Skip to main content
Skip to secondary navigation
Menu
Australian Government - Office of the Australian Information Commissioner - Home

Exposure Draft of the Information Commissioner Bill 2009 and the Freedom of Information Amendment (Reform) Bill 2009; Submission to the Department of the Prime Minister and Cabinet (May 2009)

Exposure Draft of the Information Commissioner Bill 2009 and the Freedom of Information Amendment (Reform) Bill 2009 Submission to the Department of the Prime Minister and Cabinet May 2009

pdfsub_info_commissioner_foi_reform

Submission to the Department of the Prime Minister and Cabinet

May 2009

Key recommendations

1. The Office of the Privacy Commissioner (the Office) welcomes the opportunity to provide a submission on the exposure drafts of the Information Commissioner Bill 2009 and the Freedom of Information Amendment (Reform) Bill 2009.

2. The Office broadly supports the reforms proposed by the Information Commissioner’s Bill 2009 and holds the view that the following recommendations may serve to enhance the new structure outlined by the Bill:

  1. The name of the new agency could benefit from the inclusion of the word ‘privacy’ to reflect the scope of the Privacy Commissioner’s functions and the role that privacy plays in the Australian community, for example, the ‘Australian Information and Privacy Commission’ (see paras11-16).
  2. To promote certainty of the application of the law and enhance consistency, the Office suggests nominating primary responsibility for specific functions to a specific information officer. This would reflect the intent that, for example, the Privacy Commissioner would be largely responsible for the privacy functions (see paras17-23).
  3. The Bill could benefit from clarification regarding whether the Privacy Commissioner may exercise certain powers currently provided for in the Privacy Act 1988 but which are not explicitly linked to a listed privacy function in the Bill (para24).
  4. It may be useful to retain a right for the Privacy Commissioner and the Freedom of Information Commissioner to be able to delegate certain of their functions to senior officers for operational reasons (paras28-30).
  5. The composition of the Information Advisory Committee (IAC) could be enhanced by broadening the membership qualifications to include representatives from such areas as academia, the community, and business and technology (paras34-37).
  6. The Office suggests provision be made for the Privacy Commissioner and the Freedom of Information Commissioner to attend the IAC as members at the Information Commissioner’s discretion (paras34-37).

3. The Office also makes the following recommendations in relation to the Freedom of Information Amendment (Reform) Bill 2009:

  1. The Office suggests that the foreshadowed amendment to the Privacy Act 1988 to provide for an enforceable right of access to, and correction of, an individual’s personal information held by government agencies be included in this current suite of amendments (paras41-46).
  2. The Office suggests the public interest exemption factors outlined in new section 11B(3) could include an additional factor which requires the decision maker to have regard to whether the disclosure of the document may adversely impact on an individual’s privacy. (paras51-57).
  3. Further consideration be given to the potential impact on an individual’s privacy by the requirement to publish accessed documents(paras58-60).
  4. It may be useful to extend the powers of decline to give the Information Commissioner the discretion to decline a complaint where:
    1. The complainant has withdrawn the complaint
    2. The complainant has not responded to the Commissioner for a specified period following a request by the Commissioner for a response in relation to the complaint
    3. An investigation, or further investigation, of the act or practice is not warranted having regard to all the circumstances
    4. The matter has been adequately dealt with by the Commonwealth Ombudsman or other relevant agency (paras63-65).
  5. The Office suggests the Bill be amended to remove the requirement for agency consent to enter premises under new section 77(2)and to leave open the classification of staff entering premises under new section 77(6) (see paras77-80).
  6. The Office believes that a civil method of enforcement, such as through a Federal Court order, may be more practical than criminal sanctions for failure to comply with requests for evidence (paras81-82).

The Office of the Privacy Commissioner

4. The Office of the Privacy Commissioner is an independent statutory body whose purpose is to promote and protect privacy in Australia. The Office, established under the Privacy Act 1988 (Cth) (the Privacy Act), has responsibilities for the protection of individuals' personal information that is handled by Australian and ACT Government agencies, and personal information held by all large private sector organisations, health service providers and some small businesses.

