6) and (7) may possibly be covered by a fraud - type offence in a particular jurisdiction. If so, those subsections can be omitted.
11 O perators' obligation to tell drivers about collection of personal information and other matters
(1) The operator of an IAP vehicle must take reasonable steps to tell the vehicle's driver, before the vehicle begins a journey:
(a) that the vehicle will be monitored by an IAP service provider; and
(b) what information will be collected by the IAP service provider; and
(c) the purposes for which that information is collected; and
(d) the persons and authorities to which information so collected may be disclosed; and
(e) that the collection of the information is authorised by this Act; and
(f) that the driver has the rights of reasonable access to, and of correction of, personal information so collected, and how those rights can be exercised; and
(g) the name and address of the IAP service provider.
Maximum p enalty: $10 000.
Note: Driver includes a two - up driver if he or she is in the vehicle -- see the Compliance and Enforcement Model Bill, s ubsection 6 (1) and s ection 5 of this Act.
( 2 ) The operator of an IAP vehicle must take reasonable steps to tell the vehicle's driver, before the vehicle begins a journey:
(a) about the driver's obligation under section 13 ; and
(b) how the driver can make the reports required by that obligation.
Maximum p enalty: $10 000.
Note: Driver includes a two - up driver if he or she is in the vehicle -- see the Compliance and Enforcement Model Bill, s ubsection 6 (1) and s ection 5 of this Act.
(3 ) An operator may comply with subsections ( 1) and ( 2 ) by :
(a) placing a notice that gives the required information in a place in the vehicle's driving cab where it is clearly visible ; or
(b ) giving the required information to the driver in writing as part of a written contract of employment between the driver and the operator .
(4 ) The regulations may prescribe:
(a) a form of notice that may be used for the purposes of paragraph ( 3 ) (a); and
(b) fo r paragraph ( 3 ) (b), a standard form of words that may be used as part of a written contract of employment.
12 System malfunctions -- duties of operators of IAP vehicles
(1) If the operator of an IAP vehicle becomes aware that an approved intelligent transport system fitted to the vehicle is malfunctioning, the operator must tell the Authority about the malfunction immediately , in person or by radio, telephone , fax or email.
Maximum p enalty: $6 000.
(2) The operator of such a vehicle must keep a written record of reports of such malfunctions, including:
(a) the date, time and type of the malfunction, and the location of the vehicle concerned at the time of the malfunction; and
(b) the date, time, location of the vehicle, type of report, who made the report and who the report was made to.
Maximum p enalty: $6 000.
Part 4 -- Duties of vehicle drivers
13 System malfunctions -- drivers' duties
(1) If the driver of an IAP vehicle becomes aware that an approved intelligent transport system fitted to the vehicle is malfunctioning, the driver must tell the vehicle's operator about the malfunction immediately , in person or by radio, telephone , fax or email.
Maximum p enalty: $6 000.
(2) The driver of such a vehicle must keep a written record of such reports, including:
(a) the date, time and type of the malfunction, and the location of the vehicle concerned at the time of the malfunction; and
(b) the date and time of the malfunction, the location of the vehicle at the time , the type of report, who made the report and who the report was made to.
Maximum p enalty: $6 000.
Part 5 -- Duties, powers and obligations of IAP service providers
14 IAP service providers' duties in regard to use and disclosure of information
An IAP service provider must not use or disclose IAP information otherwise than as required or authorised by or under this Act or any other law.
Maximum p enalty: $10 000 for a first offence; $20 000 for a second or subsequent offence.
15 IAP service providers' powers to collect, store, use and disclose IAP information
(1) An IAP service provider may collect , store and use IAP information (including personal information) for compliance purposes.
Note: ' For compliance purposes ' is defined in Part 3 of the [Act corresponding to the Road Transport Reform (Compliance and Enforcement) Act 2003 ].
(2) An IAP service provider may disclose IAP information (including personal information) to the Authority , or to TCA, for compliance purposes.
( 3 ) An IAP service provider may disclose IAP information (including personal information , but not including a non - compliance report or a report under section 21) to a police officer , or to an authorised officer of the Authority, for law - enforcement purposes if so authorised by a warrant issued by a court.
Note: An IAP service provider has a separate obligation to make non - compliance reports to the Authority -- see s ection 20 .
