33. National Security

33.—

1. The Minister responsible for national security may issue a certificate under subsection (2) where that Minister considers it necessary, for the purpose of safeguarding national security, to exempt any personal data from all or any of the provisions of—

(a) the data protection standards;

(b) Parts II, III and VI;

(c) section 61 (unlawfully obtaining, etc. personal data).

2. A certificate mentioned in subsection (1) shall—

(a) be signed by the Minister responsible for national security;

(b) identify the personal data to which it applies, which identification may be by means of a general description; and

(c) specify the provisions referred to in subsection (1) from which the personal data is exempt.

3. Personal data identified in a certificate issued under subsection (2) shall be exempt from the provisions referred to in subsection (1) to the extent specified in the certificate.

4. Any person directly affected by the issuing of a certificate under subsection (2) may appeal to the Court against the issuing of the certificate.

5. If on an appeal under subsection (4), the Court finds that, applying the standards applied by the Court on an application for judicial review, the Minister did not have reasonable grounds for issuing the certificate, the Court may allow the appeal and quash the certificate.

6. Where in any proceedings under or by virtue of this Act it is claimed by a data controller that a certificate issued under subsection (2) and which identifies the personal data to which it applies by means of a general description, applies to any specific personal data—

(a) any other party to the proceedings may appeal to the Court on the ground that the certificate does not apply to the specific personal data in question; and

(b) subject to any determination by the Court under subsection (7), the certificate shall be conclusively presumed to apply to the specific personal data in question.

7. On an appeal under subsection (6), the Court may determine that the certificate does not apply to the specific personal data in question.

8. A document purporting to be a certificate issued under subsection (2) shall be received in evidence and deemed to be such a certificate unless the contrary is proved.

9. A document which purports to be certified by or on behalf of the Minister as a true copy of a certificate issued under subsection (2) by that Minister, shall in any legal proceedings be evidence of that certificate.

10. Before acting under subsection (1), the Minister responsible for national security shall consult with the Minister responsible for technology.