5. The Office holds the view that the Government’s commitment to foster trust and integrity in the use of Australian Government information as well as promoting greater openness and transparency are important goals. The Office broadly supports the proposed reforms aimed at achieving these goalsand welcomes the opportunity to comment on the exposure drafts of these Bills.

Information Commissioner Bill 2009

6. The Office supports the introduction of an Information Commissioner with a broad function to report on the Commonwealth Government’s policy and practice regarding the handling and accessibility of information held by the Government.[1] The Office believes that such a statutory position will positively contribute to the Government’s overarching objective to deliver consistent information policy across government and will significantly assist in promoting a culture of coordinated and responsible information handling and management.

7. However, in the Office’s view, the proposed structural reform establishing the Office of the Information Commissioner (OIC) will have some impact on the administration of the Privacy Act and the role of the Office to promote and protect privacy in Australia. It is this impact that will be the focus of the Office’s submission.

8. The introduction of an Information Commissioner as well as a Freedom of Information Commissioner will contribute to a cohesive approach to Government information handling and release. However, the Office submits that the Privacy Commissioner’s role is slightly differentiated by the focus on the protection of individual’s personal information. Similarly this focus extends beyond government as the Privacy Act also applies to personal information handled by all large private sector organisations, health service providers and a significant number of small businesses. As such, the Office’s views are informed by a wider perspective on information handling and it is against this backdrop that the Office submits that the Information Commissioner Bill 2009 could be enhanced through the following suggestions:

Part 1 – Preliminary

9. The Office notes that clause 3 of the Bill adopts the definition of “agency” from the Freedom of Information Act 1982 (FOI Act). The definition of “agency” provided in the FOI Act is given as “a Department, a prescribed authority or an eligible case manager.”[2] This definition differs significantly from the definition included in the Privacy Act.[3]

10. The Office suggests that it may be prudent to specifically addressthis difference in the Explanatory Memorandum to the Information Commissioner Bill 2009. In particular, it will be important to clarify the interaction between the two definitions to ensure that the scope of the term “agency” as contained in Information Commissioner Bill and the Privacy Act can continue to apply independently.

Part 2 – The Office of the Information Commissioner

Name of the Office

11. Division 1 of Part 2 establishes the Office of the Information Commissioner. The Office submits that further consideration be given to the proposed name of this new agency andsuggests that it would be beneficial if the word ‘privacy’ could be included, for example, the ‘Australian Information and Privacy Commission’.

12. The Office holds the view that the name ‘Office of the Information Commissioner’ is suitable and reflective of both the Information Commissioner and the Freedom of Information Commissioner’s remits. However, the OIC does not fully reflect the scope of the Privacy Commissioner’s function or the role that privacy plays in the Australian community or indeed internationally.

13. As stated in the Office’s submission to the ALRC’s Review of Privacy - Issues Paper 31:

“The functions of the Privacy Commissioner, outlined under s.27 of the Privacy Act, allow for actions in the interests of privacy rather than exclusively information privacy. For example, s.27(1)(r) states that the Privacy Commissioner may make reports and recommendations to the Minister in relation to any matter that concerns the need for or the desirability of legislative or administrative action in the interests of the privacy of individuals. Subsections (b), (c), (e) and (m) in s.27(1) similarly allow for a broader interpretation of privacy beyond the limits of information privacy.”[4]

14. This broader notion of privacy, as opposed to merely information privacy, is also reflected in the privacy functions as outlined in subclause 11(1)(a) of the Bill which specifically lists functions which “relate to the privacy of an individual;”. Given this broader scope, the inclusion of a reference to ‘privacy’ in the title of the new office would appear appropriate.

