Home / About us / Our corporate information / Annual reports / OAIC annual reports / Annual Report 2016–17

Part 5 Appendices

Publication date: 2017

Appendix A: Agency resource statement and resources for outcomes

Table A.1: Office of the Australian Information Commissioner resource statement 2016–17[*]
  

Actual available appropriation for 2016–17
$’000

Payments made
2016–17
$’000

Actual available appropriation for 2016–17
$’000

    (a) (b) (a) - (b)
Ordinary Annual Services[1]        
Departmental appropriation   19,045 13,837 5,208
Total   19,045 13,837 5,208
Administered expenses    
Total ordinary annual services A 19,045 13,837  
Other services        
Administered expenses    
Departmental non-operating    
Administered non-operating    
Total    
Total other services B  
Total available annual appropriations and payments        
Special appropriations    
Special appropriations limited by criteria/entitlement    
Total special appropriations C  
Special Accounts    
Total Special Account D N/A N/A  
Total resourcing and payments
A + B + C + D		   19,045 13,837  
Less appropriations drawn from annual or special appropriations above and credited to special accounts   N/A N/A  
And/or payments to corporate entities through annual appropriations   N/A N/A  
Total net resourcing and payments for the Office of the Australian Information Commissioner   19,045 13,837  

[1] Appropriation Act (No.1) 2016–17 and Appropriation Act (No.3) 2015–16 and Appropriation Act (No. 5) 2014–15. Includes prior year departmental appropriation and section 74 Retained Revenue Receipts.

[*] All figures are GST exclusive.

 

Table A.2: Office of the Australian Information Commissioner resource statement 2016–17
 

Budget
2016–17
$’000

Actual expenses
2016–17
$’000

Variation
2016–17
$’000

  (a) (b) (a) - (b)
Outcome 1

Provision of public access to Commonwealth Government information, protection of individuals’ personal information, and performance of information commissioner, freedom of information and privacy functions
Program 1.1

Complaint handling, compliance and monitoring, and education and promotion

Administered expenses

Departmental expenses

      

Departmental appriopriation[1]

14,395

12,662

1,733

Special appropriations

Special Accounts

Expenses not requiring appropriation in the Budget year

593

503

90
Total for Program 1.1 14,988 13,165 1,823
Outcome 1 Totals by appropriation type

Administered Expenses

Departmental expenses

      

Departmental appropriation[1]

14,395

12,662

1,733

Special appropriations

Special Accounts

Expenses not requiring appropriation in the Budget year

593

503

90
Total expenses for Outcome 1 14,988 13,165 1,823
 2016-172016-17 
Average Staffing Level (number) 75 71 4

[1] Departmental Appropriation combines Ordinary annual services (Appropriation Act Nos. 1, 3 and 5) and Retained Revenue Receipts under section 74 of the PGPA Act 2013.

Appendix B: Memoranda of understanding

Australian Bureau of Statistics

This year we entered into an MOU with the Australian Bureau of Statistics (ABS) to provide privacy advice tailored to the needs of the ABS.

For this service, we received $25,000.00 (GST exclusive) from the ABS.

Australian Digital Health Agency

In July 2016, the Australian Digital Health Agency (the Agency) became the My Health Record System Operator. This year we entered into an MOU with the Agency and worked closely with the Agency to provide support and assistance on privacy matters relating to both the Healthcare Identifiers (HI) Service and My Health Record system.

For the HI Service, we provide the following services:

  • respond to privacy enquiries and complaints
  • investigate cases of misuse of healthcare identifiers
  • receive data breach notifications
  • conduct privacy assessments
  • provide guidance material
  • liaise and coordinate on privacy related matters and activities with key stakeholders
  • provide policy advice
  • monitor and participate in digital health developments

For the My Health Record system, we provide the following services:

  • respond to enquiries and complaints relating to the privacy aspects of the My Health Record system
  • investigate acts and practices that may have been a contravention of the My Health Record system
  • receive data breach notifications and provide advice
  • investigate failures to notify data breaches
  • conduct privacy assessments
  • provided guidance material for individuals and participants in the My Health Record system
  • liaise and coordinate on privacy related matters and activities with key stakeholders
  • prepare relevant communication and media materials
  • provide policy and legislation advice
  • monitor and participate in digital health developments

For these combined services, we received $2,076,649.94 (GST exclusive) from the Agency.

Australian Human Rights Commission

The Australian Human Rights Commission (AHRC) continued to provide a number of corporate services to our office this year. The corporate services included financial, administrative, information technology and human resource related tasks. As a part of this, we also sub-let premises in Sydney from the AHRC.

For the corporate services we paid $1,050,010 (GST exclusive), and for the premises (including outgoings) we paid $1,029,214.23 (GST exclusive) to the AHRC.

ACT Government

As a part of our three year MOU with the ACT Government we continued to provide privacy services to ACT public sector agencies. These services included:

  • handling privacy complaints and enquiries about ACT public sector agencies in relation to the Information Privacy Act 2014 and its Territory Privacy Principles (TPPs)
  • providing policy and legislation advice
  • providing advice on data breach notifications, where applicable
  • carrying out privacy assessments
  • providing access to privacy seminars

For these services, we received $175,131.77 (GST exclusive) from the ACT Government.

Department of Education and Training

We continued to support the Department of Education and Training with their Student Identifier (SI) initiative, providing expert and timely advice on privacy matters. Our services to the department this year included:

  • Advice on Data Breach Response Plan
  • Advice on Data Access Guidelines
  • Completion of an assessment of the SI Office to determine whether the SI Office is managing personal information as required by APPs 1 and 5
  • Design and development of an online questionnaire for the assessment of Registered Training Organisation against APPs 1 and 5

For these services, we received $114,000.00 (GST exclusive).

