New information access audits examine NSW agencies’ high and low level compliance with their open access obligations under the GIPA Act
The NSW Information Commissioner, Elizabeth Tydd, today issued two information access audits which examine the open access requirements under the Government Information (Public Access) Act 2009 (GIPA Act) for NSW public sector agencies to make available their disclosure log and a record of the open access information (if any) that it does not make publicly available.
Disclosure logs are an open access requirement of all NSW agencies and detail information released in response to access applications that the agency considers may be of interest to other members of the public.
However, where an agency decides to withhold open access information, it is required to keep and publish a record under section 6(5) of the GIPA Act, including details about the nature of the information concerned and if there is an overriding public interest against disclosure (OPIAD) relied upon to withhold any information.
Overall, the audits found that while agencies demonstrated a high level of compliance with publishing their disclosure logs and making them available, there was systemic non-compliance across all sectors with publishing a section 6(5) record.
The frequency that agencies maintained both their disclosure logs and section 6(5) records was also concerning with both audits finding a concerningly low number of agencies updating their logs and records in the past 12 months.
Agency compliance with Disclosure Log requirements
Disclosure logs are one category of open access information that NSW agencies must make publicly available under section 6 of the GIPA Act.
The audit examined 79 agencies across four sectors with respect to their compliance with disclosure log obligations. The audit identified that agencies generally complied with the requirement to ensure that their disclosure logs are publicly available and easily accessible.
The audit also provided evidence that agencies would benefit from ensuring that their disclosure logs contain details about how the information recorded in the disclosure log can be accessed and that the disclosure log is current.
Information Commissioner, Elizabeth Tydd, said, “While it is pleasing to see that the vast majority (91%) of the agencies sampled had a disclosure log in place that is publicly available, there is a longstanding expectation that all agencies are aware of their open access obligations, particularly in relation to disclosure logs.
“It is also concerning that over half (57%) of the agencies sampled did not demonstrate that their disclosure logs were current and updated on a regular basis. Further action is needed by agencies to uplift their governance processes and procedures to ensure compliance and best practice in accordance with disclosure log obligations.”
Whilst the results demonstrate positive levels of compliance there are some identified non-compliant practices that will inform the Information Commissioner’s forward work program.
Agency compliance with requirements under section 6(5) of the GIPA Act
Where an agency decides to withhold open access information, it is required to keep a record detailing the nature of the information concerned and must include details about the considerations relied upon to withhold any open access information.
The audit again examined 79 agencies across four sectors to ascertain whether agencies were publishing their section 6(5) records and complying with the requirements with respect to those records.
The audit indicated widespread non-compliance by agencies across all sectors. Additionally, the audit found that there were significant failures across all sectors with respect to the requirement to ensure that records under section 6(5) are current.
Additionally, the audit found that at least 10% (8) of agencies’ advice to members of the public is either misconceived or incorrect as they included a notation on their website that they did not withhold any open access information and therefore did not maintain a record in accordance with section 6(5) of the GIPA Act. However, it was found that these agencies either did not publish all of the open access information required to be made publicly available, thereby withholding information or had published information and made redactions to withhold open access information. Accordingly, the advice to citizens was demonstrably erroneous.
Commissioner Tydd said, “The level and breadth of non-compliance with the requirement to maintain records under section 6(5) of the GIPA Act demands immediate action to arrest these longstanding failures.
“It is extremely concerning that only 28% (22) of agencies had published their section 6(5) records on their respective websites and only 6% (5) of agencies had updated their record in the past 12 months.
Looking forward
While the audits demonstrated low compliance across all sectors, there was particular concern for the local council sector, particularly given the past history of regulatory engagement regarding proactive disclosure requirements.
Of the 79 sampled agencies, five local councils do not appear to be aware of their open access obligations and failed to ensure that their disclosure log is publicly available. It is also predominantly the local council sector that had withheld open access information, whilst noting on their website that they did not withhold any open access information. The audit found that the Local Council sector was also largely non-complaint with their obligation to maintain a record in accordance with section 6(5).
Commissioner Tydd said, “The mandatory release of open access information under the GIPA Act assists in promoting a responsible and representative government by enshrining the public’s right of access to important government information.
“The Information and Privacy Commission will target our engagement and communications with agencies as part of the Information Commissioner’s forward work program to support agencies in improving their disclosure logs, section 6(5) records, and more broadly, meeting their open access requirements under the GIPA Act.
“Given the levels of non-compliance within the Local Council sector identified by the audits, both audit reports will be referred to the Office of Local Government in accordance with section 33 of the Government Information (Information Commissioner) Act 2009.”
The Agency compliance with Disclosure Log requirements – GIPA Compliance Report and Agency compliance with requirements under section 6(5) of the GIPA Act – GIPA Compliance Report can be accessed via the IPC website.
ENDS
For further information, please contact:
The Manager, Communications and Corporate Affairs on 0435 961 691 or email communications@ipc.nsw.gov.au
About the Information and Privacy Commission:
The Information and Privacy Commission NSW (IPC) is an independent statutory authority that administers New South Wales’ legislation dealing with privacy and access to government information. The IPC supports the Information Commissioner and the Privacy Commissioner in fulfilling their legislative responsibilities and functions and to ensure individuals and agencies can access consistent information, guidance and coordinated training about information access and privacy matters.
About the NSW Information Commissioner
The NSW Information Commissioner’s statutory role includes promoting public awareness and understanding of the Government Information (Public Access) Act 2009 (GIPA Act); providing information, advice, assistance and training to agencies and the public; dealing with complaints about agencies; investigating agencies’ systems, policies and practices; and reporting on compliance with the GIPA Act.
The Government Information (Information Commissioner) Act 2009 (GIIC Act) establishes the procedures for appointing the Information Commissioner and sets out the Commissioner's powers and functions. It outlines the method for people to complain about the conduct of agencies when undertaking their duties under the GIPA Act, and the way in which the Information Commissioner may deal with the complaint. The GIIC Act also enables the Information Commissioner to investigate and report on how agencies carry out their functions under the GIPA Act.
For further information about the IPC visit our website at www.ipc.nsw.gov.au
