Medical Device Regulation

The TGA report Clarifying and strengthening the regulation of Medical Device Software including Artificial Intelligence states 

In the 2024-25 federal Budget, the Australian Government provided $39.9 million over 5 years for the development of policy and capability across government to support Safe and Responsible AI. The measure includes work to clarify and strengthen existing laws and address risks and harms from Artificial Intelligence (AI) through an immediate review of priority areas, including health and aged care sector regulation, Australian consumer law, and copyright law. 

As part of the Australian Government’s Department of Health, Disability and Ageing (the Department), the Therapeutic Goods Administration (TGA) regulates therapeutic goods, including software and AI models and systems when they meet the definition of a medical device under the Therapeutic Goods Act 1989. Software-based medical devices (including AI models and systems) have been regulated by the TGA for many years. In 2021, we clarified the classification levels of software to account for the potential and emerging risks of harm associated with software, and introduced a number of “carve-outs” for very low risk products or products that had oversight from other regulators. With input from relevant industry stakeholders, we published guidance about our refined regulatory framework, setting out how regulatory requirements apply to these kinds of devices. Since that time, the TGA has monitored the refinements to identify when further review and adjustment was required, including to address emerging risks as technology like AI is rapidly adopted and deployed in healthcare settings. 

In 2024, the TGA conducted a review in tandem with the Department’s broader review of health and aged care legislation, to: • determine whether our existing legislation, regulations and guidance are appropriate to meet the challenges associated with an increasing use of medical software and AI across the healthcare sector, and • identify measures to clarify and strengthen existing regulation to mitigate risks and leverage opportunities associated with medical software and AI use in the therapeutic goods sector. 

Extensive targeted engagement with stakeholders from cohorts including the medical device industry, consumers and clinicians has been conducted, followed by a public consultation process seeking more information and feedback about strengths of the system, opportunities for improvements and identified issues and areas of concern. Our review also included mapping the existing medical device legislative framework against the mandatory guardrails for use in high-risk settings proposed by the Department of Industry, Science and Resources (DISR) in their consultation: Introducing mandatory guardrails for AI in high-risk settings: proposals paper.

The TGA goes on to comment

It is likely that the time and costs associated with regulatory requirements appear to developers to be disproportionate when compared to the time and costs associated with the development of a software product. A further cultural issue is the pervading belief among some developers that software products don’t present a meaningful risk to consumers and users, particularly when they are integrated with the provision of healthcare, where a human is in the loop, or where outputs are information only. 

Stakeholders, including clinicians and consumers who use these kinds of products, have identified that the absence of humans, lack of transparency and failure to engage with existing regulatory requirements represent a combination of circumstances that may lead to patient harm. In many instances, users are not aware that AI or machine learning has been used in the development of software, or is used operationally within the clinical workflow. 

Further  

Regulatory requirements for medical devices, including software, are principles-based and apply regardless of whether the product incorporates components like AI, chatbots, cloud, mobile apps or other technologies. As such, software that incorporates generative AI such as large language models (LLMs), text generators, and multimodal generative AI are all regulated as a medical device if they meet the definition under the Act. As a component of the review, we mapped the existing legislative framework, including regulations and guidance, against the mandatory guardrails proposed for use in high-risk settings under the proposal put forward by DISR in their consultation: Introducing mandatory guardrails for AI in high-risk settings: proposals paper. A summary is at Attachment A. 

This section documents key features of the existing framework for the regulation of medical devices including: • Technology agnostic regulation • Risk based classification • Principles based regulation • International harmonisation 

Technology-agnostic regulation 

Australia’s regulatory approach to medical devices is technology-agnostic, with legislative requirements centred on risk and principles rather than linking specific requirements to explicit features or technologies. A technology-agnostic approach requires those responsible for manufacturing a medical device to: • identify the specific and potential risks associated with the device throughout its lifecycle • institute measures to mitigate both identified and residual risks • have measures in place for ongoing review and monitoring of the device’s performance after it has been deployed, and • engage in ongoing review and refinement of the device once deployed. 

This approach provides flexibility and responsiveness to emerging technologies, allowing lower risk devices to enter the market expeditiously while subjecting higher risk devices to greater regulatory scrutiny to ensure quality, safety, and performance throughout the device life cycle. The continuation of a technology-agnostic approach will provide flexibility to ensure appropriate regulation is capable of being applied to emerging technologies without the need for continual review and refinement of legislation. Moving away from a technology-agnostic approach where the onus for demonstrating safety, quality and performance rests with the manufacturer or deployer may lead to the introduction of risks as developers adopt a “tick-box” mentality to regulation rather than a proactive engagement and assessment of the risks posed by their products. 

Development of specific regulatory requirements for individual technologies is also likely to become a limiting factor with respect to the development of innovative devices in the long term, as devices that don’t easily fit within specified parameters struggle to meet requirements that were never intended for devices of their nature. 

Risk based classification 

In Australia, devices are classified using classification rules set out in Schedule 2 of the Therapeutic Goods (Medical Devices) Regulations 2002. 

The classification of a medical device is determined by factors including how long the device will be continuously used for and how invasive the device is. For software-based medical devices, classification may also be impacted by whether the device is intended for use by a clinician or a consumer, and the seriousness of the illness or condition for which it is intended to be used. The classification of a device will determine the level of scrutiny and pre-market assessment applied to the device before it can be deployed/supplied. 

Principles based regulation 

In Australia, manufacturers are required to demonstrate that medical devices comply with the essential principles. These are legislative requirements that are further set out in Schedule 1 of the Regulations, and relate to specific characteristics of medical devices including design, construction, evidence supporting the use of the device and information to be provided with the device. 

Manufacturers must ensure their devices meet all relevant principles and sponsors must either hold or be able to obtain this evidence from their manufacturer on request. Principles-based regulation, as opposed to prescriptive or rules-based regulation, provides flexibility. This approach accommodates the broad complexity and diversity of medical devices regulated, including as new technologies like AI emerge. A rules-based approach may, for example, require compliance with prescribed requirements including international standards such as ISO or IEC standards. 

