06 August 2025

(Un)Harnessing AI

The interim report by the Productivity Commission on Harnessing Data and Digital Technology - consistent with the national government's enthusiasm for AI - can be read as proposing a looser regulatory framework. 

The report states 

Data and digital technologies are the modern engines of economic growth. Emerging technologies like artificial intelligence (AI), which can extract useful insights from massive datasets in a fraction of a second, could transform the global economy and speed up productivity growth. 
 
Australia needs to harness the consumer and productivity benefits of data and digital technology while managing and mitigating the downside risks. There is a role for government in setting the rules of the game to foster innovation and ensure that Australians reap the benefits of the data and digital opportunity. 
 
The economic potential of AI is clear, and we are still in the early stages of its development and adoption. Early studies provide a broad range of estimates for the impact of AI on productivity. The Productivity Commission considers that multifactor productivity gains above 2.3% are likely over the next decade, though there is considerable uncertainty. This would translate into about 4.3% labour productivity growth over the same period. But poorly designed regulation could stifle the adoption and development of AI and limit its benefits. Australian governments should take an outcomes based approach to AI regulation – one that uses our existing laws and regulatory structures to minimise harms and introduces technology specific regulations as a last resort. 
 
Data access and use can fuel productivity growth: insights from data can help reduce costs, increase the quality of products and services and lead to the creation of entirely new products. But some requirements in the Privacy Act, the main piece of legislation for protecting privacy, are constraining innovation without providing meaningful protection to individuals. For example, complying with the controls and processes baked into the Act can make consent and notification a ‘tick box’ exercise – where businesses comply with the letter of the law but not the spirit of it. The Australian Government should amend the Privacy Act to introduce an alternative compliance pathway that enables firms to fulfil their privacy obligations by meeting outcomes based criteria. 
 
Data about individuals and businesses underpins growth and value in the digital economy. But often those same individuals and businesses cannot easily access and use this data themselves. Under the right conditions, giving people and businesses better access to data that relates to them can stimulate competition and allow businesses to develop innovative products and services. A mature data sharing regime could add up to $10 billion to Australia’s annual economic output. 
 
Experience shows that we need a flexible approach to facilitating data access across the economy, where obligations placed on data holders and the level of government involvement can match the needs and digital maturity of different sectors. New lower cost and flexible regulatory pathways would help to guide expanded data access throughout the digital economy, focusing first on sectors where the gains can be significant and relatively easy to achieve. 
 
Financial reports provide essential information about a company’s financial performance, ensuring transparency and accountability while informing the decisions of investors, businesses and regulators. Government can further spark productivity by making digital financial reporting the default – that is, mandatory lodgement of financial reports in machine readable form. At the same time, the Australian Government should remove the outdated requirement that financial reports be submitted in hard copy or PDF format. This change would increase the efficiency and accuracy with which information is extracted and analysed.

The  draft recommendations are

 Artificial intelligence 

Draft recommendation 1.1 Productivity growth from AI will be built on existing legal foundations. 

Gap analyses of current rules need to be expanded and completed. Australian governments play a key role in promoting investment in digital technology, including AI, by providing a stable regulatory environment. Any regulatory responses to potential harms from using AI must be proportionate, risk based, outcomes based and technology neutral where possible. 

The Australian Government should continue, complete, publish and act on ongoing reviews into the potential gaps in the regulatory framework posed by AI as soon as possible. 

Where relevant gap analyses have not begun, they should begin immediately. 

All reviews of the regulatory gaps posed by AI should consider: • the uses of AI • the additional risk of harm posed by AI (compared to the status quo) in a specific use case • whether existing regulatory frameworks cover these risks potentially with improved guidance and enforcement; and if not how to modify existing regulatory frameworks to mitigate the additional risks. 

Draft recommendation 1.2 AI specific regulation should be a last resort 

AI specific regulations should only be considered as a last resort for the use cases of AI that meet two criteria. These are: • where existing regulatory frameworks cannot be sufficiently adapted to handle the issue • where technology neutral regulations are not feasible.   

Draft recommendation 1.3 Pause steps to implement mandatory guardrails for high risk AI 

The Australian Government should only apply the proposed ‘mandatory guardrails for high risk AI’ in circumstances that lead to harms that cannot be mitigated by existing regulatory frameworks and where new technology neutral regulation is not possible. Until the reviews of the gaps posed by AI to existing regulatory structures are completed, steps to mandate the guardrails should be paused. 

Data access 

Draft recommendation 2.1 Establish lower cost and more flexible regulatory pathways to expand basic data access for individuals and businesses 

The Australian Government should support new pathways to allow individuals and businesses to access and share data that relates to them. These regulatory pathways will differ by sector recognising that the benefits (and the implementation costs) from data access and sharing are different by sector. This could include approaches such as: • industry led data access codes that support basic use cases by enabling consumers to export relatively non sensitive data on a periodic (snapshot) basis • standardised data transfers with government helping to formalise minimum technical standards to support use cases requiring high frequency data transfers and interoperability. 

These pathways should be developed alongside efforts that are already underway to improve the Consumer Data Right (which will continue to provide for use cases that warrant its additional safeguards and technical infrastructure) and the My Health Record system. 

The new pathways should begin in sectors where better data access could generate large benefits for relatively low cost; and there is clear value to consumers. Potential examples include: • enabling farmers to combine real time data feeds from their machinery and equipment to optimise their operations and easily switch between different manufacturers • giving tenants on demand access to their rental ledgers which they can share to prove on‑time payments to new landlords or lenders • allowing retail loyalty card holders to export an itemised copy of their purchase history to budgeting and price comparison tools that can analyse spending and suggest cheaper alternatives. The scope of the data access pathways should expand over time based on industry and consumer consultation, where new technology, overseas experience or domestic developments show that there are clear net benefits to Australia.   

Privacy regulation 

Draft recommendation 3.1 An alternative compliance pathway for privacy 

The Australian Government should amend the Privacy Act 1988 (Cth) to provide an alternative compliance pathway that enables regulated entities to fulfil their privacy obligations by meeting criteria that are targeted at outcomes, rather than controls based rules. 

Draft recommendation 3.2 Do not implement a right to erasure 

The Australian Government should not amend the Privacy Act 1988 (Cth) to introduce a ‘right to erasure’, as this would impose a high compliance burden on regulated entities, with uncertain privacy benefits for individuals. 

