26 August 2016

NIST on Deidentification

The draft NIST Special Publication 800-188 De-Identifying Government Datasets [PDF] by Simson L. Garfinkel comments
De-identification removes identifying information from a dataset so that the remaining data cannot be linked with specific individuals. Government agencies can use de-identification to reduce the privacy risk associated with collecting, processing, archiving, distributing or publishing government data. Previously NIST published NISTIR 8053, “De-Identifying Personal Data,” which provided a survey of de-identification and re-identification techniques. This document provides specific guidance to government agencies that wish to use de-identification. Before using de-identification, agencies should evaluate their goals in using de-identification and the potential risks that de-identification might create. Agencies should decide upon a de-identification release model, such as publishing de-identified data, publishing synthetic data based on identified data, and providing a query interface to identified data that incorporates de-identification. Agencies can use a Disclosure Review Board to oversee the process of de-identification; they can also adopt a de-identification standard with measurable performance levels. Several specific techniques for de-identification are available, including de-identification by removing identifiers and transforming quasi-identifiers and the use of formal de-identification models that rely upon Differential Privacy. De-identification is typically performed with software tools which may h ave multiple features; however, not all tools that mask personal information provide sufficient functionality for performing de-identification. This document also includes an extensive list of references, a glossary, and a list of specific de-identification tools, although the mention of these tools is only to be used to convey the range of tools currently available, and is not intended to imply recommendation or endorsement by NIST.
The document goes on to state
The US Government collects, maintains, and uses many kinds of datasets. Every federal agency creates and maintains internal datasets that are vital for fulfilling its mission, such as delivering services to taxpayers or ensuring regulatory compliance. Federal agencies can use de-identification to make government datasets available while protecting the privacy of the individuals whose data are contained within those datasets.
Increasingly these government datasets are being made available to the public. For the datasets that contain personal information, agencies generally first remove that personal information from the dataset prior to making the datasets publicly available. De-identification is a term used within the US Government to describe the removal of personal information from data that are collected, used, archived, and shared. De-identification is not a single technique, but a collection of approaches, algorithms, and tools that can be applied to different kinds of data with differing levels of effectiveness. In general, the potential risk to privacy posed by a dataset’s release decreases as more aggressive de-identification techniques are employed, but data quality decreases as well.
The modern practice of de-identification comes from three distinct intellectual traditions:
• For four decades, official statistical agencies have researched and investigated methods broadly termed Statistical Disclosure Limitation (SDL) or Statistical Disclosure Control
• In the 1990s there was an increase in the unrestricted release of microdata, or individual responses from surveys or administrative records. Initially these releases merely stripped obviously identifying information such as names and social security numbers (what are now called direct identifiers). Following some releases, researchers discovered that it was possible to re-identify individual data by triangulating with some of the remaining identifiers (now called quasi-identifiers or indirect identifiers). The result of this NIST research was the development of the k-anonymity model for protecting privacy, which is reflected in the HIPAA Privacy Rule.
• In the 2000s, computer science research in the area of cryptography involving private information retrieval, database privacy, and interactive proof systems developed the theory of differential privacy , which is based on a mathematical definition of the privacy loss to an individual resulting from queries on a database containing that individual’s personal information. Starting with this definition, researchers in the field of differential privacy have developed a variety of mechanisms for minimizing the amount privacy loss associated with various database operations.
In recognition of both the growing importance of de-identification within the US Government and the paucity of efforts addressing de-identification as a holistic field, NIST began research in this area in 2015. As part of that investigation, NIST researched and published NIST Interagency Report 8053, De-Identification of Personal Information.
Since the publication of NISTIR 8053, NIST has continued research in the area of de-identification. NIST met with de-identification experts within and outside the United States Government, convened a Government Data De-Identification Stakeholder’s Meeting in June 2016, and conducted an extensive literature review.
