Secrecy Laws and Open Government Report—An Update

Professor Rosalind Croucher,** President, Australian Law Reform Commission. 7^th Annual Public Sector In-House Counsel Conference 2011, 29 July 2011

Abstract: This paper discusses the inquiry conducted by the Australian Law Reform Commission (ALRC) into Commonwealth secrecy laws: Secrecy Laws and Open Government in Australia (ALRC Report 112) tabled in March, 2010. It considers how, from a law reform perspective, the ALRC approached the challenge of reviewing the wide range of secrecy provisions on the Commonwealth statute books and working out a policy framework for the law reform recommendations proposed.

1. Introduction

On 5 August 2008, the Attorney-General of Australia, the Hon Robert McClelland MP, asked the ALRC to conduct an Inquiry into options for ensuring a consistent approach across government to the protection of Commonwealth information, balanced against the need to maintain an open and accountable government by providing appropriate access to information. The ALRC was also asked to consider the increased need to share information within and between governments and with the private sector. We delivered the report in December 2009. In this paper I will look at how we approached the challenge posed in the inquiry and, in particular, the development of an appropriate policy framework for the law recommendations we proposed.

Secrecy laws do not, of course, exist in isolation, but rather as part of a broader information management spectrum. Openness of information and protection of information can be seen as sitting at opposite ends, with particular secrecy provisions situated at different points in the spectrum—at times emphasising protection; at times facilitating information handling, sharing and disclosure.

The appropriate handling of information is integral to the effective functioning of government. Secrecy laws are one element in the broader information handling framework across government—including elements such as security classification systems, information-sharing regimes, and agency-specific information-handling policies. As part of the spectrum of information handling in the public sector, secrecy laws may serve a legitimate role in generating personal responsibility for the handling of Commonwealth information.

Secrecy laws that impose ‘extreme’ obligations of confidentiality on individuals handling government information—and the prosecution of public servants for the unauthorised disclosure of such information—can sit uneasily with the Australian Government’s commitment to open and accountable government. Secrecy laws have also drawn sustained criticism on the basis that they unreasonably interfere with the right to freedom of expression.

Examples keep popping up. Let’s take a recent one—Julian Assange, described in Wikipedia as:

an Australian publisher, journalist, software developer and Internet activist. He is the editor in chief of WikiLeaks, a whistleblower website and conduit for worldwide news leaks, with the stated purpose of creating open governments. Assange worked as a computer programmer and was a hacker during his youth. He has lived in several countries and has made public appearances in many parts of the world to speak about freedom of the press, censorship and investigative journalism.

On 28 November 2010, WikiLeaks and its five international print media partners (Der Spiegel, The New York Times, Le Monde, The Guardian and El País) began publishing US diplomatic cables. That has got Assange into serious trouble and placed him on the front pages of many papers. One described him as ‘the weirdest Bond villain ever, putative head of the WikiLeaks collective, and possibly the only celebrity Australian not to have an invite from Oprah’.[2]

There are many issues involved here.  How did he get this information that was ‘leaked’? Imagine the leaker was an Australian Commonwealth officer. Would this attract a secrecy provision? What about Mr Assange and the publishing of the information on the WikiLeaks site? Would—or should—the original leaker be guilty of a criminal offence?  And Mr Assange? And can he be compelled to reveal his sources?

These are typical of the kinds of questions that lie behind a consideration of secrecy laws. The focus is not on the protection of information, as such, but when it is appropriate to punish a person for disclosing it—and with a criminal penalty.

2.        Background to the review

The consistency and workability of Commonwealth secrecy provisions has been considered in a number of prior reviews, leading up to and prompting the ALRC Inquiry. In its report supporting the introduction of the Freedom of Information Act 1982 (Cth) (FOI Act), the Senate Standing Committee on Legal and Constitutional Affairs urged the Australian Government to reconsider the general secrecy offence in s 70 of the Crimes Act, as it was ‘implausible to enact a presumption of openness while leaving untouched provisions like section 70 that provide the legal foundation for the system of discretionary secrecy that presently exists’.[3]

A number of problems had been identified, including, for example:

• inconsistency with the freedom of expression contained in art 19 of the International Covenant on Civil and Political Rights;[4]
• the potentially indiscriminate operation of secrecy provisions targeted at all unauthorised disclosures;^[5]
• lack of consistency in drafting and penalties across the secrecy provisions in other Commonwealth statutes.[6]

