Data Sharing (AU0018)
Action Plan: Australia Action Plan 2018-2020
Action Plan Cycle: 2018
Lead Institution: Department of the Prime Minister and Cabinet
Support Institution(s): All Australian Public Service entities will be consulted through Government processes. including the Attorney-General's Department. the Office of the Australian Information Commissioner and the National Archives of Australia. The National Data Commissioner will work closely alongside the Information and Privacy Commissioners. The Australia Bureau of Statistics will provide technical guidance and support to the National Data Commissioner CSOs. private A wide range of relevant stakeholders will be consulted in the sector. development of the legislation. including privacy advocates. multilaterals. academics and researchers. and other peak bodies. working groups
Policy AreasAccess to Information, Data Stewardship and Privacy, Digital Governance, E-Government, Legislation, Open Data, Public Participation
Improve the sharing. use and reuse of public sector data
Commitment Start and End Date
September 2078-August 2020
Lead implementing agency/actor
Department of the Prime Minister and Cabinet
What is the public problem that the commitment will address?
Government data offers significant opportunity for innovation in Government services. economic enterprise. research and development and transparency. Greater availability of data held by government increases transparency and openness.
The Productivity Commission identified existing data governance arrangements are complex and prevent the use and reuse of data. The PC found barriers to sharing include a dense web of legislative requirements. a culture of risk aversion and a lack of a whole of government approach. The PC found these barriers could be addressed through reforms to the way data sharing and use is governed.
The Australian Government has committed to implementing a simpler. more efficient data sharing and release framework by establishing:
• a new Commonwealth Data Sharing and Release Act to streamline access and use of data; and
• a new National Data Commissioner (NDC) to oversee the framework and legislation. and issue guidance and support to agencies to meet the new requirements.
The new Data Sharing and Release Act will:
• promote better sharing of data held by the Australian Government;
• build trust in use of public data;
• dial up or down appropriate safeguards;
• maintain the integrity of the data system; and
• establish institutional arrangements.
What is the commitment?
Building on commitments under Australia's first National Action Plan. this commitment focuses on the implementation of data governance reforms announced by the Australian Government in May 2078. These reforms will increase data access and use within government and with trusted users outside government. while improving data privacy and security with strengthened and consistent safeguards.
PM&C commits to consulting across government. through the new National Data Advisory Council (see current Action Plan). with the Open Government Forum and with the public including businesses. civil society groups and research and non-profit sectors to design and develop the implementation of the reforms.
As a first step. the Government has released an Issues Paper for public feedback and comments by l August. The paper outlines an approach to a new Data Sharing and Release Bill which aims to balance sharing data held by government with appropriate risk management.
As committed under Australia's first National Action Plan. the National Data Advisory Council will be a multi-disciplinary expert panel drawn from public sector and civic society organisations.
How will the commitment contribute to solve the public problem?
The reforms aim to promote better sharing of public sector data while building the public's trust in use of public data by ensuring appropriate safeguards and integrity in the data system.
To do this. we need to ensure that the implementation of the reforms is consistent with community values and expectations. This commitment will build consultation into the implementation and monitoring of the reforms.
The new legislation will exist alongside existing legislation and data safeguards in the Privacy Act 1988; Privacy Amendment (Notifiable Data Breaches) Act 2017; Australian Government Agencies Privacy Code; Archives Act 1983. National Archives of Australia information management standards and Digital Continuity 2020 Policy, and Protective Security Policy Framework requirements relating to releasing classified information.
Why is this commitment relevant to OGP values?
This commitment for these reforms is relevant to several OGP values in the following ways:
Access to information
• The reforms. in particular the Data Sharing and Release Act. will streamline the sharing of data held by government to those within and external to the system while maintaining strong safeguards around data access.
• This commitment will build consultation into the implementation and monitoring of the reforms. including through the National Data Advisory Council (a commitment under the current National Action Plan).
• The Data Sharing and Release Act will require increased transparency on how data is shared across government.