Demonstrating compliance with the essential principles may include compliance with relevant international standards, but for emerging technologies where an appropriate standard may not yet exist, other approaches may be used. The flexibility to adapt the principles to the unique circumstances of a medical device, particularly those incorporating emerging technologies, allows approaches to evolve over time without continuous review and updating of legislative frameworks. 

International harmonisation 

Our current approach and commitment to international harmonisation allows sponsors of medicines and medical devices to use international assessment and approvals from comparable overseas regulators to support applications for inclusion of their therapeutic goods on the ARTG. 

The TGA is also a member of the IMDRF, which seeks to “strategically accelerate international medical device regulatory convergence to promote an efficient and effective regulatory model for medical devices that is responsive to emerging challenges while protecting and maximizing public health and safety.” 

The IMDRF has published a significant number of regulatory guidance documents for adoption by jurisdictions globally. Guidance documents are developed through specialised Working Groups and involve global public consultation processes. The TGA is an active member of both the IMDRF Software as a Medical Device (SaMD) Working Group and the IMDRF Artificial Intelligence/Machine Learning Working Group, which have both published a range of guidance documents. The AI Working Group is currently focused on finalising additional guidance on good machine learning practices and new guidance on AI lifecycle management, while the SaMD Working Group is developing an approach to pre-approved change control plans (PCCPs). 

Software regulation and reforms 

The TGA regulates AI when it meets the legislative definition of a medical device in Section 41BD of the Act. AI products likely to meet this definition include those intended to be used for the diagnosis, prevention, monitoring, prediction, prognosis, treatment, or alleviation of a disease, injury or disability. 

In recent years, software has become increasingly important in medical devices and digital adoption more broadly. It is also becoming more important as a medical device in its own right. Rapid innovation in technology has driven significant changes to software function and adoption, giving rise to a larger number of devices able to inform, drive or replace clinical decisions, or directly provide therapy to an individual. 

Advances in computing technology and software production have led to a large increase in the number of software-based medical devices available on the market, requiring the implementation of reforms to ensure patient safety. Software-based medical devices are medical devices that incorporate software or are software, including software as a medical device, or software that relies on hardware to function as intended, and are regulated in Australia by the TGA. 

These kinds of devices may be integrated within electronic health records systems, used by clinicians or health professionals in the provision of care, or used to determine how or when patients will receive care. Their increasing use, integration in healthcare systems, and complexity have given rise to new regulatory challenges. In 2021, the TGA introduced a number of regulatory refinements aimed at ensuring the regulation of software-based medical devices, including software that functions as a medical device, remains appropriate and targets the risks associated with these kinds of devices appropriately. Refinements included: • amendments to the essential principles include the addition of Essential Principle 12.1, which details specific requirements for programmed or programmable medical devices or software that is a medical device • new classification rules for software based medical devices used for diagnostic or screening purposes to capture their potential to cause harm through the provision of incorrect information • introduction of an exemption from TGA regulation for certain clinical decision support software, and • exclusion of certain software products for the sake of clarity, or where existing oversight measures were available through other regulatory frameworks to ensure these products were safe and fit for their intended purpose.  

Deaths

'The Law of Digital Resurrection' by Victoria Haneman in (2025) 66(5) Boston College Law Review 1569-1626 comments 

The digital right to be dead has yet to be recognized as an important legal right. Artificial intelligence, augmented reality, and nanotechnology have progressed to the point that personal data can be used to resurrect the deceased in digital form with appearance, voice, emotion, and memory recreated to allow interaction with a digital app, chat bot, or avatar that may be indistinguishable from that with a living person. Users may now have a completely immersive experience simply by loading the personal data of the deceased into a neural network to create a chatbot that inherits features and idiosyncrasies of the deceased and dynamically learns with increased communication. There is no legal or regulatory landscape against which to estate plan to protect those who would avoid digital resurrection, and few privacy rights for the deceased. This intersection of death, technology, and privacy law has remained relatively ignored until recently. This Article is the first to respect death as an important and distinguishing part of the conversation about regulating digital resurrection. Death has long had a strained relationship with the law, giving rise to dramatically different needs and idiosyncratic legal rules. The law of the dead reflects the careful balance between the power of the state and an individual’s wishes, and it may be the only doctrinal space in which we legally protect remembrance. This Article frames the importance of almost half of a millennium of policy undergirding the law of the deceased, and proposes a paradigm focused upon a right of deletion for the deceased over source material (data), rather than testamentary control over the outcome (digital resurrection), with the suggestion that existing protections are likely sufficient to protect against unauthorized commercial resurrections.

(Un)Harnessing AI

The interim report by the Productivity Commission on Harnessing Data and Digital Technology - consistent with the national government's enthusiasm for AI - can be read as proposing a looser regulatory framework. 

The report states 

Data and digital technologies are the modern engines of economic growth. Emerging technologies like artificial intelligence (AI), which can extract useful insights from massive datasets in a fraction of a second, could transform the global economy and speed up productivity growth. 

 

Australia needs to harness the consumer and productivity benefits of data and digital technology while managing and mitigating the downside risks. There is a role for government in setting the rules of the game to foster innovation and ensure that Australians reap the benefits of the data and digital opportunity. 

 

The economic potential of AI is clear, and we are still in the early stages of its development and adoption. Early studies provide a broad range of estimates for the impact of AI on productivity. The Productivity Commission considers that multifactor productivity gains above 2.3% are likely over the next decade, though there is considerable uncertainty. This would translate into about 4.3% labour productivity growth over the same period. But poorly designed regulation could stifle the adoption and development of AI and limit its benefits. Australian governments should take an outcomes based approach to AI regulation – one that uses our existing laws and regulatory structures to minimise harms and introduces technology specific regulations as a last resort. 

