The government has struck the right balance with its sweeping new data-sharing scheme which will “streamline” service delivery, the Data Commissioner has told a Senate committee hearing, which also heard a range of legal and privacy concerns about the new scheme.
A senate committee is currently conducting a whirlwind inquiry into the Data Availability and Transparency Act, which marks a significant expansion of the sharing of public sector data between agencies and private organisations.
At a public hearing on Tuesday morning, interim National Data Commissioner Deborah Anton backed the controversial new scheme, saying that the government and general public has to “engage sensibly with risk”, in a rare public appearance.
Following Ms Anton’s appearance, a number of legal organisations and civil and digital rights advocates panned the proposed data-sharing scheme, raising concerns around a lack of privacy safeguards, weak consent requirements and the bypassing of existing privacy laws.
The new scheme offers a “new path” for data sharing between public sector agencies and departments, along with outside organisations such as universities and think tanks, which is currently blocked by existing laws.
It will require consent unless it is “unreasonable” or “impracticable” to do so.
The committee will only have eight working days to consider the evidence from the public hearing before presenting its final report on Friday next week.
Labor Senators at the hearing raised a number of concerns around privacy safeguards, the role of the Commissioner and the potential for the data shared to act as a “honeypot” for hackers, foreshadowing a Parliamentary debate likely in late May.
Labor also linked the scheme with the government’s robodebt program, raising concerns it will lead to further misuse of personal data.
Ms Anton said the new scheme would “streamline” government services and provide better outcomes for Australians.
“It’s about improved public policy outcomes. We developed this bill because the world is changing. To do more with data requires that we break out of our silos and engage sensibly with risk,” Ms Anton told the Senators.
“It will enable the public service to function between and be more responsive to the needs of the Australian people. It supports the public service to do their jobs more effectively and to work with researchers to make sure we are working to solve the real problems Australians are facing today.”
The Commissioner said she believes the government has got the balance right between privacy and the greater sharing of data to enable service delivery.
Every other witness at the hearing was critical of the data-sharing scheme to varying degrees, with most calling for significant restructuring of the legislation before they would offer support.
Public Interest Advocacy Centre senior solicitor Chadwick Wong said the bill does not provide “sufficient safeguards” for a scheme which represents a “fundamental change” in how information is shared in the public sector, while the NSW Council for Civil Liberties’ Jonathan Gadir said there is a “discrepancy” between the government’s public statements around the plan and what’s actually in the legislation.
The proposed data-sharing structure represents an “ongoing erosion of Australian privacy law in favour of bureaucratic convenience”, Australian Privacy Foundation vice-chair Bruce Baer Arnold told the Senators.
The facilitation of greater sharing of data, around existing protections, could potentially get around client legal privilege, Law Council of Australia’s Ian Bloemendal warned.
“There is insufficient justification in the explanatory memorandum for the proposed abrogation of client legal privilege,” Mr Bloemendal said.
“It’s not a matter that should be lightly considered The Law Council opposes this blanket abrogation…that would fundamentally undermine any purported protections the bill would otherwise create.”
There were also significant concerns around the fact these significant reforms are being debated in Parliament while the government is also conducting a major review into the Privacy Act.
“You are potentially putting the cart before the horse because it will then have to respond to a new regime. There’s a legislative risk there,” Law Council Privacy Law Committee chair Olga Ganopolsky told the hearing.
“The fundamental difficulty here is at least retrospectively the data that has already been collected has largely been collected through interactions with government. It’s very difficult to cure that without a substantive and systematic approach to that very question.”
The proposed scheme also rewrites existing privacy laws, Digital Rights Watch director Lucie Krahulcova said.
“It does not make policy sense or financial sense to be passing this legislation when money is being spent reviewing the Privacy Act. Especially when this legislation will be exempt from the rules and standards in that review,” Ms Krahulcova said.
The requirement that consent be obtained unless it is impracticable to do so is “absurd” as the scheme will often involve the sharing of data from numerous individuals, Ms Krahulcova told the committee.
“It’s almost absurd because it will never be practicable to obtain consent at that level,” Ms Krahulcova said.
Electronic Frontiers Australia board member Justin Warren said the scheme is too reliant on “good intent” rather than real protections and safeguards.
“Good intent is just a start. There is some good intent behind this legislation and there are some benefits. Good intentions, while necessary, are not sufficient and there are myriad reasons to be concerned about this legislation,” Mr Warren said.
“The government demands to be trusted without first demonstrating to be trustworthy, and in fact demonstrating the opposite.”
Do you know more? Contact James Riley via Email.