The decisions and practices regarding the de-identification and release of government data can be integral to the mission and proper functioning of a government agency. As such, these activities should be managed by an agency’s leadership in a way that assures performance and results in a manner that is consistent with the agency’s mission and legal authority. Before engaging in de-identification, agencies should clearly articulate their goals in performing the de-identification, the kinds of data that they intend to de-identify and the uses that they envision for the de-identified data. Agencies should also conduct a risk assessment that takes into account the potential adverse actions that might result from the release of the de-identified data; this risk assessment should include analysis of risk that might result from the data being re-identified and risk that might result from the mere release of the de-identified data itself.
One way that agencies can manage this risk is by creating a formal Disclosure Review Board (DRB) consisting of stakeholders within the organization and representatives of the organization’s leadership. The DRB should evaluate applications for de-identification that describe the data to be released, the techniques that will be used to minimize the risk of disclosure, and how the effectiveness of those techniques will be evaluated.
Several specific models have been developed for the release of de-identified data. These include:
• The Release and Forget model: The de-identified data may be released to the public, typically by being published on the Internet.
• The Data Use Agreement (DUA) model: The de-identified data may be made available to qualified users under a legally binding data use agreement that details what can and cannot be done with the data.
• The Simulated Data with Verification Model: The original dataset is used to create a simulated dataset that contains many of the aspects of the original dataset. The simulated dataset is released, either publically or to vetted researchers. The simulated data can be used to develop queries or analytic software; these queries and/or software can then be provided to the agency and be applied on the original data. The results of the queries and/or analytics processes can then be subjected to Statistical Disclosure Limitation and the results provided to the researchers.
• The Enclave model:  The de-identified data may be kept in some kind of segregated enclave that restricts the export of the original data, and instead accepts queries from qualified researchers, runs the queries on the de-identified data, and responds with results.
Agencies can create or adopt standards to guide those performing de-identification. The standards can specific disclosure techniques, or they can specify privacy guarantees that the de-identified data must uphold. There are many techniques available for de-identifying data; most of these techniques are specific to a particular modality. Some techniques are based on ad-hoc procedures, while others are based on formal privacy models that make it possible to rigorously calculate the amount of data manipulation required of the data to assure a particular level of privacy protection.
De-identification is generally performed by software. Features required of this software includes detection of identifying information; calculation of re-identification probabilities; performing de-identification; mapping identifiers to pseudonyms; and providing for the selective revelation of pseudonyms . Today there are several non-commercial open source programs for performing de-identification but only a few commercial products. Currently there are no performance standards, certification, or third-party testing programs available for de-identification software.

25 August 2016


'A Grave Situation: An Examination of the Legal Issues Raised by the Life and Death of Charles Byrne, the “Irish Giant”' by Thomas Louis Muinzer in (2013) 20 International Journal of Cultural Property 23-48 comments
Charles Byrne was an eighteenth-century celebrity “Irish giant” who requested burial upon nearing death, but whose corpse was procured against his wishes by the surgeon John Hunter. Hunter reduced Byrne’s corpse to its skeleton and exhibited it as the centerpiece of his vast anatomical collection. It has since remained on display in the Hunterian Museum, London. In 2011 it was announced that research conducted on the skeleton’s DNA has revealed that several Northern Irish families share a common ancestry with Byrne. This article considers the legal issues raised by Byrne’s story. The results of fieldwork undertaken by the author in Byrne’s native townland are also discussed, where folk tradition suggests that Byrne wished to be buried foremost at a local site remembered today as “the Giant’s Grave.”
Muinzer notes that a body snatcher for Hunter
had Byrne’s body secretly swapped in its coffin for dead weight as the [burial] party stopped over-night to rest, and a further accomplice covertly transported the corpse thence to Hunter. Hunter immediately reduced Byrne’s body to its bones by stripping the flesh in a large boiling cauldron. He then hid the remains away so that any evidence implicating him in the misdeed was out of sight. When things had settled down, he bound the bones together in their correct skeletal arrangement, studied the skeleton, and wrote up his findings. Four years passed before Hunter revealed publically that the skeleton had become a part of his collection of anatomical specimens, and interested parties were invited to view the Irishman’s remains. 