The ALRC had also commented on secrecy laws in three prior reviews. First, in the review of freedom of information laws in 1995, the ALRC and the Administrative Review Council recommended that a thorough review of all Commonwealth secrecy provisions be conducted to ensure that such provisions did not prevent the disclosure of information that was not exempt under the FOI Act.[7]

Secondly, in 2004, in Keeping Secrets: The Protection of Classified and Security Sensitive Information (ALRC 98), the ALRC recommended that:

The Australian Government should review all legislative and regulatory provisions giving rise to a duty not to disclose official information—including in particular regulation 2.1 of the Public Service Regulations [1999 (Cth)]—to ensure the duty of secrecy is imposed only in relation to information that genuinely requires protection and where unauthorised disclosure is likely to harm the public interest.[8]

Finally, in 2008, in For Your Information: Australian Privacy Law and Practice (ALRC 108), the ALRC recommended that:

The Australian Government should undertake a review of secrecy provisions in federal legislation. This review should consider, among other matters, how each of these provisions interacts with the Privacy Act [1988 (Cth)].[9]

Such calls led to the ALRC secrecy inquiry.

3.       Law reform process

The law reform process involves a number of steps: sizing up the problem within the constraints of the Terms of Reference; defining the conceptual/policy landscape in which the development of law reform recommendations will occur; consultation, consultation, consultation; and, finally, the report, containing recommendations for reform.

3.1       Mapping the provisions

A first step in the ALRC’s work was to size up the problem. How many secrecy provisions did we have to deal with?  Where were they?  What did they look like?  To answer these questions, the ALRC undertook a comprehensive mapping exercise to catalogue the secrecy provisions currently on the federal statute book. I must say that the wonderful interns we routinely recruit contributed significantly to this exercise, beginning with statutes beginning with ‘A’—eg ‘A New Tax System etc’. The ALRC identified 506 secrecy provisions in 176 pieces of legislation, including 358 distinct criminal offences—a ‘plethora’ of provisions.[10] This mapping exercise provided a sound evidence base for the ALRC’s analysis of secrecy provisions and the recommendations for reform in this Report.

A number of key issues emerged—including the catch-all nature of some of the provisions and an over-reliance on criminal sanctions. The ALRC also identified considerable inconsistency in the framing and elements of specific secrecy provisions, reflecting their introduction at different times, using different language and often with widely ranging penalties. For example,[11] the unauthorised disclosure of information relating to the affairs of a person in some cases attracts a low-level fine of $550,[12] and in others a term of imprisonment for two years and a fine of $13,200.[13] Disclosing information about the identity of a person in the national witness protection program carries a maximum penalty of 10 years imprisonment,[14] whereas publishing information that discloses the identity of an agent or officer of the Australian Security Intelligence Organisation carries a maximum penalty of imprisonment for one year—even in circumstances where such publication could endanger the life of that agent or officer.[15] Commonwealth officers may also face administrative action for breach, ranging from reprimands to dismissal.

3.2       Defining the conceptual landscape

Another fundamental task is identifying the conceptual landscape in which the development of law reform recommendations will be located. The concept of secrecy as a mechanism for protecting government information, on the one hand, and the commitment to openness of government, on the other, reflect certain historical understandings of the relationship between a government, citizens, officials and information.

The secrecy of government information has a long history. Part-time ALRC Commissioner, the Hon Justice Susan Kenny provides an excellent discussion of this important background in a paper presented at the National Information Law conference in Canberra in March this year, and published on the ALRC website.[16]

Two principal rationales for secrecy in the modern context are the Westminster system of government and the need to protect national security. The Westminster system was premised on secrecy. As summarised in 2008 by the Independent Review Panel examining the Freedom of Information Act 1992 (Qld):

Secrecy had been an essential ingredient of the system—secrecy to protect the deliberations of the cabinet, secrecy to protect the advice proffered by public servants to their ministers, secrecy to hide what happened within the public service. The democratic element that allowed this closed system to function was provided by the concept of ministerial responsibility—ministers were responsible, collectively and individually, directly to parliament and indirectly to the electorate, for what the government did, and for what their departments did.[17]

