Disbandment of OAIC and Privacy Commissioner moves to Human Rights Commission

May 14, 2014 |

Last night’s budget held an unwelcome development for the Information Commissioner’s office.  As in there will be no Information Commissioner come 1 January 2015.  The Privacy Commissioner, a statutory office, will move to the Human Rights Commission and work out of Sydney.

The OAIC were well and truly quick off the mark in the legacy exercise with a statement (found here) which provides:

We acknowledge the Australian Government’s Budget decision on Tuesday 13 May 2014 to disband the Office of the Australian Information Commissioner (OAIC) by 1 January 2015.

We note that the Freedom of Information Act 1982 (FOI Act) and the Privacy Act 1988 (Privacy Act), which confer valuable information rights on the Australian community, will continue to operate (as amended to reflect the abolition of the OAIC). The Privacy Act will continue to be administered by the Privacy Commissioner and supporting staff from an office based in Sydney. The FOI Act will be administered jointly: by the Attorney?General’s Department (advice, guidelines, annual reporting), the Administrative Appeals Tribunal (merits review) and the Commonwealth Ombudsman (complaints). The information policy advice function currently discharged by the OAIC will cease.

We are committed to ensuring that the FOI Act and Privacy Act continue to operate effectively prior to 1 January 2015 and that a smooth transition to the new arrangements will occur.

The Commissioners take this opportunity to draw attention to the substantial achievements of the OAIC since its commencement on 1 November 2010.

Information Policy

  • Published the Principles on open public sector information (2011) (Open PSI Principles) that are widely referred to across government
  • Published two reports that promote Open PSI and the development of a national information policy — Towards a national information policy (2010), and Understanding the value of public sector information in Australia (2011)
  • Conducted a survey and published two reports of the information management practices of 191 Australian Government agencies regarding their compliance with the FOI Act Information Publication Scheme and the OAIC’s Open PSI Principles — Information publication scheme: survey of Australian Government agencies (2012), and Open public sector information: from principles to practice (2013)
  • Promoted key information policy concepts that now have a defining influence in government agency information practices, including that government information is a national asset to be used for public purposes, and concepts of ‘public sector information’, ‘open data’ and ‘proactive disclosure’
  • Hosted a National Information Policy Conference (2011) attended by over 300 people
  • Liaised with other government agencies to build a strong inter?agency network for coordinating information policy developments

Freedom of Information

  • Resolved 1191 applications for Information Commissioner review (between 1 November 2010 and 30 April 2014), publishing reasons for decision in 186 of those cases
  • Closed 394 FOI complaints
  • Dealt with 1237 applications for an extension of FOI processing time for complex and voluminous FOI requests
  • Dealt with 4521 phone enquiries and 1891 written enquiries about FOI
  • Conducted an own motion investigation into administration of sensitive and high profile FOI requests to the Department of Immigration and Citizenship
  • Published clear and comprehensive FOI guidelines (250 pages), 16 Fact Sheets for the public, and over 30 detailed agency guides on processing times, calculating charges, administrative access, third party objections, anonymous requests, statements of reasons, redaction, FOI training, website publication, disclosure logs, sample letters and frequently asked questions
  • Conducted a public consultation on FOI charges and prepared a lengthy report to Government (2012)
  • Made two substantial submissions to the review of the FOI Act by Dr Allan Hawke AC in 2013 (many of the OAIC’s reform proposals were endorsed by the Review)
  • Promoted the ideals of transparency, accountability, participation and better decision–making that underlie the FOI Act


  • Closed 5303 privacy complaints
  • Dealt with 34,739 phone enquiries and 5845 written enquiries about privacy
  • Conducted 91 own motion investigations and 10 audits
  • Received 193 data breach notifications
  • Implemented substantial changes to the Privacy Act that commenced on 12 March 2014, by undertaking or commencing preparation of nearly fifty legislative instruments, codes (including a comprehensive Credit Code), guideline statements and information sheets, and conducting an extensive public consultation process (receiving more than 90 public submissions on draft guidelines)
  • Published guidance on emerging privacy issues, including Data Breach Notification Guidelines (2012), a Guide to Information Security (2013) and Mobile privacy: a better practice guide for mobile app developers (2013)
  • Conducted and published a Community Attitudes to Privacy survey (2013)
  • Annually hosted Privacy Awareness Week, and arranged participation by government agencies and private sector bodies (over 200 in 2014)
  • Administered the Asia Pacific Privacy Authorities Forum, that includes members from the United States, Mexico, Hong Kong, South Korea, Canada and New Zealand
  • Participated in global forums that aim to build a coordinated approach to regulating cross?border data flows and challenges, including the Global Privacy Enforcement Network under the auspices of the OECD, and the APEC Cross Border Privacy Enforcement Arrangement