Digital financial reporting 

Draft recommendation 4.1 Make digital financial reporting the default 

The Australian Government should make the necessary amendments to the Corporations Act 2001 (Cth) and the Corporations Regulations 2001 (Cth) to make digital financial reporting mandatory for disclosing entities. The requirement for financial reports to be submitted in hard copy or PDF format should also be removed for those entities.

03 August 2025

Pseudolaw and GenAI

'Pseudolaw and the illusion of legal meaning' by Joe McIntyre in (2025) Alternative Law Journal states 

This article is an overview of the contemporary phenomenon of pseudolaw and argues that, at its heart, it involves a mistaking of the form of legal argumentation for its substance. Essentially, through the use of legalistic language, archaic sources and strange rituals, an illusion of legal meaning is created which tricks users into believing their actions are legally meaningful. This article argues that it shares common features with generative AI, in that it produces an illusion of meaning which users mistake for actual meaning. It then explores this juxtaposition and its implications for responses to pseudolaw. 

Anyone who has spent extended time in Australian courts in the last five years will be familiar with the very strange phenomenon that is pseudolaw. A confident, assertive, self-represented litigant will rise to make their appearance only to argue the judge has no authority as the court is displaying the wrong coat of arms; or they will assert they are a ‘natural person’ not subject to the law; or they argue that the judge has somehow committed treason. A vivid illustration is provided in the case of Georganas v Georganas, when a pseudolaw ‘guru’ interceded from the public gallery:

Unknown Speaker: Stand down … Judge [X], you are concealing treason against the King of England … you are now charged, you are under arrest … You are trading in necromancy, you are treating dead people in this courtroom. You are in treason. You are in treason, you must stand down under the Bill of Rights now.

These types of arguments are, of course, without any legal merit. They do not work, and are rightly regarded as ‘obvious nonsense’, ‘pseudo-legal gibberish’, or ‘gobbledygook’. Yet these forms of argument continue to proliferate, with a significant growth seen in the years since the COVID-19 pandemic. This is no longer a fringe concern: such matters are now occurring on a daily basis in Australian courts, and in some jurisdictions is already being seen to profoundly reshape litigation. 

Courts are busy places, and pseudolaw can be particularly disruptive, not least because of the disproportionate impact of each pseudolaw case compared to other cases. The case law involving pseudolaw matters commonly includes statements of judicial concern about the systemic impact of such cases. For example, in Rossiter v Adelaide City Council, Livesey J observed that pseudolegal arguments have ‘without reservation been rejected as involving both legal nonsense and an unnecessary waste of scarce public and judicial resources.’ The burden of dealing with pseudolaw matters is having a profound impact on the courts. As one judicial officer put it:

It uses up so much court resources because every time they want to file something they end up making the lives of the Registry staff miserable. [The clerk’s] email inbox … [is] full of emails from them. They have changed the whole face of the civil justice system.

In this article, I provide an overview of the contemporary phenomenon of pseudolaw and argue that – at its heart – it involves a mistaking of the form of legal argumentation for its substance. Essentially, through the use of legalistic language, archaic sources and strange rituals, an illusion of legal of meaning is created which tricks users into believing their actions are legally meaningful. That these users lack legal literacy, are largely alienated from the law, and desperately want to believe in the promise of pseudolaw means that this illusion is difficult to displace. I argue, however, that it is critical the scale and nature of this threat to the good administration of justice is recognised and countered – not least because it is quickly merging with another emerging phenomenon, the use of generative AI (‘GenAI’), which shares many of these same characteristics. 

This article briefly draws out the similarities between GenAI and pseudolaw, with the goal of helping the reader better understand both phenomena. Unfortunately, the collision between GenAI and pseudolaw is already beginning to disrupt our courts, and it is increasingly necessary that we are all familiar with the contours of both the overlap between them and their impact upon the administration of justice. 

Ultimately, I argue that – as amusing as some of the examples may be – pseudolaw itself is no laughing matter. It is, as I have written elsewhere, ‘disrupting our courts … threatening our judicial officers and administrators [and] harming all who come into contact with it.’ The same is true on the increasing use of GenAI in litigation – it can appear humorous, but is increasingly problematic. As these two phenomena collide, it is critical we stop laughing and start learning.

'The Impact of Pseudolaw on Local Government' by Stephen Young and Harry Hobbs in (2025) 36(4) Public Law Review comments 

The COVID-19 pandemic saw a significant rise in the number of people making pseudolegal arguments in an effort to avoid public health measures. Legal scholarship exploring this phenomenon has largely focused on its impact on the administration of justice. However, as the level of government closest to the community, local governments have also faced a growing strain from pseudolegal adherents and conspiracy theorists. In this article, we explore their (misuse) of law and its impact on local government in Australia and New Zealand. We find three main impacts. Pseudolegal adherents have: attempted to construct parallel governance institutions as a means to exert power and control; intimidated and harassed local government authorities by issuing threats and disrupting public meetings; and, imposed a substantial administrative burden on staff by inundating offices with baseless correspondence. While pseudolaw may seem like obscure or picayune legal quirkiness, its impact on local government is anything but minor—it constitutes a growing threat to governance, public safety, and the rule of law. ... 

In May 2024, Lance Vervoort, Chief Executive Officer of the Hamilton City Council, received a letter submitted as part of a Local Government Official Information and Meetings Act 1987 (NZ) (‘LGOIMA’) request. The letter contained excerpts from the New Zealand Bill of Rights Act 1990 (NZ), the International Covenant on Civil and Political Rights (‘ICCPR’), and the 1947 Nuremberg Code. The excerpts were liberally annotated with explanations such as, ‘New Zealand became a member of the ICCPR 1978 and being INTERNATIONAL LAW, it supersedes all Legislation’. The letter explained further that these ‘are VERYY [sic] IMPORTANT DOCUMENTS which all peoples should be aware of, but most people aren’t’. The author of the letter asserted that Hamilton City Council is breaching international law because it is illegally conducting medical experiments on the people of Hamilton by fluoridating drinking water. The author declared that the obligation to follow the law is based on consent freely given. As he had not consented to fluoridation, the Council is operating criminally. 