 

Data access and use can fuel productivity growth: insights from data can help reduce costs, increase the quality of products and services and lead to the creation of entirely new products. But some requirements in the Privacy Act, the main piece of legislation for protecting privacy, are constraining innovation without providing meaningful protection to individuals. For example, complying with the controls and processes baked into the Act can make consent and notification a ‘tick box’ exercise – where businesses comply with the letter of the law but not the spirit of it. The Australian Government should amend the Privacy Act to introduce an alternative compliance pathway that enables firms to fulfil their privacy obligations by meeting outcomes based criteria. 

 

Data about individuals and businesses underpins growth and value in the digital economy. But often those same individuals and businesses cannot easily access and use this data themselves. Under the right conditions, giving people and businesses better access to data that relates to them can stimulate competition and allow businesses to develop innovative products and services. A mature data sharing regime could add up to $10 billion to Australia’s annual economic output. 

 

Experience shows that we need a flexible approach to facilitating data access across the economy, where obligations placed on data holders and the level of government involvement can match the needs and digital maturity of different sectors. New lower cost and flexible regulatory pathways would help to guide expanded data access throughout the digital economy, focusing first on sectors where the gains can be significant and relatively easy to achieve. 

 

Financial reports provide essential information about a company’s financial performance, ensuring transparency and accountability while informing the decisions of investors, businesses and regulators. Government can further spark productivity by making digital financial reporting the default – that is, mandatory lodgement of financial reports in machine readable form. At the same time, the Australian Government should remove the outdated requirement that financial reports be submitted in hard copy or PDF format. This change would increase the efficiency and accuracy with which information is extracted and analysed.

The  draft recommendations are

 Artificial intelligence 

Draft recommendation 1.1 Productivity growth from AI will be built on existing legal foundations. 

Gap analyses of current rules need to be expanded and completed. Australian governments play a key role in promoting investment in digital technology, including AI, by providing a stable regulatory environment. Any regulatory responses to potential harms from using AI must be proportionate, risk based, outcomes based and technology neutral where possible. 

The Australian Government should continue, complete, publish and act on ongoing reviews into the potential gaps in the regulatory framework posed by AI as soon as possible. 

Where relevant gap analyses have not begun, they should begin immediately. 

All reviews of the regulatory gaps posed by AI should consider: • the uses of AI • the additional risk of harm posed by AI (compared to the status quo) in a specific use case • whether existing regulatory frameworks cover these risks potentially with improved guidance and enforcement; and if not how to modify existing regulatory frameworks to mitigate the additional risks. 

Draft recommendation 1.2 AI specific regulation should be a last resort 

AI specific regulations should only be considered as a last resort for the use cases of AI that meet two criteria. These are: • where existing regulatory frameworks cannot be sufficiently adapted to handle the issue • where technology neutral regulations are not feasible.   

Draft recommendation 1.3 Pause steps to implement mandatory guardrails for high risk AI 

The Australian Government should only apply the proposed ‘mandatory guardrails for high risk AI’ in circumstances that lead to harms that cannot be mitigated by existing regulatory frameworks and where new technology neutral regulation is not possible. Until the reviews of the gaps posed by AI to existing regulatory structures are completed, steps to mandate the guardrails should be paused. 

Data access 

Draft recommendation 2.1 Establish lower cost and more flexible regulatory pathways to expand basic data access for individuals and businesses 

The Australian Government should support new pathways to allow individuals and businesses to access and share data that relates to them. These regulatory pathways will differ by sector recognising that the benefits (and the implementation costs) from data access and sharing are different by sector. This could include approaches such as: • industry led data access codes that support basic use cases by enabling consumers to export relatively non sensitive data on a periodic (snapshot) basis • standardised data transfers with government helping to formalise minimum technical standards to support use cases requiring high frequency data transfers and interoperability. 

These pathways should be developed alongside efforts that are already underway to improve the Consumer Data Right (which will continue to provide for use cases that warrant its additional safeguards and technical infrastructure) and the My Health Record system. 

The new pathways should begin in sectors where better data access could generate large benefits for relatively low cost; and there is clear value to consumers. Potential examples include: • enabling farmers to combine real time data feeds from their machinery and equipment to optimise their operations and easily switch between different manufacturers • giving tenants on demand access to their rental ledgers which they can share to prove on‑time payments to new landlords or lenders • allowing retail loyalty card holders to export an itemised copy of their purchase history to budgeting and price comparison tools that can analyse spending and suggest cheaper alternatives. The scope of the data access pathways should expand over time based on industry and consumer consultation, where new technology, overseas experience or domestic developments show that there are clear net benefits to Australia.   

Privacy regulation 

Draft recommendation 3.1 An alternative compliance pathway for privacy 

The Australian Government should amend the Privacy Act 1988 (Cth) to provide an alternative compliance pathway that enables regulated entities to fulfil their privacy obligations by meeting criteria that are targeted at outcomes, rather than controls based rules. 

Draft recommendation 3.2 Do not implement a right to erasure 

The Australian Government should not amend the Privacy Act 1988 (Cth) to introduce a ‘right to erasure’, as this would impose a high compliance burden on regulated entities, with uncertain privacy benefits for individuals. 

Digital financial reporting 

Draft recommendation 4.1 Make digital financial reporting the default 

The Australian Government should make the necessary amendments to the Corporations Act 2001 (Cth) and the Corporations Regulations 2001 (Cth) to make digital financial reporting mandatory for disclosing entities. The requirement for financial reports to be submitted in hard copy or PDF format should also be removed for those entities.

Pseudolaw and GenAI

'Pseudolaw and the illusion of legal meaning' by Joe McIntyre in (2025) Alternative Law Journal states 

This article is an overview of the contemporary phenomenon of pseudolaw and argues that, at its heart, it involves a mistaking of the form of legal argumentation for its substance. Essentially, through the use of legalistic language, archaic sources and strange rituals, an illusion of legal meaning is created which tricks users into believing their actions are legally meaningful. This article argues that it shares common features with generative AI, in that it produces an illusion of meaning which users mistake for actual meaning. It then explores this juxtaposition and its implications for responses to pseudolaw. 