15. Additionally, the Office is concerned that the absence of the word ‘privacy’ may potentially have several flow on effects:

  1. It may no longer be obvious to members of the community that a Privacy Commissioner still exists. This may result in two unintended consequences:
    1. A decrease or perception of a lessening of the importance of privacy as it is not clearly apparent that a dedicated statutory position exists to promote and protect privacy in Australia.
    2. A reduced ability to easily identify and access the Office’s services. For example, it may not occur to members of the community who rely on using a telephone book to search for the appropriate government agency to look up the ‘Office of the Information Commissioner’ in relation to their privacy issue.
  2. A perception that privacy and the protection of personal information areconsidered less important or a secondary consideration as compared to other issues such as openness and transparency.

16. Finally, in support of the Office’s suggestion that the name the ‘Australian Information and Privacy Commission’ be given consideration, the Office submits that the use of the word ‘Commission’ is also more reflective of the fact that there will be three statutory office holders rather than a single individual regulator.

Information Officers

Performance of Functions

17. Division 3, Subdivision Aof Part 2outlines the functionsand powers of the three statutory office holders.The Information Commissioner is vested with all functions, being the Information Commissioner functions as well as the FOI and Privacy functions. Both the FOI and Privacy Commissioner are vested with their respective functions and may perform each other’s functions. As such, the Office notes that all three information officers will be able to perform both the FOI and Privacy functions.

18. Furthermore, regardless of which information officer performs a function or exercises a power, it will be taken tohave been performed or exercised by the Information Commissioner.[5] Similarly, a performance of a function or the exercise of a power by one of the information officers does not prevent the other two statutory office holders making decisions on similar issues.[6]

19. The Office notes that this structure and vesting of functions has the potential for all three information officers to exercise their independence and interpret and apply specific aspects of either the Privacy or FOI law concurrently. Inherently, such an arrangement has the potential to result in the inconsistent application of the law.

20. The importance of predictability regarding the decision?making process contributes to the certainty of the application of the law and enhances consistency. This is particularly critical in relation to privacy law which is not already supported by a large body of case law or administrative decisions.

21. In an effort to make the process clearer and more consistent, the Office suggests that the Bill could be enhanced by nominating primary responsibility for specific functions to a specific information officer.

22. From a practical perspective, the Office believes that a similar intent is envisaged as the Companion Guide to the exposure drafts states that “The Privacy Commissioner would be largely responsible for the privacy functions...”[7]. However, this intent does not appear to be reflected in the proposed structure. Consequently, the Office suggests that the model could be enhanced by clarification of this issue.

23. Finally, it should be noted that if the privacy functions are ultimately vested with the Information Commissioner, such an arrangement will no longer retain the existing independent role of the Privacy Commissioner.

Clarification of Powers

24. Given that all references in the Privacy Act to the Privacy Commissioner will be removed and replaced with the Information Commissioner,[8] the Office suggests that the Bill would benefit from clarification regarding the ability of the Privacy Commissioner to continue to exercise certain powers. For example, subclause 15(3) of the Bill provides that the Privacy Commissioner has the power to carry out his or her functions. However, the Office suggests specific clarification regarding certain powers such as the Determination powers[9] or the Public Interest Determination powers[10]which are not explicitly linked to a listed privacy function could ensure that the intent of the Bill was put beyond doubt.

Subclauses 15(4) and 15(5)

25. Clause 15 outlines the functions and powers of the Privacy Commissioner. This clause effectively mirrors clause 14 in outlining the respective functions and powers of the Freedom of Information Commissioner.

26. However, the Office notes that subclause 15(4)(a) differs from subclause 14(4)(a) in that the words “or power” have been omitted. Similarly, both subclause 15(4)(b) and (5) have omitted the words “...or the exercise of the power...”.

27. The Office is unsure whether this is an intentional omission or an oversight, however, the Office believes that the omitted words should be included in both subsections to bring them into line with subclause 14(4) and (5).

