Memorandums of understanding

14.65 Australian Government agencies that regularly share information with other agencies or bodies can formalise the terms of exchange through an MOU. This may provide an additional tool to facilitate compliance with information-handling obligations.

14.66 An MOU does not of itself provide a legal basis for the handling of Commonwealth information. Its operation must be underpinned by common law or statute. However, entry into an MOU may promote appropriate information sharing between Australian Government agencies and others. While acknowledging that MOUs generally do not have the force of law, the Administrative Review Council has advised that they may regulate the exchange of information among government agencies by ‘formalis[ing] the terms of a relationship or framework for cooperation between the parties’.[65]

14.67 Several Australian Government agencies have MOUs in place relevant to information handling. For example, the Australian Securities and Investments Commission (ASIC) has entered into an MOU with the Australian Government Financial Reporting Council, under which the entities agree—subject to any restrictions imposed by law—to ‘share information that they believe would be of assistance to the other in understanding their respective responsibilities under the law’.[66] Each agency agrees, on request, to provide certain information to the other in a timely manner.[67] They further agree to use ‘reasonable endeavours’ to notify the other of the existence of relevant information, notwithstanding that the information has not been requested.[68] Commonwealth, state and territory police also have in place a detailed MOU for the sharing of law enforcement information.[69]

14.68 The Community and Disability Services Ministers’ Advisory Council informed the ALRC of the development of an Information Sharing Protocol between Australian Government agencies and child protection agencies. This protocol was developed in response to concerns that decisions about information sharing were ‘largely subjective and open to interpretation by individual officers’, which could not only result in inconsistent application, but also limit the information disclosed to child protection agencies because of a culture of risk aversion.[70]

14.69 Australian Government agencies may also enter into MOUs with foreign government agencies as regards the exchange of information. For example, ASIC has entered into an MOU with the United States Securities Exchange Commission concerning the exchange of information related to the enforcement of securities laws. The MOU recognises the ‘importance and desirability of exchanging assistance and information’ for the purpose of enforcing and securing compliance with securities laws. It allows, however, for a request for assistance to be denied in certain circumstances including, for example, where it would require the authority to act in a manner that would violate its domestic law. The MOU also imposes conditions on the use to which information provided under it can be put by the requesting partner.[71]

Submissions and consultations

14.70 In submissions in response to IP 34, several stakeholders noted the effectiveness of MOUs in protecting Commonwealth information. For example, the Australian Government Attorney-General Department (AGD) noted that ‘MOUs and similar instruments may be used to set out a shared understanding and guidelines for the communication, handling and protection of particular information’.[72] The ATO agreed that MOUs were ‘an effective tool for setting up protocols for the exchange of information with other agencies’.[73]

14.71 In DP 74, the ALRC proposed that Australian Government agencies that regularly share information with other agencies or bodies should enter into MOUs setting out the terms and conditions for the exchange of information.[74]

14.72 Stakeholders generally agreed that MOUs would facilitate the mutual exchange of information.[75] The ATO advised that it has in place a number of MOUs with other Australian Government agencies with which it shares information, as well as state and territory revenue offices. These ‘are an effective tool for setting up protocols for the exchange of information, and therefore can assist staff in complying with their secrecy obligations’.[76] In response to another of the ALRC’s proposals, the Australian Transaction Reports and Analysis Centre (AUSTRAC) commented that ‘MOUs are important in establishing the expectations of the parties in respect of the exchange of information’.[77] The Social Security Appeals Tribunal also noted that MOUs it has in place with Centrelink and the Child Support Agency facilitate the mutual exchange of information.[78]

14.73 Despite the broad support for this proposal, some concerns were raised about the lack of transparency of many MOUs. For example, although Whistleblowers Australia agreed that MOUs may be helpful in the management of information, it commented that these are ‘private arrangements’ and ‘therefore they provide another example of the process of concealment that is not transparent’.[79] The Australian Privacy Foundation also expressed the view that MOUs should be made publicly available.[80]

14.74 The Department of Immigration and Citizenship (DIAC) suggested that, in the absence of a standard MOU, the use of MOUs to regulate information sharing between Australian Government agencies may result in an inconsistent approach to the way that information is shared between agencies.[81]

ALRC’s views

14.75 Almost all stakeholders that commented on this issue agreed that MOUs can be an effective tool for establishing the terms of exchange of information between an Australian Government agency and other agencies or bodies, including foreign partners. In particular, MOUs formalise the standard information-sharing protocols between agencies and others. This minimises the need for ad hoc decision making on the part of individual Commonwealth officers and, consequently, the potential for inadvertent unauthorised disclosures. As with agency information-handling policies, an MOU may instil confidence in Commonwealth officers seeking to exchange information by creating certainty in the information-sharing framework. Where a disclosure is validly authorised under an MOU, it is likely to indicate that the disclosure will fall within exceptions in criminal and administrative secrecy provisions for disclosures in the course of an employee’s functions or duties. In the ALRC’s view, Australian Government agencies that regularly share information with other agencies or bodies should enter into MOUs setting out the terms and conditions for the exchange of information.