Anyone who has spent extended time in Australian courts in the last five years will be familiar with the very strange phenomenon that is pseudolaw. A confident, assertive, self-represented litigant will rise to make their appearance only to argue the judge has no authority as the court is displaying the wrong coat of arms; or they will assert they are a ‘natural person’ not subject to the law; or they argue that the judge has somehow committed treason. A vivid illustration is provided in the case of Georganas v Georganas, when a pseudolaw ‘guru’ interceded from the public gallery:

Unknown Speaker: Stand down … Judge [X], you are concealing treason against the King of England … you are now charged, you are under arrest … You are trading in necromancy, you are treating dead people in this courtroom. You are in treason. You are in treason, you must stand down under the Bill of Rights now.

These types of arguments are, of course, without any legal merit. They do not work, and are rightly regarded as ‘obvious nonsense’, ‘pseudo-legal gibberish’, or ‘gobbledygook’. Yet these forms of argument continue to proliferate, with a significant growth seen in the years since the COVID-19 pandemic. This is no longer a fringe concern: such matters are now occurring on a daily basis in Australian courts, and in some jurisdictions is already being seen to profoundly reshape litigation. 

Courts are busy places, and pseudolaw can be particularly disruptive, not least because of the disproportionate impact of each pseudolaw case compared to other cases. The case law involving pseudolaw matters commonly includes statements of judicial concern about the systemic impact of such cases. For example, in Rossiter v Adelaide City Council, Livesey J observed that pseudolegal arguments have ‘without reservation been rejected as involving both legal nonsense and an unnecessary waste of scarce public and judicial resources.’ The burden of dealing with pseudolaw matters is having a profound impact on the courts. As one judicial officer put it:

It uses up so much court resources because every time they want to file something they end up making the lives of the Registry staff miserable. [The clerk’s] email inbox … [is] full of emails from them. They have changed the whole face of the civil justice system.

In this article, I provide an overview of the contemporary phenomenon of pseudolaw and argue that – at its heart – it involves a mistaking of the form of legal argumentation for its substance. Essentially, through the use of legalistic language, archaic sources and strange rituals, an illusion of legal of meaning is created which tricks users into believing their actions are legally meaningful. That these users lack legal literacy, are largely alienated from the law, and desperately want to believe in the promise of pseudolaw means that this illusion is difficult to displace. I argue, however, that it is critical the scale and nature of this threat to the good administration of justice is recognised and countered – not least because it is quickly merging with another emerging phenomenon, the use of generative AI (‘GenAI’), which shares many of these same characteristics. 

This article briefly draws out the similarities between GenAI and pseudolaw, with the goal of helping the reader better understand both phenomena. Unfortunately, the collision between GenAI and pseudolaw is already beginning to disrupt our courts, and it is increasingly necessary that we are all familiar with the contours of both the overlap between them and their impact upon the administration of justice. 

Ultimately, I argue that – as amusing as some of the examples may be – pseudolaw itself is no laughing matter. It is, as I have written elsewhere, ‘disrupting our courts … threatening our judicial officers and administrators [and] harming all who come into contact with it.’ The same is true on the increasing use of GenAI in litigation – it can appear humorous, but is increasingly problematic. As these two phenomena collide, it is critical we stop laughing and start learning.

'The Impact of Pseudolaw on Local Government' by Stephen Young and Harry Hobbs in (2025) 36(4) Public Law Review comments 

The COVID-19 pandemic saw a significant rise in the number of people making pseudolegal arguments in an effort to avoid public health measures. Legal scholarship exploring this phenomenon has largely focused on its impact on the administration of justice. However, as the level of government closest to the community, local governments have also faced a growing strain from pseudolegal adherents and conspiracy theorists. In this article, we explore their (misuse) of law and its impact on local government in Australia and New Zealand. We find three main impacts. Pseudolegal adherents have: attempted to construct parallel governance institutions as a means to exert power and control; intimidated and harassed local government authorities by issuing threats and disrupting public meetings; and, imposed a substantial administrative burden on staff by inundating offices with baseless correspondence. While pseudolaw may seem like obscure or picayune legal quirkiness, its impact on local government is anything but minor—it constitutes a growing threat to governance, public safety, and the rule of law. ... 

In May 2024, Lance Vervoort, Chief Executive Officer of the Hamilton City Council, received a letter submitted as part of a Local Government Official Information and Meetings Act 1987 (NZ) (‘LGOIMA’) request. The letter contained excerpts from the New Zealand Bill of Rights Act 1990 (NZ), the International Covenant on Civil and Political Rights (‘ICCPR’), and the 1947 Nuremberg Code. The excerpts were liberally annotated with explanations such as, ‘New Zealand became a member of the ICCPR 1978 and being INTERNATIONAL LAW, it supersedes all Legislation’. The letter explained further that these ‘are VERYY [sic] IMPORTANT DOCUMENTS which all peoples should be aware of, but most people aren’t’. The author of the letter asserted that Hamilton City Council is breaching international law because it is illegally conducting medical experiments on the people of Hamilton by fluoridating drinking water. The author declared that the obligation to follow the law is based on consent freely given. As he had not consented to fluoridation, the Council is operating criminally. 

Almost every legal claim in the letter is wrong. In New Zealand (and Australia), international law does not automatically supersede domestic legislation; the relationship between the state and its citizens is not based on contract; and a duly enacted law applies regardless of whether a person consents to its operation. The veracity of the factual claims is no better. Fluoride is a naturally occurring compound that is found in almost all fresh water. Fluoridation is the addition of fluoride to drinking water to protect against tooth decay, a well-established public health measure with decades of evidence demonstrating that it effectively improves oral health. The legal basis for fluoridation in New Zealand is also sound. Prior to 2021, the judiciary consistently found that local governments possessed the legal authority to fluoridate water. Since 2021, amendments to the Public Health Act 1956 (NZ) have made the position even clearer. Under s 116E of the Act, the Director-General may direct a local authority to add fluoride to its drinking water. Even if Mr Vervoort agreed with the author of the letter, he has no power to counteract a direction and remove fluoride. In any event, as this example demonstrates, concerns around fluoridation are often mixed with conspiracy theory and pseudolaw, such as the claim that it ‘removes freedom of choice by consumers’. The result is that any potentially meritorious legal questions are buried among voluminous and incoherent claims. 