Greater sharing and better use of data will improve agencies· ability to evaluate policies and programs effectively.
• Builds on Commitments 2.7. 2.2. 3.7. 3.2. and 3.3 of the first National Action Plan .
• Announcement of response to Productivity Commission
Issues paper on an approach for the legislation
Milestone Activity with a verifiable deliverable
Appoint National Data Commissioner
7/1/2018 – 12/31/2019
Consultation on the on the approach to the design of the legislation to ensure it balances sharing data held by government with appropriate risk management
7/1/2018 – 12/31/2019
Establish National Data Advisory Council to advise the National Data Commissioner
7/1/2018 – 12/31/2019
National Data Commissioner issues first guidance and standards
7/1/2018 – 9/30/2020
Data and Digital Branch. Department of the Prime Minister and Cabinet
Email and Phone
Other Actors Involved
All Australian Public Service entities will be consulted through Government processes. including the Attorney-General's Department. the Office of the Australian Information Commissioner and the National Archives of Australia.
The National Data Commissioner will work closely alongside the Information and Privacy Commissioners.
The Australia Bureau of Statistics will provide technical guidance and support to the National Data Commissioner
CSOs. private A wide range of relevant stakeholders will be consulted in the
sector. development of the legislation. including privacy advocates. multilaterals. academics and researchers. and other peak bodies.
IRM Midterm Status Summary
3. Improve the sharing, use and reuse of public sector data
Building on commitments under Australia’s first National Action Plan, this commitment focuses on the implementation of data governance reforms announced by the Australian Government in May 2018. These reforms will increase data access and use within government and with trusted users outside government, while improving data privacy and security with strengthened and consistent safeguards.
PM&C commits to consulting across government, through the new National Data Advisory Council (see current Action Plan), with the Open Government Forum and with the public including businesses, civil society groups and research and non-profit sectors to design and develop the implementation of the reforms.
As a first step, the Government has released an Issues Paper for public feedback and comments by 1 August. The paper outlines an approach to a new Data Sharing and Release Bill which aims to balance sharing data held by government with appropriate risk management.
As committed under Australia’s first National Action Plan, the National Data Advisory Council will be a multi-disciplinary expert panel drawn from public sector and civic society organisations.
- Appoint National Data Commissioner
- Consultation on the approach to the design of the legislation to ensure it balances sharing data held by government with appropriate risk management
- Establish National Data Advisory Council to advise the National Data Commissioner
- National Data Commissioner issues first guidance and standards
Start Date: September 2018 End Date: August 2020
Editorial Note: This is a partial version of the commitment text. For the full commitment text, see the Australia National Action Plan available at https://www.opengovpartnership.org/wp-content/uploads/2018/09/Australia_Action-Plan_2018-2020.pdf.
Context and Objectives
This commitment aims to address legal and practical barriers in expanding the use of government held data and information by implementing specific data governance reforms. The commitment reflects part of the federal government’s response to a report by the Productivity Commission on Data Availability and Use,  which found that the “[l]ack of trust by both data custodians and users in existing data access processes and protections and numerous hurdles to sharing and releasing data are choking the use and value of Australia’s data.”  The commitment seeks to do this by designing legislation that standardises and streamlines transparent approaches to the access and use of data, and establishing new operational and institutional arrangements, through the appointment of a National Data Commissioner. The Commitment therefore seeks to ensure that any increase in the use and sharing of government data does not come at the expense of eroding public trust.
Specifically, the appointment of a National Data Commissioner, who will oversee and monitor the integrity of Australia’s data system will aim to increase public confidence in the government’s data management.  In doing so, the Commissioner will, among other responsibilities, release best practice guidelines and standards on the use and sharing of government information.  The commitment also proposes public consultations to determine the approach to designing legislation to balance data disclosure and risk management, and the establishment of a multidisciplinary National Data Advisory Council to advise the Commissioner.