Today Hunter’s enormous specimen collection, the Hunterian Museum, is open to the public free of charge in the Royal College of Surgeons, London. At its center, in a towering, illuminated display case, is the skeleton of Charles Byrne. Len Doyal and the present author have argued in the British Medical Journal that the skeleton ought to be removed from public display and that the remains ought to be buried in accordance with Byrne’s wishes. Byrne’s position at the center of the Hunterian Collection perhaps brings to mind one of Hunter’s own aphorisms, “No man ever was a great man who wanted to be one.”

Reading Privacy Boilerplate

'The Biggest Lie on the Internet: Ignoring the Privacy Policies and Terms of Service Policies of Social Networking Services' by Jonathan A. Obar and Anne Oeldorf-Hirsch addresses
‘the biggest lie on the internet’ with an empirical investigation of privacy policy (PP) and terms of service (TOS) policy reading behavior. An experimental survey (N=543) assessed the extent to which individuals ignore PP and TOS when joining a fictitious social networking site, NameDrop. Results reveal 74% skipped PP, selecting ‘quick join.’ For readers, average PP reading time was 73 seconds, and average TOS reading time was 51 seconds. Based on average adult reading speed (250-280 words per minute), PP should have taken 30 minutes to read, TOS 16 minutes. A regression analysis revealed information overload as a significant negative predictor of reading TOS upon signup, when TOS changes, and when PP changes. 
Qualitative findings further suggest that participants view policies as nuisance, ignoring them to pursue the ends of digital production, without being inhibited by the means. Implications were revealed as 98% missed NameDrop TOS ‘gotcha clauses’ about data sharing with the NSA and employers, and about providing a first-born child as payment for SNS access.

24 August 2016

Ashley Madison Data Breach

The Privacy Commissioner of Canada and the Australian Privacy Commissioner have released a report on their joint investigation into the 2015 Ashley Madison data breach.

The report states
On 15 July 2015, a person or group identifying itself as ‘The Impact Team’ announced that it had hacked ALM. The Impact Team threatened to expose the personal information of Ashley Madison users unless ALM shut down Ashley Madison and another of its websites, Established Men. ALM did not agree to this demand. On 20 July 2015, following media reports and after an invitation from the Office of the Privacy Commissioner of Canada (OPC), ALM voluntarily reported details of the breach to the OPC. Subsequently, on 18 and 20 August 2015, The Impact Team published information it claimed to have stolen from ALM, including the details of approximately 36 million Ashley Madison user accounts. The compromise of ALM’s security by The Impact Team, together with the subsequent publication of compromised information online, is referred to in this report as ‘the data breach’. 
Given the scale of the data breach, the sensitivity of the information involved, the impact on affected individuals, and the international nature of ALM’s business, the Office of the Australian Information Commissioner (OAIC) and the OPC jointly investigated ALM’s privacy practices at the time of the data breach. The joint investigation was conducted in accordance with the Australian Privacy Act 1988 (Australian Privacy Act) and the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA). The collaboration was made possible by the OAIC and OPC’s participation in the Asia-Pacific Economic Cooperation (APEC) Cross-border Privacy Enforcement Arrangement and pursuant to ss 11(2) and 23.1 of PIPEDA and s 40(2) of the Australian Privacy Act. 
The investigation initially examined the circumstances of the data breach and how it had occurred. It then considered ALM's information handling practices that may have affected the likelihood or the impact of the data breach. For clarity, this report makes no conclusions with respect to the cause of the data breach itself. The investigation assessed those practices against ALM's obligations under PIPEDA and the Australian Privacy Principles (APPs) in the Australian Privacy Act. 
The primary issue under consideration was the adequacy of the safeguards ALM had in place to protect the personal information of its users. Although ALM's security was compromised by The Impact Team, a security compromise does not necessarily point to a contravention of PIPEDA or the Australian Privacy Act. Whether a contravention occurred depends on whether ALM had, at the time of the data breach: for PIPEDA: implemented safeguards appropriate to the sensitivity of the information it held; and for the Australian Privacy Act: taken such steps as were reasonable in the circumstances to protect the personal information it held. 