Department of Immigration and Border Protection

Under our MOU with the Department of Immigration and Border Protection (DIBP) we commenced a Passenger Name Record (PNR) data related assessment which follows up the implementation of recommendations made in a previous assessment undertaken in 2015. The assessment also considers DIBP’s practices concerning the destruction and de-identification of PNR data.

For these services, we received $65,000.00 (including GST).

Note: The agreement between Australia and the European Union (EU) on the processing and transfer of Passenger Name Record data states that ‘The Australian Customs and Border Protection Service has arrangements in place under the Privacy Act for the Australian Information Commissioner to undertake regular formal audits of all aspects of Australian Customs and Border Protection Service’s EU-sourced PNR data use, handling and access policies and procedures.’

Department of Human Services

As a part of our ongoing work with the Department of Human Services, we continued to provide general privacy services and support to the Department of Human Services. Our work included:

  • Advice on the updated DHS Privacy Policy
  • Advice on the operation of the APPs with respect to a Draft Practice Direction issued by the Administrative Appeals Tribunal (Social Services And Child Support Division)
  • Advice on the Privacy Impact Assessment for the Welfare Payment Transformation Program
  • Review of 29 data breach notifications by DHS under s 75 of the My Health Records Act 2012 (Cth)

For these services, we received $220,000.00 (GST exclusive) from the Department of Human Services.

Appendix C: Privacy statistics

Table C.1: Issues in complaints: APPs

APP issues

No. of complaints

%

Openness and transparency

8

0.3

Anonymity and pseudonymity

12

0.5

Collection

274

11.0

Unsolicited personal information

6

0.24

Notification of collection

71

2.9

Use or disclosure

794

31.9

Direct marketing

108

4.3

Cross-border disclosure

5

0.20

Government identifiers

4

0.16

Quality of personal information

210

8.4

Security of personal information

493

19.8

Access to personal information

420

16.9

Correction

32

1.3

 

Table C.2: The main remedies agreed in conciliated complaints in 2016–17

Remedy[*]

APPs[**]

Credit

Spent convictions

TFN

Totals

Access provided

198

3

0

1

202

Record amended

76

69

0

0

145

Compensation

110

6

1

1

118

Apology

125

9

0

0

134

Changed procedures

101

3

0

2

106

Staff training

29

0

0

0

29

Other or confidential

121

23

0

0

144

[*] Each complaint resolved may involve more than 1 remedy type.

[**] Includes NPP, IPP and ACT TPP complaints

 

Table C.3:

Compensation amounts

APPs[**]

Credit

Spent convictions

TFN

Totals

Up to $1000

27

3

0

0

30

$1001 to $5000

52

6

0

1

59

$5001 to $10,000

28

0

1

0

28

Over $10,001

17

0

1

0

18

[**] Includes NPP, IPP and ACT TPP complaints

 

Table C.4: Privacy assessments
 Assessment subjectNo. entities assessedYear openedDate closed
1 Comcare 1 2015–16 Sep–16
2 Department of Immigration and Border Protection (Advanced Passenger Processing) 1 2015–16 Oct–16
3 Department of Immigration and Border Protection (Smartgate) 1 2015–16 Oct–16
4 Universal Student Identifier (USI) — APPs 1 and 5 1 2015–16 Dec–16
5 Telstra: requests for information by law enforcement agencies — APP 11 1 2015–16 Dec–16
6 Department of Immigration and Border Protection (Contractual arrangements) 1 2015–16 Ongoing
7 Follow up with Optus — ss 306 and 306A obligations 1 2016–17 Sep–16
8 Follow up with iiNet — ss 306 and 306A obligations 1 2016–17 Dec–16
9 Vodafone: requests for information by law enforcement agencies — APP 11 1 2016–17 Feb–17
10 Optus: requests for information by law enforcement agencies — APP 11 1 2016–17 Jun–17
11 Follow up with Vodafone — ss 306 and 306A obligations 1 2016–17 Jul–17
12 Document Verification Service — gateway service providers 2 2016–17 Ongoing
13 Department of Immigration and Border Protection (SmartGate security) 1 2016–17 Ongoing
14 Department of Immigration and Border Protection (third party provider) 1 2016–17 Ongoing
15 Department of Immigration and Border Protection (SmartGate APP 12) 1 2016–17 Ongoing
16 Loyalty program 2 2016–17 Ongoing
17 ACT Government — Access Canberra 1 2016–17 Ongoing
18 iiNet: requests for information by law enforcement agencies — APP 11 1 2016–17 Ongoing
19 Tax file numbers publishing agencies 7 2016–17 Ongoing
20 Department of Immigration and Border Protection (Passenger name record) 1 2016–17 Ongoing

 

Table C.5: Digital health assessments
Assessment subjectNo. entities assessedYear openedClosed
Follow up assessment of the implementation of recommendations made in the 2015 OAIC audit of the National Repositories Service 1 2015–16 Sep–2016
Assessment of the Australian Health Practitioner Regulation Agency’s handling of healthcare identifiers and associated personal information — APPs 10 and 11 1 2015–16 Oct–2016
Assessment of the Department of Human Services for services related to the My Health Record system — APP 1.2 1 2016–17 Ongoing

Appendix D: FOI statistics

This appendix has been prepared using data collected from ministers and agencies subject to the FOI Act, and separately from the Administrative Appeals Tribunal and from our own records. Ministers and agencies are required to provide, among other details, information about:

  • the number of FOI requests made to them
  • the number of decisions they made granting, partially granting or refusing access, and the number and outcome of applications for internal review
  • the number and outcome of requests to them to amend personal records
  • charges collected by them

The full data set given by ministers and agencies for the preparation of this appendix is published on data.gov.au.

