Criminal, civil or administrative provisions

4.21       As discussed in Chapter 3, statutory provisions that impose secrecy obligations carry a range of administrative, civil or criminal penalties. Of the 506 secrecy provisions identified by the ALRC, approximately 70% impose criminal penalties.[17] While the remaining provisions do not expressly contain criminal penalties, some establish a duty not to disclose Commonwealth information and have the potential to attract the penalties imposed by s 70 of the Crimes Act 1914 (Cth).[18]

4.22       A number of secrecy provisions allow the imposition of administrative sanctions on Australian Government employees—such as termination of employment, a reduction in salary or a reprimand. For example, s 15 of the Public Service Act 1999 (Cth) allows an Australian Government agency head to impose a range of administrative sanctions on Australian Public Service (APS) employees for breach of the APS Code of Conduct. As discussed in Chapter 12, the Code of Conduct includes a secrecy provision that prohibits the disclosure of information obtained or generated in connection with an APS employee’s employment ‘if it is reasonably foreseeable that the disclosure could be prejudicial to the effective working of government’.[19]

4.23       Finally, the ALRC has identified one secrecy provision in the Environment Protection and Biodiversity Conservation Act 1998 (Cth) that imposes civil penalties.[20]

4.24       Regulatory theory cautions against the over-use of criminal penalties. Criminal penalties sit at the top of the ‘enforcement pyramid’ developed by Professors Ian Ayres and John Braithwaite to describe a model regulatory approach.[21] Under the ‘enforcement pyramid’ model, breaches of increasing seriousness are dealt with by penalties of increasing severity, with the ultimate penalties—such as imprisonment—held in reserve. Braithwaite has described the operation of the pyramid in the regulatory environment as follows:

My contention is that compliance is most likely when the regulatory agency displays an explicit enforcement pyramid … Most regulatory action occurs at the base of the pyramid where initially attempts are made to coax compliance by persuasion. The next phase of enforcement escalation is a warning letter; if this fails to secure compliance, civil monetary penalties are imposed; if this fails, criminal prosecution ensues; if this fails, the plant is shut down or a licence to operate is suspended; if this fails, the licence to do business is revoked … The form of the enforcement pyramid is the subject of the theory, not the content of the particular pyramid.[22]

4.25       Although this model was developed for the corporate regulatory environment, the principles of the enforcement pyramid model are broadly applicable to the issues under consideration in this Inquiry. At the bottom of the enforcement pyramid lie the techniques described in Chapters 14 and 15, which are designed to foster a culture in which Commonwealth information is handled effectively—such as agency policies and guidelines, staff training and development, and secrecy oaths and affirmations. Where these techniques fail to prevent unauthorised disclosure, administrative penalties, or general law or contractual remedies may be available. Where the disclosure is more serious—for example, where the disclosure has the potential to cause serious harm or is intended to cause harm—criminal penalties may be applied.

4.26       In the following section, the ALRC considers the role of administrative, civil and criminal penalty provisions in protecting Commonwealth information.

Administrative provisions

4.27       Broadly speaking, administrative penalties arise automatically by operation of legislation, or can be imposed directly by an agency or regulator—for example, parking fines. This distinguishes them from criminal and civil penalties, which may only be imposed by courts.[23] Commonwealth employees will often be subject to secrecy obligations, breach of which may result in the imposition of administrative penalties by an agency head.

4.28       For example, as considered in detail in Chapter 12, where an APS employee breaches the APS Code of Conduct, an agency head may impose one of the following penalties: termination of employment; reduction in classification; re-assignment of duties; reduction in salary; deductions from salary;[24] or a reprimand.[25] While some of these penalties—such as termination of employment—are quite severe, they are considered disciplinary rather than criminal in nature.

4.29       Further, an APS employee who commits a secrecy offence will also automatically be in breach of the APS Code of Conduct, which requires APS employees to comply with all applicable Australian laws. In these circumstances, APS employees will be liable to both criminal and administrative penalties for the same conduct.