Drafting note : Subclause ( 3) has been read as possibly giving an IAP service provider the choice of not complying with a valid warrant. This is not the intention. If a jurisdiction has any concern that subclause ( 3) might have that effect , perhaps the subclause could be replaced with one that simply states that nothing in the Bill is intended to affect the operation of any law relating to warrants.
(4 ) If an IAP service provider discloses IAP information to a police officer or an Authority officer under subsection ( 3), the police officer or Authority officer must not use the information, or disclose it to any other person , unless:
(a) the police officer or Authority officer believes the use or disclosure is reasonably necessary for law - enforcement purposes ; or
(b) the use or disclosure is otherwise authorised by or under this Act.
(5 ) With the consent of a participating operator, a n IAP service provider may use or disclose IAP information about the operator to a person other than the operator for any purpose if the information:
(a) does not identify any individual; and
(b) contains nothing by which the identity of any individual can reasonably be ascertained.
( 6 ) An IAP service provider may disclose IAP information (except a non - compliance report) about a participating operator to the operator.
(7 ) In addition, a n IAP service provider may use or disclose IAP information (including personal information):
(a) with the consent of any person about whom the IAP information includes personal information; or
(b) as otherwise authorised by this Act or any other law.
(8 ) An IAP service provider must give an IAP auditor access to any record kept by the IAP service provider for the purposes of this Act.
16 IAP service providers' duties in regard to recording use and disclosure of information
(1) If an IAP service provider uses or discloses IAP information, the IAP service provider must make a record of the use or disclosure containing the following information:
(a) the name of the person who used or disclosed the IAP information;
(b) the date of the disclosure or use;
(c) in the case of a disclosure of IAP information, the person or body to whom or to which that information was disclosed;
(d) in the case of the use of IAP information by the IAP service provider, a brief description of how the information was used;
(e) what provision of this Act or another law the disclosure or use was authorised by;
(f) if the authority for the disclosure or use also required a document (for example, a warrant, a certificate or a consent), a copy of the document.
(2) The IAP service provide r must make the record within 5 business days after the relevant use or disclosure.
(3) The IAP service provider must make the record in a form that allows the record to be readily inspected.
(4) The IAP service provider must retain the record for 2 years.
(5) An IAP service provider commits an offence if it does not comply with a requirement of any of subsections ( 1) to (4).
Maximum p enalty: $10 000 for a first offence; $20 000 for a second or subsequent offence.
(6) An offence against subsection ( 5) is an offence of strict liability.
17 IAP service providers' obligations in regard to quality and security of IAP information
(1 ) An IAP service provider must take reasonable steps to ensure that the IAP information it collects:
(a) is necessary for, or is directly related to, the purpose for which it is collected, or a directly related purpose; and
(b) is not excessive for that purpose; and
(c) is accurate, up - to - date and complete.
Penalty: $6 000 .
(2) An IAP service provider must take reasonable steps to ensure that the collection of IAP information does not intrude to an unreasonable extent on the personal privacy of any individual to whom the information relates.
(3) If an individual (including an individual who is a participating operator) about whom an IAP service provider holds personal information so requests, an IAP service provider must make appropriate alterations to the personal information to ensure that the information is accurate, complete, up - to - date and not misleading
(4) If the IAP service provider considers that the personal information the subject of such a request is not inaccurate, incomplete, out - of - date or misleading, it may refuse to comply with the request, but must then:
(a) give the individual a statement in writing of its reasons for refusing; and
(b) if the individual so requests, attach to, or include with, the information a statement by him or her.
18 IAP service providers' obligations to keep records of monitoring
(1) An IAP service provider must keep a record of the IAP information that it collects.
(2) The record must be organised in a way that allows the record to be conveniently and properly audited.
(3) An IAP service provider m ust k eep :
(a) a copy of a non - compliance report ; and
(b) the data that were relied on to generate the report;
for at least 4 years after the report is made by the provider .
Penalty: $10 000 .
( 4 ) An IAP service provider must take reasonable steps to protect IAP information collected by it against unauthorised access, unauthorised use, misuse, loss, modification or unauthorised disclosure.