Table D.1: Number of FOI requests received — top 20 and others
Agency2015–162016–17
PersonalOtherTotal[*]PersonalOtherTotal%
Department of Immigration and Border Protection 20,889 590 21,479 17,702 516 18,218 46.10
Department of Human Services 4,573 114 4,687 7,164 293 7,457 18.87
Department of Veterans’ Affairs 3,318 20 3,338 3,067 28 3,095 7.83
Administrative Appeals Tribunal 1,406 8 1,414 1,547 17 1,564 3.96
Northern Australian Infrastructure Facility - - - 0 1,367 1,367 3.46
Australian Taxation Office 586 518 1,104 599 515 1,114 2.82
Australian Federal Police 446 175 621 438 201 639 1.62
Immigration Assessment Authority - - - 402 0 402 1.02
Department of Defence 114 274 388 151 233 384 0.97
Department of Health 1 271 272 4 333 337 0.85
Department of the Treasury 6 130 136 0 224 224 0.57
Department of Foreign Affairs and Trade 90 184 274 76 146 222 0.56
Attorney-General’s Department 47 175 222 51 164 215 0.54
Department of the Prime Minister and Cabinet 5 226 231 1 197 198 0.50
Australian Securities and Investments Commission 43 199 242 69 125 194 0.49
Department of Employment 155 52 207 107 66 173 0.44
Commonwealth Ombudsman - - - 158 13 171 0.43
Department of Social Services 77 83 160 68 99 167 0.42
Australian Transaction Reports and Analysis Centre (AUSTRAC) 110 30 140 119 47 166 0.42
Department of Finance 4 144 148 13 146 159 0.40
Total — Top 20 32,186[^] 3,418[^] 35,604[^] 31,736 4,730 36,466 92.27
Remaining agencies and Ministers 698 1,694 2,392 647 2,406 3,053 7.73
Total 32,884 5,112 37,996 32,383 7,136 39,519 100

[^] Shows the total for the top 20 agencies in 2015–16 (i.e. includes figures for agencies that are not in the top 20 agencies in 2016–17).

[*] Number in brackets after 2015–16 totals indicates the agency ranking for that year where not the same as 2016-17.

 

Table D.2: FOI requests determined — top 20 and others
AgencyGranted in full%Granted in part%Refused%Total
Department of Immigration and Border Protection 11,230 62.48 5,828 32.43 915 5.09 17,973
Department of Human Services 2,728 41.96 3,142 48.32 632 9.72 6,502
Department of Veterans’ Affairs 2,735 97.92 31 1.11 27 0.97 2,793
Administrative Appeals Tribunal 892 81.83 172 15.78 26 2.39 1,090
Australian Taxation Office 111 12.97 566 66.12 179 20.91 856
Australian Federal Police 32 5.62 383 67.31 154 27.06 569
Department of Defence 61 19.87 173 56.35 73 23.78 307
Immigration Assessment Authority 229 80.63 38 13.38 17 5.99 284
Department of Health 48 28.57 58 34.52 62 36.90 168
Australian Securities and Investments Commission 22 14.47 62 40.79 68 44.74 152
Commonwealth Ombudsman 22 14.86 80 54.05 46 31.08 148
Australian Transaction Reports and Analysis Centre 59 40.14 56 38.10 32 21.77 147
Department of Employment 59 45.04 47 35.88 25 19.08 131
Department of the Prime Minister and Cabinet 17 13.08 47 36.15 66 50.77 130
Attorney Generals’ Department 12 9.38 41 32.03 75 58.59 128
Department of Foreign Affairs and Trade 16 12.80 58 46.40 51 40.80 125
Comcare 33 28.45 43 37.07 40 34.48 116
Trade Marks Office 26 22.41 84 72.41 6 5.17 116
Australian Postal Corporation 20 18.02 53 47.75 38 34.23 111
Department of the Environment and Energy 12 10.91 82 74.55 16 14.55 110
Total - Top 20 18,364 57.47 11,044 34.56 2,548 7.97 31,956
Remaining agencies and Ministers 513 24.75 723 34.88 837 40.38 2,073
Total 18,877 55.47 11,767 34.58 3,385 9.95 34,029

 

Table D.3: Use of exemptions in FOI decisions in 2016–17
FOI Act referenceExemptionPersonalOtherTotal%
s 33 Documents affecting national security, defence or international relations 478 129 607 4.41
s 34 Cabinet documents 0 67 67 0.49
s 37 Documents affecting enforcement of law and protection of public safety 717 191 908 6.60
s 38 Documents to which secrecy provisions of enactments apply 638 209 847 6.16
s 42 Documents subject to legal professional privilege 253 139 392 2.85
s 45 Documents containing material obtained in confidence 174 125 299 2.17
s 45A Parliamentary Budget Office documents 1 2 3 0.02
s 46 Documents disclosure of which would be contempt of Parliament or contempt of court 11 18 29 0.21
s 47 Documents disclosing trade secrets or commercially valuable information 37 106 143 1.04
s 47A Electoral rolls and related documents 11 4 15 0.11
s 47B Commonwealth-State relations 67 55 122 0.89
s 47C Deliberative processes 313 345 658 4.78
s 47D Financial or property interests of the Commonwealth 25 20 45 0.33
s 47E Certain operations of agencies 1,962 579 2,541 18.47
s 47F Personal privacy 5,705 886 6,591 47.90
s 47G Business 186 306 492 3.58
s 47H Research 1 0 1 0.01
s 47J The economy 0 0 0 -

 

Table D.4: Reliance on exemptions by percentage from 2014–15 to 2016–17

This table shows the percentage use of each exemption category in relation to all exemptions claimed. A dash is shown where the exemption was not used or it is less than 0.1 %.

