3.1
Pursuant to Senate Standing Order 25(2)(A), this chapter of the report will take into account comments published by the Standing Committee for the Scrutiny of Bills (Scrutiny committee).
3.2
The Scrutiny committee examined the Data Availability and Transparency Bill 2020 (the bill) in its Scrutiny Digest 1 of 2021, where it raised a number of concerns and requested further information from the minister. It further considered the bill in its Scrutiny Digest 3 of 2021 and Scrutiny Digest 5 of 2021, taking into account the responses provided by the minister.
3.3
The Scrutiny committee voiced concerns that the bill may:
trespass on personal rights and liberties;
insufficiently define administrative powers; and
inappropriately delegate legislative powers.
3.4
The concerns raised by the Scrutiny committee can be broadly grouped under the following five categories:
significant matters in delegated legislation;
broad delegation of investigatory powers; and
reversal of evidential burden of proof.
3.5
This chapter will now provide an overview of each of the concerns raised, as well as the responses from the then minister, the Hon. Stuart Robert MP, to those concerns.
Privacy
3.6
The Scrutiny committee considered that the data sharing scheme has the potential to trespass on an individual’s right to privacy, given that it enables the sharing of data including ‘personal information’ and ‘sensitive information’ as defined by the Privacy Act 1988 (Privacy Act).
3.7
It set out three core areas of concern, each relating to the intention of the bill to include significant matters in delegated legislation:
(1)
the data sharing principles;
standard of consent for sharing
lack of definition of ‘public interest’
(2)
the scope of the scheme (data sharing purposes and receiving entities); and
(3)
the review and complaint mechanisms.
3.8
Each of these will be examined in turn.
Data sharing principles
3.9
The Scrutiny committee’s concerns around the data sharing principles can be further broken down into three issues:
standard of consent for sharing;
lack of definition of ‘public interest’; and
reliance on ‘data codes’.
Standard of consent for sharing (definition of ‘unreasonable or impracticable’)
Context
3.10
Clause 16 of the bill establishes data sharing principles (based on the internationally recognised ‘five safes’ framework) which are intended to manage the risks of sharing public sector data. These principles were detailed in Chapter 2 of this report.
3.11
The principles are structured to support data custodians to consider the risks arising across five key elements of the sharing process:
(1)
the proposed project;
(2)
the setting in which the data is shared and accessed;
(3)
the persons involved;
(4)
the data involved; and
(5)
the outputs involved.
3.12
Where the data being shared includes personal information, paragraph 16(2)(c) requires consent for sharing to be sought from the individuals concerned, unless it is ‘unreasonable or impracticable’ for the data scheme entities to do so.
3.13
The explanatory memorandum (EM) explained that the standard of consent required is that set by the Privacy Act, and that the ‘unreasonable or impracticable’ language is drawn from section 16A of that Act. It also noted that the standard should be ‘interpreted using relevant guidance on consent made by the Australian Information Commissioner’.
3.14
The EM further detailed:
The question of whether seeking consent is reasonable or impracticable may depend on the amount, nature and sensitivity of the data involved, and whether individuals gave informed consent for uses including the proposed sharing at the point the data was originally collected. Where it is unreasonable or impracticable to seek consent, parties must still consider implementing other controls to protect privacy, under this and other data sharing principles.
Concerns
3.15
In regard to this, the Scrutiny committee voiced concern that there was a ‘significant amount of flexibility’ in the meaning of ‘unreasonable or impracticable’ in that context, and that this may undermine the effectiveness of clause 16 as a safeguard against undue trespass on the privacy of individuals whose data may be shared under the scheme.
3.16
The Scrutiny committee also noted that, while the data sharing principles contemplate minimising the sharing of personal information as far as possible and sharing only the data reasonably necessary to achieve an applicable purpose, there are no requirements for sharing only de-identified data in the principles or elsewhere in the bill.
Lack of definition of ‘public interest’
Context
3.17
The Scrutiny committee observed that paragraph 16(2)(a) requires a judgement to be made about whether the sharing can be reasonably expected to serve the public interest. It highlighted that ‘public interest’ is not defined in the bill, and the EM does not provide guidance about the factors that might be considered when evaluating public interest for the purposes of data sharing.
Concerns
3.18
The Scrutiny committee stated:
In contexts where commercial and economic interests may be considered to factor into the ‘public interest’, the committee is concerned that privacy interests are not clearly central to the operation of the scheme.