The appointment of the Commissioner, the public consultations, the establishment of the National Data Advisory Council, and the issue of guidance and standards are all generally verifiable, but the scope of these activities could be more specific. It is unclear, for instance, if the consultations “on the approach to the design of the legislation” will extend to designing the legislation itself. However, the public nature of consultations undertaken to date, including the publication of responses to a related issues paper,  means that at least some aspects of consultation will be verifiable.
The government released an issues paper on an approach to a new data-sharing and release bill on 4 July 2018, which identified broad principles to be embodied in the legislation. The paper also sought responses to issues around the Productivity Commission’s recommended reforms. The paper invited comments by 1 August 2018, which the federal government would consider in developing the legislation.  It also stated that the federal government would engage in further consultations through a Privacy Impact Assessment and Exposure Draft Bill process.  It is unclear whether the scope of this commitment extends to this further consultation.
This commitment is relevant to the OGP values of access to information and civic participation as it aims to introduce legislation to reform data governance, conduct public consultations on the approach to designing such legislation, and release guidelines and standards through the Data Commissioner. The proposed advisory Council itself will also provide for multistakeholder participation. The 2018 issues paper references establishing a Council of representatives from the government, academia, industry, and privacy groups.  The Council, which will consult widely with community groups, will provide advice on ethical data use, technical best practice, and the latest industry and international developments.  A call for interest in joining the Council was announced on 5 July 2018, with responses due on 20 July 2018. 
If fully implemented as written, the data governance reforms proposed under this commitment stand to have moderate potential impact on enhancing the government’s access to and use of data while maintaining the trust of providers, custodians, potential users and the public generally. The new legislation, the appointment of the Data Commissioner, and the issue of guidance and standards will provide a legal and institutional framework to reduce legal and practical barriers and thus increase data use and sharing within government or with trusted partners. Ensuring widespread and effective consultation on the design of that legislation, an effective oversight role of an advisory council with a diverse range of interests and expertise, and a transparent and consultative approach to the work of the Data Commissioner can ensure the new governance framework appropriately balances sharing and re-use with appropriate risk management to prevent any erosion of public trust.
However, the success of this commitment hinges not only on the eventual scope and content of the final legislation, but also on how it will be implemented. The results of this reform depend on the enforcement power the Data Commissioner will have to increase accountability of the data governance process, including being able to monitor and enforce unbiased information and data use and disclosure—particularly where relevant administrative agencies guard and tailor sector-specific data.  Among other risks that may undermine the outcomes of this process, the Accountability Round Table (ART) highlights that the commitment may also have the negative effect of excluding public access to government data if it incentivizes limited proactive sharing of information, and containing such information primarily within government. 
In addition, although the new law proposed under this commitment will function alongside existing legislation and data safeguards, the prospect of increased data sharing and use requires substantial, and clear public communication of, additional protections in order to ensure public trust.  Enhancing government authority over the use of data without concurrently expanding opportunities for public scrutiny may eventually compromise the value that could be derived through responsible use of government-held data. Any new governance framework must ensure public transparency and accountability of both government practice and the oversight role of the Data Commissioner and Advisory Council under any new data governance framework.
The government could evaluate the impact of the new legislation and institutional framework on the release of information by government agencies and report on their compliance with the legislation and the National Data Commissioner’s requirements and guidance. This evaluation could extend to the composition and role of the National Data Advisory Council and its relationship with other federal officers, including the Australian Information Commissioner and the National Statistician. If not already envisioned in the Commissioner’s mandate, the government could also strengthen the authority of the Commissioner by equipping the role with an appropriate mechanism to mandate administrative agencies to disclose government-held data about public sector programs and activities.
The commitment is also limited to federally-held data, despite the IRM’s recommendation for further collaboration between federal, state, and territory governments.  The Australian Digital Council, consisting of government ministers at all levels, is intended to establish proposals for better cross-government collaboration on data and digital transformation.  This Council will examine how a national data system could be realised, including identifying the current barriers to data-sharing between jurisdictions as well as opportunities to opt in to the Commonwealth’s data-sharing legislation.  The establishment, role, and evaluation of any inter-jurisdictional group could be the basis of future national action plan commitments in this area.