Almost every legal claim in the letter is wrong. In New Zealand (and Australia), international law does not automatically supersede domestic legislation; the relationship between the state and its citizens is not based on contract; and a duly enacted law applies regardless of whether a person consents to its operation. The veracity of the factual claims is no better. Fluoride is a naturally occurring compound that is found in almost all fresh water. Fluoridation is the addition of fluoride to drinking water to protect against tooth decay, a well-established public health measure with decades of evidence demonstrating that it effectively improves oral health. The legal basis for fluoridation in New Zealand is also sound. Prior to 2021, the judiciary consistently found that local governments possessed the legal authority to fluoridate water. Since 2021, amendments to the Public Health Act 1956 (NZ) have made the position even clearer. Under s 116E of the Act, the Director-General may direct a local authority to add fluoride to its drinking water. Even if Mr Vervoort agreed with the author of the letter, he has no power to counteract a direction and remove fluoride. In any event, as this example demonstrates, concerns around fluoridation are often mixed with conspiracy theory and pseudolaw, such as the claim that it ‘removes freedom of choice by consumers’. The result is that any potentially meritorious legal questions are buried among voluminous and incoherent claims. 

The letter did not clearly ask a question of the council. Nonetheless, because it was filed as a LGOIMA request, the Hamilton City Council was required by law to respond. While the Council’s response was short, merely explaining that it was following the laws and regulations of New Zealand, it necessitated time, attention and resources that might have been better placed elsewhere. One strange letter is not a problem. However, this is just one of many conspiracy and pseudolaw-inflected LGOIMAs that the Council has responded to in the last few years. Hamilton is not alone. Local governments across New Zealand and Australia increasingly face administrative burdens derived from pseudolegal conspiracies. In some cases, they also face intimidation, threats and a real risk of physical harm. 

This is not new to those working in local government. The growing legal literature on pseudolaw and sovereign citizens, however, largely focuses on the origins, spread and manifestation of pseudolegal beliefs worldwide and their impact on law and the administration of justice rather than on the burdens it imposes on local government authorities. Similarly, while scholars in other disciplines examine pseudolaw through the lens of conspiracy theorising, extremism, criminal justice, and linguistics, there remains a dearth of study of pseudolegal adherents’ impact on local government. This is especially concerning now that pseudolaw has a ‘global reach’, having ‘migrated across the common law world and appear[ing] also in arrange of civil law countries’. We address this lacuna in this article. We focus specifically on its impact on local governments in Australia and New Zealand. Our study allows us to identify that pseudolaw is affecting local government in several significant ways. Furthermore, it reveals that although the impact is felt similarly across jurisdictions, the conduct of adherents manifests itself in diverse styles as pseudolaw evolves and adapts as it migrates. Pseudolaw in Australia and New Zealand has latched onto local legal, political and moral issues and arguments, including those based on the rights of Indigenous peoples. 

Our article is divided into two substantive parts. Recognising that pseudolaw remains an understudied phenomenon, in Part II, we contextualise our subject. We explain what pseudolaw is, orient our article in the wider legal literature, and provide background to understand what is occurring in New Zealand and Australia. In Part III, we explore the three primary impacts pseudolaw and sovereign citizens have on local government in Australia and New Zealand. First, adherents are establishing alternative and parallel governance institutions, including ‘Common Law Courts’ to enforce their vision of society. Second, members of these groups threaten and intimidate elected councillors and council staff by serving warrants and judgments issued from their fake courts and disrupting public meetings. Third, members waste the time and resources of local government by abusing local government obligations and by refusing to pay for services. Ultimately, the costs of responding to pseudolegal claims are more than financial — they represent a broader erosion of public institutions and a challenge to democratic governance.

01 August 2025

Espionage Costs

The AIC Costs of Espionage report (in partnership with the Australian Security Intelligence Organisation) claims

 Espionage has become one of the most significant national security threats to Australia, impacting government, businesses and the university sector. The highly secretive nature of espionage makes it extremely difficult to measure. In this study we estimated, for the first time, the actual and prevented costs of espionage. Building on the Australian Institute of Criminology’s method for measuring the costs of serious and organised crime, we estimated the mitigation and response costs and the direct costs of espionage impacting Australia. We also estimated the preventable costs associated with a number of possible scenarios. The numbers are conservative and an underestimate of the true cost, given the challenges in identifying and measuring espionage activity and its consequences. 
 
In 2023–24, espionage cost Australia at least $12.5 billion. This includes the direct costs of the consequences of known or probable espionage activity – primarily losses due to state or state-sponsored cyber attacks, insider threats and intellectual property theft – as well as the public and private sector response, remediation and mitigation costs. There are also tens of billions in additional costs that Australia may have prevented by countering potential espionage. For example, in just one week, a single incident of espionage-enabled sabotage from a large-scale cyber attack could cost the Australian economy nearly $6 billion. These prevented costs are significant, and highlight the importance and benefit of investing in efforts to reduce the threat of espionage and minimise the harm in high-risk settings.

The report states 

The threat of espionage – the state or state-sponsored theft of Australian information or capabilities – is now at extreme levels, posing an enormous risk to Australia’s national security. This threat is expected to worsen in future. Understanding the real and potential harm from espionage to the government, private and university sectors, and to the wider community is an important step in ensuring that appropriate action is taken to build our resilience to the threat posed by state and state-sponsored actors. We relied on a review of known cases, published and unpublished research, and data on espionage and espionage-related harms, along with input from subject matter experts, to estimate the mitigation and response costs, direct costs of espionage, and the prevented costs of espionage. We limited our analysis of direct, mitigation and response costs to the 2023–24 financial year. Some calculations of espionage-related expenditure were based on sensitive and classified data, and therefore these costings are not itemised in this report. 

It is important to note at the outset that these numbers, while significant, underestimate the true cost of espionage in Australia. Espionage, by definition, is difficult to detect, and many of its most serious impacts cannot be assigned a dollar value. We have chosen to be conservative in our calculations. 

This is an important first attempt to measure the range of costs from known and suspected incidents of espionage, using a methodology that has been applied to other areas of national security. While this report highlights the importance of taking action to prevent espionage to protect Australia’s national interests, it also draws attention to the need for further work to help us better understand the impact that espionage has on government, businesses, universities and the wider community. 

Actual costs from espionage Our estimate of the actual costs from espionage includes both the direct costs of known or suspected espionage activity, and the mitigation and response costs to government, businesses and universities. 

Direct costs of known or suspected espionage activity 

We estimated the actual cost of state or state-sponsored cyber espionage, insider threats and intellectual property (IP) theft through a range of methods including:

„ Cyber security incidents impacting Australian medium and large businesses were estimated to cost up to $1,193.8 million. 