The investigation also considered the following related information handling practices of ALM: ALM’s practice of retaining personal information of users after profiles had been deactivated or deleted by users, and when profiles were inactive (that is, had not been accessed by the user for an extended period of time); ALM’s practice of charging users to “fully delete” their profiles; ALM’s practice of not confirming the accuracy of user email addresses before collecting or using them; and ALM’s transparency with users about its personal information handling practices. 
The investigation identified a number of contraventions of the APPs and PIPEDA. 
Although ALM had a range of personal information security protections in place, it did not have an adequate overarching information security framework within which it assessed the adequacy of its information security. Certain security safeguards in some areas were insufficient or absent at the time of the data breach. 
The findings of this report include important lessons for other organizations that hold personal information. The most broadly applicable lesson is that it is crucial for organizations that hold personal information electronically to adopt clear and appropriate processes, procedures and systems to handle information security risks, supported by adequate expertise (internal or external). This is especially the case where the personal information held includes information of a sensitive nature that, if compromised, could cause significant reputational or other harms to the individuals affected. Organizations holding sensitive personal information or a significant amount of personal information, as was the case here, should have information security measures including, but not limited to: a security policy(cies); an explicit risk management process that addresses information security matters, drawing on adequate expertise; and adequate privacy and security training for all staff. 
It is not sufficient for an organization such as ALM, or any organization that holds large amounts of personal information of a sensitive nature, to address information security without an adequate and coherent governance framework. 
The OAIC and OPC provided a number of recommendations for ALM to follow to ensure it addressed the issues discussed in this report and brings itself into compliance with PIPEDA and the Australian Privacy Act with respect to those issues. 
The Privacy Commissioner of Canada has accepted a compliance agreement, and the Acting Australian Information Commissioner has accepted an enforceable undertaking, from ALM. In accordance with these agreements ALM will be required to take significant additional steps to address the issues identified in this report to protect the privacy of individuals, some of which have already been initiated by ALM.


'When the Apocalypse Comes Will Anything Change?: Gay Marriage, Black Lives Matter, and the Rule of Law' by Andrew Chongseh Kim in (2016) 3(1) Savannah Law Review comments
Most conceptions of life after the apocalypse, be it nuclear,  zombie, ; natural disaster, or otherwise, are dominated by a single image: lawlessness.  After society collapses, the rule of law ceases to function. Whether one person owns a particular house no longer depends on clean title, the statute of frauds,  nor whether the person’s adverse possession was “open and notorious.”  It depends mostly on whether that person has enough guns to keep everyone else (or everything else) out. To be more precise, after civilization falls, a person’s individual rights will be limited to those rights one can enforce with force, and those rights others are willing to respect voluntarily. Beyond statutory law, common law, or even “natural law,” this is a law of nature.  Although the laws of nature will become more obvious after the apocalypse, they are as true today as they will be when civilization falls.
Under the laws of nature, rights and laws matter only to the extent they are enforced. People scavenging for food in empty supermarkets will rarely pause to ask whether the corporation that owns the store has abandoned its property interests in the Twinkies on the shelves.  Rather, they will simply take what they  want, ignoring niceties like shoplifting laws or words like “felony burglary” that currently have great meaning. Similarly, desperate men and women who encounter others with useful goods will often try to take them by force. When one person is willing to kill another for that person’s possessions, the true owner of those goods depends not on who invested personal labor to create the goods, or who captured the goods from the wild, but on who is stronger. 