4.30       Soon after the Public Service Bill 1997 (Cth)[26] was introduced into Parliament, Dr Peter Shergold, the then Public Service Commissioner, expressed the view that the benefit of a Code of Conduct is that it provides

a public statement of the standards of behaviour expected of those who work in public employment … While it is not possible to guarantee integrity by legislation, it is vital that the public knows what standards of conduct they are to expect from public servants. At the same time individual public servants themselves need to be clear on the ethical standards that are required of them.[27]

4.31       Administrative penalties under the Public Service Act, and other similar legislation,[28] apply to current Commonwealth employees. They do not apply to former employees or persons in the private sector who may have access to Commonwealth information. For example, a person who retires from the APS, or resigns when an investigation into a suspected breach of the Code of Conduct commences, is no longer subject to administrative penalties under the Public Service Act. Former employees, however, remain liable to criminal penalties under the Crimes Act and, potentially, a range of other provisions.

Submissions and consultations

4.32       In the Issues Paper, Review of Secrecy Laws (IP 34), the ALRC asked whether there were any breaches of secrecy provisions that should only give rise to administrative penalties. [29]  Stakeholders suggested that administrative penalties may be preferable to criminal proceedings for relatively minor breaches,[30] or where the harm caused by the breach was likely to be relatively low.[31] Dr Ian Turnbull suggested that administrative penalties would be appropriate where no personal benefit is gained from the disclosure of information and there is no substantial loss to another person or damage to a public interest.[32] Liberty Victoria was of the view that administrative penalties should be used where there was no intentional or reckless behaviour.[33]

ALRC’s views

4.33       In Chapter 12, the ALRC considers in detail the role of secrecy provisions that impose administrative penalties on public sector employees. In the ALRC’s view such provisions have a central role to play, particularly where a disclosure is inadvertent, there is no intention to cause harm, or where any potential harm caused by the disclosure is relatively minor. Administrative penalties provide a range of responses to different levels of misconduct. They allow misconduct to be addressed in the employment context, without imposing the very serious consequences of a criminal charge and conviction, consistent with the enforcement pyramid model.

4.34       Further, by addressing obligations associated with employment in the public sector, administrative secrecy provisions may also protect different interests from those recognised in the criminal context. This will include, for example, the objects in the Public Service Act of establishing ‘an apolitical public service that is efficient and effective in serving the Government, the Parliament and the Australian public’.[34]

4.35       In Chapters 12 and 13, the ALRC considers how administrative secrecy provisions, and the methods for enforcing those provisions, could be improved. The ALRC’s view is, however, that such provisions are, and should remain, an important and effective element in the protection of Commonwealth information. In Chapter 13, the ALRC also makes a number of recommendations to ensure that individuals who fall outside the various administrative regimes but have, or have had, access to Commonwealth information are constrained by contractual obligations, or are made aware of their obligations of confidentiality under the general law.

Civil penalty provisions

4.36       As noted above, the ALRC has identified only one secrecy provision that imposes a civil penalty—s 170B of the Environment Protection and Biodiversity Conservation Act. This provision allows the Minister to issue a direction to any person prohibiting the disclosure of ‘specified information’ in documents or materials required or permitted to be published as part of an environmental impact assessment process. Specified information is that which the Minister considers to be critical to the protection of a matter of national environmental significance.[35]

4.37       Traditionally, the civil law has been used as a vehicle for private redress, allowing persons to seek compensation in private actions for harm done to them. Modern regulatory law, however, has created many civil penalty provisions. Contraventions of these provisions are pursued by the state, but are not criminal offences and do not attract criminal processes or penalties.[36]

4.38       Most civil penalties are monetary. Civil penalty provisions may also provide for the imposition of compensation orders[37] or community service orders.[38] They may also allow the court to issue an injunction, which is not in itself a penalty, but may act to prevent or limit any potential harm caused by the contravention.