Delegation

28. Division 3, Subdivision B of Part 2 addresses the issue of the Information Commissioner’s powers to delegate. The Office notes that the Information Commissioner has the power to delegate all or any of his or her functions to a member of staff with the exception of those listed in clause 16. Relevantly the excepted functions include those not currently delegable by the Privacy Commissioner in s.99 of the Privacy Act, being the power to make determinations under s.52 and the issuing of guidelines under s.17 of the Privacy Act.[11]

29. The Office understands that, while the Information Commissioner may not delegate these powers to members of staff, the Privacy Commissioner and the FOI Commissioner may exercise these powers provided they relate to a Privacy function. However, the Office suggests that this should be clarified in the Explanatory Memorandum.

30. Additionally, the Office notes that only the Information Commissioner has the power to delegate his or her functions. While all functions are vested with the Information Commissioner, the Office suggests it may be useful to retain a right for the other information officers to be able to delegate certain of their functions to senior officers for operational reasons. For example, currently the Privacy Commissioner is supported by a Deputy Privacy Commissioner and Assistant Privacy Commissioner which ensures the efficient operation of the Office. It may be difficult for the other information officers to effectively ensure the efficient performance of their functions unless they have at least some power to delegate to appropriate staff.

Legal Qualifications of FOI Commissioner

31. Division 3, Subdivision C of Part 2 outlines the terms and conditions of appointment for the information officers. The Office notes that subclause 17(3) requires that the FOI Commissioner may only be appointed if he or she has obtained qualifications after studies in the field of law. Similarly, a person may not act as the FOI Commissioner unless they hold the suitable qualifications pursuant to subclause 24(3).

32. While the Office accepts the merit in the FOI Commissioner being legally qualified particularly in relation to the proposed review functions, this raises a question of the suitability of the other information officers, who are not subject to the same qualification requirements, to carry out the FOI Commissioner’s functions.

33. The Office suggests that if legal qualifications are considered a necessary requirement to fulfil the functions of the role, then this may further support the suggestion put forth in paragraph 21to consider nominating primary responsibility for specific functions to a specific information officer.

Part 3 – Information Advisory Committee

34. Clause 30 establishes an Information Advisory Committee (IAC) to assist and advise the Information Commissioner. The Office supports the establishment of this Committee.

35. Part VII of the Privacy Act currently provides for a Privacy Advisory Committee (PAC) to assist the Privacy Commissioner. This independent advisory bodyprovides valuable input in advising and assisting the Privacy Commissioner perform his or her functions. Additionally, the PAC has also been beneficial in contributing to the Office’s policy development along with the general strategic direction of the Office.[12]

36. While the Office believes that the IAC will serve as a very useful resource to the Information Commissioner, the Office suggests that the composition of the IAC could be enhanced by broadening the membership qualifications. The Office acknowledges that the primary focus will be on information held by the Government and therefore representation by government senior executive will be crucial. However, the Office suggests that the Information Commissioner may also benefit from the knowledge and perspective of representatives from such areas as academia, the community, business and technology. This broader participation as incorporated in the PAC and several other statutory advisory bodies[13] could provide significant benefits to the Information Commissioner particularly in relation to effective environmental scanning and engaging with a broader spectrum of stakeholders.

37. Additionally, the Office suggests that provision be made for the FOI Commissioner and the Privacy Commissioner to attend as members of the Committee at the Information Commissioner’s discretion. This will ensure that the other information officers may formally participate in the Committee should the Information Commissioner consider it necessary or desirable.

Freedom of Information Amendment (Reform) Bill 2009

38. The Office welcomes the FOI Amendment (Reform) Bill 2009. Broadly, the Office supports the Government’s initiative to promote a pro?disclosure culture as the cornerstone of improved openness in government.

39. Interestingly, the Commonwealth Freedom of Information Act 1982 Annual Reportfor 2007?08 states that 85% of the 29,019 FOI requests received were for documents containing personal information about the applicant or other people. The remaining 15% were for documents containing other information, such as documents concerning policy development and government decision-making.[14]

40. While the figures do not provide a breakdown of specifically how many individuals requested access to their own personal information, such figures demonstrate that the vast majority of requests relate to personal information. Consequently, significant consideration needs to be given to how personal information is dealt with by the FOI processes and the Office believes it is important to provide a strong and comprehensive framework to assist agencies in navigating their obligations under both the Privacy Act and the FOI Act.

