The Attorney-General has released the report of the review of Commonwealth secrecy provisions, which 'addresses concerns raised by multiple reviews about the number, inconsistency, appropriateness and complexity of Commonwealth secrecy offences'.
The report states
2. In 2009, the Australian Law Reform Commission (ALRC) issued a report, Secrecy Laws and Open Government in Australia (the ALRC Report). The ALRC concluded that the number of secrecy offences was at odds with the general shift towards open and accountable government. The ALRC Report recommended reforms to repeal the then-existing offences in the Crimes Act 1914 (Crimes Act)2 and replace them with new general secrecy offences targeted to protect essential public interests.
3. While new general secrecy offences were enacted in 2018,3 the number of secrecy provisions in Commonwealth laws has continued to grow. At the time of the ALRC report, there were 506 secrecy provisions in Commonwealth primary and subordinate legislation. Today – taking into account the general secrecy offences, specific secrecy offences and non-disclosure duties given criminal liability by section 122.4 of the Criminal Code Act 1995 (Criminal Code) – there are 875.
4. The utility of secrecy offences in protecting certain information from being disclosed has come into focus more recently due to an increase in the frequency of data breaches, including the Optus and Medibank data breaches in 2022. PwC Australia’s alleged breach of confidence, brought to light in 2023, has similarly raised concerns about the adequacy and appropriateness of secrecy offences, including their coverage of those who receive confidential information from government on the one hand and their restriction of information-sharing between Commonwealth agencies on the other.
5. In undertaking the task to inquire and report on secrecy provisions in Commonwealth laws and appropriate reforms, the Review was guided by the above context and the following key considerations:
1) Open and accountable government is fundamental to our democracy, and secrecy offences sit within a broader context of mechanisms that protect or facilitate access to Commonwealth information.
2) Secrecy offences play a legitimate and important role in protecting the confidentiality of certain Commonwealth information where an unauthorised disclosure or other dealing may cause harm to public interests, such as national security and public safety, or harm to the relationship of trust between individuals and/or entities and the Australian Government.
3) Criminal liability for unauthorised disclosures should be limited to the extent needed to protect essential public interests. Other sanctions (administrative or civil) may be more appropriate to deter and respond to unauthorised disclosures.
6. The Review identified and considered the following secrecy offences across 238 Commonwealth laws: 11 general secrecy offences in Part 5.6 of the Criminal Code; 295 non-disclosure duties in 102 Commonwealth laws which attract criminal liability under section 122.4 in Part 5.6 of the Criminal Code;569 specific secrecy offences in 183 Commonwealth laws.
7. The Review also identified 25 override provisions in 20 Commonwealth laws that operate to exclude secrecy offences in other Commonwealth laws. Scope of the Review 8. The Review’s terms of reference are at Appendix A. The Review was directed to conduct an inquiry and report on:
• any specific secrecy offences in Commonwealth legislation that are no longer required in light of the introduction of the general secrecy offences in the National Security Legislation Amendment (Espionage and Foreign Interference) Act 2018 (EFI Act)
• the suitability and appropriate framing of the general and specific secrecy offences in Commonwealth legislation, having particular regard to: – the principles outlined in the ALRC Report, and – other relevant principles, including but not limited to those set out in the Guide to Framing Commonwealth Offences, Infringement Notices and Enforcement Powers (the Guide)
• any amendments to general and specific secrecy offences in Commonwealth legislation that are necessary to adequately protect individuals who provide information to Royal Commissions balanced against other essential public interests, and
• any amendments that are necessary to adequately protect public interest journalism balanced against other essential public interests.
9. In January 2023, the Review provided an interim report to the Attorney-General that focused on protections for individuals providing secrecy-regulated information to Royal Commissions. This issue is considered further in Part 5, and the interim report is at Appendix D.
10. The Review did not consider secrecy offences in the National Security Information (Criminal and Civil Proceedings) Act 2004 (consistent with Review’s terms of reference). The Independent National Security Legislation Monitor (INSLM) is currently considering these secrecy offences as part of a Review of the operation and effectiveness of the National Security Information (Criminal and Civil) Proceedings Act 2004.7 The INSLM is due to provide a final report to the Attorney-General by 31 October 2023.