Exemption2014–15 %2015–16 %2016–17 %
s 33 4.6 5 4.4
s 34 0.6 0.6 0.5
s 37 12.2 8.8 6.6
s 38 5 6.1 6.2
s 42 2.2 2.6 2.8
s 45 2.3 1.8 2.2
s 45A - - -
s 46 0.1 0.2 0.2
s 47 1.1 0.8 1.0
s 47A - 0.1 0.1
s 47B 1 1.2 0.9
s 47C 4.7 4.3 4.8
s 47D 0.1 0.1 0.3
s 47E 13.9 19.8 18.5
s 47F 47.6 44.6 47.9
s 47G 4.3 4 3.6
s 47H - - -
s 47J - - -

 

Table D.5: Use of practical refusal 2016–17

Practical refusal processing step

PersonalOtherTotal%
Notified in writing of intention to refuse request 834 732 1,566 -
Request was subsequently refused or withdrawn 560 473 1,033 66
Request was subsequently processed 274 259 533 34

 

Table D.6: Time taken to respond to FOI requests
 2015–162016–17
Response timePersonalOtherTotalPersonalOtherTotal
Within applicable statutory time period 23,170 3,099 26,269 16,343 3,264 19,607
1 — 30 days over 3,453 313 3,766 3,475 325 3,800
31 — 60 days over 1,129 149 1,278 2,746 83 2,829
61 — 90 days over 632 63 695 2,549 46 2,595
90 + days over 1,063 102 1,165 5,006 192 5,198
Total 29,447 3,726 33,173 30,119 3,910 34,029

 

Table D.7: Determinations of FOI requests for amendment of personal records
Decision2013‑14%2014‑15%2015‑16%2016‑17%
Requests granted: amend record 2,040 61.8 1,624 63.9 1,497 60.2 625 55.6
Requests granted: annotate record 208 6.3 203 8.0 154 6.2 136 12.1
Requests granted: amend and annotate record - - 2 0.1 1 - 3 0.3
Requests refused 1,055 31.9 713 28.0 835 33.6 360 32.0
Total decided 3,303 100 2,542 100 2,487 100 1,124 100

Charges

Section 29 of the FOI Act provides for an agency or minister to impose charges for costs associated with processing some FOI requests. There is no charge for making an application.

Under the Freedom of Information (Charges) Regulations 1982, charges apply only to an initial access decision under Part III of the FOI Act. Charges that agencies can impose include costs associated with search and retrieval time, collating information and photocopying. An applicant may request that a charge be reduced or not imposed, and the agency must consider that request.

Table D.10: Charges collected 2016–17 — top 20 agencies and others
AgencyRequests receivedRequests where charges were notifiedTotal charges notified
$		Total charges collected
$
Department of Health 337 134 97,831 21,984
Department of Education and Training 157 73 29,585 12,891
Australian Taxation Office 1,114 21 10,248 9,668
Department of Foreign Affairs and Trade 222 81 29,185 9,007
Department of the Environment and Energy 129 31 18,440 8,534
Department of Defence 384 67 14,237 6,857
Department of the Prime Minister and Cabinet 198 21 9,584 5,535
Department of Finance 159 48 35,894 4,911
Civil Aviation Safety Authority 113 31 13,529 4,581
Australian Transaction Reports and Analysis Centre (AUSTRAC) 166 11 4,455 4,326
Department of Veterans’ Affairs 3,095 57 4,578 4,196
Department of Human Services 7,457 121 20,270 3,989
Department of Industry, Innovation and Science 87 15 6,914 3,482
Food Standards Australia New Zealand 10 4 6,282 3,415
Department of Agriculture and Water Resources 85 21 9,941 3,392
Department of Infrastructure and Regional Development 109 24 11,095 3,185
Australian Competition and Consumer Commission 61 20 6,726 2,801
Clean Energy Regulator 22 4 2,407 2,407
Australian Bureau of Statistics 63 13 12,419 2,388
Attorney-General’s Department 215 17 18,214 2,245
Total - Top 20 14,183 814 36,1834 119,794
Remaining agencies and ministers 25,336 503 143,560 27,249
Total 39,519 1317 505,394 147,043

Disclosure log

All Australian Government agencies and ministers that are subject to the FOI Act are required to maintain an FOI disclosure log on their website. The disclosure log lists information that has been released to FOI applicants, subject to some exceptions (such as personal information).

In 2016–17, 98 agencies and ministers provided information on disclosure log activity (up from 89 in 2015–16). Collectively, they listed 958 documents on their disclosure logs and counted 59,738 page views.

Review of FOI decisions

Under the FOI Act, an applicant who is dissatisfied with the decision of an agency on their initial FOI request has several avenues of review or redress.

A person who is dissatisfied with an agency’s access grant or access refusal decision can either apply for internal review or IC review of that decision.