The letter did not clearly ask a question of the council. Nonetheless, because it was filed as a LGOIMA request, the Hamilton City Council was required by law to respond. While the Council’s response was short, merely explaining that it was following the laws and regulations of New Zealand, it necessitated time, attention and resources that might have been better placed elsewhere. One strange letter is not a problem. However, this is just one of many conspiracy and pseudolaw-inflected LGOIMAs that the Council has responded to in the last few years. Hamilton is not alone. Local governments across New Zealand and Australia increasingly face administrative burdens derived from pseudolegal conspiracies. In some cases, they also face intimidation, threats and a real risk of physical harm. 

This is not new to those working in local government. The growing legal literature on pseudolaw and sovereign citizens, however, largely focuses on the origins, spread and manifestation of pseudolegal beliefs worldwide and their impact on law and the administration of justice rather than on the burdens it imposes on local government authorities. Similarly, while scholars in other disciplines examine pseudolaw through the lens of conspiracy theorising, extremism, criminal justice, and linguistics, there remains a dearth of study of pseudolegal adherents’ impact on local government. This is especially concerning now that pseudolaw has a ‘global reach’, having ‘migrated across the common law world and appear[ing] also in arrange of civil law countries’. We address this lacuna in this article. We focus specifically on its impact on local governments in Australia and New Zealand. Our study allows us to identify that pseudolaw is affecting local government in several significant ways. Furthermore, it reveals that although the impact is felt similarly across jurisdictions, the conduct of adherents manifests itself in diverse styles as pseudolaw evolves and adapts as it migrates. Pseudolaw in Australia and New Zealand has latched onto local legal, political and moral issues and arguments, including those based on the rights of Indigenous peoples. 

Our article is divided into two substantive parts. Recognising that pseudolaw remains an understudied phenomenon, in Part II, we contextualise our subject. We explain what pseudolaw is, orient our article in the wider legal literature, and provide background to understand what is occurring in New Zealand and Australia. In Part III, we explore the three primary impacts pseudolaw and sovereign citizens have on local government in Australia and New Zealand. First, adherents are establishing alternative and parallel governance institutions, including ‘Common Law Courts’ to enforce their vision of society. Second, members of these groups threaten and intimidate elected councillors and council staff by serving warrants and judgments issued from their fake courts and disrupting public meetings. Third, members waste the time and resources of local government by abusing local government obligations and by refusing to pay for services. Ultimately, the costs of responding to pseudolegal claims are more than financial — they represent a broader erosion of public institutions and a challenge to democratic governance.

Espionage Costs

The AIC Costs of Espionage report (in partnership with the Australian Security Intelligence Organisation) claims

 Espionage has become one of the most significant national security threats to Australia, impacting government, businesses and the university sector. The highly secretive nature of espionage makes it extremely difficult to measure. In this study we estimated, for the first time, the actual and prevented costs of espionage. Building on the Australian Institute of Criminology’s method for measuring the costs of serious and organised crime, we estimated the mitigation and response costs and the direct costs of espionage impacting Australia. We also estimated the preventable costs associated with a number of possible scenarios. The numbers are conservative and an underestimate of the true cost, given the challenges in identifying and measuring espionage activity and its consequences. 

 

In 2023–24, espionage cost Australia at least $12.5 billion. This includes the direct costs of the consequences of known or probable espionage activity – primarily losses due to state or state-sponsored cyber attacks, insider threats and intellectual property theft – as well as the public and private sector response, remediation and mitigation costs. There are also tens of billions in additional costs that Australia may have prevented by countering potential espionage. For example, in just one week, a single incident of espionage-enabled sabotage from a large-scale cyber attack could cost the Australian economy nearly $6 billion. These prevented costs are significant, and highlight the importance and benefit of investing in efforts to reduce the threat of espionage and minimise the harm in high-risk settings.

The report states 

The threat of espionage – the state or state-sponsored theft of Australian information or capabilities – is now at extreme levels, posing an enormous risk to Australia’s national security. This threat is expected to worsen in future. Understanding the real and potential harm from espionage to the government, private and university sectors, and to the wider community is an important step in ensuring that appropriate action is taken to build our resilience to the threat posed by state and state-sponsored actors. We relied on a review of known cases, published and unpublished research, and data on espionage and espionage-related harms, along with input from subject matter experts, to estimate the mitigation and response costs, direct costs of espionage, and the prevented costs of espionage. We limited our analysis of direct, mitigation and response costs to the 2023–24 financial year. Some calculations of espionage-related expenditure were based on sensitive and classified data, and therefore these costings are not itemised in this report. 

It is important to note at the outset that these numbers, while significant, underestimate the true cost of espionage in Australia. Espionage, by definition, is difficult to detect, and many of its most serious impacts cannot be assigned a dollar value. We have chosen to be conservative in our calculations. 

This is an important first attempt to measure the range of costs from known and suspected incidents of espionage, using a methodology that has been applied to other areas of national security. While this report highlights the importance of taking action to prevent espionage to protect Australia’s national interests, it also draws attention to the need for further work to help us better understand the impact that espionage has on government, businesses, universities and the wider community. 

Actual costs from espionage Our estimate of the actual costs from espionage includes both the direct costs of known or suspected espionage activity, and the mitigation and response costs to government, businesses and universities. 

Direct costs of known or suspected espionage activity 

We estimated the actual cost of state or state-sponsored cyber espionage, insider threats and intellectual property (IP) theft through a range of methods including:

„ Cyber security incidents impacting Australian medium and large businesses were estimated to cost up to $1,193.8 million. 

„ Cyber security incidents impacting Australian public universities were estimated to cost up to $14.5 million. 

„ Insider threats involving state or state-sponsored actors impacting Australian businesses were estimated to cost up to $324.8 million. 

„ Cyber security incidents involving state or state-sponsored actors impacting federal government agencies (not itemised here). 

„ Insider threats involving state or state-sponsored actors impacting Australian public universities were estimated to cost up to $25.0 million. 