In this way, the conventions of the Westminster system were seen to demand official secrecy. For example, the doctrine of collective ministerial responsibility was said to depend to a large extent on the secrecy of Cabinet deliberations and documents. Further, the confidential provision of advice to ministers by public servants is linked to the principle that the government of the day is served by a professional and politically neutral public service carrying out the instructions of the elected government.[18]

For most of Australia’s history, ‘official secrecy has been the legislatively enforced norm’.[19] The first Australian secrecy provision, introduced in the colony of Victoria in 1867, ‘set the pattern for the various public services of Australia’, requiring that:

no information out of the strict course of official duty shall be given directly or indirectly, by any officer without the express direction or permission of the responsible Minister.[20]

The first Commonwealth secrecy provisions were passed during the initial session of the Australian Parliament in 1901.[21] Their primary focus was the protection of national security information.[22]

Periods of international conflict have precipitated an awareness of the need for, and experience of, secrecy provisions. In 1960, for example, amendments were made to s 70 of the Crimes Act 1914 (Cth),[23] inspired in part by the anti-communist climate of the Cold War.[24] The amendment, which extended the reach of s 70 to former Commonwealth officers, was ‘just one of many secrecy provisions inserted or strengthened in legislation after the war’.[25]

The increase in the size and role of government in the period following World War II, combined with technological advances that increased the ability of governments to deal with large amounts of information, has had a significant impact on the relationship between citizens and government.[26] And the increased reach of government was matched by a growth in secrecy provisions—‘a reflection of the increase in personal and commercially sensitive information collected by the government’.[27] In addition, the Privacy Act 1988 (Cth) was enacted to ensure that the government appropriately handled and protected personal information. Both reflected the impetus to protect certain information in the hands of government.

As the reach of government expanded, however, there was increasing pressure to ask questions about what government was doing. This led to a shift in attitude to official secrecy in the 1960s with the development of a new philosophical and practical approach to government, leading to the description ‘open government’.[28] The move to more open government was reflected in the development of ‘freedom of information’ (FOI) and related administrative laws.

In 1970, the then Leader of the Opposition, the Hon Gough Whitlam MP, noted with concern that ‘excessive secrecy has become commonplace in governmental decision making’.[29] Introduction of FOI legislation became an issue in the lead up to the 1972 federal election,[30] at which time the Australian Labor Party claimed that the government’s monopoly of knowledge had ‘led to bad decisions and bad government’.[31]

The introduction of the Freedom of Information Act 1982 (Cth) formed part of a package of administrative law reforms.[32] These legislative reforms aimed to facilitate effective public administration while at the same time safeguarding the civic rights of the individual citizen.[33] As Associate Professor Moira Paterson has noted, FOI laws ‘form a vital part of a broader network of laws, both formal and informal, which affect the overall transparency of the executive branch of government’.[34]

The importance of access to information to the accountability of government for its actions was reiterated by Senator the Hon John Faulkner, the then Cabinet Secretary and Special Minister of State, in proposing reforms to the FOI framework in March 2009:

There is a growing acceptance that the right of the people to know whether a government’s deeds match its words, to know what information the government holds about them, and to know the information that underlies debate and informs decision-making is fundamental to democracy.[35]

The relationship between FOI and secrecy provisions—which appear to stand in direct juxtaposition to each other—was a key issue in the ALRC’s secrecy inquiry.

The Terms of Reference acknowledge both the public interest in open and accountable government and the increased need to share Commonwealth information within and between governments and with the private sector. A seamless flow of information within and between governments is referred to as a ‘whole of government’ approach—‘the public administration of the future’.[36] This flow of information, however, may pose particular problems in relation to certain sensitive information, for example, personal information. In the context of such information, the concern is not about ‘open government’, but rather about the appropriate protection of the information itself in the hands of government officers.