( 5 ) An IAP service provider must take reasonable steps to destroy IAP information (including personal information ) , other than information required by subsection ( 3) to be kept, 1 year after the information is collected .
Penalty: $10 000 .
19 IAP service providers' obligation to make individuals aware of personal information held
(1) An IAP service provider must prepare, and make publicly available, a document that sets out its policies on the management of information.
(2) If an individual about whom an IAP service provider holds personal information so requests, the IAP service provider must , subject to subsection ( 4), take reasonable steps to inform him or her of:
(a) the kinds of information it holds about him or her; and
(b) the purpose for which the information is held; and
( c) the way in which it collects, holds, uses and discloses the information; and
(d) the persons and authorities to whom or to which the information may be disclosed; and
(e ) that he or she has the rights of reasonable access to, and of correction of, the information; and
(f ) how to exercise those right s .
(3) Subject to subsection ( 4), a n IAP service provider must, on request by an individual about whom the IAP service provider holds personal information, give him or her access to the information, and must do so without undue delay or cost.
(4) However, nothing in subsection ( 2) or (3) requires an IAP service provider:
(a) to inform an individual that a report under section 20 or 21 exists or has been made ; or
(b) to give an individual access to such a report.
Penalty: $10 000.
20 IAP service providers' obligation to make non - compliance reports
(1) For the purposes of this section, an IAP service provider is taken to know of a breach of an IAP condition if the IAP service provider's monitoring equipment has detected the breach.
(2) An IAP service provider commits an offence if the IAP service provider:
(a) knows of:
(i) a breach by a participating operator of an IAP condition; or
(ii) anything that indicates that a participating operator may have breached such a condition; and
(b) does not make a non - compliance report that complies with subsection ( 4) to the Authority within the time allowed, in the circumstances, under subsection ( 5).
Maximum p enalty: $10 000 for a first offence; $20 000 for a second or subsequent offence.
(3) Strict l iability applies to paragraph ( 2 ) (b).
(4 ) A non - compliance report must be in the form approved for the purpose by TCA , and must contain any information required by the IAP service provider's certification.
(5 ) The IAP service provider must make the report :
(a) within any time specified in the relevant IAP condition; or
(b) within any time specified by the Authority (by written direction) for the purpose.
21 IAP service providers' obligation to report tampering
(1 ) In this section, a reference to knowledge or suspicion does not include knowledge or suspicion resulting only from:
(a) a report, contained in a non - compliance report or otherwise made by an approved intelligent transport system, of the electronic detection of apparent tampering with that system; or
(b) the analysis of data produced by such a system.
(2 ) An IAP service provider commits an offence if the IAP service provider:
(a) either:
(i) knows that intelligent transport system equipment has been tampered with; or
(ii) has reasonable grounds to suspect that intelligent transport system equipment has been tampered with; and
(b) does not report , in accordance with subsection ( 3) , to the Authority within 5 business days .
Maximum p enalty: $10 000 for a first offence; $20 000 for a second or subsequent offence.
(3) The report must be in the form approved by TCA for the purpose, and must contain any information required by the IAP service provider's certification.
( 4 ) Strict liability applies to paragraph ( 2 ) (b).
( 5 ) If an IAP service provider know s , or has reasonable grounds to susp ect, that approved intelligent transport system equipment has been tampered with, the IAP service provider must not disclose to any person other than the Authority:
(a) that the provider has that knowledge or suspicion; or
(b) any information from which the person to whom the disclosure is made could reasonably infer that the provider had that knowledge or suspicion.
Maximum p enalty: $10 000 for a first offence; $20 000 for a second or subsequent offence.
( 6 ) If an IAP service provider has made a report to the Authority under subsection ( 2) or (3) of apparent tampering or suspicion of tampering, the provider must not disclose to any person other than the Authority:
(a) that the report has been made; or
(b) any information from which the person to whom the disclosure is made could reasonably infer that the provider had made such a report.
Maximum p enalty: $10 000 for a first offence; $20 000 for a second or subsequent offence.
22 Offence -- IAP service provider providing false or misleading information to Authority or TCA
(1) An IAP service provider commits an offence if:
(a) the IAP service provider gives information to the Authority or TCA; and
(b) the information is relevant to the operation of an IAP vehicle; and
(c) the information:
(i) is false or misleading; or
(ii) omits anything without which the information is false or misleading.