4.39       The AGD Guide to Framing Commonwealth Offences, Civil Penalties and Enforcement Powers (Guide to Framing Commonwealth Offences) states that:

It is particularly important that civil penalties be used in appropriate and justifiable contexts. They are otherwise open to criticism for being too soft (in not carrying a criminal penalty) or for being too harsh (in not carrying the safeguards of criminal procedure such as a requirement for proof beyond reasonable doubt).[39]

4.40       Taking into account recommendations made by the ALRC in its report on civil and administrative penalties,[40] the Guide to Framing Commonwealth Offences nominates the following criteria as relevant to whether a civil penalty provision is likely to be appropriate and effective:

  • where criminal punishment is not warranted—contraventions of the law involving serious moral culpability should only be pursued by criminal prosecution;

  • where the maximum civil penalty is sufficient to justify the expense and time of court proceedings—the maximum penalty should be at least $5,000 and typically more; and

  • where the conduct involves corporate wrongdoing—given that imprisonment is not available as a penalty, the financial disincentives that civil penalties offer may be effective.[41]

4.41       Civil penalties are used extensively, for example, in relation to contraventions of pt IV of the Trade Practices Act 1974 (Cth), dealing with restrictive trade practices; and in relation to contraventions of a significant number of provisions in the Corporations Act 2001 (Cth).[42] Another example, of more direct relevance to this Inquiry, is s 25 of the Commonwealth Authorities and Companies Act 1997 (Cth)—which imposes civil penalties on officers and employees of Commonwealth authorities governed by the Act for improperly using information to gain an advantage for themselves or another person, or to cause detriment to a Commonwealth authority or to another person.

4.42       Professor Arie Freiberg suggests that civil penalty provisions may be effective where there is an ongoing regulatory relationship:

The greater flexibility and range of civil sanctions makes them the preferred mode of social control where persuasion, negotiation and voluntary compliance are viewed as the techniques most likely to achieve the desired results. Whilst the criminal sanction is said to be suitable for the control of isolated or instantaneous conduct, the civil sanction is said to be better in cases where continuous surveillance is desired.[43]

Submissions and consultations

4.43       Although the response in submissions to the use of civil penalty provisions was mixed, the weight of opinion was in favour of criminal, rather than civil, penalties. In its submission, the AGD noted that civil penalties may be used when criminal punishment is not merited, but expressed the view that, given the nature of the information protected by secrecy provisions, criminal sanctions would generally be appropriate.[44] The ATO also expressed the view that the unauthorised handling of taxpayer information should be subject to criminal penalties:

Nevertheless, the ATO recognises that there may be varying degrees of culpability associated with the unauthorised handling of tax information, that criminal prosecution is a very serious consequence, and that the criminal standard of proof can be onerous to satisfy. In addition to criminal sanctions, there may be some merit in having civil options available for breach of a tax secrecy provision, as well as Code of Conduct action under the Public Service Act.[45]

4.44       On the other hand, the Australian Prudential Regulation Authority (APRA) expressed the view that when there is already a criminal regime in place, civil penalties add little—and that the deterrence value of criminal penalties was important.[46] Liberty Victoria agreed, stating that:

A civil penalty for the deliberate mishandling of non [National Security Information] for significant gain may be an insufficient deterrent. This is particularly so where the maximum civil penalty is outweighed by a substantial commercial benefit.[47]

4.45       The Public Interest Advocacy Centre (PIAC) submitted that disclosures that do not involve intent to damage a significant public interest—such as defence or national security—and that do not involve an element of fraud, dishonesty, or personal gain should be dealt with under civil penalty provisions.[48]

4.46       Dr James Renwick drew attention to the utility of civil remedies in dealing with disclosure of Commonwealth information, and suggested that such matters would be more effectively dealt with in civil, rather than criminal, courts:

Although criminal prosecution must remain an option to deter theft or leaking of that information, it is often a blunt instrument, which takes too much time. In contrast the civil litigation system properly used permits the swift quarantining of information and delivery up of any stolen material. A criminal law sanction will not normally be interpreted as permitting a court exercising civil jurisdiction to grant injunctions or other civil relief. It is therefore essential that there be an effective statutory regime for protecting stolen or leaked information in the civil courts. The Federal Court of Australia would be the appropriate forum for such litigation.[49]

4.47       The AGD expressed support for including a power to issue injunctions in secrecy provisions but noted that an injunction would be of limited assistance in relation to the disclosure of Commonwealth information because it is rare to have forewarning of an unauthorised disclosure. In addition, the AGD stated that compensation orders may be problematic because such orders usually require the quantification of the loss or damage caused. This is often difficult in relation to the unauthorised disclosure of Commonwealth information, ‘for example, it would be difficult to assess and quantify the damage to the integrity of the Cabinet process caused by disclosure of a Cabinet document’.[50]

ALRC’s views

4.48       As noted above, the ALRC has identified only one civil penalty provision among the hundreds of secrecy provisions considered in this Inquiry.[51] The conduct of public sector employees who handle Commonwealth information is largely regulated by administrative secrecy provisions, in conjunction with the criminal law. Administrative penalties are available because of the employment relationship between Australian Government agencies and their employees. This relationship does not exist between regulatory authorities and regulated entities in the private sector, which is the area in which civil penalties have come to play an important role.

4.49       The ALRC has considered the existing civil penalty provision and whether an alternative approach might have been adopted. There is an argument, for example, that where a person discloses information that is critical to the protection of a matter of national environmental significance—contrary to an express direction of the Minister under s 170B of the Environment Protection and Biodiversity Conservation Act—that criminal penalties should apply. The intentional disclosure of information that has been expressly identified as potentially damaging to an important public interest, may well justify criminal penalties.

4.50       In the Discussion Paper, Review of Secrecy Laws (DP 74), the ALRC asked whether there is a gap that needs to be addressed in terms of protecting Commonwealth information where that information is in the hands of persons who are not public sector employees or Commonwealth contractors and, if so, whether there is a role for civil penalty provisions in addressing this gap.[52] The limited response from stakeholders on this question seemed to indicate that there were no significant problems in this area. Accordingly, the ALRC is not making any recommendations that would give civil penalties a greater role in relation to the protection of Commonwealth information.

4.51       In addition, in Chapter 7, the ALRC recommends that the courts be given an express power to issue injunctions to restrain a breach of the general secrecy offence or the on-disclosure of information in breach of the subsequent disclosure offences.[53] This recommendation recognises that preventing the disclosure of sensitive Commonwealth information is preferable to imposing sanctions once disclosure has occurred.

Criminal provisions

4.52       In the report, Same Crime, Same Time: Sentencing of Federal Offenders, the ALRC identified the purposes for imposing criminal penalties as being to:

  • ensure that the offender is justly punished for the misconduct;

  • deter the offender and others from committing the same or similar misconduct;

  • promote the rehabilitation of the offender;

  • protect the community by limiting the capacity of the offender to re-offend;

  • denounce the conduct of the offender; and

  • promote the restoration of relations between the community, the offender and the victim.[54]

4.53       The role of the deterrent effect of criminal penalties has been discussed in a number of other reviews of secrecy laws including, for example, the 2006 Treasury Discussion Paper for the Review of Taxation Secrecy and Disclosure Provisions.[55] In 1995, the House of Representatives Standing Committee on Legal and Constitutional Affairs stated that:

If a penalty is adequate, then it may act as a deterrent to the commission of a crime. Indeed it has been suggested that the worth of the secrecy provisions in the Crimes Act is measured by governments not in the number of prosecutions, which are few, but in their deterrence value.[56]

4.54       A number of submissions to this Inquiry also emphasised the importance of the deterrent value of criminal penalties.[57]

4.55       In considering whether a criminal penalty is appropriate in relation to particular conduct, regard must be had to the effect of a criminal conviction; and the public interest in limiting the application of the criminal law to conduct that is deserving of such treatment. Each of these will be considered in turn.

