Australia’s privacy and information watchdog failed to meet key performance criteria around freedom of information and privacy investigations, as its workload jumped and staff attrition rate doubled the public service average.
The disappointing results from last financial year have led to warnings from the regulator about its resourcing and a call for government agencies to more proactively disclose information to the public.
The Office of the Australian Information Commissioner on Wednesday tabled its annual report, revealing it had achieved less than two thirds of its key performance indicators, blaming several of the misses on an increase in the complexity and volume of its work.
More than a quarter of Freedom of Information (FOI) complaints it handles now take more than a year to be resolved, while the overall average is now 10.5 months.
Last financial year, the regulator, which was without a dedicated FOI commissioner for most of the period, received 215 complaints about actions taken by agencies when handling FOI requests, an increase of 42 per cent compared to 2020–21.
Even though more of the complaints were resolved than the year prior, the increased workload meant the OAIC did not meet its performance goal of finalising 80 per cent of complaints within a year, reaching only 74 per cent.
The OAIC also missed its mark on helping improve other agencies processes for managing FOI requests. It made 33 recommendations to other agencies to improve last year, but only 85 per cent of them were accepted, short of the 90 per cent goal.
It’s unclear which recommendations were rejected by which agencies, but the OAIC advice typically goes to basic FOI governance like employee awareness of obligations under the Act, developing publishing operations manuals, and appointing “information champions” to have oversight of an agency’s compliance.
A dedicated FOI commissioner has been recommended for several years and was endorsed by the previous government last year. It then took nine months to fill the roll, with FOI Commissioner Leo Hardiman only beginning in April.
The regulator did achieve its target for providing a review of FOI decisions by agencies and ministers, finalising 83 per cent of the nearly 1400 Information Commissioner (IC) reviews within a year.
But the regulator is operating without a dedicated Information Commissioner, with Angelene Falk holding the position as well as Privacy Commissioner.
After the OAIC budget was restricted by the Coalition government for years, Ms Falk warned the new Labor government her office was “unable to keep up” with its increasing workload.
When releasing the annual report on Wednesday, Ms Falk publicly reiterated the resource strain remains a “major challenge” to the FOI system.
“While we continually review our processes to create further efficiencies, we are also identifying where systemic improvements can be made in the FOI system,” she said.
“Importantly, proactive publication of information supports timely access to information, reduces the need for members of the community to make FOI applications and minimises FOI processing costs for agencies.”
Attorney General Mark Dreyfus has so far not committed to splitting the Information and Privacy Commissioner roles, saying in August it was still being assessed.
Through its privacy functions, the OAIC is also required to respond to written privacy and information access inquiries by the public. Last financial year it fell well short of a 90 per cent response goal at 73 per cent, blaming staff turnover and increasingly complex enquiries.
A target to finalise 80 per cent of privacy complaints within a year was met, but with a slimmer margin than the year prior.
Fewer of the Commissioner-initiated investigations (CII) into cases where serious risk to privacy has been identified – such as the Clearview AI and 7-Eleven facial recognition cases – were finalised within the OAIC’s target period.
Ms Falk opened seven privacy CIIs and finalised four in the last financial year, both drops on the previous year, with only one finalised within the eight-month goal.
The drop was because of a focus on finalising older investigations, the increase in complexity of investigations and limits on available resources, the annual report said.
Eight privacy CIIs were ongoing into this financial year, with the Optus investigation and a potential CII into the Medibank breach likely to add to the watchdog’s workload.
The engagement of staff at the OAIC fell last financial year to 70 per cent. Obtained through the APS Employee Census, the mark is a measure of the emotional connection and commitment employees have to working for their organisation. Across the APS it was 77 per cent in 2021.
“The OAIC scores were similar to comparable agencies in wellbeing policies and support, while our scores in employee engagement and innovation were marginally lower than similar agencies,” the annual report said.
“The challenging employment market and increased attrition rate are likely to have impacted the results, which were gathered during a period of significant change.”
The attrition rate at the OAIC also increased 18 per cent in a year to 35 per cent in 2021-22. This nearly double the Australian Public Service rate of 18 per cent.
The OAIC said it is addressing this with a more flexible hybrid working environment, development opportunities and more inter-branch and inter-agency secondments.
Do you know more? Contact James Riley via Email.