Reliance on data codes
Context
3.19
The Scrutiny committee noted that the application of the data sharing principles will be clarified in ‘data codes’ – legislative instruments made by the National Data Commissioner (commissioner) that serve as binding codes of practice for the data sharing scheme.
Concerns
3.20
The Scrutiny committee stated:
The committee’s view is that significant matters, such as privacy safeguards for data sharing, should be included in primary legislation unless a sound justification for the use of delegated legislation is provided. In this instance, while the explanatory memorandum explains the approach of using legislative instruments rather than regulations to establish data codes, there is no explanation of why these matters cannot be included in primary legislation.
Scope of scheme – data sharing purposes and receiving entities
Context
3.21
Clause 15 establishes the three permitted data sharing purposes:
delivery of government services;
informing government policy and programs; and
research and development.
3.22
These purposes are not specifically defined; rather, the EM emphasised that the purposes are to ‘construed broadly’.
Concerns
3.23
The Scrutiny committee identified that a broad construction of the permitted purposes for data sharing ‘risks interpretations which may unduly trespass on privacy’. While acknowledging that the bill seeks to manage this risk through paragraph 15(2)(c) by enabling the minister to make rules prescribing ‘precluded purposes’, it indicated it did not consider this to be satisfactory. It stated:
…the committee’s view is that significant matters, such as privacy safeguards and the permissible scope for sharing personal information, should be included in primary legislation unless a sound justification for the use of delegated legislation is provided. In this instance, the explanatory memorandum states that ‘this approach is intended to manage unintended expansions or interpretations of clause 15, and to ensure the scheme continues to operate as intended and in line with community expectations’.
3.24
The Scrutiny committee also emphasised that its scrutiny concerns in this regard were heightened by the breadth of the application of the bill, in particular that data may be shared with private sector entities with no requirements that the safeguards that apply to, for example, university research, apply to these entities.
Summary of concerns
3.25
Given the potential impact on an individual’s right to privacy as a result of the use and disclosure of personal information under the data sharing scheme, the Scrutiny committee requested the minister’s advice as to whether the bill could be amended to:
include a public interest test which prioritises privacy interests in decision-making under the scheme;
provide guidance on the face of the bill about the circumstances in which it will be ‘unreasonable or impracticable’ to seek an individual’s consent for sharing their personal information;
require that, where possible, data that includes personal information be shared in a de-identified way;
clarify the scope of the permitted data sharing purposes, and include guidance on the face of the bill about precluded purposes; and
provide minimum standards for ethics approvals for private entities seeking to use data that includes personal information.
Minister’s response
3.26
The minister responded to the Scrutiny committee’s concerns. The Scrutiny committee considered the minister’s advice and outlined its concluding views in Scrutiny Digest 3 of 2021 and Scrutiny Digest 5 of 2021, as detailed below.
Requests to include a public interest test which priorities privacy interests, provide guidance on the face of the bill about ‘unreasonable or impracticable’ exception, and clarify the scope of the permitted data sharing purposes
3.27
The minister advised that questions of whether a project can reasonably be expected to serve the public interest and questions in relation to consent requirements must be resolved on a project-by-project basis.
3.28
He also advised that the bill’s intended approach is to ensure privacy interests are appropriately balanced with the public interest of a project, rather than assuming that one must prevail at the expense of the other, and that this approach is consistent with the objects of the Privacy Act.
3.29
The minister further noted that he is ‘open to giving consideration’ to amendments to the bill to require that the National Data Commissioner (commissioner) must issue guidance on certain matters, including application of the data sharing principles, in consultation with relevant entities. The Scrutiny committee welcomed this advice.
3.30
The minister also advised that he did not consider the level of detail to be included in the guidelines appropriate for inclusion in primary legislation, but acknowledged the importance of striking a balance between flexibility and parliamentary scrutiny. The Scrutiny committee did not accept this response, and reiterated its concerns that the guidelines will be established in non-legislative instruments that are not subject to tabling or scrutiny by the Parliament.
3.31
As a result, the Scrutiny committee requested that an addendum to the EM containing the key information provided by the minister in response to its concerns be tabled in Parliament as soon as is practicable.
3.32
The minister’s response did not provide a direct response as to the Scrutiny committee’s request that he provide guidance on the face of the bill about the circumstances in which it will be ‘unreasonable or impracticable’ to seek an individual’s consent for sharing their personal information. Rather, the response reiterated the information set out in the EM.