Effect of a criminal conviction

4.56       The AGD Guide to Framing Commonwealth Offences states that ‘perhaps the most important factor to be considered in determining whether a provision should be criminal or civil is the effect of a criminal conviction’.[58]

4.57       A conviction is a judicial act that alters an offender’s legal status.[59] A criminal conviction carries a social stigma. This can result in an offender being discriminated against on the basis of his or her criminal record, long after a sentence has been completed.[60] A conviction has many consequences beyond the immediate penalty imposed. A person who is convicted of certain offences may be:

  • ineligible to hold public office;[61]

  • ineligible to manage a corporation,[62] or be a director or principal executive officer of a company;[63]

  • required to disclose the fact of his or her criminal conviction in a number of circumstances, for example, in obtaining a driver’s licence or in seeking employment in certain positions;[64] and

  • deported, if he or she is a non-citizen.[65]

4.58       A convicted offender may lose, be unable to continue in, or obtain, suitable employment—for example, he or she may face deregistration from a professional body. For a public sector officer or employee, a conviction for an offence involving the unauthorised disclosure of Commonwealth information is likely to result in adverse career prospects or loss of employment, as well as significant reputational damage.

4.59       A federal offender may also be subject to orders for the confiscation of property in relation to the offence. If a person unlawfully sold Commonwealth information, for example, the proceeds of that sale would be subject to the Proceeds of Crime Act 2002 (Cth), which establishes a scheme to trace, restrain and confiscate the proceeds of crime committed against federal law.

Conduct deserving of criminal sanctions

4.60       A number of commentators and reports have considered the circumstances in which it is appropriate for criminal sanctions to apply in relation to the disclosure of Commonwealth information. The views expressed focus on varying factors, including: the nature of the information; the intent of the individual disclosing the information; and the effect on the public interest if the information were to be disclosed.

4.61       John McGinness has questioned the need for criminal penalties to protect much of the information currently covered by secrecy provisions. He suggested that a large number of secrecy provisions could be repealed, and reliance placed instead on other means of protecting Commonwealth information:

such as … the loyalty of officials, formal and informal sanctions within a career service and between ministerial colleagues, formal public service disciplinary procedures, security checks and training of staff, security classification and privacy markings on documents, other physical security measures, Cabinet procedures, the law on official corruption, common law and statutory protection of rights with respect to information (breach of confidence, contract, defamation, copyright, Privacy Act 1988).[66]

4.62       The Review of the Commonwealth Criminal Law, chaired by Sir Harry Gibbs (the Gibbs Committee), recommended in 1991 that the criminal law should only apply to the unauthorised disclosure of a discrete number of categories of information, ‘no more widely stated than is required for the effective functioning of Government’.[67]

4.63       In 1995, the House of Representatives Standing Committee on Legal and Constitutional Affairs noted that:

It was generally agreed that the unauthorised disclosure and procurement of confidential third party information is an appropriate matter for the criminal law in some circumstances. Criminal sanctions were considered particularly appropriate where information is deliberately released for profit, or with malicious intent, or possibly where the disclosure is made recklessly.

However, the criminal law should not operate more widely than is needed and it should not be invoked unless there is a specific reason for giving certain information special protection. The reason for restricting the application of the criminal law is that the imposition of criminal sanctions can have serious repercussions and may involve deprivation of an individual’s liberty. Consequently, penal sanctions should be reserved for serious offences where the public interest is best served by imposing those sanctions on the offender.[68]

Submissions and consultations

4.64       In IP 34, the ALRC asked when the unauthorised handling of Commonwealth information should be subject to criminal penalties and which factors should determine whether or not it is appropriate for criminal penalties to apply.[69]