Table D.11: Internal agency review of decisions — outcomes
Internal agency review decisionPersonalOther2016–17 total
Decisions affirmed 149 145 294
Access granted in full 68 18 86
Access granted in part 142 60 202
Access granted after deferment 5 2 7
Access granted in another form 9 2 11
Charges reduced 1 15 16
Lesser access 3 7 10
Withdrawn without concession 16 17 33
Total 393 266 659

Information Commissioner review of FOI decisions

Table D.12: Top 20 IC review applications received
Agency

Total FOI requests received by agency

Access refusal decisions

Access grant decisions

Total IC reviews

Department of Immigration and Border Protection 18,218 140 0 140
Department of Human Services 7,457 91 0 91
Australian Taxation Office 1,114 46 0 46
Australian Securities and Investments Commission 194 19 8 27
Australian Federal Police 639 26 1 27
Department of Defence 384 25 2 27
Department of Health 337 17 1 18
Department of the Prime Minister and Cabinet 198 16 0 16
Department of Foreign Affairs and Trade 222 16 0 16
Prime Minister of Australia 63 14 0 14
Attorney-General’s Department 215 11 0 11
Australian Sports Anti-Doping Authority 39 9 0 9
Commonwealth Ombudsman 171 7 0 7
Department of the Treasury 224 7 0 7
Department of Veterans’ Affairs 3,095 6 1 7
Department of Employment 173 6 0 6
Department of the Environment and Energy 129 5 1 6
Australian Postal Corporation 125 6 0 6
Civil Aviation Safety Authority 94 6 0 6
Australian Human Rights Commission 55 5 1 6
Subtotal 33,146 478 15 493
Remaining agencies/ministers 6,373 131 8 139
Total 39,519 609 23 632

 

Table D.13: IC review outcomes 2013–14 to 2016–17 and % change from 2015–16 to 2016–17
Information Commissioner decisions2013‑142014‑152015‑162016‑17% of 2016‑17 total
s 54N — out of jurisdiction or invalid 59 37 44 34 6.60
s 54R — withdrawn 111 59 81 115 22.33
s 54R — withdrawn/conciliated 71 51 78 93 18.06
s 54W(a) — deemed acceptance of PV/appraisal 27 26 7 0 0
s 54W(a)(i) — frivolous, vexatious, misconceived, lacking in substance, or not in good faith 170 87 94 66 12.82
s 54W(a)(ii) — failure to cooperate 62 19 7 57 11.07
s 54W(a)(iii) — lost contact 0 5 5 3 0.58
s 54W(b) — refer AAT 41 61 32 15 2.91
s 55F — set aside by agreement 1 0 2 7 1.36
s 55F — varied by agreement 1 2 7 5 0.97
s 55F — affirmed by agreement 1 2 1 1 0.19
s 55G — substituted 4 5 16 15 2.91
s 55K — affirmed by IC 32 48 28 48 9.32
s 55K — affirmed by IC following revised decision during IC review 8 5 11 17 3.30
s 55K — set aside by IC 53 52 22 23 4.47
s 55K — varied by IC 5 23 19 16 3.11
Total 646 482 454 515 100%

Administrative Appeals Tribunal review

An application may be made to the AAT for review of the Commissioner’s IC review decisions and where the Commissioner has indicated a matter is better dealt with directly by the AAT.

As with IC review, the AAT conducts a merits review process. The AAT’s decisions are appealable to the Federal Court of Australia, but only on a question of law.

Table D.14: Applications to AAT for FOI review in 2016–17
AgencyApplications
Aged Care Complaints Commissioner 1
Austrade 1
Australian Fisheries Management Authority 2
Australian Health Practitioner Regulation Agency 1
Australian Postal Corporation 1
Australian Securities and Investments Commission 1
Australian Sports Commission 1
Australian Taxation Office 7
Bureau of Meteorology 1
Department of Defence 4
Department of the Environment and Energy 2
Department of Foreign Affairs and Trade 1
Department of Human Services 1
Department of Immigration and Border Protection 9
Department of Veterans’ Affairs 1
Minister for Communications and the Arts 1
Prime Minister of Australia 3
Office of the Australian Information Commissioner (vexatious applicant declaration) 1
Total 39

 

Table D.15: Outcomes of FOI reviews finalised by the AAT in 2016–17

AAT outcomes

Number

By decision  

Decision affirmed

8

Decision varied/set aside/remitted

7
Other  

Dismissed by AAT

1

No jurisdiction

0

Extension of time refused

0
By consent or withdrawn  

Decision affirmed

0

Decision varied/set aside/remitted

4

Dismissed by consent

1

Dismissed by operation of law

0

Withdrawn by applicant

13
Total 34

Impact of FOI on agency resources

To assess the impact on agency resources on compliance with the FOI Act, agencies are required to estimate the hours that staff spent on FOI matters and the non-labour costs directly attributable to FOI, such as training and legal costs.

Table D.16: Comparative total yearly cost of FOI processing
YearTotal cost $YearTotal cost $YearTotal cost $
1982–83* 7,502,355 1994–95 11,955,482 2006–07 24,936,178
1983–84 15,106,511 1995–96 14,564,562 2007–08 29,474,653
1984–85 16,496,961 1996–97 15,972,950 2008–09 30,358,484
1985–86 15,711,889 1997–98 12,191,478 2009–10 27,484,129
1986–87 13,336,864 1998–99 13,066,029 2010–11 36,318,030
1987–88 11,506,931 1999–00 14,035,394 2011–12 41,718,803
1988–89 10,494,376 2000–01 14,415,406 2012–13 45,231,147
1989–90 10,373,321 2001–02 17,387,088 2013–14 41,836,685
1990–91 9,921,772 2002–03 18,398,181 2014–15 40,021,572
1991–92 12,723,097 2003–04 20,189,136 2015–16 41,151,698
1992–93 12,702,329 2004–05 22,860,022 2016–17 44,787,154
1993–94 13,977,360 2005–06 24,903,771    

 