„ Cyber-enabled theft of IP and trade secrets from businesses was estimated to cost up to $1,901.0 million. 

„ IP theft from government, the not-for-profit sector and universities was estimated to cost up to $628.0 million in 2023–24. 

These costs were incurred in a single financial year (2023–24). These represent a significant underestimate of the true cost of espionage, given the challenges in identifying, quantifying and valuing some of the consequences. 

Mitigation and response costs 

Significant resources are invested in the public and private sectors to mitigate and respond to espionage. These include the cost to federal government agencies entities related to the identification, investigation, disruption and prosecution of espionage incidents in Australia, as well as the development and enactment of policy and legislation regarding espionage in Australia. Other costs of mitigation include those associated with implementing and maintaining security measures, community outreach, and education and awareness raising. Many of these mitigation measures (particularly legislation) have been introduced in response to previous incidents of espionage or foreign interference, and thus can be considered long-term costs of espionage in Australia. We used a combination of top-down and bottom-up approaches to estimate these costs, relying on data on the operating expenditure of each agency and expert input from senior representatives from these agencies and other stakeholders. 

We also estimated the cost of cyber security to state, territory and local government agencies, businesses and universities. We determined the operating expenditure of each sector and relied on industry estimates of the proportion of total expenditure that is spent on information and communications technology (ICT) and, of that, the proportion spent on cyber security. We then estimated the proportion of these cyber security costs associated with espionage. There are also costs to businesses associated with personnel security and vetting, as well as the costs associated with applying for commercial foreign investments to the Foreign Investment Review Board (which assesses, among other things, risks to national security). 

Critical infrastructure is a major target for foreign actors seeking to undermine Australia’s national security and, in addition to the costs to the Australian Government, there have been costs to industry associated with several major reforms to the regulation of critical infrastructure to reduce the risk of espionage. Universities also incur costs associated with due diligence activity, including vetting of international students and assessing the risks associated with partnerships with foreign institutions. We used a range of methods and data sources to estimate these costs. These mitigation and response costs have not been itemised, and the full detail regarding our costing methodology has not been provided because it relies on sensitive and classified data. The mitigation and response costs are included in the total cost estimate. Several additional costs are incurred as a consequence of the action taken by government, businesses and the university sector to mitigate the risk of espionage. 

Among these are:

„ the costs of having to use more expensive technology, or technology that is less than optimal, rather than technology that may be available from a foreign adversary 

„ the costs incurred by government suppliers in certain high-risk sectors in order to meet security requirements 

„ declines in potential foreign investment due to our current national security posture „ missed opportunities for international research collaborations with leading academics and organisations. 

Although these costs are likely to be significant, they have not been estimated in the current research due to a lack of sufficient data. 

Prevented costs from espionage 

We estimate the counter-espionage efforts of governments, businesses and universities may have prevented tens of billions of dollars of additional costs to the Australian economy. While there have been many examples of espionage impacting Australia and our international partners, other harms have been avoided. 

We modelled a range of scenarios to estimate the potential costs that may have – to the best of our knowledge – been prevented, but which would be incurred in the future if efforts to prevent espionage were not successful.

„ Sabotage of critical infrastructure enabled by espionage could cost up to $1,161.2 million per incident. 

„ An economy-wide, week-long disruption to digital technology-intensive industries, enabled by sabotage, could cost the Australian economy $5,930.4 million. 

„ Theft of trade secrets from a large, publicly listed Australian company could result in share market losses of up to $887.2 million per incident. 

„ Cyber espionage attacks targeting a large, publicly listed Australian company could result in share market losses of up to $439.6 million per incident. 

„ Diminishing trust in government security due to espionage activity could result in an annual decrease in foreign direct investment inflows of up to $10,291.2 million. 

„ The potential annual losses from a decline in international student revenue because of a need to tighten controls following major espionage activity could be up to $890.7 million. 

„ A 10% decrease in annual US funding for research following espionage activity impacting Australian and US relationships could lead to potential same-year economic losses of up to $376.7 million. 

Many of these costs relate to, or would result from, single incidents of espionage. The cost from multiple repeated attacks targeting government, businesses and university sectors would be significantly higher. As such, the total prevented costs depend on the nature and scale of future espionage activity impacting Australia but are estimated to be tens of billions of dollars. 

Total actual and prevented costs from espionage 

When we combine the mitigation and response costs and the direct costs of espionage that could be measured, the total known cost to government, businesses, universities and the broader community in 2023–24 is estimated to be at least $12.5 billion. We estimate that tens of billions further in espionage costs may have been prevented through effective mitigation and counter-espionage activity. These costs are preventable – but only if appropriate action is taken to address the threat from those who seek to harm Australia’s national interests. 

Total actual costs: $12.5B Direct costs of known or suspected espionage Public and private sector mitigation and response costs 

Prevented costs: Tens of billions of dollars

Confidentiality

In Director, Professional Services Review v Yoong [2025] FCAFC 95 the Court has ruled that complete clinical records were relevant to professional services reviews under the Health Insurance Act 1973 (Cth), validating the Director's notice requiring a general practitioner to produce complete clinical records for 76 patients, emphasizing that such records provide essential context for determining inappropriate practice. 

In articulating reasons the Court states 

This appeal arises from a review undertaken under Pt VAA of the Health Insurance Act 1973 (Cth) (HI Act) by the appellant, the Director of Professional Services Review, into the provision by the respondent, Dr Matthew Yoong, of services in respect of which medicare benefits were paid. The central question in the appeal concerns the validity of a notice issued by the Director under s 89B of the HI Act that required the respondent to produce “complete clinical records” in respect of a representative sample of his patients who had received services during the period covered by the review (the Notice). The respondent’s failure to comply with the Notice in turn led to a further notice being given by the Director under s 106ZPM of the HI Act which prevents medicare benefits being paid in respect of services rendered or initiated by the respondent. 