Wherever information-sharing objectives arise, a parallel concern is the role of secrecy provisions, or other mechanisms, to protect that information in appropriate circumstances. Ensuring that channels for the communication of protected information are built into, or complement, secrecy provisions may be crucial to achieving an appropriate balance between protecting information and providing effective service delivery. As noted by the Department of Human Services in relation to the wide range of personal information collected and managed by their agencies:

While the appropriate protection of personal information about customers must, of course, remain paramount, it is essential that secrecy provisions complement and assist, rather than frustrate, improvements to service delivery.[37]

While open government was central to the inquiry, another key principle of relevance was freedom of expression. The International Covenant on Civil and Political Rights (ICCPR) includes art 19:

1.       Everyone shall have the right to hold opinions without interference.
2.       Everyone shall have the right to freedom of expression; this right shall include freedom to seek, receive and impart information and ideas of all kinds, regardless of frontiers, either orally, in writing or in print, in the form of art, or through any other media of his choice.
3.       The exercise of the rights provided for in paragraph 2 of this article carries with it special duties and responsibilities. It may therefore be subject to certain restrictions, but these shall only be such as are provided by law and are necessary:

1.  
   1.       For respect of the rights or reputations of others;
   2.       For the protection of national security or of public order (ordre public), or of public health or morals.[38]

The Human Rights Committee of the United Nations (Human Rights Committee) has commented that the right to freedom of expression includes:

Not only freedom to impart information and ideas of all kinds but also freedom to seek and receive them regardless of frontiers and in whatever medium, either orally, in writing or in print, in the form of art, or through any other media of his choice.[39]

The right set out in art 19(2) is qualified by the provisions in art 19(3)—that freedom of expression may be subject to ‘certain restrictions’. How do secrecy provisions—that appear to restrict freedom of expression—sit within the framework of art 19? The Siracusa Principles on the Limitation and Derogation Provisions in the International Covenant on Civil and Political Rights state that any such limitations on the ICCPR must: be recognised by the relevant article of the ICCPR; respond to a pressing public or social need; pursue a legitimate aim; and be proportionate to that aim.[40] The principles also state that the expression ‘public order’, as used in the ICCPR, ‘may be defined as the sum of rules which ensure the functioning of society or the set of fundamental principles on which society is founded’. This expression is not limited to criminal law enforcement in the context of the ICCPR and includes, for example, respect for human rights.[41]

By restricting Commonwealth officers and others from communicating government information, secrecy provisions limit freedom of expression in certain respects. Their legitimacy, therefore, must be tested internationally against the backdrop of the ICCPR, and domestically against the implied freedom of political communication. In what have been called the ‘free speech cases’, the High Court has held that the system of representative and responsible government established by the Australian Constitution implies a commitment to the freedom of political communication.[42] This sets the backdrop against which the validity of secrecy provisions must be tested.

In 2003, the matter arose in Bennett v President, Human Rights and Equal Opportunity Commission (Bennett).[43] Peter Bennett, a public servant employed by the Australian Customs Service and President of a registered industrial organisation representing customs officers, publicly advocated the establishment of a Single Border Protection Agency and commented in the media on other customs matters. The Chief Executive Officer of Customs issued Bennett with a formal direction not to make comments in the media ‘about public business or anything of which you have official knowledge’.[44] After Bennett made comments in a radio interview about proposed cuts to waterfront officers, he was disciplined for breach of the now repealed reg 7(13) of the Public Service Regulations 1999 (Cth):

An APS employee must not, except in the course of his or her duties as an APS employee or with the Agency Head’s express authority, give or disclose, directly or indirectly, any information about public business or anything of which the employee has official knowledge.

In Bennett,Finn J held that reg 7(13) was inconsistent with the implied freedom of political communication and declared it to be invalid. He held that, while there may be public interests, or ‘legitimate ends’, that justify the burden that secrecy provisions impose on freedom of political communication—including national security, cabinet confidentiality, protection of privacy and the maintenance of an impartial and effective public service—a ‘catch-all’ provision that did not differentiate between the types of information protected or the consequences of disclosure went too far:

Official secrecy has a necessary and proper province in our system of government. A surfeit of secrecy does not. It is unnecessary to enlarge upon why I consider the regulation to be an inefficient provision other than to comment that its ambit is such that even the most scrupulous public servant would find it imposes ‘an almost impossible demand’ in domestic, social and work related settings …

The dimensions of the control it imposes impedes quite unreasonably the possible flow of information to the community—information which, without possibly prejudicing the interests of the Commonwealth, could only serve to enlarge the public’s knowledge and understanding of the operation, practices and policies of executive government.[45]