Right of Access and Correction

41. From the Office’s perspective, measures to improve an individual’s access to the personal information held about them by government are, in most instances, a positive initiative. Currently, while both the FOI Act and the Privacy Act provide a right of access to, and correction of, documents held by government agencies, the rights conferred by the Privacy Act are subject to other Commonwealth laws.[15] Most relevantly, the right of access under the Privacy Act is currently subject to the FOI Act.

42. The Office supports the Government proposal to amend the Privacy Act to provide for anenforceable right of access to, and correction of, an individual’s own personal information rather than maintaining this under the FOI Act.[16]

43. This will be a significant amendment and will align an individual’s rights regarding access to, and correction of, their personal information with the other rights included in the Privacy Act. Additionally, such an amendment will add clarity and certainty regarding an individual’s rights to access and correct their personal information.[17]

44. The Office holds the view that as this has been identified as a logical change to fundamentally improve the overall handling of personal information by government, consideration could be given to making such an amendment now as part of these FOI changes.

45. The Office already has the capability to enforce access and correction rights and has been doing so in relation to personal information held by private sector organisations since 2001.[18] As such, the extension of these rights to include government agencies will simply expand the current role already conducted by the Office.

46. Consequently, the Office submits that as the FOI Act is already undergoing significant reform, it could be appropriate for such a change to be included in this suite of amendments. This would ensure that all significant changes to the FOI Act occur at once and agencies can start the process of applying the amended Act in its entirety rather than having another significant reform in the near future.

Personal Privacy

47. The Office notes the newly proposed section 11A forms the basis of the pro?disclosure intention of the reforms. In essence, the Bill directs there is to be a general rule of mandatory access unless a document is considered exempt.[19]Certain documents can be considered conditionally exempt, however, access must be provided to those documents unless access “...would, on balance, be contrary to the public interest.”[20] Relevantly, personal privacy is a category that is conditionally exempt.

Access to an individual’s own personal information

48. New section 11B states the factors that are to be considered in determining whether access to a conditionally exempt document would be contrary to the public interest. Relevantly, new section 11B(3)(d) includes that a factor favouring access would be to allow a person to access his or her own personal information.

49. While the Office supports this factor, the Office submits that the Government’s decision to provide an enforceable right of access to an individual’s own personal information within the Privacy Act would provide greater certainty regarding this right rather than leaving it subject to a public interest test. In many instances, such a right would minimise the need to rely on this factor at all.

50. Consequently, once the enforceable right of access and correction is introduced to the Privacy Act, the Office believes that the FOI process will mainly relate to applications that contain another individual’s personal information or incidental personal information upon accessing other types of information.

Public interest conditional exemptions – personal privacy

51. The FOI Annual Report statistics indicate that the protection of personal information and personal privacy under FOI is a significant issue. This becomes even more relevant if the right to access an individual’s own information is provided for by the Privacy Act and, in many instances, access under the FOI Act mainly relates to other people’s personal information.

52. Under the existing FOI Act, documents affecting personal privacy are exempt documents if their disclosure would involve the “unreasonable disclosure of personal information about any person (including a deceased person).”[21] The change put forward by the Bill is that such documents are now “conditionally exempt” and the presumption is that access will be provided unless it would be contrary to the public interest.[22]

53. The Office is concerned that a presumption in favour of disclosure of documents containing personal information may have the potential to lessen the protections afforded to personal information by the Privacy Act.

54. The Office notes that new subsection 47F(2) provides a list of factors that an agency or a Minister must have regard to in determining whether a disclosure would in fact result in an “unreasonable disclosure”. The Office supports the inclusion of mandatory factors to be considered and believes that these provide the basis for a useful framework which could significantly enhance the decision making process.[23]

55. However, the Office understands that if the disclosure of a document is determined to involve the unreasonable disclosure of personal information, it will still be released unless it would, on balance, be contrary to the public interest.[24]New section 11B(3) outlines the factors favouring access to the document in the public interest.