Table D.17: Average cost per FOI request for last ten years
YearRequests determinedTotal costAverage cost per request determined $
2007–08 31,367 29,474,653 940
2008–09 25,139 30,358,484 1,208
2009–10 19,583 27,484,129 1,403
2010–11 20,187 36,318,030 1,799
2011–12 22,237 41,718,803 1,876
2012–13 21,764 45,231,147 2,078
2013–14 23,106 41,836,685 1,811
2014–15 29,000 40,021,572 1,380
2015–16 33,173 41,151,698 1,241
2016–17 34,029
(2.6% increase)		 44,787,154
(8.8% increase)		 1,316
(6% increase)

 

Table D.18: Reported time spent by staff on FOI matters for years 2013–14 to 2016–17 and % change between 2015–16 and 2016–17
Percentage of time spent2013‑142014‑152015‑162016‑17+/- %
Staff numbers: 75–100% of time spent on FOI matters 287 291 259 276 6.56
Staff numbers: Less than 75% of time spent on FOI matters 3,623 3,046 3,378 3,600 6.57
Total staff hours 630,936 589,726 614,424 670,986 9.21
Total staff years 315.5 294.9 307.2 335.5 -

 

Table D.19: Estimated staff costs of FOI processing for 2016–17
Type of staffStaff yearsTotal staff costs $[*]
FOI officers 258.63 30,808,955
SES 9.23 2,727,886
APS Level 6 and EL 1–2 26.82 4,669,263
APS Levels 1–5 38.45 3,784,513
Minister and advisers 1.10 238,518
Minister’s support staff 1.25 122,827
Total 335.49 42,351,963

[*] Includes 60% loading for related costs.

Non-labour costs

Table D.20: Non-labour costs for FOI processing for years 2013–14 to 2016–17, and the percentage change between 2015–16 and 2016–17.
Costs $2013–142014–152015–162016–17%+/-
General legal advice 830,002 1,031,544 483,263 1,268,462 162.48
Litigation 157,781 764,772 930,047 635,240 -31.70
Total legal costs 987,783 1,796,316 1,413,310 1,903,702 34.70
General administrative 706,032 378,265 309,987 237,932 -23.24
Training 134,989 334,599 341,303 244,765 -28.29
Other 78,352 114,453 273,007 48,792 -82.00
Total 1,907,156 2,623,633 2,337,607 2,435,191 4.17

Impact of the Information Publication Scheme on agency resources

Agencies are required to provide information about the costs of meeting their obligations under the Information Publication Scheme (IPS), which commenced on 1 May 2011.

Information Publication Scheme costs

Table D.21: Reported time spent by staff on IPS matters for years 2013–14 to 2016–17, and the percentage change between 2015–16 and 2016–17
Percentage of time spent2013‑142014‑152015‑162016‑17%+/-
Staff numbers: 75–100% of time spent on IPS 17 5 8 9 12.5
Staff numbers: Less than 75% of time spent on IPS 415 240 212 280 32.08
Total staff hours 26,116 10,696 7,083 6,705 - 5.34
Total staff years 13.1 5.3 3.5 3.35 -
Table D.22: Estimated staff costs of IPS for 2016–17
Type of staffStaff yearsTotal staff costs $[*]
IPS officers 2.70 321,390
SES 0.06 16,986
APS Level 6 and EL 1–2 0.36 63,102
APS Levels 1–5 0.23 23,079
Total 3.35 424,557

[*] Includes 60% loading for related costs.

Appendix E: Acronyms and abbreviations

Acronym or abbreviationExpanded term
AAT Administrative Appeals Tribunal
ACAPS Australian Community Attitudes to Privacy Survey
ACCAN Australian Communications Consumer Action Network
AHPRA Australian Health Practitioner Regulation Agency
AHRC Australian Human Rights Commission
AIC Act Australian Information Commission Act 2010
ALRC Australian Law Reform Commission
ANAO Australian National Audit Office
APEC Asia-Pacific Economic Cooperation
APP Australian Privacy Principle
APPA Asia Pacific Privacy Authorities
APS Australian Public Service
ATO Australian Taxation Office
AUSTRAC Australian Transaction Reports and Analysis Centre
BGA Block Grant Authority
CALC Consumer Action Law Centre
CASA Civil Aviation Safety Authority
CCLCSA Consumer Credit Law Centre South Australia
CII Commissioner-Initiated Investigation
CIO Credit and Investments Ombudsman
CHF Consumers Health Forum of Australia
CPN Consumer Privacy Network
DBN Data Breach Notification
DHS Department of Human Services
DIBP Department of Immigration and Border Protection
DSS Department of Social Services
DVS Document Verification Service
EDR External dispute resolution
EFA Electronic Frontiers Australia Inc.
ESD Ecologically Sustainable Development
EWOQ Energy + Water Ombudsman Queensland
EWON Energy & Water Ombudsman NSW
EWOSA Energy & Water Ombudsman SA
EWOV Energy and Water Ombudsman Victoria
EWOWA Energy and Water Ombudsman Western Australia
FOS Financial Ombudsman Service
FOI Freedom of information
FTE Full-Time Equivalent
GDPR General Data Protection Regulation
GP General practice
GPEN Global Privacy Enforcement Network
GST Goods and Services Tax
HI Healthcare Identifiers
IC Information Commissioner
Information Commissioner Australian Information Commissioner, within the meaning of the Australian Information Commissioner Act 2010
IPP Information Privacy Principle
IPS Information Publication Scheme
MDBA Murray-Darling Basin Authority
MOU Memorandum of Understanding
MYEFO Mid-Year Economic and Fiscal Outlook
My Health Records Act My Health Records Act 2012
NAB National Australia Bank
NDB Notifiable Data Breaches
NPP National Privacy Principle
OAIC Office of the Australian Information Commissioner
PGPA Act Public Governance, Performance and Accountability Act 2013
PPN Privacy Professionals’ Network
Privacy Act Privacy Act 1988
PAW Privacy Awareness Week
PIA Privacy Impact Assessment
PTO Public Transport Ombudsman Victoria
SES Senior Executive Service
SI Student Identifier
SME Small and Medium Enterprises
SRC Act Safety, Rehabilitation and Compensation Act 1988
TAP Talking about performance
Telecommunications Act Telecommunications Act 1997
TCO Tolling Customer Ombudsman
TFN Tax File Number
TIA Act Telecommunications (Interception and Access) Act 1979
TIO Telecommunications Industry Ombudsman
TPPs Territory Privacy Principles
WHS Workplace Health and Safety

Appendix F: Correction of material errors

Correction of errors in the Office of the Australian Information Commissioner Annual Report 2015–16.