Following the decision in Bennett, reg 7(13) of the Public Service Regulations was repealed and replaced by reg 2.1.[46] The latter is expressly limited to situations in which it is reasonably foreseeable that the disclosure of official information could be prejudicial to the effective working of government.[47] The constitutional validity of this new regulation was challenged in R v Goreng Goreng.[48] In that case, Refshauge J of the Supreme Court of the Australian Capital Territory considered that, unlike former reg 7(13), reg 2.1 was not a ‘catch-all’ provision, but much more limited and targeted to the protection of a legitimate public interest in the effective working of government.[49]

Within this broad conceptual context, the challenge for the ALRC was to strike the right balance between the public interest in open and accountable government and the public interest in maintaining the confidentiality of some government information. The goal, then, was to identify the proper place, if any, for secrecy provisions in the context of a system of open and accountable government—consistent with Australia’s obligations under international law.

In particular, we were also mindful that regulatory theory cautions against the over-use of criminal penalties. Criminal penalties sit at the top of the ‘enforcement pyramid’ developed by Professors Ian Ayres and John Braithwaite to describe a model regulatory approach.[50] Under the ‘enforcement pyramid’ model, breaches of increasing seriousness are dealt with by penalties of increasing severity, with the ultimate penalties—such as imprisonment—held in reserve. Braithwaite has described the operation of the pyramid in the regulatory environment as follows:

My contention is that compliance is most likely when the regulatory agency displays an explicit enforcement pyramid … Most regulatory action occurs at the base of the pyramid where initially attempts are made to coax compliance by persuasion. The next phase of enforcement escalation is a warning letter; if this fails to secure compliance, civil monetary penalties are imposed; if this fails, criminal prosecution ensues; if this fails, the plant is shut down or a licence to operate is suspended; if this fails, the licence to do business is revoked … The form of the enforcement pyramid is the subject of the theory, not the content of the particular pyramid.[51]

Although this model was developed for the corporate regulatory environment, the principles of the enforcement pyramid model are broadly applicable to the issues under consideration in this Inquiry. At the bottom of the enforcement pyramid lie the techniques described in Chapters 14 and 15 of the report, which are designed to foster a culture in which Commonwealth information is handled effectively—such as agency policies and guidelines, staff training and development, and secrecy oaths and affirmations. Where these techniques fail to prevent unauthorised disclosure, administrative penalties, or general law or contractual remedies may be available. Where the disclosure is more serious—for example, where the disclosure has the potential to cause serious harm or is intended to cause harm—criminal penalties may be applied.

3.3       Consultation

The Terms of Reference indicated that the ALRC was ‘to identify and consult with key stakeholders, including relevant Commonwealth, State and Territory agencies and private sector bodies’. One of the most important features of ALRC inquiries is the commitment to widespread community consultation.[52] The nature and extent of this engagement is normally determined by the subject matter of the reference—particularly whether the topic is regarded as a technical one, of interest largely to specialists in the field, or is a matter of interest and concern to the broader community.

During the course of this Inquiry the ALRC conducted 35 meetings with a number of Australian Government agencies, academics, judges and members of the legal profession. The consultations were designed to capture the views of a wide cross-section of interested stakeholders.[53]

Two community consultation documents—an Issues Paper and a Discussion Paper[54]—were produced before proceeding to the final Report with recommendations for reform. In addition, to facilitate communication about the nature and focus of this Inquiry, the ALRC released an overview document, Review of Secrecy Laws—Inquiry Snapshot, in February 2009, written in plain language and providing ready access to information about the Inquiry.

The ALRC received 46 submissions in response to the Issues Paper and 38 submissions in response to the Discussion Paper.[55] A number of individuals, groups and federal bodies made submissions to both IP 34 and DP 74. The ALRC utilised two additional strategies for consultation—an online forum and a national phone-in. The online forum attracted comments that included matters about agency culture; the security classification system; the application of tax secrecy provisions to information about public companies; internet censorship proposals; the need for, and problems in devising, effective information and risk management systems; and who should be subject to secrecy obligations. During the national phone-in the ALRC received 34 calls expressing concerns about matters such as: inappropriate revelations of personal information or perceived breaches of privacy; difficulties in gaining access to personal information, for example, for the purpose of family reunion; problems with security classifications and obtaining security clearances; cultures of secrecy in agencies; the need for whistleblower protection; difficulties in the sharing of information amongst agencies; and the draconian nature of s 70 of the Crimes Act.