56. The Office suggests the Bill may be enhanced by including an additional factor in section 11B(3) which requires the decision maker to have regard to whether the disclosure of the document may adversely impact on an individual’s privacy. That is, a factor favouring access to the document in the public interest would be that it would not adversely impact on an individual’s privacy. The consideration of such a factor could serve to ensure that the protection of an individual’s personal information is maintained and foremost in a decision makers mind.

57. The Office notes that new subsection 11B(5) provides for the consideration of any guidelines issued by the Information Commissioner in weighing up the public interest of the disclosure. These guidelines could provide useful direction on the considerations that need to be taken into account in determining whether the release of a document may adversely impact on an individual’s privacy.

Publication of information in accessed documents

58. New section 11C provides for the publication of accessed documents. The Office notes that subsection 11C(1) makes exceptions for documents that contain personal information relating to an individual or a member of their family as well as other types of information about the individual. The Office supports these exceptions.

59. However, the exceptions do not address the circumstances where personal information about another individual (other than a family member) is accessed. The requirement to publish will cover those documents that have been determined to involve an unreasonable disclosure of personal information, however, have been released because their access is not contrary to the public interest.

60. The Office believes that the requirement to publish accessed documents further supports the need to consider whether the release of a document may adversely impact on an individual’s privacy. The Office contends that to release a document which involves the unreasonable disclosure of personal information in response to an individual FOI request may potentially be significantly different to publishing the document on an agency’s website.

FOI Complaint Handling Framework

61. The Office also provides the following comments on the newly proposed FOI complaint handling framework included in the Bill. Drawing from our experience with handling complaints under the Privacy Act, the Office has sought to provide feedback on how the new provisions may operate in practice and possible areas for enhancement.

62.In providing these comments, the Office has considered the current provisions in the Ombudsman Act 1976, but acknowledges that some of the issues identified may be because of the current Ombudsman process.

Differences between the FOI Bill and the Privacy Act

Information Commissioner’s discretion to decline a review by the Information Commissioner (IC review) or investigation by the Information Commissioner (IC investigation)

63. The Office notes that new sections 54W and 73 of the FOI Bill give the Information Commissioner the discretion not to undertake, or to cease an IC review or an IC investigation.

64. In particular, new section 73 is similar to s.41 of the Privacy Act. In its review of the privacy, the Australian Law Reform Commission recommended extending the powers of decline in the Privacy Act. The Office suggests that it may be useful to extend the powers of decline in the FOI Bill in the same way. This would give the Information Commissioner the discretion to decline a complaint where:

  1. The complainant has withdrawn the complaint
  2. The complainant has not responded to the Commissioner for a specified period following a request by the Commissioner for a response in relation to the complaint
  3. An investigation, or further investigation, of the act or practice is not warranted having regard to all the circumstances.[25]

65. The Office also suggests adding to section 73 a discretion to decline a complaint where the matter has been adequately dealt with by the Commonwealth Ombudsman or other relevant agency. It would appear that section 73 would not allow the Information Commissioner to decline a complaint for this reason.

Agreements in writing and provided to the Office of the Information Commissioner

66. Under new section 55F of the FOI Bill, if parties to an IC review reach an agreement, the Commissioner may give effect to the agreement without completing the review if:

  1. the Information Commissioner is satisfied that the agreement is consistent with the powers of the Commissioner
  2. the terms of the agreement are reduced to writing
  3. the agreement is signed by the review parties and
  4. the agreement is given to the Information Commissioner.

67. This approach differs from the Office of the Privacy Commissioner’s complaint handling process. Under the Privacy Act, where parties to a privacy complaint reach an agreement, the Privacy Commissioner may close the complaint under s.41(2)(a) on the basis that the matter as being adequately dealt with. There is no requirement for the parties to document and sign the agreement and provide it to the Commissioner.