4.65       Most stakeholders noted the important role that criminal penalties play in protecting Commonwealth information both as a deterrent and as an assurance to the Australian community that information provided to the Australian Government is adequately protected. The AGD submitted that, while administrative penalties may be appropriate in dealing with less serious cases, criminal penalties are necessary where a Commonwealth officer is in serious breach of the public trust and confidence of the community:

A criminal offence is the ultimate sanction for breaching the law. Criminal offences should be used where the relevant conduct involves considerable harm to society, the environment or Australia’s national interests, including security interests.[70]

4.66       The AIC noted that, particularly in the intelligence context, the unauthorised disclosure of Commonwealth information can have very serious consequences and should remain subject to criminal penalties.[71]

4.67       APRA noted that the deterrent value of criminal penalties is important where there is much to gain by disclosing commercial information.[72] The Australian Commission for Law Enforcement Integrity also commented on the importance of the deterrence value of criminal penalties.[73]

4.68       ASIC submitted that the critical factor in determining when criminal penalties should apply is the intention of the accused: ‘There is a stronger argument for criminal culpability if the offender deliberately discloses information for profit or with malicious intent’.[74] ASIC also noted that:

Caution should be exercised in attempting to create a strict divide between conduct that attracts only administrative penalties and conduct that gives rise to other penalties. Doing so would render the secrecy provisions inflexible so that they may not provide a remedy that is most appropriate for the particular circumstances of each breach.[75]

4.69       The DHS noted that portfolio agencies collect and generate a wide range of sensitive information about individuals including: income and employment information (Centrelink); family relationship and responsibility information (Child Support Agency); details of healthcare, medication and hospital treatment received (Medicare Australia); and information about disabilities or injuries (CRS Australia, Australian Hearing, Centrelink); as well as competitive commercial information (such as the viability of a business, client lists and business plans). In such circumstances, the DHS noted that:

The ability to point to an offence provision protecting that information gives assurance to customers, as well as enhancing the agencies’ credibility as to the seriousness with which they protect customer information.[76]

4.70       DEEWR recognised that significant harm can be caused to individuals or the Commonwealth by the unauthorised disclosure of Commonwealth information and submitted that:

there is a recognised need for there to be consequences flowing from such inappropriate action. The Privacy Act 1988 by itself, however, only partly serves as a useful deterrent, given that it regulates the actions of an agency rather than the offending individual. In this sense, having a criminal offence provision which attaches to the unauthorised handling of information has value in being a useful deterrent.[77]

4.71       Other stakeholders noted that criminal penalties should only be used when strictly required for the effective functioning of government. Liberty Victoria cautioned that:

care must be taken when framing criminal offences to ensure that the provisions only penalise intentional (or reckless) behaviour in specific situations. While criminal sanctions may be appropriate in punishing misuse of the most secret information, administrative penalties should be considered more appropriate in the handling of less secret information, where there exists no intention or reckless fault element.[78]

4.72       Whistleblowers Australia stated that, while criminal penalties may be appropriate in relation to the unauthorised disclosure of information that is likely to harm the public interest, the processes of government should generally only be protected by administrative sanctions.[79]

4.73       The APS Commissioner agreed that not all unauthorised disclosures should attract criminal penalties, in light of the administrative penalty regime in place in relation to APS employees. The Commissioner noted, however, that:

it is important to retain the link to criminal penalties, as there is merit in the general deterrent value of a criminal offence.

… I believe that the system preventing unauthorised disclosure of Commonwealth information needs to be clearly articulated and simple to apply on a practical level. Whatever criminal offence is devised to replace section 70 should be simple, easy to understand, and reflect the proper balance between open, accountable government and effective public administration.[80]

4.74       PIAC noted that the unauthorised disclosure of confidential non-government information in the private sector gives rise—in the absence of personal dishonesty such as fraud or insider trading—to civil liability only, but noted that ‘disclosure by a government employee of innocuous government information can currently give rise to criminal liability’.[81]The ARTK coalition expressed the view that criminal penalties should only apply where there is an overwhelming public interest in preventing disclosure; and the consequences of disclosure adversely affect national security, law enforcement or public safety.[82]

