Principle 4

Protecting privacy and ensuring security

Key Issues

  • Ensuring leadership and governance structures that can balance openness and engagement with adequate levels of privacy protection and security
  • Developing a structured approach to face risks and incidents or measuring performance or the consequences of security breaches


Ensuring privacy and security protection is critical to preserve trust in government institutions and fostering greater interactions with government through digital means.

Security breaches may:

  • Diminish the citizens’ trust in government
  • Reduce the ability of governments to securely lead the digital transformation

Governments should:

  • Review existing regimes for privacy and security protection, either legislative or policy-based
  • Strengthen business, management and technical measures to complement regulatory regimes by ensuring oversight, enforcement and guidance.
  • Periodically monitor, review and improve policies its procedures, organisational structures and software to ensure that they keep pace with public demand and technological change.

High level leadership and governance frameworks that:

  • Openness and engagement and adequate levels of privacy protection and security
  • Ensure co-ordination and a whole-of-government strategy to manage digital risks



Good practices


Principle 4 - Website Renewal Initiative

Principle 4 - Electronic Travel Authorization (eTA)



Principle 4 - Digital Identity Public System

Overall - 3 Year ICT Plan


Principle 4 - National One-Stop Portal

Principle 4 - ICT Policy

Principle 4 - National Digital Strategy

new zealand

Principle 4 - Cross-government programme to improve Privacy and Security across the State Sector

united kingdom

Principle 4 - Gov.UK Verify