11. Further, issues around whistleblower protections are being considered as part of the review of the Public Interest Disclosure Act 2013 (PID Act), as are reforms to implement recommendations arising from the Parliamentary Joint Committee on Intelligence and Security (PJCIS) Inquiry into the impact of the exercise of law enforcement and intelligence powers on the freedom of the press (PJCIS Press Freedom Report). This data has been updated from the Review’s March 2023 consultation paper data. These updates are attributable to enactment of provisions, repeal of provisions, identification of additional provisions, and identification that some provisions were not secrecy provisions. Independent National Security Legislation Monitor, ‘Review into the operation and effectiveness of the National Security Information (Criminal and Civil Proceedings) Act 2004’ (2023).
Consultation
12. To help inform the Review, consultation was undertaken with all Commonwealth departments and agencies, as well as civil society, media organisations, legal experts and current Royal Commissions. In February 2023, the Attorney-General met with a range of media organisations to discuss issues affecting press freedom, including secrecy offences. In March 2023, the Review released a consultation paper inviting public submissions on the operation of secrecy provisions. The Review received 12 submissions from organisations and members of the public. With submitters’ consent, 10 of these submissions have been published on the Attorney-General’s Department’s website.
Public consultation
13. The public submissions to the Review were mostly from civil society, legal and media organisations. Their main concern was that the current state of secrecy law restricts public scrutiny of government processes and operations, and creates a chilling effect on public interest journalism and whistleblowers. They considered there were too many secrecy offences in Commonwealth legislation and that the existing offences were complex and overly expansive. Submissions were also supportive of a reduction in criminal liability and proposed changes to narrow the application of general and specific secrecy offences to circumstances where there is clear harm to an essential public interest.
14. However, the Review did not receive submissions from privacy stakeholders and submissions offered limited views on whether it is appropriate for secrecy offences to protect personal and commercial information. The public consultation period also concluded before the publication of PwC Australia’s alleged breach of confidentiality and the Report of the Royal Commission into the Robodebt Scheme and therefore, public stakeholders did not engage in those issues.
Government consultation
15. Consultation with Commonwealth departments and agencies sought to understand the particular context and need for secrecy provisions administered by each department, including whether criminal liability was necessary or whether administrative or civil sanctions were appropriate. These consultations included reviewing non-disclosure duties applying to Commonwealth officers that currently attract criminal liability through section 122.4 of the Criminal Code, which sunsets on 29 December 2023.
16. Feedback indicated that many specific secrecy offences and non-disclosure duties do need to have criminal liability attached. Factors that departments and agencies considered in making their assessments included (but was not limited to):
• differences in the conduct covered by the general secrecy offences and the conduct covered by their specific secrecy offences
• particular sensitivities of the information protected by specific secrecy offences and non-disclosure duties • whether the offences targeted actual or potential harm that might be caused by unauthorised disclosures
• the need to assure stakeholders who provide information to government – including the Australian community and foreign partners – that there are appropriate penalties in place for unauthorised disclosure
• the discrete roles played by different Commonwealth departments and agencies who hold information, for example, whether they are regulators, service providers, intelligence agencies or law enforcement agencies
• whether there were alternative sanctions that could be better suited to deterring or punishing unauthorised disclosures, and
• other benefits and implications of applying criminal penalties, such as supporting future decisions about whether a person should be a security clearance holder.
17. The Review also notes that additional issues have been raised in these consultations about the adequacy of secrecy offences to:
• protect sensitive defence information in light of the changing strategic environment, including AUKUS
• deter or respond to the broad range of breaches of confidentiality that could occur, including PwC Australia’s recent alleged breach of confidentiality, and
• the impact of secrecy offences on information-sharing about breaches of confidentiality between departments and agencies.
The term ‘secrecy provisions’ is used in this report to refer to both specific secrecy offences and non-disclosure duties. The difference between these is discussed further in Part 1. Part 5.6 of the Criminal Code Act 1995 (‘Criminal Code’) defines ‘Commonwealth officer’ to mean individuals employed or engaged by the Commonwealth, including Australian Public Service employees and contracted service providers. The definition also includes individuals appointed or employed by the Commonwealth other than under the Public Service Act 1999 including Commonwealth ministers, statutory office holders and individuals employed by the Commonwealth under other legislation such as the Members of Parliament (Staff) Act 1984. On 10 August 2023, the Government introduced the Counter-Terrorism and Other Legislation Amendment Bill 2023 to Parliament. Schedule 2, Part 2 of the Bill would extend the sunsetting date of section 122.4 of the Criminal Code to 29 December 2024.