Even when zombies walk the earth, however, most people will not simply shoot everyone they see. For example, even the most ruthless woman might hesitate to take a gun belonging to another, particularly if that gun is loaded and pointed at her. Others will voluntarily respect the rights of others, believing that it is wrong to take from others even if it would be convenient for themselves. Finally, people will often decide that they will be better off working together, even if the terms of working together are not as fun or fair as they would like. These principles of the laws of nature (force, voluntary respect, and communality) help us understand the character of the rule of law today. First, with respect to the vaunted rule of law, consider a few United States Supreme Court cases: Bush v. Gore, King v. Burwell, Obergefell v. Hodges, Ledbetter v. Goodyear Tire and Rubber Company, and Korematsu v. United States. Almost all readers familiar with these cases can point to at least one case they believe was not only wrongly decided, but one in which they believe the majority opinion flouted the rules of statutory and constitutional interpretation the Justices of the Court have sworn to uphold. Although the decisions in many ways flout the rule of law, they are obeyed as law, even by most of those who disagree with them. Why do almost all of us obey and follow laws we think were enacted or enforced in contravention of the law? One can speak of the legitimacy of the process used in creating the laws, or faith in the democratic process to correct major errors. Ultimately, however, the answer comes down to the fact that, for most of us, the costs of resisting laws we find illegitimate are simply higher than the costs of cooperating with what most accept is the law. For example, the Affordable Care Act (ACA), colloquially known as Obamacare, requires most large employers to offer health insurance to their full - time employees. Although some employers have attempted to reduce their obligations under the ACA by reclassifying employees as part - time, it appears that few, if any, major employers are choosing to ignore the law completely.  Given the uproar of people who claim that the ACA is unconstitutional,  it is unlikely that this massive compliance can be explained because everyone believes that the ACA is legitimate.   Rather, they follow the law because a majority of the Court has ruled that the ACA is constitutional,  and employers are generally quite certain that, right or wrong, the government would impose large penalties upon those refusing to obey the law. Moreover, they know that the relevant government agents and banks would cooperate in collecting those penalties as well. As a result of this national consensus that rulings by a majority of the Court will be followed, a consensus of five people dressed in rather simple robes largely have the power to impose whatever law they choose. As such, the laws of our entire country can be, and sometimes are, determined by a tyranny of five.
At the same time, however, today, just like after the apocalypse, people sometimes refuse to obey the rules most of us choose to follow. Whether the rules people flaunt have any meaning depends on whether, and to what extent, they are enforced. For example, Brown v. Board of Education  declared school segregation unconstitutional.   Nonetheless, many schools remained segregated for years after 1954, because state and local governments, as well as common citizens, resisted, often with violent force.   Indeed, it was not until 1963 that the first African - American students enrolled in previously “white” Alabama schools, and only after federal authorities called in armed soldiers to face down the state patrolmen and angry civilians who aggressively enforced segregation.  Although African Americans had a right to a desegregated education under the Constitution, they did not have that right in any practical sense until those rights were enforced by government might.
In Part II of this Article, I explain the nature of laws and governance after the apocalypse. In Part III, I argue that the laws of nature are fundamental to our society and, indeed, have been recognized in our courts and society today. Lastly, in Part IV, I explore two important timely issues, same - sex marriage and the Black Lives Matter movement, in light of the laws of nature.

23 August 2016


Yesterday's Cultural Change: Gender Diversity and Inclusion in the Australian Federal Police (Broderick Report) [PDF] unsurprisingly highlighted bullying and harassment within the Australian Federal Police, commenting
The results of the Survey and the qualitative evidence from the focus groups, interviews and written submissions indicate that sexual harassment and bullying are pervasive across the AFP. The Survey results show that 46% of women and 20% of men report that they have been sexually harassed in the workplace in the last five years. These percentages are almost double the national average. In relation to bullying, 62% of men and 66% of women reported that they have been bullied in the workplace in the last 5 years. The extent of these behaviours in the AFP demands immediate action.
Members were aware of the complaints mechanisms in the AFP, but a number reported to the Project Team a lack of trust in the reporting system, believing that a complaint can have a negative impact on a member’s career, or result in a complainant being ostracised or victimised. Members also indicated that complaints can take too long to resolve. Some members also stated that the process lacks confidentiality. A number of members expressed support for the Confidant Network as a model. However, many also indicated that the overall complaint’s process is not ‘victim-focussed’.
The report features the following Principles and Recommendations
In framing the Project’s findings and recommendations the Project Team has drawn on the many stories, opinions and experiences of AFP members, advice from senior leaders, the Survey results, the policies and practices of the AFP and the organisation’s own workforce and complaints data. In developing the recommendations, the Project Team has identified six principles which it believes will underpin success in achieving cultural reform and greater gender diversity across the AFP:
• Principle 1 – Successful and sustainable reform depends on strong and courageous leadership.