3.33
The Scrutiny committee stated that it remained concerned about the breadth of the ‘unreasonable or impracticable’ exception to the requirement to secure consent from an individual prior to sharing their personal information, in particular given the minister’s advice that privacy interests will not be given priority in the public interest test.
3.34
As a result, the committee requested the minister’s further advice as to:
whether the addendum to the EM can provide specific examples of current guidance on the meaning of ‘unreasonable or impracticable’ and provide information on where this current guidance can be accessed; and
why it is considered necessary and appropriate for guidelines on aspects of the data sharing scheme (which may play an important role in minimising the risk of interpretations of the operation of the scheme that trespass on personal privacy) to be included in non-legislative instruments that are not subject to parliamentary scrutiny.
3.35
In response to these two requests, the minister advised that he had approved an addendum to the EM to address the concerns of the Scrutiny committee, and that he would arrange for the addendum to be tabled in the House of Representatives ‘as soon as practicable’.
3.36
In regard to the proposed addendum, the minister advised that it would include further information about the meaning of the expression ‘unreasonable or impracticable’ in the context of clause 16(2)(c) of the bill, as well as information on where to locate guidance issued by the Australian Information Commissioner (AIC) on privacy and consent matters.
3.37
In regard to the Scrutiny committee’s request as to why it is necessary and appropriate for guidelines on aspects of the data sharing scheme to have the status of non-legislative instruments (and therefore not be subject to parliamentary scrutiny), the minister advised:
The Bill establishes a framework of resources, of scaled legal weight, to assist its interpretation and application. These resources range from fact sheets, guidelines on aspects of the Bill which entities must have regard to when engaging with the sharing scheme, to legislative instruments subject to Parliamentary scrutiny that set binding legal requirements.
I consider this scaled approach to be reasonable, and necessary to achieve the desired outcome of supporting both best practice data sharing and a graduated approach to enforcing compliance with the Bill. This approach is consistent with that of other principles-based legislative schemes, in particular the AIC’s powers and framework of instruments to support understanding of, and compliance with, privacy law.
3.38
The minister also noted that, from the AIC’s experience, it is desirable from a regulatory perspective to have guidelines which entities must regard as an interim step between general guidance and legislative instruments. He explained:
Learning from this [AIC] experience, the approach taken in the Bill enables the National Data Commissioner to produce both informal guidance material, and more formal “guidelines”. Scheme entities must have regard for the guidelines however they are not binding. The guidelines do not alter the law but provide clear guidance from the Commissioner about their view of law applied and better practice. It is not appropriate for such guidance to be disallowable. Data codes made by the Commissioner, and rules made by the Minister, are binding on scheme entities and are legislative instruments subject to disallowance.
3.39
The Scrutiny committee noted this advice, but reiterated its concerns that the guidelines may play an ‘important role’ in minimising the risk of interpretations of the operation of the scheme that may trespass on personal privacy.
3.40
It reiterated its view that significant matters, such as the application of privacy safeguards for data sharing, may be more appropriately provided for in delegated legislation that is subject to scrutiny and disallowance.
3.41
The Scrutiny committee drew its concerns on the matter to the attention of the Senate.
Request to amend the bill to provide that, where possible, personal information is shared in a de-identified way
3.42
The minister advised that under the data principles, custodians must only share data that is reasonably necessary for the relevant data sharing purpose, and that this requirement is complemented by a requirement to minimise the sharing of personal information as far as possible without compromising the data sharing purpose.
3.43
The minister also advised that the term ‘de-identified’ is not used in the data principle to ensure that the bill remains ‘technology-neutral’.
3.44
The Scrutiny committee acknowledged the advice, but stated that it remained concerned about the absence of an explicit requirement in the bill that, where possible, sharing of data is done in a way that does not allow an individual to be identified.
3.45
It drew its concerns on this matter to the attention of the Senate.
Request to amend the bill to provide minimum standards for ethics approvals for private entities seeking to use data that includes personal information
3.46
The minister advised that paragraph 16(2)(b) of the bill requires data scheme entities to observe any applicable ethics processes, and that the bill leverages existing frameworks to ensure that projects and research in specific fields meet accepted ethical standards. The minister noted that this requirement imposes a minimum standard for ethics approvals for all data scheme entities, irrespective of sector.
3.47
The minister also advised that data custodians may require ethics processes in circumstances where no ethic processes would ordinarily apply, and that this constituted ‘an added safeguard’.
