Commonwealth of Australia Explanatory Memoranda Commonwealth of Australia Explanatory Memoranda[Index] [Search] [Download] [Bill] [Help]
2019 - 2020 - 2021 - 2022
THE PARLIAMENT OF THE COMMONWEALTH OF AUSTRALIA
SENATE
DATA AVAILABILITY AND TRANSPARENCY (CONSEQUENTIAL
AMENDMENTS) BILL 2020
SUPPLEMENTARY EXPLANATORY MEMORANDUM
Amendments to be moved on behalf of the Government
(Circulated by authority of the Minister for Employment, Workforce, Skills, Small and
Family Business, the Hon Stuart Robert MP)
AMENDMENTS TO THE DATA AVAILABILITY AND TRANSPARENCY
(CONSEQUENTIAL AMENDMENTS) BILL 2020
OUTLINE
1. The Data Availability and Transparency (Consequential Amendments) Bill 2020 (the Bill) is
part of a legislative package with the Data Availability and Transparency Bill 2020 (the
Principal Bill) to establish a new scheme for sharing Australian Government data (the
Scheme) safely.
2. The Government amendments in part respond to issues raised by the Senate Scrutiny of
Bills Committee, the Parliamentary Joint Committee on Human Rights, and the Senate
Finance and Public Administration Legislation Committee, and to concerns mentioned in
the dissenting report tabled by Australian Labor Party Senators on the Senate Finance and
Public Administration Legislation Committee.
3. Government amendments to the Principal Bill will prevent foreign entities becoming
accredited under the Scheme. Items 1 and 4 of the Bill are therefore no longer required and
are omitted.
4. The Government amendments will also:
• clarify the interaction of the Principal Bill with the Freedom of Information Act 1982
(FOI Act); and
• further enable the Australian Information Commissioner to share information with the
National Data Commissioner in certain circumstances; and
• prevent entities applying for accreditation under the Scheme for 2 months (in some
cases) or 4 months (in other cases) after the day that the Bill receives the Royal
Assent; and
• provide for transitional arrangements to enable rules to be made by the Minister to
provide that certain entities are taken to be accredited data service providers (ADSPs)
under the Scheme for a transition period prescribed in rules made by the Minister.
FINANCIAL IMPACT STATEMENT
5. The Government amendments to the Bill will have negligible impact on the overall costings
for the package of reforms.
6. The exclusion of the private sector from the Scheme by the Principal Bill has a minor impact
on overall costings, and any savings will be reprioritised to further the Commissioner's
education function. The sunset clause in the Principal Bill, if utilised, creates potential
savings for Government, and funding arrangements are proposed to be reviewed as part of
the three year scheme review.
1
NOTES ON CLAUSES
Amendment Item 1
1. Amendment Item 1 omits the heading 'Administrative Decisions (Judicial Review) Act
1977' before Item 1 of Schedule 1 of the Bill because Amendment Item 2 omits Item 1 of
Schedule 1 of the Bill and the heading is therefore no longer necessary.
Amendment Item 2
2. Amendment Item 2 omits Item 1 of Schedule 1 of the Bill. Government amendments to
the Principal Bill mean that foreign entities will no longer be able to apply for accreditation
under the Scheme in any circumstances. The amendment to be made to the Administrative
Decisions (Judicial Review) Act 1977 by Item 1 of Schedule 1 deals with decisions about
the accreditation of foreign entities. This amendment to the Administrative Decisions
(Judicial Review) Act 1977 would have no operation and Item 1 of Schedule 1 is therefore
omitted.
Amendment Item 3
3. Amendment Item 3 omits Item 4 of Schedule 1 of the Bill. Government amendments to
the Principal Bill mean that foreign entities will no longer be able to apply for accreditation
under the Scheme in any circumstances. The amendment to be made to the Australian
Security Intelligence Organisation Act 1979 by Item 4 of Schedule 1 relates to security
assessments in respect of a foreign entity in connection to the exercise of a power under Part
5.2 of the Principal Bill (which relates to accreditation). As no accreditation decisions under
the Scheme will be made in respect of foreign entities, this amendment to the Australian
Security Intelligence Organisation Act 1979 would have no operation and Item 4 of
Schedule 1 is therefore omitted.