„ Cyber security incidents impacting Australian public universities were estimated to cost up to $14.5 million. 

„ Insider threats involving state or state-sponsored actors impacting Australian businesses were estimated to cost up to $324.8 million. 

„ Cyber security incidents involving state or state-sponsored actors impacting federal government agencies (not itemised here). 

„ Insider threats involving state or state-sponsored actors impacting Australian public universities were estimated to cost up to $25.0 million. 

„ Cyber-enabled theft of IP and trade secrets from businesses was estimated to cost up to $1,901.0 million. 

„ IP theft from government, the not-for-profit sector and universities was estimated to cost up to $628.0 million in 2023–24. 

These costs were incurred in a single financial year (2023–24). These represent a significant underestimate of the true cost of espionage, given the challenges in identifying, quantifying and valuing some of the consequences. 

Mitigation and response costs 

Significant resources are invested in the public and private sectors to mitigate and respond to espionage. These include the cost to federal government agencies entities related to the identification, investigation, disruption and prosecution of espionage incidents in Australia, as well as the development and enactment of policy and legislation regarding espionage in Australia. Other costs of mitigation include those associated with implementing and maintaining security measures, community outreach, and education and awareness raising. Many of these mitigation measures (particularly legislation) have been introduced in response to previous incidents of espionage or foreign interference, and thus can be considered long-term costs of espionage in Australia. We used a combination of top-down and bottom-up approaches to estimate these costs, relying on data on the operating expenditure of each agency and expert input from senior representatives from these agencies and other stakeholders. 

We also estimated the cost of cyber security to state, territory and local government agencies, businesses and universities. We determined the operating expenditure of each sector and relied on industry estimates of the proportion of total expenditure that is spent on information and communications technology (ICT) and, of that, the proportion spent on cyber security. We then estimated the proportion of these cyber security costs associated with espionage. There are also costs to businesses associated with personnel security and vetting, as well as the costs associated with applying for commercial foreign investments to the Foreign Investment Review Board (which assesses, among other things, risks to national security). 

Critical infrastructure is a major target for foreign actors seeking to undermine Australia’s national security and, in addition to the costs to the Australian Government, there have been costs to industry associated with several major reforms to the regulation of critical infrastructure to reduce the risk of espionage. Universities also incur costs associated with due diligence activity, including vetting of international students and assessing the risks associated with partnerships with foreign institutions. We used a range of methods and data sources to estimate these costs. These mitigation and response costs have not been itemised, and the full detail regarding our costing methodology has not been provided because it relies on sensitive and classified data. The mitigation and response costs are included in the total cost estimate. Several additional costs are incurred as a consequence of the action taken by government, businesses and the university sector to mitigate the risk of espionage. 

Among these are:

„ the costs of having to use more expensive technology, or technology that is less than optimal, rather than technology that may be available from a foreign adversary 

„ the costs incurred by government suppliers in certain high-risk sectors in order to meet security requirements 

„ declines in potential foreign investment due to our current national security posture „ missed opportunities for international research collaborations with leading academics and organisations. 

Although these costs are likely to be significant, they have not been estimated in the current research due to a lack of sufficient data. 

Prevented costs from espionage 

We estimate the counter-espionage efforts of governments, businesses and universities may have prevented tens of billions of dollars of additional costs to the Australian economy. While there have been many examples of espionage impacting Australia and our international partners, other harms have been avoided. 

We modelled a range of scenarios to estimate the potential costs that may have – to the best of our knowledge – been prevented, but which would be incurred in the future if efforts to prevent espionage were not successful.

„ Sabotage of critical infrastructure enabled by espionage could cost up to $1,161.2 million per incident. 

„ An economy-wide, week-long disruption to digital technology-intensive industries, enabled by sabotage, could cost the Australian economy $5,930.4 million. 

„ Theft of trade secrets from a large, publicly listed Australian company could result in share market losses of up to $887.2 million per incident. 

„ Cyber espionage attacks targeting a large, publicly listed Australian company could result in share market losses of up to $439.6 million per incident. 

„ Diminishing trust in government security due to espionage activity could result in an annual decrease in foreign direct investment inflows of up to $10,291.2 million. 

„ The potential annual losses from a decline in international student revenue because of a need to tighten controls following major espionage activity could be up to $890.7 million. 

„ A 10% decrease in annual US funding for research following espionage activity impacting Australian and US relationships could lead to potential same-year economic losses of up to $376.7 million. 

Many of these costs relate to, or would result from, single incidents of espionage. The cost from multiple repeated attacks targeting government, businesses and university sectors would be significantly higher. As such, the total prevented costs depend on the nature and scale of future espionage activity impacting Australia but are estimated to be tens of billions of dollars. 

Total actual and prevented costs from espionage 

When we combine the mitigation and response costs and the direct costs of espionage that could be measured, the total known cost to government, businesses, universities and the broader community in 2023–24 is estimated to be at least $12.5 billion. We estimate that tens of billions further in espionage costs may have been prevented through effective mitigation and counter-espionage activity. These costs are preventable – but only if appropriate action is taken to address the threat from those who seek to harm Australia’s national interests. 

Total actual costs: $12.5B Direct costs of known or suspected espionage Public and private sector mitigation and response costs 

Prevented costs: Tens of billions of dollars

30 July 2025

Confidentiality

In Director, Professional Services Review v Yoong [2025] FCAFC 95 the Court has ruled that complete clinical records were relevant to professional services reviews under the Health Insurance Act 1973 (Cth), validating the Director's notice requiring a general practitioner to produce complete clinical records for 76 patients, emphasizing that such records provide essential context for determining inappropriate practice. 

In articulating reasons the Court states 

This appeal arises from a review undertaken under Pt VAA of the Health Insurance Act 1973 (Cth) (HI Act) by the appellant, the Director of Professional Services Review, into the provision by the respondent, Dr Matthew Yoong, of services in respect of which medicare benefits were paid. The central question in the appeal concerns the validity of a notice issued by the Director under s 89B of the HI Act that required the respondent to produce “complete clinical records” in respect of a representative sample of his patients who had received services during the period covered by the review (the Notice). The respondent’s failure to comply with the Notice in turn led to a further notice being given by the Director under s 106ZPM of the HI Act which prevents medicare benefits being paid in respect of services rendered or initiated by the respondent. 