Maximum p enalty: $10 000.
(2) Subsection ( 1) does not apply because of subparagraph ( 1)(c) (i) if the information was not false or misleading in a material particular.
(3) Subsection ( 1) does not apply because of subparagraph ( 1)(c) (ii) if the information omitted did not render the information given false or misleading in a material particular.
Part 6 -- Duties, powers and obligations of TCA
23 Functions of TCA
For the purposes of this Act, the functions of TCA are:
(a) to manage the certification and audit regime for the Intelligent Access Program; and
(b) to certify and audit, and cancel the certification of, IAP service providers; and
(c) to appoint and coordinate IAP auditors.
24 TCA's duties in regard to use and disclosure of information
(1) TCA must not use or disclose IAP information unless it first takes reasonable steps to ensure that, having regard to the purpose for which the information is to be used or disclosed, that the information is accurate, complete, up - to - date and not misleading.
(2) Subject to sections 26 and 27 , TCA must not use or disclose information for a purpose other than the purpose for which the information was collected.
(3) TCA must not use or disclose information relating to a particular participating operator other than to:
(a) the operator; or
(b) an IAP auditor; or
(c) the Authority;
unless the disclosure is authorised under this Act or another law.
(4) TCA must not disclose information relating to a breach of an IAP service provider's obligations except to:
(a) the Authority; or
(b) an IAP auditor.
(5) If TCA uses or discloses IAP information (other than use or disclosure for law enforcement), TCA must make a record of the use or disclosure containing the following information:
(a) the name of the person who used or disclosed the IAP information;
(b) the date of the disclosure or use;
(c) in the case of a disclosure of IAP information, the person or body to whom or to which the information was disclosed;
(d) in the case of the use of IAP information by TCA, a brief description of how the information was used;
(e) what provision of this Act or another law the disclosure or use was authorised by;
(f) if the authority for the disclosure or use also required a document (for example, a warrant, a certificate or a consent), a copy of the document.
(6) TCA must make the record within 5 business days after the relevant use or disclosure.
(7) TCA must make the record in a form that allows the record to be readily inspected.
(8) TCA must retain the record for 2 years (or another period prescribed by the regulations for the purposes of this subsection).
25 TCA 's powers to collect, store, use and disclose IAP information
(1) TCA may collect, store, use and disclose IAP information (including personal information) for the performance of its functions and for law enforcement purposes.
(2) With the consent of a participating operator, TCA may use or disclose IAP information about the operator for any purpose if the information:
(a) does not identify any individual; and
(b) contains nothing by which the identity of any individual can reasonably be ascertained.
(3 ) TCA may use or disclose IAP information (including personal information):
(a) with the consent of any person about whom the IAP information includes personal information; or
(b) of a kind, or in circumstances, prescribed by the regulations for this paragraph; or
(c) as otherwise authorised by this Act or any other law.
26 Disclosure of information for law - enforcement purposes etc
(1) TCA may disclose IAP information (including personal information but not including a non - compliance report or a report under section 21 ) to a nominated police officer or an auth orised officer of the Authority for law - enforcement purposes if so authorised by a warrant issued by a court.
Drafting note: Subclause ( 1) has been read as possibly giving an IAP service provider the choice of not complying with a valid warrant. This is not the intention. If a jurisdiction has any concern that subclause ( 1) might have that effect, perhaps the subclause could be replaced with one that simply states that nothing in the Bill is intended to affect the operation of any law relating to warrants.
(2) If TCA discloses information to a police officer or an Authority officer under subsection ( 1), the police officer or Authority officer must not use that information, or disclose the information to any other person unless:
(a) the police officer or Authority officer believes the use or disclosure is reasonably necessary for law - enforcement purposes; or
(b) the use or disclosure is otherwise authorised under this Act.
27 Use of information for research
TCA may use or disclose information for research purposes, but only if the information contains no personal information.
28 TCA ' s obligations in regard to collecting IAP information
( 1 ) TCA must take reasonable steps to ensure that IAP information that it collects:
(a) is necessary for, or is directly related to, the purpose for which it is collected, or a directly related purpose; and
(b) is not excessive for that purpose; and
(c) is accurate, up - to - date and complete.