IRM End of Term Status Summary
3. Improve the sharing, use, and reuse of public sector data
For details regarding the implementation and early results of this commitment, see Section 2.3.
Aim of the commitment
This commitment aimed to address legal and practical barriers in expanding the use of government-held data by implementing specific data governance reforms.  It sought to establish a National Data Commissioner (NDC) and a multidisciplinary National Data Advisory Council (NDAC) to advise the Commissioner, drawing up best practice guidelines and standards on the use and sharing of government information, and enacting legislation to balance data disclosure and risk management. Its scope was the use, sharing, and re-use of public sector data between accredited entities across all levels of the federal government, as well as industry, research, and other private sector organisations. This did not extend to the public’s use and re-use of open, public sector data (i.e., non-personal, unrestricted), which is generally included in the term “public sector data.”
Did it open government?
This commitment is substantially complete. All milestones were completed except the enactment of the Data Availability and Transparency Bill 2020 and the Data Availability and Transparency (Consequential Amendments) Bill 2020. Also incomplete is the consequential appointment of a permanent NDC and formalisation of the NDAC. The Interim NDC was appointed in 2018. The NDAC (with equal civil society and government membership) was appointed in 2019 along with the release of data guidance, standards, and practices. A draft data-sharing agreement template  and Foundational Four guidance on foundational data practices to improve agencies’ data capability  were published in 2020. Following extensive consultation on two discussion papers and 2020 exposure drafts, the Data Availability and Transparency Bill 2020 and the Data Availability and Transparency (Consequential Amendments) Bill 2020 were introduced into Parliament in December 2020. As of 1 June 2021, they await their third reading, following the Senate Finance and Public Administration Committee’s report from 29 April 2021.  The permanent NDC will be appointed and the NDAC formalised following the enactment of this legislation.
The NDA met six times over 2019 and 2020 to promote a public narrative about the proposed legislation, strengthen safeguards, and address concerns raised by stakeholders. In August 2020, it attested to the rigour of engaging with the public via online channels as shown by publicly engaging on the bill over the past two years. 
An extensive, two-year public engagement process revealed wide-spread privacy concerns about the government's initial proposals. The resultant two bills now clarify that commonwealth data can only be shared for three purposes: government services delivery, informing government policy and programs, and research and development. This consultation process advanced civic participation in forming data-sharing and release policy.
The government’s Delivering for Australians 2019 statement advised that the data-sharing and release legislative reforms will support the APS to better share and use commonwealth data.  As the guidance is only an opt-in model, the government needs to persuade departments to demonstrate how the legislation is used,  and to share with state and territory public services, not just the APS.
At this stage, this commitment has only marginally changed government practice on data governance and disclosure. While growing institutional capacity is now possible, it is too early to observe whether the published template and guidance are changing the government's data management practice. There are not yet any federal or state online citations to the new guidance and standards to support the government’s claim that it has been widely adopted, including by some state and territory agencies. 
The IRM 2018–2020 design report noted that this commitment’s success hinged on the eventual scope and content of the final legislation and on its implementation. It noted the Data Commissioner’s enforcement power to increase accountability of the data governance process.  The 29 April 2021 report by the Senate Finance and Public Administration Legislation Committee seeks assurances of appropriate security agency oversight of data-sharing agreements, security risks, and guidance on privacy protections, particularly for de-identifying personal data.  It noted that it was of the view that, in drafting the bill and the proposed framework for data sharing, the ONDC[sic] has made substantial effort to address privacy concerns and strike an appropriate balance”.  There is civil society concern that there is “little thoroughfare for financial transparency”.  As at 23 August 2021, the legislation has not progressed beyond its second reading in Parliament.
The IRM researcher understands that data sharing implementation and policy formation will be included in the third action plan, with a focus on building trust.