The respondent brought a proceeding seeking judicial review of the Director’s decisions under ss 89B and 106ZPM of the HI Act. The primary judge upheld the respondent’s challenge to the validity of the Notice on the basis that it was not confined to seeking documents that were “relevant to the review”: Yoong v Director, Professional Services Review [2023] FCA 1186 (J). As a consequence, the primary judge also set aside the notice given to the respondent under s 106ZPM. 

The Director submits that the primary judge erred in holding that the Notice was not authorised by s 89B of the HI Act and was therefore invalid. The grounds of appeal challenge the primary judge’s findings that the Notice was not confined to requiring the production of “relevant documents” within the meaning of s 89B(1) of the HI Act, and that the Notice was invalid on its face. The Director submits that these findings were based on a misconstruction or misapplication of the statutory definition of “relevant documents” and the requirements for a valid notice under s 89B. 

We consider that the grounds of appeal should be upheld, for the reasons set out below. The documents required by the Notice to be produced, being complete clinical records for identified patients to whom the respondent provided services during the review period, were relevant to the review within the meaning of s 89B(1) of the HI Act, properly construed. It cannot be said that those documents have no conceivable relevance or no bearing whatever on the review of the provision of services by the respondent during the review period. The documents are likely to assist the Director in the performance of investigative functions under Pt VAA of the HI Act. Further, the form and content of the Notice were sufficient to comply with the requirements of s 89B. In particular, the documents sought were identified with sufficient clarity to enable the respondent to understand what he was required to produce in order to comply with the Notice, and to show that the Director was authorised to require the respondent to produce the documents.

19 July 2025

Procedure

In Re Thorpe [2025] VSCA 172 the Court states 

 In October 2023, Uncle Robbie Thorpe (‘the applicant’) sought to file a charge sheet and summons in the Magistrates’ Court of Victoria naming King Charles III as the accused and alleging that he had committed ‘continuing acts of genocide ... against First Peoples’. The Magistrates’ Court refused to issue the summons and did not initiate a proceeding. 

By originating motion filed in the Trial Division on 7 March 2024, the applicant sought judicial review of the Magistrates’ Court decision. A trial was conducted on 19 July 2024 and on 5 February 2025 Richards J handed down her judgment. Her Honour held that the charge sheet did not disclose an offence known to law and that the Magistrates’ Court was correct to refuse to issue the proposed proceeding. 

An application for leave to appeal from a decision of Richards J to refuse to accept an affidavit for filing was refused by McLeish JA on 2 August 2024. 

The applicant has since filed an application for leave to appeal Richards J’s decision. He has also filed various applications other than for leave to appeal, which are voluminous and overlapping. Some of these additional applications have been accepted for filing. However, the Registrar refused to accept for filing four of the applications, pursuant to r 64.43 of the Supreme Court (General Civil Procedure) Rules 2015 (the ‘Rules’). Together these four applications seek more than 15 different orders, including orders for the joinder of additional parties, orders concerning intervenors, orders concerning the identity or racial background of the judges who are to hear his applications, and other orders concerning the conduct of the proceedings. 

The applicant now seeks to have a Judge or Judges of Appeal direct the Registrar to accept for filing the four applications that were refused, pursuant to r 64.43(5) of the Rules. 

For the reasons that follow, we will not direct the Registrar to accept the four documents for filing. ... 

The issue in this case is whether the documents fall within r 64.43(1) or (2) — that is, whether: (1) they are irregular (r 64.43(1)(a)); (2) they are frivolous or vexatious on their face or by reference to any materials already filed or submitted for filing (r 64.43(1)(b)); (3) the filing of them would give rise to an abuse of the process of the Court (r 64.43(1)(c)); (4) they do not comply with the Rules or the requirements of any applicable practice note (r 64.43(2)(b)); and/or (5) they are not accompanied by all the documents required by O64 or any applicable practice note (r 64.43(2)(d)). 

Consideration 

In our opinion the four documents that have not been accepted for filing are irregular, and/or frivolous or vexatious on their face and by reference to other materials that have been filed or submitted for filing, and/or would give rise to abuse of process. In addition, some of the documents do not comply with the applicable rules or a practice note, or were not accompanied by all the required documents. 

Document 495374 

As noted above, document 495374 seeks 13 orders (set out in the annexure to these reasons). Many of these orders are not orders that the Court can or would make. In light of that fact, it was appropriate for the Registrar to refuse to accept the document for filing, even if some of the other orders sought might have been orders that the Court can or would make. It is thus necessary only to identify some examples of entirely inappropriate orders in order to make clear that the Registrar was correct not to accept the document for filing. 

Proposed order 1 is that ‘Chief Justice Niall has conduct of these proceedings and this court file’. 

This is not a suitable order to be made by the Court of Appeal on the motion of a party. A party has no entitlement to seek to have an identified judicial officer conduct a proceeding. Nor would a judge or judges of the Court of Appeal make such an order. The application for this order is frivolous, vexatious and irregular. 

Proposed order 2 is that a ‘bench of five Aboriginal judicial officers be assembled to hear the application for leave to appeal and the appeal’. 

Again, this is not a suitable order to be made by the Court of Appeal on the motion of a party. A party has no entitlement to seek to have a bench of a particular size or composition hear a proceeding. Nor would a judge or judges of the Court of Appeal make such an order. The application for this order is frivolous, vexatious and irregular. 

Proposed order 3 is as follows: If there are not sufficient Aboriginal judicial officers in the Supreme Court of Victoria to assemble a bench of five Aboriginal judicial officers, then Chief Justice Niall to write to and seek to meet with the Attorneys-General of the State of Victoria and the Commonwealth of Australia to request the special appointment of sufficient Aboriginal judicial officers including the appointment of (i) Professor Irene Watson, Research Professor of Law, University of South Australia, and (ii) law graduate Dr Jaqui Katona , Moondani Balluk Indigenous Unit, Victoria University, and (iii) lawyer Paul Coe (iv) lawyer Michael Mansell (v) puralia meenamatta (“Uncle Jim Everett”), the Palawa man from the clan plangermairreenner (vi) Dr Aunty Mary Graham, Kombumerri and Hakka Wakka, Adjunct Associate Professor, University of Queensland — six names listed here in case of illness or other unavailability on the hearing dates. 

It is plain that this Court cannot order Niall CJ to take the step sought. The application for this order is frivolous, vexatious and irregular. 