Amendment Item 4
4. Amendment Item 4 omits the proposed amendment to the FOI Act to insert a new
subsection 7(2F) in that Act and substitutes a new subsection 7(2F). Government
amendments to the Principal Bill, particularly amendments to the definitions of 'ADSP-
enhanced data' and 'output', make the application of the subsection 7(2F) previously
proposed for insertion less clear in certain circumstances. The new subsection 7(2F) refers to
the term 'scheme data' used in the Principal Bill, which is also amended by Government
amendments to the Principal Bill.
5. As amended by Government amendments, the term 'scheme data' in the Principal Bill
means:
• any copy of data specifically created by a Commonwealth body for the purpose of
enabling the data to be shared under the Scheme (whether or not the data has yet been
shared); and
• the copy of shared data collected by an accredited user under the Scheme, and any
data that is the result or product of the accredited user's use of the shared data (other
than a copy that has 'exited' the Scheme - see below); and
• the copy of shared data collected by an ADSP, as an intermediary in a data sharing
project under the Scheme, and any data that is the result or product of the ADSP's use
of the shared data.
6. As amended by Government amendments, 'output', which is the copy of shared data
collected by an accredited user under the Scheme, and any data that is the result or product
2
of the accredited user's use of the shared data, may 'exit' the Scheme in certain
circumstances. Where data exits the Scheme, it is no longer covered by Scheme rules
relating to the use (including the disclosure) of the data. Once data exits the Scheme, it is no
longer 'scheme data'.
7. Commonwealth bodies that share data as data custodians may hold scheme data in a number
of circumstances. If the data custodian develops a particular dataset for the purpose of
sharing under the Scheme, that dataset will be scheme data even before it is shared (and
even if it is not ultimately shared). Where a dataset is shared by a data custodian, a copy of
that dataset retained by the data custodian will be scheme data. If a data sharing agreement
provides for an ADSP or the accredited user to submit ADSP-enhanced data or output to the
data custodian to confirm that the ADSP-enhanced data or output is as agreed, and ADSP-
enhanced data or output is then submitted to the data custodian, the copy of the submitted
ADSP-enhanced data or output collected by the data custodian is scheme data.
8. Amendment Item 4 has the effect that, where an agency (as defined in the FOI Act) holds a
document that includes scheme data (as defined in the Principal Bill, as amended by
Government amendments), the agency has no obligations under the FOI Act in relation to
that document, to the extent that the document contains scheme data.
9. This exemption is necessary to ensure that the FOI Act does not undermine the protections
on the sharing and use of data included in the Principal Bill. Under the Principal Bill, as
amended by Government amendments, data custodians may only share data in limited
circumstances, and ADSPs and accredited users are subject to detailed restrictions on the use
of shared data and the products of the use of that data. If the FOI Act imposes obligations on
agencies holding documents including scheme data (to the extent that they include scheme
data), then scheme data prepared by a data custodian for the purpose of sharing under the
Scheme could be required to be disclosed under the FOI Act in circumstances where the data
could not be shared under the Scheme, and without the protections provided by the Scheme.
Further, ADSPs and accredited users could be required to disclose scheme data under the
FOI Act in circumstances where the data could not be disclosed under the Scheme.
10. For example, if an accredited user holds output under the Scheme and the accredited user is
an agency (as defined in the FOI Act), the accredited user has no obligations under the FOI
Act in respect of a document containing the output (to the extent that the document contains
the output) if it receives a request for access to the document under the FOI Act.
11. The exemption does not apply to any output that has 'exited' the Scheme and is therefore no
longer covered by the restrictions imposed by the Scheme on how output may be collected
and used. The exemption also does not cover documents held by a data custodian containing
datasets that are intended to be shared, or have been shared, under the Scheme where the
dataset was not specifically developed for the purpose of sharing it under the Scheme.
Amendment Item 5
12. Amendment Item 5 inserts a new section 36B into the Privacy Act 1988 (Privacy Act) to
allow the Information Commissioner to share information and documents with the National
Data Commissioner about a complaint received by the Information Commissioner. The
information or documents (or both) may only be shared for the purpose of the National Data
Commissioner exercising powers, or performing functions or duties under the Data
Availability and Transparency Act 2022. New subsection 36B of the Privacy Act clarifies
that the Information Commissioner may share information or documents (or both) regarding
a complaint whether or not the Information Commissioner is transferring (or will transfer)
3
the complaint, or a part of the complaint, to the National Data Commissioner under section
50 of the Privacy Act.