4.75       Ron Fraser submitted that:

I doubt very much whether it is necessary in day-to-day situations for officers to be subject to criminal penalties in order for them to perform their duties with a strong ethic of confidentiality. While some penalties are needed in addition to systemic reinforcement, they don’t need to be criminal in nature except in the most serious cases.[83]

ALRC’s views

4.76       The ALRC considers that, consistent with the ‘enforcement pyramid’ model, criminal penalties for disclosure of Commonwealth information ‘should be reserved for serious offences where the public interest is best served by imposing those sanctions on the offender’.[84] It seems clear, however, that there is a legitimate role for the criminal law in certain circumstances. Commonwealth information includes a range of highly sensitive information, such as national security information and information relating to defence and law enforcement. Unauthorised disclosure of this kind of information has the capacity to cause real harm to important public interests, and to the effective functioning of government.

4.77       The role of the criminal law in publicly punishing, deterring, and denouncing offending behaviour is appropriate when applied to behaviour that harms, is reasonably likely to harm or intended to harm essential public interests. Given the adverse consequences of a criminal conviction, however, it is the ALRC’s view that it is inappropriate to apply such penalties to disclosures that were not intended and are unlikely to cause such harm.

General and specific secrecy offences

4.78       There are two general criminal offence provisions in the Crimes Act that deal with the unauthorised disclosure of Commonwealth information. Section 70 deals with the disclosure of information by Commonwealth officers in breach of a duty not to disclose, while s 79 deals with the disclosure of ‘prescribed information’ by any person with a duty to keep it secret.[85]

4.79       Although s 79 is generally concerned with the disclosure of defence or security information, s 79(3) is drawn very widely and prohibits the unauthorised communication of ‘prescribed information’—which is defined, in part, as information made or obtained by persons owing to their position as current or former Commonwealth officers that, by reason of its nature or the circumstances under which the information was made or obtained, or for any other reason, it is their duty to treat as secret.

4.80       As noted by the Gibbs Committee, the combined effect of these provisions is that ‘the unauthorised disclosure of most information held by the Commonwealth Government and its agencies is subject to the sanctions of the criminal law’.[86]

4.81       In addition to the general secrecy offences in ss 70 and 79(3) of the Crimes Act, the ALRC has identified numerous specific secrecy offences in other legislation.[87]

ALRC’s views

4.82       The ALRC considers that there is a need for a general secrecy offence, to be included in the Criminal Code (Cth), for the following reasons. The general offence is intended to replace s 70 of the Crimes Act and to serve as an umbrella offence applying to all current and former Commonwealth officers and all Commonwealth information. The general offence would cover gaps left by specific secrecy provisions that focus, for example, on a particular function of an agency or on particular information held by an agency.

4.83       The ALRC is not suggesting, however, that the general offence replace all existing secrecy offences. In Chapter 8, the ALRC recommends that specific secrecy offences should only be put in place or retained where they differ in significant and justifiable ways from the general offence.[88] Chapters 8 to 11 consider the circumstances in which specific secrecy provisions imposing criminal sanctions remain justified.

4.84       In Chapter 6, the ALRC also recommends two subsequent disclosure offences.[89] These offences would regulate disclosure by any person who received Commonwealth information in breach of the general secrecy offence or on terms requiring it to be held in confidence. The subsequent disclosure offences, in combination with the general secrecy offence, are intended to replace s 79(3) of the Crimes Act.

4.85       Finally, the repeal of s 70 of the Crimes Act will give rise to the need to consider those specific secrecy provisions that give rise to a ‘duty not to disclose’ for the purposes of s 70. There are a number of options available in relation to these provisions, for example, it would be possible to leave the provisions in place as information-handling provisions that do not attract criminal sanctions.[90] Alternatively, if the circumstances justify criminal sanctions, the provisions may need to be amended to create separate criminal offences.