(2 ) TCA must take reasonable steps to ensure that the collection of IAP information does not intrude to an unreasonable extent on the personal privacy of any individual to whom the information relates.
29 TCA's obligation to keep information secure
(1) TCA must take reasonable steps to protect IAP information collected by it against unauthorised access, unauthorised use, misuse, loss, modification or unauthorised disclosure.
(2) TCA must take reasonable steps to destroy IAP information (including personal information) after 1 year unless the information is required as evidence.
(3) TCA may comply with subsection ( 2) by permanently removing anything by which an individual can be identified from the IAP information that it holds.
30 TCA's obligation to make individuals aware of personal information held
(1) TCA must prepare, and make publicly available, a document that sets out its policies on the management of information.
(2) If an individual so requests, TCA must take reasonable steps to inform him or her of:
(a) the kinds of information it holds about him or her; and
(b) the purpose for which the information is held; and
(c) the way in w hich it collects, holds, uses and discloses the information; and
(d) the persons and authorities to whom or to which the information may be disclosed; and
(e) that the collection of the information is authorised by this Act; and
(f) that he or she has the rights of reasonable access to, and of correction of, the information, and how those rights can be exercised.
(3) TCA must, on request by an individual about whom TCA holds personal information, give him or her access to the information, and must do so without undue delay or cost.
(4 ) With the consent of a participating operator, TCA may use or disclose IAP information about the operator for any purpose if the information:
(a) does not identify any individual; and
(b) contains nothing by which the identity of any individual can reasonably be ascertained.
31 TCA 's obligation to keep records of transactions
(1) TCA must keep and retain records, in accordance with this section, of its transactions with the Authority, IAP service providers and IAP auditors.
(2) The records must be organised in such a way as will enable them to be conveniently and properly audited.
(3) TCA must keep a non - compliance report for at least 4 years after its receipt.
(4) TCA must retain any other record referred to in subsection ( 1) for at least 1 year after the record is made .
32 TCA 's obligation to correct errors etc
(1) TCA must take reasonable steps to ensure that personal information that it collects is accurate, complete, up - to - date and not misleading.
(2) If so requested by a participating operator or an IAP service provider, TCA must make appropriate alterations to any personal information it holds to ensure that the information is accurate, complete, up - to - date and not misleading.
(3 ) If TCA considers that the personal information the subject of such a request is not inaccurate, incomplete, out - of - date or misleading, it may refuse to comply with the request, but must then:
(a) give the operator or provider a written statement of its reasons for refusing; and
(b) if the operator or provider so requests, attach to, or include with, the information a statement by the operator or provider .
33 TCA 's obligation to report tampering
(1 ) In this section, a reference to knowledge or suspicion does not include knowledge or suspicion resulting only from:
(a) electronic detection, by an approved intelligent transport system, of apparent tampering with that system; or
(b) the analysis of data produced by such a system.
( 2 ) I f TCA knows , or has reasonable grounds to suspect, that intelligent transport system equipment has been tampered with , T CA must report that fact to the Authority within 5 business days .
( 3 ) If TCA know s , or has reasonable grounds to susp ect, that approved intelligent transport system equipment has been tampered with, TCA must not disclose to any person other than the Authority:
(a) that the provider has that knowledge or suspicion; or
(b) any information from which the person to whom the disclosure is made could reasonably infer that TCA had that knowledge or suspicion.
( 4 ) If TCA has made a report to the Authority of apparent tampering or suspicion of tampering, TCA must not disclose to any person other than the Authority:
(a) that the report has been made; or
(b) any information from which the person to whom the disclosure is made could reasonably infer that TCA had made such a report.
Part 7 -- Duties, powers and obligations of IAP auditors
34 What IAP audit is
IAP audit is the process of:
(a) reviewing IAP information held by an IAP service provider to determine its completeness and reliability; and
(b) reviewing the processes by which that information was collected; and
(c) examining how it is stored, used and disclosed ; and
(d) examining IAP equipment installed in a vehicle or used by an IAP service provider .
35 IAP auditors' duties in regard to use and disclosure of information
(1) An IAP auditor must not use or disclose IAP information unless it first takes reasonable steps to ensure that, having regard to the purpose for which the information is to be used or disclosed, that the information is accurate, complete, up - to - date and not misleading.