Page 3

The OAIC incorrectly referenced ‘Subsection 63(1) of the Public Service Act 1999’ in the transmittal letter. The correct reference is section 46 of the Public Governance, Performance and Accountability Act 2013 (PGPA Act)

Page 12

The first paragraph referenced the 2015–16 Budget; the correct reference was the 2016–17 Budget.

Page 14

The number of privacy complaints about credit reporting bodies was incorrectly reported as 153 rather than 151 and telecommunications reported as 151 rather than 153 (however the figures shown on page 42 relating to this subject are correct).

Page 16

The rise in FOI enquiries was incorrectly reported as 19% rather than 31%.

The number of Information Commissioner reviews of FOI requests was incorrectly reported as 323 rather than 373 (for 2014–15).

Appendix G: Index

The index is not available in accessible HTML. If you require the index in an alternate format, please send your request to website@oaic.gov.au.

Appendix H: Requirements

PGPA rule referenceDescriptionRequirementPart of report
17AD(g) Letter of transmittal
17AI A copy of the letter of transmittal signed and dated by accountable authority on date final text approved, with statement that the report has been prepared in accordance with section 46 of the Act and any enabling legislation that specifies additional requirements in relation to the annual report. Mandatory 3
17AD(h) Aids to access
17AJ(a) Table of contents. Mandatory 4
17AJ(b) Alphabetical index. Mandatory 187
17AJ(c) Glossary of abbreviations and acronyms. Mandatory 183
17AJ(d) List of requirements. Mandatory 200
17AJ(e) Details of contact officer. Mandatory 2
17AJ(f) Entity’s website address. Mandatory 2
17AJ(g) Electronic address of report. Mandatory 2
17AD(a) Review by accountable authority
17AD(a) A review by the accountable authority of the entity. Mandatory 14–17
17AD(b) Overview of the entity
17AE(1)(a)(i) A description of the role and functions of the entity. Mandatory 9
17AE(1)(a)(ii) A description of the organisational structure of the entity. Mandatory 23–26
17AE(1)(a)(iii) A description of the outcomes and programmes administered by the entity. Mandatory 38–83
17AE(1)(a)(iv) A description of the purposes of the entity as included in corporate plan. Mandatory 10
17AE(1)(b) An outline of the structure of the portfolio of the entity. Portfolio departments - mandatory 9, 23–26
17AE(2) Where the outcomes and programs administered by the entity differ from any Portfolio Budget Statement, Portfolio Additional Estimates Statement or other portfolio estimates statement that was prepared for the entity for the period, include details of variation and reasons for change. If applicable, Mandatory N/A
17AD(c) Report on the Performance of the entity
Annual performance Statements
17AD(c)(i); 16F Annual performance statement in accordance with paragraph 39(1)(b) of the Act and section 16F of the Rule. Mandatory 38–83
17AD(c)(ii) Report on Financial Performance
17AF(1)(a) A discussion and analysis of the entity’s financial performance. Mandatory 112–149
17AF(1)(b) A table summarising the total resources and total payments of the entity. Mandatory 153–154
17AF(2) If there may be significant changes in the financial results during or after the previous or current reporting period, information on those changes, including: the cause of any operating loss of the entity; how the entity has responded to the loss and the actions that have been taken in relation to the loss; and any matter or circumstances that it can reasonably be anticipated will have a significant impact on the entity’s future operation or financial results. If applicable, Mandatory. 112–149, 153–154
17AD(d) Management and Accountability
Corporate Governance
17AG(2)(a) Information on compliance with section 10 (fraud systems) Mandatory 110
17AG(2)(b)(i) A certification by accountable authority that fraud risk assessments and fraud control plans have been prepared. Mandatory 3
17AG(2)(b)(ii) A certification by accountable authority that appropriate mechanisms for preventing, detecting incidents of, investigating or otherwise dealing with, and recording or reporting fraud that meet the specific needs of the entity are in place. Mandatory 3
17AG(2)(b)(iii) A certification by accountable authority that all reasonable measures have been taken to deal appropriately with fraud relating to the entity. Mandatory 3
17AG(2)(c) An outline of structures and processes in place for the entity to implement principles and objectives of corporate governance. Mandatory 100
17AG(2)(d) — (e) A statement of significant issues reported to Minister under paragraph 19(1)(e) of the Act that relates to non-compliance with Finance law and action taken to remedy non-compliance. If applicable, Mandatory N/A
External Scrutiny
17AG(3) Information on the most significant developments in external scrutiny and the entity’s response to the scrutiny. Mandatory N/A
17AG(3)(a) Information on judicial decisions and decisions of administrative tribunals and by the Australian Information Commissioner that may have a significant effect on the operations of the entity. If applicable, Mandatory N/A
17AG(3)(b) Information on any reports on operations of the entity by the Auditor-General (other than report under section 43 of the Act), a Parliamentary Committee, or the Commonwealth Ombudsman. If applicable, Mandatory N/A
17AG(3)(c) Information on any capability reviews on the entity that were released during the period. If applicable, Mandatory N/A
Management of Human Resources
17AG(4)(a) An assessment of the entity’s effectiveness in managing and developing employees to achieve entity objectives. Mandatory 102
17AG(4)(b) Statistics on the entity’s APS employees on an ongoing and non-ongoing basis; including the following:
  • Statistics on staffing classification level
  • Statistics on full-time employees
  • Statistics on part-time employees
  • Statistics on gender
  • Statistics on staff location
