(1) This section applies if:
(a) a restricted record is a record of a communication that was intercepted under paragraph 7(2)(aaa); and
(b) the restricted record is in the possession of:
(i) a responsible person for the computer network concerned; or
(ii) the individual or body (whether or not a body corporate) who operates the network, or on whose behalf the network is operated; or
(iii) a person engaged in network protection duties in relation to the network.
(2) The responsible person must cause the restricted record to be destroyed as soon as practicable after becoming satisfied that the restricted record is not likely to be required:
(a) for the purpose of enabling a person to perform the person's network protection duties in relation to the network; or
(b) if the network is operated by, or on behalf of, a Commonwealth agency, security authority or eligible authority of a State--for any of the following purposes:
(i) determining whether disciplinary action should be taken in relation to a use of the network by an employee, office holder or contractor of the agency or authority;
(ii) taking disciplinary action in relation to a use of the network by such an employee, office holder or contractor in a case where the use is not an appropriate use of the network by that employee, office holder or contractor;
(iii) reviewing a decision to take such disciplinary action.