Proposed order 10 is as follows: The Magistrates Court of Victoria is directed to retain counsel and participate properly in these proceedings as a normal party and respondent. 

Again, it is plain that this Court cannot make an order in such terms directed to the Magistrates’ Court of Victoria. The application for this order is frivolous, vexatious and irregular.

In Thorpe v Magistrates' Court of Victoria [2025] VSC 22 the headnote notes that Thorpe sought to file a charge-sheet and summons in the Magistrates’ Court of Victoria to commence private prosecution against King Charles III for crimes of genocide under First Peoples’ sovereign laws, the common law, and div 268 of the Criminal Code Act 1995 (Cth) 

The judgment states

On 20 October 2023, Uncle Robbie Thorpe sought to commence a private prosecution against King Charles III for crimes of genocide. He did so by filing a charge-sheet and summons in the Magistrates’ Court of Victoria, naming himself as the informant and Charles Phillip Arthur George Windsor as the accused. The offences alleged in the charge-sheet were continuing acts of genocide against First Peoples, contrary to First Peoples’ sovereign laws, the common law of Victoria, and div 268 of the Criminal Code Act 1995 (Cth). 

On 29 December 2023, a senior registrar of the Magistrates’ Court refused to issue the proceeding, on the basis that the proper source of law had not been particularised and the proposed accused may be misled or prejudiced by this omission, and in those circumstances the issue of the proceeding would be an abuse of process. The proceeding was therefore returned unissued. 

In this proceeding, Uncle Robbie seeks judicial review of the Magistrates’ Court’s decision. He seeks an order requiring the Magistrates’ Court to accept the charge-sheet and summons for filing and issue the summons. ... 

At a directions hearing on 22 April 2024, I ordered that the Attorney-General of Victoria be joined as second defendant to the proceeding, on the basis that as the first law officer of the State of Victoria, her presence was necessary to ensure that all questions in the proceeding are effectually and completely determined and adjudicated upon. The Attorney-General subsequently filed written submissions and briefed Crown Counsel to appear at the trial of the proceeding on 19 July 2024. 

At the trial, Uncle Robbie applied for me to disqualify myself from further conduct of the proceeding. I refused that application, and provide my reasons for that decision below. 

In the course of his submissions at trial, Uncle Robbie challenged the legal foundation of the State of Victoria, in light of the widely acknowledged truth that the sovereignty of the First Peoples of Victoria was never ceded. He questioned the legitimacy of the Court’s jurisdiction, given the High Court’s rejection of the fiction of terra nullius and the previous use of that fiction to justify the Crown’s acquisition of Victoria. These large and important questions are currently being considered by the Yoorrook Justice Commission, and have prompted the Victorian Government to commence treaty negotiations with Victoria’s First Peoples. 

While acknowledging the significance of the questions raised by Uncle Robbie, the only jurisdiction that I can exercise is the jurisdiction of this Court. I can only do that by applying the law of the State of Victoria to the questions for determination in this proceeding. 

For the reasons that follow, I have concluded that the Magistrates’ Court was correct to refuse to issue the proposed proceeding. The charges alleged in the charge-sheet did not disclose an offence known to the law of Victoria. 

The proceeding must therefore be dismissed. 

Disqualification application   

By summons filed 15 July 2024, Uncle Robbie sought orders including an order that I be disqualified from further conduct of the proceeding. The basis for this application was set out in his accompanying affidavit, as follows: (a) In my decision of Re Thorpe (No 2), I had quoted his submissions in full while making no comment about ongoing Aboriginal genocide and injustice to Aboriginal people at the hands of non-Aboriginal people. This amounted to ‘white denial’ that Aboriginal people would perceive as bias; (b) I am not Aboriginal; (c) There are no documents evidencing that I have accepted that Aboriginal sovereignty has never been ceded and that Aboriginal law is the only true law of this land; (d) I have publicly sworn allegiance to the monarchy, and have not publicly repudiated the Windsor family as genocidal invaders; (e) Consequently, I am reasonably likely to be perceived by Aboriginal peoples and others as biased against Aboriginal peoples. 

The Attorney-General opposed the application, saying that the circumstances relied on by Uncle Robbie did not give rise to a reasonable apprehension of bias. 

A judge is disqualified from hearing a case if a fair-minded lay observer might reasonably apprehend that the judge might not bring an impartial mind to the resolution of the questions for decision in the case. Applying this test involves first identifying what it is said might lead the judge to decide the case other than on its legal and factual merits, and then articulating a logical connection between that matter and the fear that the judge might not decide the case on its merits. The final step in the analysis is assessing the reasonableness of the asserted apprehension of bias.

At the same time, judges are obliged to hear cases assigned to them in which the Court’s jurisdiction has been regularly invoked. Judges ‘do not select the cases they will hear, and they are not at liberty to decline to hear cases without good cause’. In this case, which has been assigned to me to hear and determine, Uncle Robbie has regularly invoked the judicial review jurisdiction of the Supreme Court of Victoria. 

On my appointment to the Court, I pledged allegiance to Her Majesty Queen Elizabeth II and her heirs and successors according to law. I also took the affirmation of office as a judge, to discharge the duties of my office according to law, without fear or favour, affection or ill-will. 

The Court’s jurisdiction is conferred by the Constitution Act 1975 (Vic) and is recognised in ch III of the Commonwealth Constitution. The law to be applied by a judge of the Court is the law of the State of Victoria, in accordance with Victoria’s Constitution Act and the Commonwealth Constitution. 

I do not accept Uncle Robbie’s assertion that pledging allegiance to the Crown and taking the affirmation of office might give rise to a reasonable apprehension that I might not decide this judicial review proceeding on its merits. These promises are essential to the office of a judge of the Supreme Court of Victoria, and have been made by every judge of this Court. One of us must hear and determine the case that Uncle Robbie has brought, and it has been allocated to me.;

17 July 2025

ANAO data governance

The ANAO Governance of Data report states 

Data is any information in a form capable of being communicated, analysed or processed (whether by an individual, a computer or other automated means). Data becomes valuable when it is processed and analysed to extract meaning, leading to insights, decisions or predictions. Governance of Data considers structured data that is measurable, such as a set of observations organised into a table, spreadsheet or database — in contrast to unstructured data that cannot be easily measured, such as records of meeting minutes. 