• Principle 2 – Talent promotion requires challenging the biases and assumptions underpinning the traditional view of merit and ensuring effective performance management.
• Principle 3 – Increasing the number of women requires increasing opportunities.
• Principle 4 – Flexible work practices are a key capability driver.
• Principle 5 – Sexual harassment, sexual abuse and bullying damages individuals, divides teams and undermines capability.
• Principle 6 – Adequate resourcing and regular monitoring and evaluation is essential to measuring and sustaining progress.
Principle 1 – Successful and sustainable reform depends on strong and courageous leadership
1. Cultural reform, including the recommendations contained in this Report, must be owned by the Commissioner and the Executive Leadership Committee (ELC – the Deputy Commissioners and the Chief Operating Officer) with responsibility for cultural change embedded into their performance metrics.
2. The Commissioner and the ELC should select a targeted group of no more than 15 members from across the organisation and at different leadership levels to assist with the cultural change process, including the implementation of the recommendations contained in this Report (the Cultural Reform Board). The Cultural Reform Board should: • be chaired by the Commissioner; • be gender balanced; and • include leaders from across functional areas who are champions of reform and/or are in positions of influence.
3. The Commissioner and the SLG should develop and deliver a clear and strong written statement (signed by all) that articulates the case for change and signals their commitment to the full implementation of the Project’s recommendations. Additionally, the Commissioner and the ELC should present a video to reinforce their strong zero tolerance approach to sexual harassment, sexual abuse and bullying.
4. All members of the SES should undertake the Leadership Shadow or an equivalent model, and develop a personal leadership action plan.
5. The Commissioner should appoint an independent, specialist coach to work with each member of the SLG and the group as a whole to assist them to: • implement their personal leadership action plans; and • foster a culture of respect for difference among colleagues and other members, including in relation to decision-making.
6. The AFP should ensure that recruitment and promotion processes have a strong predisposition to effective people management and leadership skills including the successful completion of appropriate training. Where training has not been able to be facilitated prior to the recruitment/promotion process, promotion will be deemed to be subject to the successful completion of training on developing effective people management and leadership.  (Among the topics that should be covered in this training are: understanding all people management policies, understanding work place gender equality and diversity more broadly, implementing flexible work arrangements, effective communication and, recognising and responding appropriately to bullying, harassment, sexualised work environments, sexual harassment and sexual abuse.)
7. With the assistance of an independent expert and facilitator, the AFP should develop a purposeful storytelling process involving select senior leaders. This should be done in a safe setting. The storytelling approach utilised by the Review into the Treatment of Women in the Australian Defence Force (2012) and the restorative engagement process used by the Defence Abuse Response Taskforce are useful models that could be adapted to the AFP. A key objective of the storytelling would be for the imperative of the case for change to be understood at senior leadership level.
Principle 2 – Talent promotion requires challenging the biases and assumptions underpinning a traditional view of merit and ensuring effective performance management
8. The AFP should address misconceptions about merit and the ‘essential’ experience, skills or characteristics of candidates that may preclude women from being considered for roles including: • ensuring that in relation to senior and operational roles, equal weight is given to a candidate’s leadership and people management skills as well as the other capabilities and experience required for the roles; • ensuring recruitment teams, promotion panels and the candidate pools are gender-balanced; • assessing current promotion trials including the use of an independent assessment centre, blind recruitment and independent representatives on the panel; and • ensuring all staff on extended leave, including parental and carers leave, are notified of promotion and other relevant opportunities.
9. The AFP should review and amend the performance management system to: • ensure leaders at all levels are held accountable for the culture, health and wellbeing of their teams and functional areas, including in relation to effectively performance managing staff and appropriately responding to unacceptable behaviour such as bullying and sexual harassment and sexual misconduct. This should involve conducting regular team ‘climate surveys’ and including appropriate KPIs in performance agreements of leaders; • create a small ‘Performance Management Support Team’ to support supervisors to performance manage staff and assist in ensuring commitment from Senior Executives to support supervisors who are performance managing staff in their work areas. This should be done as part of a transition phase; and • reintroduce 360 Degree Feedback Surveys to assist with performance appraisals for Coordinators and above.