13. While the National Data Commissioner has overall regulatory responsibility for the Scheme,
the Information Commissioner has primary responsibility for considering and responding to
any interference with the privacy of individuals that arise in connection with the Scheme.
An individual who is concerned that an act or practice relating to the Scheme may be an
interference with their privacy may complain to the Information Commissioner under
section 36 of the Privacy Act. While in many cases it will be appropriate for the Information
Commissioner to deal with such complaints (rather than transferring such complaints to the
National Data Commissioner), it is important that the Information Commissioner is
empowered to provide information and documents relating to such complaints to the
National Data Commissioner. While the Information Commissioner's powers and functions
enable them to respond to a particular interference with privacy, the National Data
Commissioner's powers and functions enable them to better respond to systemic issues with
the Scheme, and to investigate conduct by a particular participant that may justify regulatory
action under the Scheme.
Amendment Item 6
14. Amendment Item 6 inserts a new Schedule 2 into the Bill. The effect of the new Schedule
is to prevent applications for accreditation under the Data Availability and Transparency Act
2022 being made immediately after the commencement of that Act.
15. The Data Availability and Transparency Act 2022 commences the day after Royal Assent.
However, it would not be appropriate for data sharing under the Scheme to commence
immediately. It is preferable for there to be a delay before data is shared to enable various
legislative instruments under the Scheme to be made and registered, to enable the National
Data Commissioner to issue guidance materials, for data custodians to train their employees
about the Scheme and for implementation of a whole-of-Australian-Government digital
service to be progressed to support the handling of data requests and the entry into data
sharing agreements under the Scheme.
16. Item 1 of Schedule 2 provides a general rule that applications for accreditation as an ADSP
or as a user may not be made for a period of 4 months commencing on the day that the Data
Availability and Transparency (Consequential Amendments) Act 2022 receives Royal
Assent. Data may only be shared under the Scheme with accredited entities.
17. Item 2 of Schedule 2 provides that, notwithstanding the general rule in Item 1 of Schedule
2, Commonwealth, state and territory governments, and departments and agencies of those
governments (other than Australian universities), may apply for accreditation as users after
the end of a 2 month period commencing on the day that the Data Availability and
Transparency (Consequential Amendments) Act 2022 receives Royal Assent. This enables
the prioritisation of data sharing between Australian Government departments and agencies,
and with states and territories, to facilitate the delivery of improved government services to
Australians, and to inform government policies and programs.
18. Amendment Item 6 also inserts a new Schedule 3 into the Bill. Schedule 3 provides for
transitional arrangements for ADSPs.
19. The Scheme relies on the availability of ADSPs to perform certain data services, such as the
complex data integration service, and the Scheme would not be able to operate effectively if
no entities were accredited as ADSPs when the Scheme commences.
20. Because of the complexity involved in preparing applications for ADSP accreditation and
the need for the National Data Commissioner to thoroughly assess such applications, it
4
could take a significant period of time for the Commissioner to make their final decisions on
ADSP accreditation, especially if there are a large number of applications or complex
information provided in the applications.
21. Under current Commonwealth administrative arrangements, a small number of bodies have
been accredited as 'Accredited Integrating Authorities' (AIAs), following a rigorous
assessment process. These bodies currently may perform data services that are broadly
similar to the data services that will be performed by ADSPs under the Scheme. The
transitional arrangements will permit the Minister to make rules to enable some AIAs to be
taken to be ADSPs under the Scheme for a transitional period.
22. Item 1 of Schedule 3, read with Item 4, enables the Minister to make rules prescribing an
entity as a 'transitional entity'. The rules are a disallowable legislative instrument (Item 4).
23. Only 'Australian entities' as defined in the Principal Bill may be prescribed (Item 1(2) of
Schedule 3 provides that an expression used in the Schedule that is also used in Data
Availability and Transparency Act 2022 has the same meaning as in that Act). The Principal
Bill defines 'Australian entity' to mean a Commonwealth body, a State body or a Territory
body (in each case as defined in the Principal Bill), a body politic or an Australian university
(defined in the Principal Bill). Thus, the rules made under Item 1 of Schedule 3, read with
Item 4, could prescribe any of these persons as a transitional entity. However, an
unincorporated joint venture or consortium does not fall within the definition of 'Australian
entity' in the Principal Bill and could not be prescribed.