(2) An IAP auditor must not use or disclose information for a purpose other than the purpose for which the information was collected.
(3) An IAP auditor must not use or disclose information relating to a particular participating operator other than to:
(a) the operator; or
(b) TCA; or
(c) the Authority;
unless the use or disclosure is authorised under this Act or another law.
(4) An IAP auditor must not disclose information relating to non - compliance or tampering except to:
(a) the Authority; or
(b) TCA.
(5) If an IAP auditor uses or discloses IAP information (other than use or disclosure for law - enforcement purposes), the IAP auditor must make a record of the use or disclosure containing the following information:
(a) the name of the person who used or disclosed the IAP information;
(b) the date of the disclosure or use;
(c) in the case of a disclosure of IAP information, the person or body to whom or to which the information was disclosed;
(d) in the case of a use of IAP information, a brief description of how the information was used;
(e) what provision of this Act or another law the disclosure or use was authorised by;
(f) if the authority for the disclosure or use also required a document (for example, a warrant, a certificate or a consent), a copy of the document.
(6) The IAP auditor must make the record within 5 business days after the relevant use or disclosure.
(7) The IAP auditor must make the record in a form that allows the record to be readily inspected.
(8) The IAP auditor must retain the record for 2 years (or another period prescribed by the regulations for the purposes of this subsection).
(9) An IAP auditor commits an offence if it does not comply with a requirement of any of subsections ( 1) to ( 8 ).
Maximum p enalty: $10 000 for a first offence; $20 000 for a second or subsequent offence.
(10) An offence against subsection ( 9) is an offence of strict liability.
36 IAP auditors' powers to collect, store, use and disclose IAP information
(1) An IAP auditor may collect, store, use and disclose IAP information (including personal information) for:
(a) the performance of its functions; and
(b) to report , to TCA , non - compliance or tampering by a participating operator; or
(c) to report , to TCA , tampering by an IAP service provider, or a failure by an IAP service provider to comply with its obligations.
(2 ) An IAP auditor may use or disclose IAP information (including personal information):
(a) with the consent of any person about whom the IAP information includes personal information; or
(b) of a kind, or in circumstances, prescribed by the regulations for this paragraph; or
(c) as otherwise authorised by this Act or any other law.
37 IAP auditors' obligations in regard to collecting IAP information
(1 ) An IAP auditor may collect IAP information that is reasonably necessary to enable the auditor to prepare an audit report on an IAP service provider.
(2 ) An IAP auditor must take reasonable steps to ensure that IAP information that it collects:
(a) is necessary for, or is directly related to, the purpose for which it is collected, or a directly related purpose; and
(b) is not excessive for that purpose; and
(c) is accurate, up - to - date and complete.
(3 ) An IAP auditor must take reasonable steps to ensure that the collection of IAP information does not intrude to an unreasonable extent on the personal privacy of any individual to whom the information relates.
38 IAP auditors' obligation to keep information secure
(1) An IAP auditor must take reasonable steps to protect IAP information collected by it against unauthorised access, unauthorised use, misuse, loss, modification or unauthorised disclosure.
(2) An IAP auditor must take reasonable steps to destroy personal information no longer needed for IAP purposes, or remove permanently from such information anything by which a n individual can be identified.
39 IAP auditors' obligation to make individuals aware of personal information held
(1) If an individual so requests, an IAP auditor must take reasonable steps to inform him or her of:
(a) the kinds of information it holds about him or her; and
(b) the purpose for which the information is held; and
(c) the persons and authorities to which information so collected may be disclosed; and
(d) that the collection of the information is authorised by this Act; and
(e) that he or she has the rights of reasonable access to, and of correction of, personal information so held, and how those rights can be exercised.
(2) An IAP auditor must, on request by an individual about whom the IAP auditor holds personal information, give him or her access to the information, and must do so without undue delay or cost.
40 IAP auditors' obligation to keep records of transactions
(1) An IAP auditor must keep and retain records, in accordance with this section, of its transactions with IAP service providers and TCA .
(2) The records must be organised in such a way as will enable them to be conveniently and properly audited.