Principle 3 – Increasing the number of women requires increasing opportunities
10. The AFP should improve the attraction and recruitment of women to AFP Police and PSO roles by: • ensuring a sustained and ongoing annualised recruitment campaign for Police and PSO women that showcases women in the AFP and involves Police and PSO women in the recruitment process; • developing strategies to effectively recruit and facilitate pathways for Police and PSO women to enter operational roles; • developing more flexible career paths for employees across Police, PSO and unsworn roles in the AFP Future Workforce Plan including by decoupling traditional career pathways and continuous service from the promotion process; • establishing an entry-level recruitment strategy for diverse groups to Band 3 and 4 levels (unsworn) and create pathways to Police roles and PSOs; and • implementing a salary maintenance policy to assist staff to move to Police/PSO/unsworn without dropping pay point.
11. The AFP should ensure there is a gender balance, particularly in: • key operational roles (for example, Senior Investigator, Office Manager, Case Manager/Officer, Counter Terrorism, Serious and Organised Crime); and • selecting candidates for all acting up opportunities.
12. The AFP should leverage existing female talent – Police, PSO and unsworn – including through a talent program that enables transition to key operational roles (for example, identify female talent with leadership potential and rotate them across three key functional areas to give broad and diverse experience).
13. Given the benefits of cultural renewal and the capacity to bring in new talent, particularly to the sworn population, the AFP should support members taking leave without pay and assist them to seek opportunities for placement in other organisations. The AFP should also create opportunities for training for members who have taken extended leave to facilitate their reintegration, including those who have taken leave to further their professional development and those who have taken time out for caring responsibilities.
Principle 4 – Flexible work practices are a key capability driver
14. The AFP should adopt adopt a ‘Flex by Default’ approach across the organisation. The refusal of flexible work should be reviewed by a designated member of the Senior Leadership who understands and champions flexible work.
15. The AFP should ensure infrastructure and messaging is in place to maximise the success of flexible work practices including by: • training supervisors to manage flexible workers and teams; • linking supervisor KPIs to the uptake of flexible work arrangements (by both men and women) and the career advancement of flexible workers; • profiling ‘success stories’ of men and women working flexibly, particularly those in leadership positions; • providing proper infrastructure for employees to work flexibly (e.g. remote access, laptops, mobile phones) and people management systems; and • implementing and evaluating a number of trials being undertaken to deliver a flex by default system (eg the split shift trial at Sydney Airport and the rostering initiatives in parts of ACT Police).
16. The AFP should develop a ‘stay in touch’ and return to work plan for members on extended leave, including maternity and parental leave, that includes offering them access to training or other opportunities when they are on leave and as they transition back to the workplace.
Principle 5 – Sexual harassment, sexual abuse and bullying damages individuals, divides teams and undermines capability
17. a) A specialised and independent Office should be established in the AFP to provide support to complainants and to investigate and address sexual harassment and sexual abuse. The Office should: • be headed by an Assistant Commissioner with specialised skills and capability who reports directly to the Commissioner; • adhere to strict confidentiality requirements; • be victim-focused, including accepting requests for advice and support where the complainant does not want a formal investigation and/or is not willing to name the alleged perpetrator; • respond to the complaint in a manner consistent with the seriousness of Category 3 complaints contained within the PRS system, where the complaint wants the complaint investigated; • provide holistic support to complainants, (including providing referrals to external specialised services); • provide regular updates on the status of the complaint to complainants and respondents, or on request; and  • collect data on all sexual harassment and sexual abuse complaints including the location, functional area, nature and, where appropriate, alleged perpetrator. De-identified data on the number, length of time and outcome of complaints should be published annually within the organisation. • Provide quarterly reports to the Commissioner on sexual harassment and sexual abuse complaints including the strategic measures that the organisation has undertaken in response to key trends and patterns identified in the data. b) When an employee has one or more established sexual harassment findings against them, the Commissioner or his delegate should consider the employee’s employment suitability to remain within the AFP. The Commissioner’s delegate should be the Assistant Commissioner who will head the aforementioned specialised, independent Office. The AFP also should advise all employees that there will be a zero tolerance to sexual harassment and all incidents of sexual harassment will be treated as serious matters consistent with Category 3 complaints. c) Victims of domestic violence who are members in the AFP should have access to the specialised, independent Office for support and appropriate referral. Where the perpetrator is also a member of the AFP, the Office should take appropriate steps to ensure that: • the victim is safe in their work environment; and • with the consent of the victim, the matter is being properly dealt with, including through direct police intervention. These actions should be supported by best practice policies, to be developed by the aforementioned Office and Human Resources, that recognise that domestic and family violence is a workplace issue.