24. Where the Minister makes rules prescribing an entity as a transitional entity the Minister
must specify a 'transition period' for that transitional entity. Item 2(3) of Schedule 3
provides that this transition period may not be longer than the end of the period that is 40
months beginning on the day that the Bill receives Royal Assent. Item 2(1) provides that a
transitional entity is taken to be an ADSP for the purposes of the Scheme during the
transition period applicable to that a transitional entity.
25. Where the Minister makes rules prescribing an entity as a transitional entity, the Minister
may also prescribe conditions of accreditation for that transitional entity, if the Minister
considers it desirable to do so (Item 2(2)). A condition could limit the types of data services
the transitional entity could provide as an ADSP. The National Data Commissioner may
vary or remove a condition of accreditation imposed by the rules, or impose further
conditions.
26. During the applicable transition period, a transitional entity has the same obligations under
the Scheme as an entity accredited by the National Data Commissioner as an ADSP. The
Commissioner has regulatory oversight over transitional entities and, if required, the
Commissioner may suspend or cancel the ADSP accreditation of a transitional entity. If the
Commissioner cancels the ADSP accreditation of a transitional entity, the transition period
for that transitional entity ends (Item 2(3) of Schedule 3).
27. Clause 9 of the Principal Bill defines 'data sharing scheme' to mean 'this Act [that is, the
Data Availability and Transparency Act 2022] and the regulations, rules, data codes and
guidelines made under it'. Schedule 3 affects the operation of the Scheme during the
transition period for transitional entities and transitional entities. Therefore, Item 3 of
Schedule 3 provides that the term 'data sharing scheme' in the Data Availability and
Transparency Act 2022 is taken to include Schedule 3.
28. Item 4 of Schedule 3 provides that the Minister may make rules prescribing matters
required or permitted by Schedule 3, or necessary or convenient for carrying out or giving
effect to Schedule 3. Such rules are disallowable legislative instruments.
5
29. The rules cannot prescribe a transition period for a transitional entity that is longer than 40
months after the day the Data Availability and Transparency (Consequential Amendments)
Act 2022 receives Royal Assent (Item 2(3) of Schedule 3).
30. Rules rather than regulations are appropriate for prescribing matters for the purpose of
Schedule 3. While the rules extend to prescribing matters necessary or convenient for
carrying out or giving effect to Schedule 3, this power is in practice quite limited because
Schedule 3 only applies to transitional arrangements for a specified time period for ADSPs.
The 'necessary or convenient' power to prescribe matters may be required to clarify
particular aspects of the transitional arrangements, but such rules cannot be inconsistent with
Schedule 3 or the Data Availability and Transparency Act 2022.
31. The National Data Commissioner may independently exercise their regulatory powers under
the Data Availability and Transparency Act 2022 to suspend or cancel the accreditation of a
transitional entity, or vary or impose conditions of accreditation, if the Commissioner
considers it appropriate.
32. Only a small number of entities are likely to be prescribed for the purposes of Schedule 3
(as at 31 January 2022 there are only 7 AIAs). It is expected that transitional entities will
apply for accreditation as ADSPs under the Data Availability and Transparency Act 2022
during their transition period. The National Data Commissioner will assess any such
applications in accordance with the Data Availability and Transparency Act 2022.
33. Item 4(2) of Schedule 3 confirms that rules made under Schedule 3 may not create an
offence or a civil penalty; provide for powers or arrest or entry, search or seizure; set an
amount to be appropriated from the Consolidated Revenue Fund or directly amend the text
of the Data Availability and Transparency (Consequential Amendments) Act 2022.
6
STATEMENT OF COMPATIBILITY WITH HUMAN RIGHTS
Prepared in accordance with Part 3 of the Human Rights (Parliamentary Scrutiny) Act 2011
1. The Government amendments to the Bill are compatible with the human rights and freedoms
recognised or declared in the international instruments listed in section 3 of the Human Rights
(Parliamentary Scrutiny) Act 2011.