3.48
While noting the advice, the Scrutiny committee stated that it remained concerned that the ability to require a private entity who is otherwise not subject to existing ethics processes to undertake such processes was discretionary, with the decision to set this requirement being left to the various Commonwealth bodies empowered to share data under the bill.
3.49
It drew its concerns on the matter to the attention of the Senate.
Review and complaint mechanisms
Context
3.50
Decisions about data sharing made by Commonwealth bodies that are data custodians under the bill are not subject to internal or external merits review under the data sharing scheme. As the EM sets out:
Data sharing decisions by data custodians will not be reviewable on their merits under this scheme. Such decisions are best made by data custodians as they have a full understanding of the risks of and public interest in sharing their data.
Concerns
3.51
The Scrutiny committee raised concerns with this approach:
Noting that privacy interests may be affected by decisions made by data custodians under the scheme, it is not clear to the committee why individuals whose privacy interests may be affected should not have access to merits review. The committee notes that, as many decisions under the scheme will affect individual interests as a class, most individuals will be excluded from the initial decision making process.
3.52
It also identified that the lack of clarity around certain terms in the data sharing principles and purposes (as discussed above) clearly illustrate the broad scope for discretionary decision making by the data custodians. It continued:
The committee is concerned that there is a risk that individuals’ interests in their personal information being kept private may not be given sufficient weight in an evaluation of public interest. Further, it does not appear that the Commonwealth entity making initial decisions with respect to sharing of data must consult experts or seek other external input.
3.53
The Scrutiny committee also observed that under the complaints mechanism established in Division 1 of Part 5.3, only data scheme entities may make a complaint about data sharing decisions. The EM stated that other entities could instead complain through ‘existing legal mechanisms’ and set out the example of a person complaining to the AIC about the mishandling of their personal information under the Privacy Act.
3.54
The Scrutiny committee commented that it was unclear why persons with privacy complaints must make a complaint through a separate mechanism and stated:
The committee is concerned that establishing a narrowly focused complaints mechanism may result in the Data Commissioner rarely or never hearing privacy complaints, which may result in privacy concerns not being given adequate consideration in decision making under the scheme.
3.55
The Scrutiny committee also drew attention to the fact that much of the detail about the complaints process is not contained in the bill but left to data codes (i.e. legislative instruments made by the commissioner).
3.56
In light of these concerns, the Scrutiny committee requested the minister’s advice as to why individuals whose privacy interests may be affected by the data sharing scheme should not have access to merits review and the dedicated complaints process established in the bill.
Minister’s response
3.57
In response, the minister advised the following:
That individuals with privacy concerns will have access to existing complaints and administrative review processes (including the complaints mechanism under the Privacy Act and where relevant, the complaints mechanisms in relation to state or territory privacy regulators).
That the commissioner may conduct ‘own-motion’ investigations into potential breaches in response to a ‘tip-off’ from the public or media.
That other redress options to address concerns unrelated to privacy (such as judicial review or complaining to the Commonwealth Ombudsman) were available.
That merits review of substantive decisions based on shared data that has ‘exited’ the scheme may be available, if provided for by the legislation under which the decision was made. These frameworks would have their ordinary operation, without being replicated in the bill.
That the bill includes mechanisms to facilitate ‘regulatory cooperation’ which will allow for monitoring of systemic privacy breaches.
3.58
The Scrutiny committee acknowledged this advice but reiterated its concerns and drew particular attention to clause 21 of the bill:
While also noting the minister's advice in relation to the requirements in subclauses 21(1) and (2) that personal information in the scheme must be validated or corrected by the individual before it can ‘exit’ the scheme, the committee notes that paragraph 21(1)(b)(iii) also permits data as 'output' to be shared in circumstances prescribed by the rules. While the explanatory memorandum states that any such rules created must be consistent with the bill, the committee is concerned that allowing delegated legislation to expand the circumstances in which output may be shared may undermine the value of this measure as a safeguard as described in the minister's response.
Further, while noting the minister's advice in relation to the mechanisms for regulatory cooperation and requirements to notify the Commissioner of data breaches, the committee remains concerned that the bill does not require any information to be given to the Commissioner with respect to complaints received by the Australian Information Commissioner, or other bodies who may receive complaints about the scheme, such as the Commonwealth Ombudsman, or Commonwealth entities acting as data custodians within the scheme. In raising this scrutiny concern, the committee notes that full visibility of complaints about the scheme may assist in reducing the possibility of tension between the dual roles of the National Data Commissioner as both regulator and champion of the data sharing scheme.
