Apply Privacy Filters to Protect Device Screens
Privacy filters help keep sensitive information on mobile screens private in public spaces.
Plain language
Privacy filters on mobile devices make it hard for people nearby to see what’s on your screen, which helps keep sensitive information secret when you're out in public. This is important because if someone glances at your screen and sees confidential details, it could lead to data breaches or misuse of that information.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
S, TS
ISM last updated
Nov 2021
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Guideline
Guidelines for enterprise mobilitySection
Mobile device usageOfficial control statement
Privacy filters are applied to the screens of SECRET and TOP SECRET mobile devices.
Why it matters
Without privacy filters, SECRET/TOP SECRET screen content can be shoulder-surfed in public, enabling unauthorised disclosure, compromise, or espionage.
Operational notes
Regularly inspect privacy filters on SECRET/TOP SECRET mobile devices for secure fit and wear; replace damaged filters promptly to maintain full screen coverage and prevent shoulder-surfing.
Implementation tips
- Procurement should ensure all mobile devices, especially those handling SECRET or TOP SECRET data, have quality privacy filters. They can select products from reliable vendors that meet governmental security specifications.
- The IT team should install these privacy filters on all relevant mobile devices. To do this, they should carefully apply the filter so it fits the screen properly without bubbles and doesn’t affect touch sensitivity.
- Managers should educate staff on the importance of using privacy filters. They can do this by organising quick training sessions or sending out informative emails that explain how privacy filters protect sensitive information in public spaces.
- Security officers should regularly check devices to ensure privacy filters remain effective. This might involve inspecting devices periodically to ensure filters haven’t been removed or damaged.
- HR should incorporate privacy filter usage into the company policy for mobile devices. They can draft a section in the mobile device policy that outlines when and where employees should use privacy filters.
Audit / evidence tips
-
Aska procurement record of privacy filters: Request documentation showing purchase orders for privacy filters
Goodis to see orders matching the number of relevant devices with specifications suitable for SECRET and TOP SECRET use
-
Aska list of devices with installed privacy filters: Request this list from the IT team
Goodis completeness of all devices handling sensitive information listed with filters accounted for
-
Askstaff about their understanding of privacy filters' importance: Conduct brief interviews or surveys with employees
Goodis consistent responses showing awareness and proper filter usage
-
Askto see the training materials used for educating staff: Request copies or access to these materials
Goodincludes clear, practical instructions and examples relevant to device screen protection
-
Askthe mobile device policy document: Request the company's written mobile device usage policy
Goodincludes clear guidelines on filter use and situations requiring discretion
Cross-framework mappings
How ISM-1145 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| sync_alt Partially overlaps (1) expand_less | ||
| Annex A 7.7 | ISM-1145 requires privacy filters on SECRET and TOP SECRET mobile device screens to reduce the risk of unauthorised viewing | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.