4.       The reform framework  

4.1       Principles

To underpin the recommendations for reform, the ALRC developed what we consider to be a new and principled framework for secrecy provisions, striking a fair balance between the public interest in open and accountable government and adequate protection for Commonwealth information that should legitimately be kept confidential. We constructed a conceptual framework based on the following principles, that:

• administrative and disciplinary frameworks play the central role in ensuring that government information is handled appropriately, and that every person in the information chain understands their responsibilities in respect of that information;
• criminal sanctions should only be imposed where they are warranted—when the disclosure of government information is likely to cause harm to essential public interests—and where this is not the case, the unauthorised disclosure of information is more appropriately dealt with by the imposition of administrative penalties or the pursuit of contractual remedies;
• there is a continuing role for properly framed secrecy offences—both general and specific—in protecting Commonwealth information, provided that they are clear and consistent, and directed at protecting essential public interests.

With these principles as the conceptual framework, the ALRC identified three broad areas for reform. First, we recommended the repeal of the wide catch-all provisions currently in the Crimes Act 1914 (Cth)—ss 70 and 79(3), and the introduction of a new general secrecy offence, limited to disclosures that harm essential public interests. Secondly, the ALRC considered the wide variety of other specific secrecy offences and recommended best practice principles to guide the review, repeal and amendment of these provisions. Thirdly, the ALRC considered the administrative frameworks governing those that handle government information and made recommendations to improve the management of government information within those frameworks.

4.2       A new general offence 

The ALRC’s key recommendation was that the sanctions of the criminal law—in publicly punishing, deterring, and denouncing offending behaviour—should be reserved for behaviour that harms, is reasonably likely to harm or intended to harm essential public interests. Therefore the new general secrecy offence is limited to unauthorised disclosures that are likely to:

• damage the security, defence or international relations of the Commonwealth;
• prejudice the prevention, detection, investigation, prosecution or punishment of criminal offences;
• endanger the life or physical safety of any person; or
• prejudice the protection of public safety.

In formulating a provision to target the protection of essential public interests, the ALRC was drawn to the idea that the general secrecy offence should complement the Freedom of Information Act 1982 (Cth) (FOI Act). The Australian Public Service Commissioner indicates in the APS Values and Code of Conduct in Practice that the exemptions in the FOI Act are a useful starting point in identifying information which, if disclosed, has the potential to prejudice the effective working of government.[56] The ALRC adopted the approach that a subset of the public interests identified in the FOI Act exemptions should inform the development of the public interests to be protected by the general secrecy offence. The new offence, to be included in the Criminal Code, is intended to replace s 70 of the Crimes Act, and to apply to all Commonwealth information and all present and former Commonwealth officers.

The ALRC also recommended two offences for the subsequent disclosure of Commonwealth information by third parties, where the information was initially disclosed to that person in breach of the general secrecy offence or on terms requiring it to be held in confidence.

The ALRC recommended that there should be exceptions in the general secrecy offence for disclosure in the course of an officer’s functions or duties; disclosure with the authority of an agency head or minister; and disclosure of information that is already lawfully in the public domain. Protection from criminal liability under secrecy offences may also arise as a result of whistleblower legislation. With respect to the latter, in February 2009, the House of Representatives Standing Committee on Legal and Constitutional Affairs (Standing Committee) issued a report called Whistleblower Protection: A Comprehensive Scheme for the Commonwealth Public Sector (the Whistleblower Protection report).[57] The Standing Committee recommended that the Australian Government introduce public interest disclosure legislation to provide whistleblower protections in the Australian Government public sector.^[58] The proposed legislation would establish a system whereby Commonwealth employees could make disclosures about ‘serious matters’ within their organisation, to other public service agencies or, in limited circumstances, publicly.

The Standing Committee recommended that the proposed legislation cover a broad range of participants in the Australian Government.^[59] A person who made a disclosure under the framework established by the proposed legislation would be protected from detrimental action in the workplace and receive immunity from criminal liability (including under secrecy offences), civil liability and administrative penalties.^[60]

The Standing Committee’s final recommendation, however, confined protected public interest disclosures to third parties to very narrow circumstances. A disclosure to a third party external to the public service would only be protected where the matter already had been disclosed internally or to an external authority, but had not been acted on in a reasonable time, and the matter threatened immediate serious harm to public health or safety.^[61]

At the time of writing, the Australian Government has not responded to the Whistleblower Protection report, although the Government indicated that it intends to develop public interest disclosure legislation in 2009.^.[62]Given the Standing Committee inquiry and report, and the Government commitment to introduce public interest disclosure legislation, the ALRC confined its consideration in the report to the interaction between the proposed public interest disclosure legislation and secrecy laws. This issue is discussed in Chapters 7 and 10.