Overview of the Government amendments
2. The Data Availability and Transparency (Consequential Amendments) Bill 2020 (the Bill) is part
of a legislative package with the Data Availability and Transparency Bill 2020 (the Principal
Bill) to establish a new scheme for sharing Australian Government data safely (the Scheme).
3. The Government amendments in part respond to issues raised by the Senate Scrutiny of Bills
Committee, the Parliamentary Joint Committee on Human Rights, and the Senate Finance and
Public Administration Legislation Committee, and to concerns mentioned in the dissenting report
tabled by Australian Labor Party Senators on the Senate Finance and Public Administration
Legislation Committee.
4. Government amendments to the Principal Bill will prevent foreign entities becoming accredited
under the Scheme. Items 1 and 4 of the Bill are therefore no longer required and are omitted.
5. The Government amendments will also:
• clarify the interaction of the Principal Bill with the Freedom of Information Act 1982 (FOI
Act); and
• further enable the Australian Information Commissioner to share information with the
National Data Commissioner in certain circumstances; and
• prevent entities applying for accreditation under the Scheme for 2 months (in some cases) or
4 months (in other cases) after the day that the Bill receives the Royal Assent; and
• provide for transitional arrangements to enable rules to be made by the Minister to provide
that certain entities are taken to be accredited data service providers (ADSPs) under the
Scheme for a transition period prescribed in rules made by the Minister.
Human Rights Implications
6. The Government amendments engages the following rights:
• the right to freedom of expression;
• the right to protection from unlawful or arbitrary interference with privacy.
Right to freedom of expression
7. Article 19(2) of the of the International Covenant on Civil and Political Rights (ICCPR)
establishes the right to freedom of expression, including freedom to seek, receive and impart
information and ideas in any form. Both the Principal Bill and the FOI Act establish schemes that
promote this right. The former facilitates controlled access to Australian Government data by
overriding secrecy and non-disclosure provisions in other laws, where certain requirements are
7
met. The latter creates a scheme of open access to government documents, subject to certain
exemptions.
8. Amendment Item 4 omits and substitutes the proposed amendment to the FOI Act to insert a
new subsection 7(2F) in that Act. The new subsection 7(2F) refers to the term 'scheme data' in
the Principal Bill, which is also amended by Government amendments to the Principal Bill.
9. As amended by Government amendments, the term 'scheme data' in the Principal Bill means:
• any copy of data specifically created by a Commonwealth body for the purpose of
enabling the data being shared under the Scheme (whether or not it has yet been shared);
and
• the copy of shared data collected by an accredited user under the Scheme, and any data
that is the result or product of the accredited user's use of the shared data (other than a
copy that has 'exited' the Scheme - see below); and
• the copy of shared data collected by an ADSP, as an intermediary in a data sharing
project under the Scheme, and any data that is the result or product of the ADSP's use of
the shared data.
10. As amended by Government amendments, 'output', which is the copy of shared data collected by
an accredited user under the Scheme, and any data that is the result or product of the accredited
user's use of the shared data, may 'exit' the Scheme in certain circumstances. Where data exits
the Scheme, it is no longer covered by Scheme rules relating to the use (including the disclosure)
if the data. Once data exits the Scheme, it is no longer 'scheme data'.
11. Amendment Item 4 has the effect that, where an agency (as defined in the FOI Act) holds a
document that includes 'scheme data' (as defined in the Principal Bill, as amended by
Government amendments), the agency has no obligations under the FOI Act in relation to that
document, to the extent that the document contains scheme data.
12. This exemption is necessary to ensure that the FOI Act does not undermine the protections on the
sharing and use of data included in the Principal Bill. Under the Principal Bill, as amended by
Government amendments, data custodians may only share data in limited circumstances, and
ADSPs and accredited users are subject to detailed restrictions on the use of shared data and the
products of the use of that data. If the FOI Act imposed obligations on agencies holding
documents including scheme data (to the extent that those documents include scheme data), then
scheme data prepared by a data custodian for the purpose of sharing under the Scheme could be
required to be disclosed under the FOI Act in circumstances where the data could not be shared
under the Scheme, and without the protections provided by the Scheme. Further, ADSPs and
accredited users could be required to disclose scheme data under the FOI Act in circumstances
where the data could not be disclosed under the Scheme.