41 IAP auditors' obligation to correct errors etc
(1) An IAP auditor must take reasonable steps to ensure that information that it collects is accurate, complete, up - to - date and not misleading.
(2) If so requested by a participating operator or an IAP service provider, an IAP auditor must make appropriate alterations to any information it holds to ensure that the information is accurate, complete, up - to - date and not misleading.
(3 ) If the IAP auditor considers that the information the subject of such a request is not inaccurate, incomplete, out - of - date or misleading, it may refuse to comply with the request, but must then:
(a) give the operator or service provider a statement in writing of its reasons for refusing; and
(b) if the operator or service provider so requests, attach to, or include with, the information a statement by the operator or service provider .
42 IAP auditors' obligation to report breaches by IAP service providers
If an IAP auditor knows of a breach by an IAP service provider of the provider's obligations under this Act , or of anything that indicates that an IAP service provider may have breached such a n obligation, the IAP auditor must, as soon as practicable, report that fact to TCA .
Maximum p enalty: $10 000 for a first offence; $20 000 for a second or subsequent offence.
43 IAP auditors' obligation to report tampering
If an IAP auditor knows, or has reasonable ground s to suspect, that intelligent transport system equipment has been tampered with, the IAP auditor must, as soon as p racticable, report that fact to:
(a) in the case of tampering or suspected tampering by a participating operator -- the Authority; or
(b) in the case of tampering or suspected tampering by an IAP service provider -- TCA .
Maximum p enalty: $10 000 for a first offence; $20 000 for a second or subsequent offence.
Part 8 -- Tampering with approved intelligent transport systems
44 Meaning of tampering
(1) A person tampers with an approved intelligent transport system if:
(a) he or she engages in conduct that has the result that:
(i) the system is altered; or
(ii) the system is installed or used in a way that is not in accordance with the conditions of its certification by TCA; or
(iii) any data instruction that the system uses internally is altered; and
(b) he or she does so with the intention of causing the system to:
(i) fail to collect IAP information, or fail to collect such information correctly; or
(ii) fail to store IAP information, or fail to store such information correctly; or
(iii) fail to report IAP information, or fail to report such information correctly.
(2) A person also tampers with an approved intelligent transport system if he or she:
(a) engages in conduct ; and
(b) is negligent or reckless as to whether , as a result of the conduct, the system may:
(i ) fail to collect IAP information, or fail to collect such information correctly; or
(ii ) fail to store IAP information, or fail to store such information correctly; or
(iii ) fail to report IAP information, or fail to report such information correctly.
Note: The Criminal Code of the Commonwealth applies to the interpretation of offence provisions in this Act (see s ection 5 of this Act and s ... of the [Act corresponding to the Road Transport Reform (Compliance and Enforcement) Act 2003 ]. For extensions of liability under the Code see Part 2.4 of the Code.
(3) For subsections ( 1) and (2):
(a) a system fails if it does not perform as intended in terms of accuracy, timeliness, reliability, verifiability or any other performance parameter ; and
(b) fail includes fail permanently, fail temporarily, fail on a particular occasion or occasions, and fail in particular circumstances.
45 Offence -- tampering with approved intelligent transport system
A person must not tamper with an approved intelligent transport system.
Penalty:
(a) if paragraph 44 (1 ) (b) applies -- for a first offence, $x; for a second or subsequent offence , $y; or
(b) if paragraph 44 (2 ) (b) applies -- for a first offence, $x; for a second or subsequent offence , $y.
Note: For the meaning of tamper , see s ection 44 .
46 References to particular time etc
In this Part:
"at a specified time" includes on a specified date and during a specified period .
Drafting note : All of the documents that provide for the approval of intelligent transport systems and related matters (such as the forms of reports) are available from TCA. Jurisdictions should consider inserting notes to direct inquirers to TCA, either at its address or by way of its website.