The ALRC did, however, reaffirm recommendations made in previous reports that the Australian Government should legislate to introduce a comprehensive public interest disclosure scheme covering all Australian Government agencies.[63] In the ALRC’s view, a robust public interest disclosure regime is an essential element in an effective system of open government. For the purposes of this Report, the ALRC proceeded on the basis that such legislation will be put in place and that it will largely reflect the recommendations made in the Whistleblower Protection report.

Although there has still been no implementation of the proposed public interest disclosure legislation, there has been the introduction of a federal ‘shield law’. As academic AJ Brown remarked in an article published on 1 July 2011, ‘this simply protects journalists from the risk of jail if they refuse to reveal confidential sources—it does nothing, at law, to protect whistleblowers’.[64]

4.3       Specific secrecy offences 

The ALRC concluded that the new general secrecy offence should not be the only criminal provision regulating the unauthorised disclosure of government information. We recognised that there is still a need for specific secrecy offences tailored to the needs of particular agencies or to the protection of certain kinds of information. In the interests of consistency and simplification, the ALRC recommended a set of principles to guide the creation of new offences and the review of existing offences.

The key principle is that specific secrecy offences should only be enacted where necessary to protect a public interest of sufficient importance to justify the imposition of a criminal sanction. As a general rule, the ALRC considers that the best way to ensure this is to include an express requirement that the unauthorised disclosure of information caused, or was likely or intended to cause, harm to a specified public interest.

The ALRC recognises, however, that, in very limited circumstances, this may not always be the most effective way to address the harm caused by the disclosure of some kinds of information and to achieve the balance required by the Terms of Reference. For example, specific secrecy offences prohibiting the disclosure of information obtained or generated by intelligence agencies—without the need to prove harm in every case—are justified by the sensitive nature of the information and the special duties and responsibilities of officers and others who work in and with such agencies.

Further, in very limited cases, and where the category of information protected is narrowly defined, regulatory agencies—such as taxation and social security, and corporate regulators—may also be able to justify specific secrecy offences that do not include an express harm requirement. This is because the public interest harmed by the unauthorised disclosure of information held by such agencies—that is, harm to the relationship of trust between the government and individuals that is integral to effective regulatory systems and the provision of government services—is not concrete enough to prove beyond reasonable doubt in a criminal prosecution.

The ALRC also developed other best practice principles in relation to specific secrecy offences, including that such offences should:

• differ in significant and justifiable ways from the recommended general secrecy offence;
• not extend to conduct other than the disclosure of information—such as making a record of, receiving, or possessing information—unless such conduct would cause, or is likely or intended to cause, harm to an essential public interest; and
• specify penalties that reflect the seriousness of the potential harm caused by the unauthorised conduct and the criminal culpability of the offender.

While the primary focus of secrecy offences is to prohibit the disclosure of information, many secrecy provisions also include exceptions that set out the circumstances in which the disclosure of information is permitted. Such provisions often reflect the need for the government to share information. The ALRC also made recommendations to ensure that specific secrecy offences are framed to facilitate appropriate information sharing, and are responsive to whole of government needs.

4.4       Administrative duties, practices and procedures 

Secrecy provisions do not operate in a vacuum. Administrative practices and procedures play a key role in influencing the circumstances in which an individual discloses government information. In the final part of the report, the ALRC focused upon the administrative secrecy framework in the Australian Government. We considered that secrecy provisions that impose administrative penalties on public sector employees have a central role to play—particularly where disclosure is inadvertent, there is no intention to cause harm, or where any potential harm caused by the disclosure is relatively minor. Administrative penalties allow misconduct to be addressed in the employment context, reserving criminal sanctions only for those unauthorised disclosures that warrant the very serious consequences of criminal charge and conviction.