The respondent brought a proceeding seeking judicial review of the Director’s decisions under ss 89B and 106ZPM of the HI Act. The primary judge upheld the respondent’s challenge to the validity of the Notice on the basis that it was not confined to seeking documents that were “relevant to the review”: Yoong v Director, Professional Services Review [2023] FCA 1186 (J). As a consequence, the primary judge also set aside the notice given to the respondent under s 106ZPM. 

The Director submits that the primary judge erred in holding that the Notice was not authorised by s 89B of the HI Act and was therefore invalid. The grounds of appeal challenge the primary judge’s findings that the Notice was not confined to requiring the production of “relevant documents” within the meaning of s 89B(1) of the HI Act, and that the Notice was invalid on its face. The Director submits that these findings were based on a misconstruction or misapplication of the statutory definition of “relevant documents” and the requirements for a valid notice under s 89B. 

We consider that the grounds of appeal should be upheld, for the reasons set out below. The documents required by the Notice to be produced, being complete clinical records for identified patients to whom the respondent provided services during the review period, were relevant to the review within the meaning of s 89B(1) of the HI Act, properly construed. It cannot be said that those documents have no conceivable relevance or no bearing whatever on the review of the provision of services by the respondent during the review period. The documents are likely to assist the Director in the performance of investigative functions under Pt VAA of the HI Act. Further, the form and content of the Notice were sufficient to comply with the requirements of s 89B. In particular, the documents sought were identified with sufficient clarity to enable the respondent to understand what he was required to produce in order to comply with the Notice, and to show that the Director was authorised to require the respondent to produce the documents.

Procedure

In Re Thorpe [2025] VSCA 172 the Court states 

 In October 2023, Uncle Robbie Thorpe (‘the applicant’) sought to file a charge sheet and summons in the Magistrates’ Court of Victoria naming King Charles III as the accused and alleging that he had committed ‘continuing acts of genocide ... against First Peoples’. The Magistrates’ Court refused to issue the summons and did not initiate a proceeding. 

By originating motion filed in the Trial Division on 7 March 2024, the applicant sought judicial review of the Magistrates’ Court decision. A trial was conducted on 19 July 2024 and on 5 February 2025 Richards J handed down her judgment. Her Honour held that the charge sheet did not disclose an offence known to law and that the Magistrates’ Court was correct to refuse to issue the proposed proceeding. 

An application for leave to appeal from a decision of Richards J to refuse to accept an affidavit for filing was refused by McLeish JA on 2 August 2024. 

The applicant has since filed an application for leave to appeal Richards J’s decision. He has also filed various applications other than for leave to appeal, which are voluminous and overlapping. Some of these additional applications have been accepted for filing. However, the Registrar refused to accept for filing four of the applications, pursuant to r 64.43 of the Supreme Court (General Civil Procedure) Rules 2015 (the ‘Rules’). Together these four applications seek more than 15 different orders, including orders for the joinder of additional parties, orders concerning intervenors, orders concerning the identity or racial background of the judges who are to hear his applications, and other orders concerning the conduct of the proceedings. 

The applicant now seeks to have a Judge or Judges of Appeal direct the Registrar to accept for filing the four applications that were refused, pursuant to r 64.43(5) of the Rules. 

For the reasons that follow, we will not direct the Registrar to accept the four documents for filing. ... 

The issue in this case is whether the documents fall within r 64.43(1) or (2) — that is, whether: (1) they are irregular (r 64.43(1)(a)); (2) they are frivolous or vexatious on their face or by reference to any materials already filed or submitted for filing (r 64.43(1)(b)); (3) the filing of them would give rise to an abuse of the process of the Court (r 64.43(1)(c)); (4) they do not comply with the Rules or the requirements of any applicable practice note (r 64.43(2)(b)); and/or (5) they are not accompanied by all the documents required by O64 or any applicable practice note (r 64.43(2)(d)). 

Consideration 

In our opinion the four documents that have not been accepted for filing are irregular, and/or frivolous or vexatious on their face and by reference to other materials that have been filed or submitted for filing, and/or would give rise to abuse of process. In addition, some of the documents do not comply with the applicable rules or a practice note, or were not accompanied by all the required documents. 

Document 495374 

As noted above, document 495374 seeks 13 orders (set out in the annexure to these reasons). Many of these orders are not orders that the Court can or would make. In light of that fact, it was appropriate for the Registrar to refuse to accept the document for filing, even if some of the other orders sought might have been orders that the Court can or would make. It is thus necessary only to identify some examples of entirely inappropriate orders in order to make clear that the Registrar was correct not to accept the document for filing. 

Proposed order 1 is that ‘Chief Justice Niall has conduct of these proceedings and this court file’. 

This is not a suitable order to be made by the Court of Appeal on the motion of a party. A party has no entitlement to seek to have an identified judicial officer conduct a proceeding. Nor would a judge or judges of the Court of Appeal make such an order. The application for this order is frivolous, vexatious and irregular. 

Proposed order 2 is that a ‘bench of five Aboriginal judicial officers be assembled to hear the application for leave to appeal and the appeal’. 

Again, this is not a suitable order to be made by the Court of Appeal on the motion of a party. A party has no entitlement to seek to have a bench of a particular size or composition hear a proceeding. Nor would a judge or judges of the Court of Appeal make such an order. The application for this order is frivolous, vexatious and irregular. 

Proposed order 3 is as follows: If there are not sufficient Aboriginal judicial officers in the Supreme Court of Victoria to assemble a bench of five Aboriginal judicial officers, then Chief Justice Niall to write to and seek to meet with the Attorneys-General of the State of Victoria and the Commonwealth of Australia to request the special appointment of sufficient Aboriginal judicial officers including the appointment of (i) Professor Irene Watson, Research Professor of Law, University of South Australia, and (ii) law graduate Dr Jaqui Katona , Moondani Balluk Indigenous Unit, Victoria University, and (iii) lawyer Paul Coe (iv) lawyer Michael Mansell (v) puralia meenamatta (“Uncle Jim Everett”), the Palawa man from the clan plangermairreenner (vi) Dr Aunty Mary Graham, Kombumerri and Hakka Wakka, Adjunct Associate Professor, University of Queensland — six names listed here in case of illness or other unavailability on the hearing dates. 