68. The Office suggests that the requirement under new section 55F of the FOI Bill may unduly delay the completion of IC reviews where the parties have reached agreement.

Options for enhancing the FOI complaint handling system

IC review and IC investigation; new Parts VII and VIIB

69. The Office notes that the FOI Bill provides for two separate complaint streams:

  1. IC Review (new Part VII) which allows an individual to seek review by the Information Commissioner of an agency’s internal review of a decision to grant or refuse access to information. New Part VII also allows the Information Commissioner to review the decisions of Ministers to grant or refuse access to information.
  2. IC Investigation (new Part VIIB) which allows the Information Commissioner to investigate an action taken by an agency in the performance of functions or the exercise of powers under the FOI Act following a complaint from a person or on the Information Commissioner’s initiative. This complaint stream appears to reflect the existing role of the Commonwealth Ombudsman in resolving complaints with agency processes.

70. The Office is uncertain as to whether these two complaint streams are intended to operate consecutively or concurrently. For example, can an individual make an application under new section 54N (for an IC review) and new section 70 (for an IC investigation) at the same time? The Office submits that this could be clarified.

Hearings

71. The FOI Bill provides the Information Commissioner with the power to hold hearings. In particular, under new section 55B of the FOI Bill, a party can request a hearing at any time during an IC review. If the Information Commissioner receives a request for a hearing, the Commissioner must notify all parties to the IC review and give them a reasonable opportunity to make submissions about whether a hearing should occur. The Information Commissioner must then decide whether or not to hold the hearing. The Office believes thedecision to hold a hearing appears to be discretionarybut would suggest this is clarified.

72. The Office would also note that there does not appear to be a limit to the number of requests for a hearing allowable from any one review party. The Office suggestsit may be useful to provide guidance on the number of requests allowable or stipulate a limit to ensure that the process continues to progress efficiently.

73. The Office believes that clarification of the above points is also particularly important from a financial and resources perspective as without adequate provision of these, the power to hold hearings could be significantly limited.

Referral to the Federal Court

74. Under new section55G(1) of the Bill, the Information Commissioner may, at any time during an IC review, refer a question of law arising from the review to the Federal Court. Once the question of law has been referred to the Federal Court, the Information Commissioner may not proceed with the matter until the Federal Court has made a decision.

75. The power to refer questions of law to the Federal Court in the FOI Bill is similar to the existing powers of the Administrative Appeals Tribunal.

76. The Office suggests that this power is unlikely to be used by the Information Commissioner, given the remaining reviews available through the Administrative Appeals Tribunal[26] and the Federal Court[27], following a decision by the Information Commissioner. Moreover, these provisions suggest that the Commission is intended to operate more along the lines of a tribunal, which may have fiscal impacts for the OIC. The Office also notes that such provisions may hinder the swift resolution of IC reviews. The Office therefore suggests section 55G not proceed.

OIC power to enter to premises

77. New section 77(2) of the FOI Bill provides the Information Commissioner with the power to enter premises occupied by agencies or contracted service providers if the agency of contracted service provider has consented to the entry. Further, new section 77(6) of the Bill requires the OIC staff entering the premises to be of an Executive Level (EL) 2 position.

78. These clauses differ from their counterparts in the Privacy Act and the Ombudsman Act. Section 68 of the Privacy Act gives the Office of the Privacy Commissioner the power to enter premises occupied by an agency without the agency’s consent.[28] Likewise, s.14 of the Ombudsman Act similarly provides for entry without consent. Moreover, neither the Privacy Act nor the Ombudsman Act limits the Australian Public Service (APS) classification level of authorised staff who may enter premises.[29]Generally, the Office’s practice is to send an EL 1 staff member supported by APS 6 staff, when entering premises under s.68 of the Privacy Act.

79. The Office has two key concerns about new section 77 in the FOI Bill, namely:

  1. that an agency refusing consent for OIC staff to enter their premises may inhibit the OIC’s ability to conduct investigations
  2. that requiring EL 2 staff to attend all premises that the OIC enters under new section 77(6) may cause resourcing difficulties for the OIC.