3.60
The Scrutiny committee drew its concerns on the matter to the attention of the Senate.
Significant penalties
Context
3.61
Clause 14 of the bill creates new criminal offences for unauthorised sharing and unauthorised collection or use. The maximum penalty for both offences is imprisonment for two years. Additionally, subclause 104(3) also creates an offence for failing to comply with a notice to provide information or documents to the commissioner, which is subject to a maximum penalty of imprisonment for 12 months.
3.62
The Scrutiny committee’s expectation is that the rationale for the imposition of significant penalties, especially if those penalties involve imprisonment, will be fully outlined in the EM. In particular, it expects that penalties should be justified by reference to similar offences in Commonwealth legislation, as this not only promotes consistency, but guards against the risk that liberty of the person is unduly limited through the application of disproportionate penalties.
Concerns
3.63
The Scrutiny committee expressed dissatisfaction with the rationale and level of detail provided in the EM about the offences and penalties. It concluded:
The committee acknowledges the importance of providing robust safeguards against the misuse of data under the new scheme, and notes that other Commonwealth legislation imposes comparable penalties for offences relating to the use and disclosure of sensitive data. However, given the significance of the penalties that may be imposed under proposed clauses 14 and 104 the committee would expect a comprehensive justification for the penalty in each of those provisions to be included in the explanatory memorandum.
3.64
It drew its scrutiny concerns to the attention of the Senate.
Significant matters in delegated legislation
Context
3.65
The bill contains multiple clauses (77, 86, 137 and 139) that provide for matters relating to the accreditation of entities under the data sharing scheme to be detailed in the rules (that is, in delegated legislation). For example, clause 86 of the bill enables rules to be prescribed for the accreditation framework, providing for procedures, requirements and any other matters relating to the accreditation of entities for the purposes of the data sharing scheme.
Concerns
3.66
The Scrutiny committee’s view is that such ‘significant matters’ (such as the accreditation of entities for the purposes of sharing public sector data) should be included in primary legislation, unless a sound justification for the use of delegated legislation is provided. It highlighted that the EM for the bill contains no such justification for any of the clauses in question.
3.67
It further observed:
The committee’s scrutiny concerns in this regard are heightened by the extent to which the bill relies on delegated legislation to determine the scope and operation of the data sharing scheme, especially in relation to privacy protections…
3.68
The Scrutiny committee therefore requested the minister’s advice as to:
why it is considered necessary and appropriate to leave procedures, requirements and other matters relating to the accreditation of entities for the purposes of the data sharing scheme to delegated legislation; and
whether the bill could be amended to include ‘at least high-level guidance’ regarding these matters on the face of the primary legislation.
Minister’s response
3.69
In response to the first matter, the minister advised that the approach of providing for three types of legislative instruments in the bill ‘helps to ensure the scheme can adapt to emerging technologies and future needs over time, while allowing for oversight through the disallowance process’.
3.70
The minister also advised that the approach taken to allowing rules to provide for procedures, requirements and any other matters relating to accreditation aligns with the Legislative Handbook issued by the Department of the Prime Minister and Cabinet.
3.71
The minister concluded that he did ‘not consider it necessary to include further guidance on accreditation matters on the face of the bill’. He contended that as the weight of the accreditation framework was already located in Part 5.2 of the bill, significant matters would not be left to delegated legislation, and that where the bill does provide for delegated legislation, it is aligned with standard drafting practices to balance legal certainty and flexibility.
3.72
The Scrutiny committee was not satisfied with the responses and reiterated its concerns:
…noting the importance of ensuring that the accreditation framework only permits accreditation of entities who can safely handle public sector data, from a scrutiny perspective, the committee remains concerned about the extent to which the bill relies on delegated legislation to determine matters related to the accreditation of entities under the scheme.
3.73
As a result, the Scrutiny committee:
drew its concerns to the attention of the Senate;
requested an addendum to the EM containing the key information provided by the minister relating to the expected content of the Accreditation Rules be tabled in Parliament as soon as practicable, noting the importance of these explanatory materials as a point of access to understanding the law, and if needed, as extrinsic material to assist with interpretation; and
drew its concerns to the attention of the Senate Standing Committee for the Scrutiny of Delegated Legislation.