It is plain that this Court cannot order Niall CJ to take the step sought. The application for this order is frivolous, vexatious and irregular. 

Proposed order 10 is as follows: The Magistrates Court of Victoria is directed to retain counsel and participate properly in these proceedings as a normal party and respondent. 

Again, it is plain that this Court cannot make an order in such terms directed to the Magistrates’ Court of Victoria. The application for this order is frivolous, vexatious and irregular.

In Thorpe v Magistrates' Court of Victoria [2025] VSC 22 the headnote notes that Thorpe sought to file a charge-sheet and summons in the Magistrates’ Court of Victoria to commence private prosecution against King Charles III for crimes of genocide under First Peoples’ sovereign laws, the common law, and div 268 of the Criminal Code Act 1995 (Cth) 

The judgment states

On 20 October 2023, Uncle Robbie Thorpe sought to commence a private prosecution against King Charles III for crimes of genocide. He did so by filing a charge-sheet and summons in the Magistrates’ Court of Victoria, naming himself as the informant and Charles Phillip Arthur George Windsor as the accused. The offences alleged in the charge-sheet were continuing acts of genocide against First Peoples, contrary to First Peoples’ sovereign laws, the common law of Victoria, and div 268 of the Criminal Code Act 1995 (Cth). 

On 29 December 2023, a senior registrar of the Magistrates’ Court refused to issue the proceeding, on the basis that the proper source of law had not been particularised and the proposed accused may be misled or prejudiced by this omission, and in those circumstances the issue of the proceeding would be an abuse of process. The proceeding was therefore returned unissued. 

In this proceeding, Uncle Robbie seeks judicial review of the Magistrates’ Court’s decision. He seeks an order requiring the Magistrates’ Court to accept the charge-sheet and summons for filing and issue the summons. ... 

At a directions hearing on 22 April 2024, I ordered that the Attorney-General of Victoria be joined as second defendant to the proceeding, on the basis that as the first law officer of the State of Victoria, her presence was necessary to ensure that all questions in the proceeding are effectually and completely determined and adjudicated upon. The Attorney-General subsequently filed written submissions and briefed Crown Counsel to appear at the trial of the proceeding on 19 July 2024. 

At the trial, Uncle Robbie applied for me to disqualify myself from further conduct of the proceeding. I refused that application, and provide my reasons for that decision below. 

In the course of his submissions at trial, Uncle Robbie challenged the legal foundation of the State of Victoria, in light of the widely acknowledged truth that the sovereignty of the First Peoples of Victoria was never ceded. He questioned the legitimacy of the Court’s jurisdiction, given the High Court’s rejection of the fiction of terra nullius and the previous use of that fiction to justify the Crown’s acquisition of Victoria. These large and important questions are currently being considered by the Yoorrook Justice Commission, and have prompted the Victorian Government to commence treaty negotiations with Victoria’s First Peoples. 

While acknowledging the significance of the questions raised by Uncle Robbie, the only jurisdiction that I can exercise is the jurisdiction of this Court. I can only do that by applying the law of the State of Victoria to the questions for determination in this proceeding. 

For the reasons that follow, I have concluded that the Magistrates’ Court was correct to refuse to issue the proposed proceeding. The charges alleged in the charge-sheet did not disclose an offence known to the law of Victoria. 

The proceeding must therefore be dismissed. 

Disqualification application   

By summons filed 15 July 2024, Uncle Robbie sought orders including an order that I be disqualified from further conduct of the proceeding. The basis for this application was set out in his accompanying affidavit, as follows: (a) In my decision of Re Thorpe (No 2), I had quoted his submissions in full while making no comment about ongoing Aboriginal genocide and injustice to Aboriginal people at the hands of non-Aboriginal people. This amounted to ‘white denial’ that Aboriginal people would perceive as bias; (b) I am not Aboriginal; (c) There are no documents evidencing that I have accepted that Aboriginal sovereignty has never been ceded and that Aboriginal law is the only true law of this land; (d) I have publicly sworn allegiance to the monarchy, and have not publicly repudiated the Windsor family as genocidal invaders; (e) Consequently, I am reasonably likely to be perceived by Aboriginal peoples and others as biased against Aboriginal peoples. 

The Attorney-General opposed the application, saying that the circumstances relied on by Uncle Robbie did not give rise to a reasonable apprehension of bias. 

A judge is disqualified from hearing a case if a fair-minded lay observer might reasonably apprehend that the judge might not bring an impartial mind to the resolution of the questions for decision in the case. Applying this test involves first identifying what it is said might lead the judge to decide the case other than on its legal and factual merits, and then articulating a logical connection between that matter and the fear that the judge might not decide the case on its merits. The final step in the analysis is assessing the reasonableness of the asserted apprehension of bias.

At the same time, judges are obliged to hear cases assigned to them in which the Court’s jurisdiction has been regularly invoked. Judges ‘do not select the cases they will hear, and they are not at liberty to decline to hear cases without good cause’. In this case, which has been assigned to me to hear and determine, Uncle Robbie has regularly invoked the judicial review jurisdiction of the Supreme Court of Victoria. 

On my appointment to the Court, I pledged allegiance to Her Majesty Queen Elizabeth II and her heirs and successors according to law. I also took the affirmation of office as a judge, to discharge the duties of my office according to law, without fear or favour, affection or ill-will. 

The Court’s jurisdiction is conferred by the Constitution Act 1975 (Vic) and is recognised in ch III of the Commonwealth Constitution. The law to be applied by a judge of the Court is the law of the State of Victoria, in accordance with Victoria’s Constitution Act and the Commonwealth Constitution. 

I do not accept Uncle Robbie’s assertion that pledging allegiance to the Crown and taking the affirmation of office might give rise to a reasonable apprehension that I might not decide this judicial review proceeding on its merits. These promises are essential to the office of a judge of the Supreme Court of Victoria, and have been made by every judge of this Court. One of us must hear and determine the case that Uncle Robbie has brought, and it has been allocated to me.;