80. In light of these concerns, the Office suggests the Bill be amended to remove the requirement for agency consent under new section 77(2). The Office further suggests that the Bill be amended to leave open the classification of staff entering premises under new section 77(6).

Penalty provisions

81. The FOI Bill provides a penalty of six months imprisonment for contravention of a number of its provisions; in particular those relating to: production of information and documents, obliging persons to appear and administration of oath or affirmation.[30]

82. The Office believes that a civil method of enforcement (such as through a Federal Court order) may be more practical than criminal sanctions for failure to comply with requests for evidence. For example, in the Office’s experience with the Privacy Act, criminal sanctions may not necessarily result in the requested information being forthcoming.



[1]Information Commissioner Bill 2009, clause 9(a).

[2]S.4(1).

[3]See s.6(1).

[4]See Office of the Privacy Commissioner, Submission to the Australian Law Reform Commission’s Review of Privacy – Issues Paper 31, February 2007, p80. Available at: www.privacy.gov.au/publications/alrc280207.html

[5]Subclauses 14(6) and 15(6).

[6]See subclauses 14(7) and 15(7). Although the Office notes that subclauses 14(6) and 15(6) reflect s.34AB(c) of the Acts Interpretation Act 1901 and is intended to preclude a recipient of a decision made by the FOI or Privacy Commissioner appealing to the Information Commissioner and requesting the Information Commissioner to make a further decision as well – see Attorney?General’s Department, Legal Practice Briefing, Number 24, 24 April 1996.

[7]Freedom of Information (FOI) Reform Companion Guide – March 2009, p7.

[8]As per Schedule 5 of the FOI Amendment (Reform) Bill 2009.

[9]Part V, Division 2 of the Privacy Act 1988.

[10]Part VI of the Privacy Act 1988.

[11]See subclauses16(i) and (j).

[12]See Office of the Privacy Commissioner, Submission to the Australian Law Reform Commission’s Review of Privacy – Issues Paper 31, February 2007, p194.

[13]For example, see the National Archives of Australia Advisory Council.

[14]FOI Annual Report 2007–2008 available at:www.pmc.gov.au/foi/annual_reports.cfm

[15]See Information Privacy Principles 6 and 7, s.14 of the Privacy Act 1988.

[16]Freedom of Information (FOI) Reform Companion Guide – March 2009, p14.

[17]See Office of the Privacy Commissioner, Submission to the Australian Law Reform Commission’s Review of Privacy – Discussion Paper 72, December 2007, p274. Available at: www.privacy.gov.au/publications/alrc211207.html

[18]See National Privacy Principle 6, Schedule 3 of the Privacy Act 1988.

[19]See new sections 11A(3) and 11A(4) of the FOI Amendment (Reform) Bill 2009.

[20]See new section11A(5) of the FOI Amendment (Reform) Bill 2009.

[21]S.41(1) FOI Act 1982.

[22]See new section 47F of the FOI Amendment (Reform) Bill 2009.

[23]Similarly, the Office notes the retention of the consultation provision in new section 27A of the FOI Amendment (Reform) Bill 2009.

[24]See new section 11A(5).

[25]Australian Law Reform Commission, For your information: Australian Privacy Law and Practice, report 108, 2008, recommendation 49-1, www.austlii.edu.au/au/other/alrc/publications/reports/108/_3.html#Heading422.

[26]See Freedom of Information Amendment (Reform) Bill 2009, new Part VIIA.

[27]See Freedom of Information Amendment (Reform) Bill 2009, new sections 56 and 56A.

[28]However, the Office of the Privacy Commissioner does need consent to enter premises other than premises of the agencies.

[29]See Privacy Act 1988, s.68 and Ombudsman Act 1976, s.14.

[30]See Freedom of Information Amendment (Reform) Bill 2009, new sections55Q(5), 55V(3), 55W(3), 79(5), 82(3) and 83(3).