Data is a valuable asset of every Commonwealth entity, as it underpins informed decision making, efficient and effective business operations and public accountability. This means entities should invest in its governance, quality, security and ethical use to ensure data is trusted, protected and used to drive measurable results and outcomes for citizens. 

Effective governance of data is critical to realising and maximising the economic, social and environmental benefits of data. This includes securely, safely, lawfully and ethically sharing data with other public sector jurisdictions, in accordance with the Intergovernmental Agreement on data sharing between Commonwealth and State and Territory governments. Good data governance is also necessary to meet legislative obligations and policy. 

Through its audit work, the ANAO has observed good practices and fundamental deficiencies in the governance of data across multiple entities. Governance deficiencies have resulted in weaknesses to data integrity (reliability and verifiability), which impacts business processes and can result in reduced capability to make informed decisions, meet reporting requirements and achieve business objectives. Good data governance is essential in analytics, artificial intelligence (AI) and machine learning , to ensure ethical use of data, including avoiding bias in AI models. 

Benefits of good data governance

  • Improved capability to achieve business outcomes. 

  • More robust evidence base for improved decision making and increased public trust. 

  • More consistent, coordinated, accessible and timely services. 

  • More informed policy development and decision-making. 

  • Better reporting and assurance to the Parliament. 

  • Improved information exchange and transparency. 

  • Greater operational efficiency and cost-effectiveness. 

  • Reduced impact of machinery of government and other business continuity changes. 

  • Better understanding and management of regulatory and other risks. 

  • Compliance with legislative requirements, including privacy. 

  • Increased physical, information and personnel security.

Commonwealth legislation and policy on data governance 

  • Privacy Act 1988 - Outlines obligations to protect the identity of individuals an entity holds data about, and the ethical handling of this data. 

  • Data Availability and Transparency Act 2022 - Authorises Australian Government entities to make data assets discoverable and to share data with accredited individuals and organisations, provided certain conditions are met. 

  • Freedom of Information Act 1982 - With some exceptions, provides the public the right to access government held information, including government policies and decisions. 

  • Protective Security Policy Framework - Sets out what Australian Government entities must do to protect people and information assets.

Also relevant are the:

  • Archives Act 1983, which makes National Archives of Australia responsible for identifying the archival resources of the Commonwealth (that is, Commonwealth information of enduring value), and preserving and making publicly available the archival resources of the Commonwealth; 

  • National Archives of Australia’s Building trust in the public record policy, which identifies key requirements for managing Australian Government information assets, including records, information and data; and supports improvement in performance management of public sector data and the use and reuse of data; 

  • the Department of Finance’s Data Ethics Framework, which provides Australian Public Service (APS) guidance on ethical use of public data and analytics; 

  • the Australian Public Service Commission’s APS Data Capability Framework, which outlines 26 data-specific capability areas associated with working with data in the APS; and 

  • the Digital Transformation Agency’s Framework for the Governance of Indigenous Data, which aims to provide Aboriginal and Torres Strait Islander people greater agency over how their data is governed within the APS so government-held data better reflects their priorities and aspirations. 

Whole-of-government data strategy 

Launched in December 2023, the Australian Government’s Data and Digital Government Strategy (the Strategy) aims to provide a blueprint for the use and management of data and digital technologies by the APS through to 2030. The Strategy recognises data as a valuable national asset in realising Australia’s economic and social objectives, and in improving the evidence-base for government policy decisions, with a goal of better outcomes for all people and business. 

To support implementation of the Strategy, and to help entities self-assess their data maturity over time, the Department of Finance developed the Data Maturity Assessment Tool (DMAT). The self-assessment enables entities to: track their data maturity progress over time; identify data management strengths and weaknesses; and improve their ability to meet reporting obligations for promoting accountability and public trust.

The report features 'Questions for reflection'  

Lesson 1: Value data as an asset

  • Does our entity have a culture that values curiosity, evidence and learning from data? 

  • Does our entity have leadership commitment, including a sole authority (Chief Data Officer or equivalent data leadership role) responsible for all entity data and for fostering a culture that values data? 

  • Does our entity consider from the outset what data is required to achieve business objectives? Does our entity collect and use data with a purpose, such as for evidence-based policy, and to evaluate and measure performance? 

  • Does our entity select and design systems based on the required data outputs? 

  • Does our entity have clear methodology documentation (such as standard operating procedures and workflows) that enables users to easily locate required data at any point in a process? 

  • Does our entity have appropriate controls in place to assure the integrity of data, such as regular data checks and sign off by senior staff certifying data quality and integrity? 

  • Does our entity uplift staff data capability through learning? 

  • Does our entity regularly assess its data maturity, such as by using the Data Maturity Assessment Tool?

 

Lesson 2: Develop an information governance framework and data strategy  

  • Does our entity have an information governance framework and a data strategy? 

  • Does our entity’s information governance framework provide broad oversight of our organisation’s data assets and data management approach to achieve business goals? 

  • Does our entity’s information governance framework set out drivers for data, such as

    • legislation, risk and business needs? 

    • the environment within which data is created and/or captured, collected and managed? 

    • the principles that guide data design, capture, management and use? 

    • roles and responsibilities, including leadership, as they relate to data? 

    • consistent understanding and use of data across systems within the organisation and with other entities? 

    • controls to protect against risks to data and to preserve the integrity of data? 

    • how ethical considerations are embedded into data and AI policies? 

    • senior management commitment to uphold data governance? 

  • What actions does our entity take to embed information governance into its culture, such as training and guidance for staff? 

  • Does our entity’s data strategy align with our organisation’s information governance framework, with greater detail on the approach to data creation, capture, collection, management and use of data? 

  • Has our entity considered the Office of the National Data Commissioner’s Foundational Four in establishing data governance and an enterprise-wide data strategy? 

  • Has our entity integrated AI into our information governance framework and data strategy to ensure responsible and secure AI use and alignment with business objectives? 

  • Does our entity regularly review and evolve our information and data framework and strategy? If applicable, does our entity meet the requirements of the Policy for the responsible use of AI in government?

Lesson 3: Establish data leadership and define roles and responsibilities

  • Does our entity have an established data leader and defined data team roles and responsibilities? 

  • Does our entity refer to the SES Accountabilities for Data guidance to establish data roles and responsibilities? 

  • Does our entity have a Chief Data Officer or equivalent who is accountable for enterprise-wide governance and use of data as an asset within the entity, and building entity data capabilities? 