14.76 The ALRC agrees with the view of Whistleblowers Australia and others that these MOUs should be made publicly available in order to ensure transparency and accountability in information-sharing arrangements. This reasoning and approach is consistent with the Report, Principled Regulation: Federal Civil and Administrative Penalties in Australia, where the ALRC recommended that regulators who administer legislation under which criminal penalties may be imposed should, together with the Commonwealth Director of Public Prosecutions (CDPP), develop and publish MOUs detailing the use of non-criminal penalties and their relationship with criminal referrals to the CDPP.[82] Publishing information-sharing MOUs will also address DIAC’s concerns about the potential for inconsistency in information sharing by facilitating access to a range of agreements, which agencies can amend to suit their particular information holdings and sharing needs. In the ALRC’s view, this provides a more nuanced response than, say, the development of a uniform agreement.

14.77 Above, the ALRC recommends that Australian Government agencies should make their information-handling policies publicly available.[83] The ALRC recognises, however, that, in a small number of situations, publication of this information may be unreasonable or impractical—for example, where public knowledge about the pattern of information sharing between intelligence agencies could impede national security. The ALRC recommends an equivalent exception in the context of the public availability of MOUs.

Recommendation 14–4 Australian Government agencies that regularly share information with other agencies or bodies should enter into memorandums of understanding (MOUs) setting out the terms and conditions for the exchange of information. Australian Government agencies should make such MOUs publicly available save in certain exceptional cases where this would be unreasonable or impractical.

[65]Administrative Review Council, The Coercive Information-Gathering Powers of Government Agencies, Report No 48 (2008), 65.

[66] Australian Government Financial Reporting Council, Memorandum of Understanding Between the Australian Securities and Investments Commission and the Financial Reporting Council (2004) <www.frc.gov.au/auditor/mou/MOU_ASIC.asp> at 4 December 2009, cl 4.1.

[67] Ibid, cl 4.2.

[68] Ibid, cl 4.3.

[69] New South Wales Police and others, Memorandum of Understanding between New South Wales Police, Victoria Police, Queensland Police, Western Australia Police, South Australia Police, Northern Territory Police, Tasmania Police, ACT Policing, Australian Federal Police and the CrimTrac Agency.

[70] Community and Disability Services Ministers’ Advisory Council, Submission SR 80, 28 August 2009.

[71] United States Securities and Exchange Commission and Australian Securities and Investments Commission, Memorandum of Understanding Concerning Consultation, Cooperation and the Exchange of Information Related to the Enforcement of Securities Laws, 25 August 2008.

[72] Attorney-General’s Department, Submission SR 36, 6 March 2009. See also Australian Securities & Investments Commission, Submission SR 41, 17 March 2009.

[73] Australian Taxation Office, Submission SR 13, 16 February 2009. See also Commonwealth Ombudsman, Submission SR 20, 19 February 2009.

[74] Australian Law Reform Commission, Review of Secrecy Laws, Discussion Paper 74 (2009), Proposal
15–3.

[75] Department of Human Services, Submission SR 83, 8 September 2009; Department of Health and Ageing, Submission SR 81, 28 August 2009; R Fraser, Submission SR 78, 21 August 2009; Indigenous Business Australia, Submission SR 64, 13 August 2009; Australian Taxation Office, Submission SR 55, 7 August 2009.

[76] Australian Taxation Office, Submission SR 55, 7 August 2009.

[77] Australian Transaction Reports and Analysis Centre, Submission SR 73, 17 August 2009. In AUSTRAC’s view, these must be underpinned by specific secrecy provisions that regulate the disclosure of information. See also Australian Transaction Reports and Analysis Centre, Submission SR 31, 2 March 2009.

[78] Social Security Appeals Tribunal, Submission SR 79, 24 August 2009.

[79] Whistleblowers Australia, Submission SR 74, 17 August 2009. See also Non-Custodial Parents Party (Equal Parenting), Submission SR 82, 3 September 2009.

[80] Australian Privacy Foundation, Submission SR 71, 16 August 2009.

[81] Department of Immigration and Citizenship, Submission SR 59, 7 August 2009.

[82] Australian Law Reform Commission, Principled Regulation: Federal Civil & Administrative Penalties in Australia, ALRC 95 (2002), Rec 9–1.

[83] Recommendation 14–2.