18. The Review developed the following 11 recommendations to guide future work to reduce the number of secrecy offences and support a consistent approach to the framing of secrecy offences
Recommendation 1: The following principles be adopted for framing Commonwealth secrecy offences going forward:
• Principle 1: Secrecy offences should be limited to circumstances where there is an essential public interest that requires criminal sanctions.
• Principle 2: Criminal liability for the protection of Commonwealth information should primarily be imposed through general secrecy offences.
• Principle 3: Specific secrecy offences should apply where criminal liability differs in significant and justifiable ways from general secrecy offences.
• Principle 4: A harms-based approach should be taken in framing secrecy offences. Secrecy provisions should: – contain an express harm element – cover a narrowly defined category of information and the harm to an essential public interest is implicit, or – protect against harm to the relationship of trust between individuals and the Government integral to the regulatory functions of government.
• Principle 5: Secrecy offences that apply to Commonwealth officers should also apply to former Commonwealth officers.
• Principle 6: Secrecy offences should clearly identify any third parties regulated by the offence and separate offences should apply to third parties.
• Principle 7: Offences capturing third parties should have a higher threshold for establishing criminal liability.
• Principle 8: Secrecy offences should clearly identify the conduct regulated.
• Principle 9: Fault elements for secrecy offences should generally require intention or recklessness (awareness of a substantial risk) in line with the default approach in the Criminal Code Act 1995 (Criminal Code).
• Principle 10: Secrecy offences should have maximum penalties that reflect the potential seriousness of the conduct.
• Principle 11: Offence-specific defences should be considered when framing secrecy offences, including to protect public interest journalism.
• Principle 12: All Commonwealth departments and agencies should regularly review specific secrecy offences in legislation they administer as part of reviews of legislation and legislative instruments.
Recommendation 2: Legislation be developed to repeal specific secrecy offences and non-disclosure duties identified through this Review’s consultations as no longer being required.
Recommendation 3: To enable the further reduction of specific secrecy offences and non-disclosure duties, the Attorney-General’s Department develop a new general secrecy offence for inclusion in Part 5.6 of the Criminal Code to ensure Commonwealth officers and persons who perform services for or on behalf of the Commonwealth do not disclose information obtained in connection with their employment or the provision of the service, where that disclosure would be prejudicial to the effective working of Government or where the information was communicated to them in confidence.
Recommendation 4: If Recommendation 3 is implemented, all Commonwealth departments and agencies identify which specific secrecy offences and non-disclosure duties may then be repealed.
Recommendation 5: Repeal section 122.4 of the Criminal Code, or allow it to sunset on 29 December 2024.
Recommendation 6: Repeal the proper place of custody offences in sections 122.1(3) and 122.2(3) of the Criminal Code.
Recommendation 7: Protections be improved for individuals providing information to Royal Commissions by:
• amending the Royal Commissions Act 1902 to establish: – a framework that clarifies the application of secrecy offences to individuals providing information to Royal Commissions, and – appropriate protective security requirements for Royal Commissions.
• amending section 122.5 of the Criminal Code to include an additional defence to a prosecution where the information is communicated for the purposes of a Royal Commission.
Recommendation 8: Legislation be developed to apply a public interest journalism defence similar to the defence in section 122.5(6) of the Criminal Code to additional secrecy offences, to be identified through work following the Review in line with Principle 11 in Recommendation 1.
Recommendation 9: Legislation be developed as a priority to require the protection of public interest journalism to be considered in decisions on warrant applications, including in the investigation of secrecy offences, as recommended by the Parliamentary Joint Committee on Intelligence and Security in its Inquiry into the impact of the exercise of law enforcement and intelligence powers on the freedom of the press.
Recommendation 10: The Attorney-General’s Department amend the Commonwealth’s Guide to Framing Commonwealth Offences, Infringement Notices and Enforcement Powers to include the 12 principles to govern the framing of secrecy offences at Recommendation 1 and develop public information materials on the operation of Commonwealth secrecy offences to increase awareness and understanding about secrecy offences, including protections for public interest journalism.
Recommendation 11: Request the Independent National Security Legislation Monitor consider, as part of the Monitor’s review of the National Security Legislation Amendment (Espionage and Foreign Interference) Act 2018, the appropriateness of the definitions of ‘inherently harmful information’ and ‘cause harm to Australia’s interests’ contained in Part 5.6 of the Criminal Code.