18. a) The process for addressing bullying should be reformed as follows: • all serious bullying complaints or complaints against repeat offenders should be addressed as Category 3 complaints; • any such complaint that takes longer than 6 months to complete should be escalated to a relevant SES member for review; • PRS should provide regular updates on the status of the complaint to complainants and respondents or on request; and • quarterly reports should be provided to the Commissioner on bullying complaints including in relation to trends, the time taken to complete complaints, outcomes and strategic measures the organisation has undertaken in response to these and other significant issues arising from the data. b) When an employee has one or more established bullying findings against them, the Commissioner or his delegate should consider the employee’s employment suitability to remain within the AFP. The Commissioner’s delegate should be the Assistant Commissioner who will head the aforementioned specialised, independent Office. The AFP should also advise all employees that there will be a zero tolerance to bullying and all incidents of bullying will be treated as serious matters consistent with Category 3 complaints.
19. a) The Confidant Network should be strengthened including by: • ensuring it is managed at Coordinator level or above; • implementing a targeted selection process designed to identify staff who role model the values of the AFP (including, e.g. trust, respect, accountability); • increasing awareness of the role of the Confidant Network across the AFP; and • providing improved and ongoing training for Confidants, including around privacy obligations. b) If it is established that a Confidant breaches a member’s confidentiality that Confidant should be removed from the Network.
20. All members in the AFP, from recruits to the most senior leaders, should participate in expert, independent training on respectful workplaces. This training should include examples of what constitutes bullying behaviour, sexual harassment, sexual abuse and bystander action. Additionally, supervisors should be trained in identifying and properly responding to sexualised work environments, sexual harassment and bullying and their impact on individuals and teams.
Principle 6 – Adequate resourcing and regular monitoring and evaluation is essential to measuring and sustaining progress
21. Progress on cultural reform and the implementation of these recommendations should be measured through key metrics including: a) Women’s Participation • Number and proportion of Police/PSO/unsworn women recruited. • Number and proportion of women by Band in Police/PSO/unsworn and Band. • Number and proportion of women: » at executive level; » undertaking higher duties; » in the pipeline; » in targeted roles and functions which are highly gender segregated; and » in key roles and functions that are critical for career promotion. • Number and proportion of women’s promotions at each rank including acting-up duties. • Gender balance on key decision making bodies within AFP. • Retention of women: » gap between men and women’s retention and separation rates; » number returning to work from paid and unpaid maternity and parental leave; and » number of men and women taking career breaks. b) Women’s Experience • Gender disaggregated data from key organisational surveys including: » employee survey; » exit surveys; and » climate surveys. c) Uptake of flexible work and career advancement of flexible workers. • Number of men and women accessing formalised flexible working arrangements: » number of applications submitted for flexible working arrangements; and » proportion of applications for flexible working arrangements that are approved. • Promotion of staff on flexible work arrangements. d) Sexual harassment and bullying (disaggregated by gender). • Number of complaints. • Types of complaints e.g. sexual harassment, sexual assault. • Relevant demographics of complainant and respondent e.g. work area, rank. • Number of complaints dealt with internally: » number investigated; » number resolved; and » time taken from receipt of complaint to finalisation.
22. The ELC should review progress of the implementation of these recommendations and other initiatives of cultural reform, each month and as a standing agenda item at their meeting.
23. Progress on reform should be published across the organisation.
24. To ensure progress and sustainable reform, adequate resourcing of the implementation of the recommendations should be provided