Corporate, public relations and community engagement

  • Established an integrated office and scheme for managing freedom of information, privacy and information policy advice
  • Hosted regular meetings of the Information Contact Officers Network for agency FOI and privacy officers, attended by approximately 130 agency staff
  • Convened the Information Advisory Committee and the Privacy Advisory Committee, that comprise senior government officers and external representatives with experience in archives, libraries, journalism, banking, medicine, trade unions, copyright law, information technology, disability access and community services
  • Managed a dynamic website that receives up to 1.5 million visits annually
  • Provided policy advice to agencies or organisations on 715 occasions, made 113 submissions to inquiries and undertook 100 consultations

OAIC resources and performance

  • The OAIC appropriation for 2013–14 is $10.6 million. At the end of March 2014 the OAIC had 63.3 Full?Time Equivalent (FTE) staff in budget?funded positions. An additional 15.82 FTE staff are funded under Memorandum of Understanding arrangements with other agencies to undertake specific privacy work such as work relating to the eHealth initiative
  • The OAIC’s workload has steadily increased in most areas over the last two years by between 10?20%. Privacy complaints are set to increase by over 100% in 2013–14, written enquiries by 20% and website visits by 27%.
  • The OAIC completion rate has continued to improve — for example, by 31 March 2014 the completion rate for IC reviews had climbed to 4.7 cases per day (from 0.37 cases per day in the first 18 months), the FOI complaint closure rate to 1.1 per day (from 0.21 per day in the first 18 months) and the privacy complaint closure rate to 20.1 per day.

The Privacy Commissioner notes that 5,303 complaints were closed.  An interesting figure as far as it goes.  A better assessment is what number of complaints were resolved at mediation, the number of determinations and, on the other side of the coin, the number of complaints where the Privacy Commissioner did not take the matter further.  Those figures would give  clearer picture of how the office operates.  That is particularly the case given that the Privacy Commissioner has a gatekeeper role under the Privacy Act.  Individuals have, until recently, had very little power to take their own actions under the Privacy Act (section 98 injunctions being the clear and obvious exception). Therre is a significant difference between activity and outcome.  Only with clearer statistics and figures which reflects more specific activities can a proper assessment be made about as to how effective the OAIC generally and the Privacy Commissioner has been.

There is plenty of coverage with Itnews in Information Commissioner out as privacy/FOI office shut down which provides:

Australian Information Commissioner John McMillian will lose his role leading the OAIC, with the Abbott Government disbanding the peak privacy and FOI authority in the name of budget savings.
McMillan told iTnews that he only heard about the plans to abolish his office a week ago and said he is disappointed with the decision.
The Office of the Australian Information Commissioner is one of dozens of federal entities being dismantled to collectively return $500 million to the budget.
The OAIC runs on a budget of $10.6 million per annum, including 63.3 Commonwealth funded FTE staff and 15.82 funded under MOUs for targeted privacy jobs. 
The Office’s functions will now be shared between four existing agencies in a move expected to save $10.2m over four years.
The three OAIC chiefs today put out a statement outlining the achievements of the lean agency since it was established in November 2010.
While Privacy Commissioner Timothy Pilgrim and FOI Commissioner James Popple will keep their jobs through the shake-up, McMillian will be out by the end of the year.
Other staff redundancies will also take place.
Privacy functions will continue to be undertaken by the Privacy Commissioner as an independent statutory position within the Australian Human Rights Commission.
The FOI Commissioner, who conducts external merit reviews of FOI decisions, will move into the Administrative Affairs Tribunal alongside the FOI appeal functions.
Responsibility for handling FOI complaints will be bundled into the Commonwealth Ombudsman’s office. 
The Attorney-General’s Department will take responsibility for the issuance of FOI guidelines, collection of statistics and provision of explanatory material on the operation of the Freedom of Information Act 1982. 
Attorney-General George Brandis said the complex and multi-level merits review system for FOI matters had contributed to significant processing delays. 
“Simplifying and streamlining FOI review processes by transferring these functions from the OAIC to the AAT will improve administrative efficiencies and reduce the burden on FOI applicants. The AAT will receive a funding boost of $1.8m to assist with the backlog and to better meet acceptable timeframes,” he said in a statement.
The move is likely to increase the cost of appealing an FOI decision.
The OAIC was also in charge of introducing new privacy legislation earlier this year that saw new penalties imposed for serious privacy breaches by Australian organisations. The office was also in charge of investigating the breaches.
It has long worked under lean staffing arrangements, describing in its last annual report its “limited ability to maintain a viable workforce” under budget pressures.

There has also been coverage here.

The real issue for the Privacy Commissioner is resourcing.  The Privacy Commissioner highlights the increase in privacy complaints and has been armed with new powers.  Real powers.  It would be poor public policy for the Privacy Commissioner to effectively do less (enforcement) with more (power).  Effectively making new powers dead letter would be disastrous.  Time will tell.

One Response to “Disbandment of OAIC and Privacy Commissioner moves to Human Rights Commission”

  1. Disbandment of OAIC and Privacy Commissioner moves to Human Rights Commission | Australian Law Blogs

    […] Disbandment of OAIC and Privacy Commissioner moves to Human Rights Commission […]

Leave a Reply