  • Does the role of our entity’s Chief Data Officer or equivalent align with the Chief Data Officer Information Pack? 

  • Does our entity hold SES staff accountable for the proper use of government data within their areas of business responsibility? Does our entity clearly document data roles and responsibilities?

Lesson 4: Document data methodology with data processes mapped end-to-end

  • Does our entity document data methodology with processes mapped end-to-end? 

  • Does our entity classify and categorise data to make it more discoverable and useful? 

  • Does our entity document data sources and systems? 

  • Does our entity document end-to-end processes? 

  • Does our entity manage entire data lifecycles (using the Data Maturity Assessment Tool or the Data Lifecycle View outlined in the APS Data Capability Framework)? 

  • Does our entity implement quality standards and assurance processes? 

  • Does our entity implement auditing and monitoring practices? 

  • Is our entity’s documentation clear and sufficiently detailed to support business continuity and mitigate risks such as loss of knowledge through staffing changes?

Lesson 5: Strengthen assurance over third-party data

  • Does our entity have strong assurance over any third-party data? 

  • Does our entity clearly understand how third parties collect data? 

  • Does our entity have assurance over the quality and integrity of third-party data? 

  • Does our entity implement appropriate controls to identify, mitigate and address data risks? 

  • Does our entity integrate data reporting obligations as part of formal arrangements, such as contracts or grants management agreements? 

  • Does our entity conduct regular due diligence, such as provider risk assessments and audits? 

  • Does our entity integrate third-party data into existing data governance frameworks (e.g. through validation checks, access controls and monitoring)? 

  • Does our entity obtain control reports on the effectiveness of third-party systems, including their reliability and data security measures?

07 July 2025

Reliability

'Hallucination-Free? Assessing the Reliability of Leading AI Legal Research Tools' by Varun Magesh, Faiz Surani, Matthew Dahl, Mirac Suzgun, Christopher D. Manning and Daniel E. Ho in (2025) Journal of Empirical Legal Studies comments 

 In the legal profession, the recent integration of large language models (LLMs) into research and writing tools presents both unprecedented opportunities and significant challenges (Kite-Jackson 2023). These systems promise to perform complex legal tasks, but their adoption remains hindered by a critical flaw: their tendency to generate incorrect or misleading information, a phenomenon generally known as “hallucination” (Dahl et al. 2024). 

As some lawyers have learned the hard way, hallucinations are not merely a theoretical concern (Weiser and Bromwich 2023). In one highly publicized case, a New York lawyer faced sanctions for citing ChatGPT-invented fictional cases in a legal brief (Weiser 2023); many similar incidents have since been documented (Weiser and Bromwich 2023). In his 2023 annual report on the judiciary, Chief Justice John Roberts specifically noted the risk of “hallucinations” as a barrier to the use of AI in legal practice (Roberts 2023). 

Recently, however, legal technology providers such as LexisNexis and Thomson Reuters (parent company of Westlaw) have claimed to mitigate, if not entirely solve, hallucination risk (Casetext 2023; LexisNexis 2023b; Thomson Reuters 2023, inter alia). They say their use of sophisticated techniques such as retrieval-augmented generation (RAG) largely prevents hallucination in legal research tasks. ... 

However, none of these bold proclamations have been accompanied by empirical evidence. Moreover, the term “hallucination” itself is often left undefined in marketing materials, leading to confusion about which risks these tools genuinely mitigate. This study seeks to address these gaps by evaluating the performance of AI-driven legal research tools offered by LexisNexis (Lexis+ AI) and Thomson Reuters (Westlaw AI-­Assisted Research and Ask Practical Law AI) and, for comparison, GPT-4. 

Our findings, summarized in Figure 1, reveal a more nuanced reality than the one presented by these providers: while RAG appears to improve the performance of language models in answering legal queries, the hallucination problem persists at significant levels. To offer one simple example, shown in the top left panel of Figure 2, the Westlaw system claims that a paragraph in the Federal Rules of Bankruptcy Procedure (FRBP) states that deadlines are jurisdictional. But no such paragraph exists, and the underlying claim is itself unlikely to be true in light of the Supreme Court's holding in Kontrick v. Ryan, 540 U.S. 443, 447– 48 & 448 n.3 (2004), which held that FRBP deadlines under a related provision were not jurisdictional. 

We also document substantial variation in system performance. LexisNexis's Lexis+ AI is the highest-performing system we test, answering 65% of our queries accurately. Westlaw's AI-Assisted Research is accurate 42% of the time, but hallucinates nearly twice as often as the other legal tools we test. And Thomson Reuters's Ask Practical Law AI provides incomplete answers (refusals or ungrounded responses; see Section 4.3) on more than 60% of our queries, the highest rate among the systems we tested. ... 

Our article makes four key contributions. First, we conduct the first systematic assessment of leading AI tools for real-world legal research tasks. Second, we manually construct a preregistered dataset of over 200 legal queries for identifying and understanding vulnerabilities in legal AI tools. We run these queries on LexisNexis (Lexis+ AI), Thomson Reuters (Ask Practical Law AI), Westlaw (AI-Assisted Research), and GPT-4 and manually review their outputs for accuracy and fidelity to authority. Third, we offer a detailed typology to refine the understanding of “hallucinations,” which enables us to rigorously assess the claims made by AI service providers. Last, we not only uncover limitations of current technologies, but also characterize the reasons that they fail. These results inform the responsibilities of legal professionals in supervising and verifying AI outputs, which remains an important open question for the responsible integration of AI into law.  

The rest of this work is organized as follows. Section 2 provides an overview of the rise of AI in law and discusses the central challenge of hallucinations. Section 3 describes the potential and limitations of RAG systems to reduce hallucinations. Section 4 proposes a framework for evaluating hallucinations in a legal RAG system. Because legal research commonly requires the inclusion of citations, we define a hallucination as a response that contains either incorrect information or a false assertion that a source supports a proposition. Section 5 details our methodology to evaluate the performance of AI-based legal research tools (legal AI tools). Section 6 presents our results. We find that legal RAG can reduce hallucinations compared to general-­purpose AI systems (here, GPT-4), but hallucinations remain substantial, wide-ranging, and potentially insidious. Section 7 discusses the limitations of our study and the challenges of evaluating proprietary legal AI systems, which have far more restrictive conditions of use than AI systems available in other domains. Section 8 discusses the implications for legal practice and legal AI companies. Section 9 concludes with implications of our findings for legal practice.