47 Certificates by the Authority
(1) A certificate signed on behalf of the Authority, a nd stating any of the following , is admissible in evidence and is prima facie evidence of what it states:
(a ) that a specified IAP condition was in effect for a specified participating operator at a specified time;
(b) that a specified person is, or was at a specified time, a participating operator;
(c) that a specified IAP condition applied to a specified IAP vehicle at a specified time;
(d) that a specified vehicle is, or was at a specified time, an IAP vehicle;
(e) that a specified participating operator is, or was at a specified time, the operator of a specified IAP vehicle;
(f ) that a specified non - compliance report, tampering report or IAP auditor's report was received at a specified time, or has not been received ;
(g ) that no report of a malfunction has been received, or had been received at a specified time, by the Authority in relation to an approved intelligent transport system fitted to a specified IAP vehicle;
(h ) that a report of a specified malfunction was received at a specified time, or has not been received ;
(i) that a specified form is an approved form for a specified purpose .
(2) A document purporting to be a certificate under subsection ( 1) is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to be what it purports to be.
(3) The person who signed such a document is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to have been authorised by the Authority to do so.
48 Certificate as to intelligent access map
(1) TCA may certify in writing that a particular map is the intelligent access m ap as issued by TCA at a specified time .
(2) The map may be in the form of an electronic data file.
(3 ) A certificate under subsection ( 1) is admissible in evidence and is conclusive evidence of what it states .
(4) The intelligent access map, as issued by TCA at a particular time, is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to be a correct representation of the national road network at the time of its issue.
(5 ) A document purporting to be a certificate under subsection ( 1) is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to be what it purports to be.
(6) The person who signed such a document is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to have been authorised by TCA to do so.
(1) A certificate signed on behalf of TCA , and stating any of the following, is admissible in evidence and is prima facie evidence of what it states:
(a) that a particular intelligent transport system is, or was at a specified time, an approved intelligent transport system;
(b) that on a specified date a specified person was or was not an IAP service provider or an IAP auditor .
(2) A document purporting to be a certificate referred to in subsection ( 1) is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to be what it purports to be.
(3) The person who signed such a document is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to have been authorised by TCA to do so.
50 Pres umption of correct operation
The equipment and software that makes up an approved intelligent transport system is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to have operated correctly on any particular occasion.
51 Evidence as to vehicle's position
A statement of a vehicle' s position on the surface of the earth at a particular time, in a non - compliance report or otherwise generated or produced by means of an approved intelligent transport system, is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to be a correct statement of the vehicle's position at the time.
52 IAP information generated etc by approved intelligent transport system
(1) IAP information generated by an approved intelligent transport system is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to have been correctly generated.
(2 ) IAP information recorded by an approved intelligent transport system is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to have been correctly recorded.
(3 ) IAP information stored by an approved intelligent transport system is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) not to be changed by that storage.
(4 ) If it is established that some of such IAP information has been changed by being so stored, the presumption in subsection ( 3 ) continues to apply to any other IAP information so stored.
53 Reports by approved intelligent transport system
(1) A non - compliance report , or a report under section 2 1 , made by an approved intelligent transport system :
(a) is admissible in evidence; and
(b) is prima facie evidence of the facts stated in it ; and
(c) is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to be a correct report of information generated and recorded by the system.
(2 ) A report made by an approved intelligent transport system setting out IAP information :
(a) is admissible in evidence; and
(b) is prima facie evidence of the fac ts stated in it ; and
(c) is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to be a correct report of information generated and recorded by the system .
(3 ) If it is established that a part of such a report is not a correct re port of the relevant part of the IAP information as so recorded, the presumption in paragraph ( 1) (c) or (2 ) (c) continues to apply to the remainder of the report.
(4 ) A document that purports to be a report made by an approved intelligent transport system is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to be such a report.
54 Results of mathematical procedures
(1) A certificate signed on behalf of the Authority :
(a) stating that a specified mathematical (including statistical) procedure was carried out in relation to IAP information specified or referred to in the certificate ; and
(b) setting out the results of doing so ;
is admissible in evidence and is prima facie evidence of the facts stated in it.
(2) The specified procedure is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) :
(a) to be valid and reliable for the purpose for which it was used; and
(b) to have been carried out correctly.
(3) A document that purports to be a certificate mentioned in subsection ( 1) is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to be what it purports to be.
(4) The person who signed such a document is presumed (unless evidence sufficient to raise doubt about the presumption is adduced) to have been authorised by the Authority to do so.
55 Regulations
The [ appropriate authority ] may make regulations prescribing matters:
(a) required or permitted to be prescribed by this Act; or
(b) necessary or convenient to be prescribed for carrying out or giving effect to this Act.