  • Statistics on employees who identify as Indigenous
 Mandatory 103
17AG(4)(c) Information on any enterprise agreements, individual flexibility arrangements, Australian workplace agreements, common law contracts and determinations under subsection 24(1) of the Public Service Act 1999. Mandatory 106
17AG(4)(c)(i) Information on the number of SES and non-SES employees covered by agreements etc identified in paragraph 17AG(4)(c). Mandatory 103
17AG(4)(c)(ii) The salary ranges available for APS employees by classification level. Mandatory 103
17AG(4)(c)(iii) A description of non-salary benefits provided to employees. Mandatory 105
17AG(4)(d)(i) Information on the number of employees at each classification level who received performance pay. If applicable, Mandatory 106
17AG(4)(d)(ii) Information on aggregate amounts of performance pay at each classification level. If applicable, Mandatory N/A
17AG(4)(d)(iii) Information on the average amount of performance payment, and range of such payments, at each classification level. If applicable, Mandatory N/A
17AG(4)(d)(iv) Information on aggregate amount of performance payments. If applicable, Mandatory N/A
Assets Management
17AG(5) An assessment of effectiveness of assets management where asset management is a significant part of the entity’s activities. If applicable, mandatory N/A
Purchasing
17AG(6) An assessment of entity performance against the Commonwealth Procurement Rules. Mandatory 108
Consultants
17AG(7)(a) A summary statement detailing the number of new contracts engaging consultants entered into during the period; the total actual expenditure on all new consultancy contracts entered into during the period (inclusive of GST); the number of ongoing consultancy contracts that were entered into during a previous reporting period; and the total actual expenditure in the reporting year on the ongoing consultancy contracts (inclusive of GST). Mandatory 108
17AG(7)(b) A statement that “During [reporting period], [specified number] new consultancy contracts were entered into involving total actual expenditure of $[specified million]. In addition, [specified number] ongoing consultancy contracts were active during the period, involving total actual expenditure of $[specified million]”. Mandatory 108
17AG(7)(c) A summary of the policies and procedures for selecting and engaging consultants and the main categories of purposes for which consultants were selected and engaged. Mandatory 108
17AG(7)(d) A statement that “Annual reports contain information about actual expenditure on contracts for consultancies. Information on the value of contracts and consultancies is available on the AusTender website.” Mandatory 108
Australian National Audit Office Access Clauses
17AG(8) If an entity entered into a contract with a value of more than $100 000 (inclusive of GST) and the contract did not provide the Auditor-General with access to the contractor’s premises, the report must include the name of the contractor, purpose and value of the contract, and the reason why a clause allowing access was not included in the contract. If applicable, Mandatory N/A
Exempt contracts
17AG(9) If an entity entered into a contract or there is a standing offer with a value greater than $10 000 (inclusive of GST) which has been exempted from being published in AusTender because it would disclose exempt matters under the FOI Act, the annual report must include a statement that the contract or standing offer has been exempted, and the value of the contract or standing offer, to the extent that doing so does not disclose the exempt matters. If applicable, Mandatory N/A
Small business
17AG(10)(a) A statement that “[Name of entity] supports small business participation in the Commonwealth Government procurement market. Small and Medium Enterprises (SME) and Small Enterprise participation statistics are available on the Department of Finance’s website.” Mandatory 109
17AG(10)(b) An outline of the ways in which the procurement practices of the entity support small and medium enterprises. Mandatory 109
17AG(10)(c) If the entity is considered by the Department administered by the Finance Minister as material in nature—a statement that “[Name of entity] recognises the importance of ensuring that small businesses are paid on time. The results of the Survey of Australian GovernmentPayments to Small Business are available on the Treasury’s website.” If applicable, Mandatory 109
Financial Statements
17AD(e) Inclusion of the annual financial statements in accordance with subsection 43(4) of the Act. Mandatory 112–149
17AD(f) Other Mandatory Information
17AH(1)(a)(i) If the entity conducted advertising campaigns, a statement that “During [reporting period], the [name of entity] conducted the following advertising campaigns: [name of advertising campaigns undertaken]. Further information on those advertising campaigns is available at [address of entity’s website] and in the reports on Australian Government advertising prepared by the Department of Finance. Those reports are available on the Department of Finance’s website.” If applicable, Mandatory 110
17AH(1)(a)(ii) If the entity did not conduct advertising campaigns, a statement to that effect. If applicable, Mandatory N/A
17AH(1)(b) A statement that “Information on grants awarded by [name of entity] during [reporting period] is available at [address of entity’s website].” If applicable, Mandatory 110
17AH(1)(c) Outline of mechanisms of disability reporting, including reference to website for further information. Mandatory 110
17AH(1)(d) Website reference to where the entity’s Information Publication Scheme statement pursuant to Part II of FOI Act can be found. Mandatory 110
17AH(1)(e) Correction of material errors in previous annual report If applicable, mandatory 186
17AH(2) Information required by other legislation Mandatory 158–161, 162–182

Was this page helpful?

Thank you.

If you would like to provide more feedback, please email us at websitefeedback@oaic.gov.au