13. Amendment Item 4 places limits on the right to freedom of expression as it exempts Australian
government agencies from the operation of the FOI Act with respect to documents containing
includes 'scheme data' (as defined in the Principal Bill, as amended by Government
amendments).
14. Allowing open access to scheme data under the FOI Act could undermine the Scheme's
protections and uptake, reducing the public benefits to be realised from controlled access to
Australian Government data. In particular, data shared under the Scheme for a permitted purpose
such as policy or research could be accessed could be accessed under the FOI Act for any
purpose (including precluded purposes under the Principal Bill) in the absence of Amendment
Item 4.
8
15. The limitation on Article 19(2) of the ICCPR is reasonable and proportionate, as it preserves the
safeguards under the Principal Bill without compromising the operation of the FOI Act in
relation to documents, other than documents to the extent they contain scheme data. The
exemption does not apply to any output that has 'exited' the Scheme. Datasets held by a data
custodian that are not specifically developed for the purpose of sharing under the Scheme are not
covered by the exemption introduced by Amendment Item 4.
16. For these reasons, the amendment to the FOI Act by Amendment Item 4 is a reasonable,
necessary and proportionate limitation on the right to freedom of expression.
Right to protection from unlawful or arbitrary interference with privacy
17. Article 17 of the ICCPR enshrines the right to protection from unlawful or arbitrary interference
with privacy. This right can be permissibly limited in order to achieve a legitimate objective,
where the interference to privacy is for a reason consistent with the ICCPR, proportional to the
ends sought, and necessary in the circumstances of any given case.
18. Amendment Item 5 inserts a new section 36B into the Privacy Act 1988 (Privacy Act) to allow
the Information Commissioner to share information and documents about a complaint received
by the Information Commissioner with the National Data Commissioner, including personal
information.
19. The information or documents (or both) may only be shared by the Information Commissioner
for the purpose of the National Data Commissioner exercising powers, or performing functions
or duties under the Data Availability and Transparency Act 2022.
20. While the National Data Commissioner has overall regulatory responsibility for the Scheme, the
Information Commissioner has primary responsibility for considering and responding to any
interference with the privacy of individuals that arise in connection with the Scheme. An
individual who is concerned that an act or practice relating to the Scheme may be an interference
with their privacy may complain to the Information Commissioner under section 36 of the
Privacy Act. While in many cases it will be appropriate for the Information Commissioner to deal
with such complaints (rather than transferring such complaints to the National Data
Commissioner), it is important that the Information Commissioner is empowered to provide
information and documents relating to such complaints to the National Data Commissioner.
While the Information Commissioner's powers and functions enable them to respond to a
particular interference with privacy, the National Data Commissioner's powers and functions
enable them to better respond to systemic issues with the Scheme, and to investigate conduct by a
particular participant that may justify regulatory action under the Scheme.
21. Amendment Item 5 limits right to privacy because it enables personal information included in a
complaint made to the Information Commissioner to be shared with the National Data
Commissioner. However, the power to share personal information is appropriately constrained.
The Information Commissioner's power to share only relates to information and documents:
• about a complaint that relating to the Scheme; and
• that were acquired by the Information Commissioner in the course of exercising powers,
or performing functions and duties, under the Privacy Act.
22. Additionally, information and documents may only be shared by the Information Commissioner
for the purpose of the National Data Commissioner exercising powers of performing functions
under the Data Availability and Transparency Act 2022. Where personal information is shared
by the Information Commissioner, the National Data Commissioner must handle that information
in accordance with the Privacy Act.
9
23. Sharing information and documents relating to a complaint about the Scheme with the National
Data Commissioner will enable the National Data Commissioner to investigate matters
associated with the complaint that may involve breaches of the Scheme and take appropriate
action in relation to any such breaches. This may assist to manage the risk of future breaches of
the Scheme that may result in interferences with privacy.
24. Thus limitation on the right to privacy resulting from Amendment Item 5 is limited and
proportional, and consistent with the ICCPR.
Conclusion
25. The Government amendments are compatible with human rights any the limitations to human
rights are reasonable, necessary and proportionate.
The Hon. Stuart Robert MP, Minister for Employment, Workforce,
Skills, Small and Family Business
10
Index]
[Search]
[Download]
[Bill]
[Help]