The principal administrative secrecy provision in the Australian Government is reg 2.1 of the Public Service Regulations 1999 (Cth), which imposes a duty on all Australian Public Service (APS) employees not to disclose information where it is ‘reasonably foreseeable’ that the disclosure ‘could be prejudicial to the effective working of government’. The ALRC recommended that the scope of conduct regulated by reg 2.1 should be narrowed. That is, it should only apply to disclosures that are ‘reasonably likely’ to result in such prejudice. This reform recognises the importance of promoting information sharing in appropriate circumstances. The ALRC further recommends that equivalent conduct standards should apply to most Commonwealth employees other than APS employees—such as employees of statutory authorities and ministerial staff.

Complementing this change, the ALRC made a number of recommendations to promote an effective information-handling culture within Australian Government agencies. Importantly, the ALRC recommended that every Australian Government agency should develop and publish information-handling policies and guidelines to clarify the application of secrecy laws to their information holdings. Other strategies canvassed by the ALRC to promote effective information handling include the development of memorandums of understanding between agencies that regularly share information and ongoing training and development for all employees on information-handling obligations relevant to their position.

Finally, the ALRC recognised the importance of independent oversight of the manner in which Australian Government agencies discharge their information-handling responsibilities. To this end, the ALRC recommended a role for the then proposed new Office of the Information Commissioner.

5.       What next?

How would the Wikileaks situation fare under the recommended reforms to Commonwealth secrecy provisions? It provides an instructive ‘road test’ of the proposed new general secrecy provision. First, the initial ‘leaker’. Assume that he was a Commonwealth officer and that he disclosed government information. Was his disclosure reasonably likely or intended to harm essential public interests? Would it—

• damage the security, defence or international relations of the Commonwealth;
• prejudice the prevention, detection, investigation, prosecution or punishment of criminal offences;
• endanger the life or physical safety of any person; or
• prejudice the protection of public safety?

Maybe some of it had this potential. Then, assuming that Assange disclosed this information in ‘wikileaking’ it, this could come within the subsequent disclosure offence. Did he know, or was he reckless as to whether, the information was disclosed in breach of the proposed general secrecy offence? Did he then disclose the information intentionally, knowing, intending, or reckless as to whether the disclosure would harm one of the essential public interests?  Then he could be liable to a criminal offence. Against such potential liability the ALRC recommended that a number of defences or exceptions could be raised, which are discussed in Chapter 7 of the report.  With respect to so-called ‘public interest’ disclosures, or whistleblowing, outside formal channels—such as to Wikileaks—the protection would need to fit within the proposed public disclosure scheme under discussion.  So, for instance, the ALRC considered that if the initial leaker were covered by such legislation and therefore had a defence to their own potential criminal liability, the next person (such as a journalist, or in this context, Wikileaks) would not commit an offence in disclosing such information.[65]

Terms of reference

REVIEW OF SECRECY LAWS

I, ROBERT McCLELLAND, Attorney-General of Australia, having regard to:

• the desirability of having comprehensive, consistent and workable laws and practices in relation to the protection of Commonwealth information;
• the increased need to share such information within and between governments and with the private sector;
• the importance of balancing the need to protect Commonwealth information and the public interest in an open and accountable system of government; and
• previous reports (including previous reports of the Commission) that have identified the need for reform in this area

REFER to the Australian Law Reform Commission for inquiry and report, pursuant to subsection 20(1) of the Australian Law Reform Commission Act 1996, options for ensuring a consistent approach across government to the protection of Commonwealth information, balanced against the need to maintain an open and accountable government through providing appropriate access to information.

1. In carrying out its review, the Commission will consider:

1. relevant laws and practices relating to the protection of Commonwealth information, including the scope and appropriateness of legislative provisions regarding secrecy and confidentiality;
2. whether there is a need to consolidate and modernise relevant provisions currently in the Crimes Act 1914 and other Commonwealth legislation for inclusion in the Criminal Code;
3. the way in which secrecy laws in the Crimes Actinteract with other laws and practices, including those relating to secrecy, privacy, freedom of information, archiving, whistle‑blowing, and data-matching;
4. whether there should be different considerations for secrecy laws relating to the protection of national security and other sensitive Commonwealth information; and
5. any related matter.

1. In carrying out its review, the Commission is to identify and consult with key stakeholders, including relevant Commonwealth, State and Territory agencies and private sector bodies.
2. The Commission will provide its final report to me by 31 October 2009.

Dated 5 August 2008

Robert McClelland

Attorney-General