Broad delegation of investigatory powers
Context
3.74
Clauses 109 and 110 of the bill seek to trigger the monitoring and investigation powers under the Regulatory Powers (Standard Provisions) Act 2014. Specifically, subclauses 109(4) and 110(3) provide that an authorised person may be assisted by ‘other persons’ in exercising powers or performing functions or duties in relation to monitoring and investigation.
3.75
The EM does not contain any information on the categories of ‘other persons’ who may be granted such powers, and the bill does not confine who may exercise the powers by reference to any particular expertise or training.
Concerns
3.76
The Scrutiny committee reiterated that its consistent position in relation to the exercise of coercive or investigatory powers is that persons authorised to use such powers should have the appropriate training and expertise.
3.77
It therefore requested the minister’s advice as to:
why it is considered necessary and appropriate to allow any ‘other person’ to assist an authorised person in exercising monitoring and investigatory powers; and
whether the bill can be amended to require that any person assisting an authorised person have the knowledge and expertise appropriate to the function or power being carried out.
Minister’s response
3.78
In response, the minister advised that the clauses in question adopt the standard suite of provisions under the Regulatory Powers (Standard Provisions) Act 2014, and that this is the ‘accepted baseline of powers’ required for an effective monitoring, investigation or enforcement regulatory regime, while providing adequate safeguards and protecting important common law privileges.
3.79
The minister also advised that staffing provisions in the bill will ensure that ‘other persons’ at commissioner’s disposal will have the appropriate knowledge, training and expertise in the exercise and performance of investigatory powers and functions.
3.80
The minister further advised that:
persons assisting must act under the direction of the commissioner as an authorised person;
any valid actions of the person assisting will be taken to be those of the commissioner; and
as persons employed or engaged by an Australian Public Service (APS) department, assisting individuals would be further subject to standard accountability measures (e.g. the APS Code of Conduct for staff and the Commonwealth Procurement Rules for contractors), as well as security clearances and other pre-employment screening procedures.
3.81
The minister explained that, for the stated reasons, the bill and the Regulatory Powers (Standard Provisions) Act 2014 already give effect to the committee’s suggested drafting changes to clauses 109 and 110.
3.82
The Scrutiny committee did not accept this reasoning and concluded:
….there is nothing on the face of the bill to limit the use of ‘other persons’ to assist the Commissioner as set out in the response. In particular, it appears that there is no requirement on the face of the bill that ‘other persons’ assisting an authorised person must be the staff, consultants or contractors to which clauses 47 to 49 of the bill refer. The committee reiterates its consistent scrutiny view in relation to the exercise of coercive or investigatory powers that persons authorised to use such powers should have appropriate training and experience.
3.83
The Scrutiny committee drew its concerns on the matter to the attention of the Senate.
Reversal of evidential burden of proof
Context
3.84
Clause 136 of the bill establishes the geographic jurisdiction of civil penalty provisions and offences in the bill. It does so by providing that the bill may apply extraterritorially where there is a sufficient link between Australia and the matter in order to establish the commissioner’s jurisdiction.
3.85
Subclauses 136(2) and 136(3) limit the geographic scope of the bill by providing defences for foreign entities, modelled on defences in section 15.2(2) and (4) of the Criminal Code. Under subclause (2), a foreign entity will not be liable for contravening a civil penalty or criminal offence provision if there is no Australian connection (territorial or nationality) and the conduct is lawful in the foreign jurisdiction in which it occurred. Subclause (3) provides the same defence for an ancillary contravention or ancillary offence, where it relates to a primary contravention or offence which occurred outside of Australia.
3.86
Subclause 136(4) sets out that a person that seeks to rely on these defences bears an evidential burden.
Concerns
3.87
The Scrutiny committee observed that at common law it is ordinarily the duty of the prosecution to prove all elements of an offence. It wrote:
This is an important aspect of the right to be presumed innocent until proven guilty. Provisions that reverse the burden of proof and require a defendant to disprove, or raise evidence to disprove, one or more elements of an offence, interferes with this common law right.
3.88
In light of this, it continued on:
While in this instance the defendant bears an evidential burden (requiring the defendant to raise evidence about the matter), rather than a legal burden (requiring the defendant to positively prove the matter), the committee expects any such reversal of the evidential burden of proof to be justified.
3.89
The Scrutiny committee observed that the reasons for the reversals of the evidential burden of proof in clause 136 were not addressed in the EM. As a result, it requested the minister’s advice as to why the bill proposes to use offence-specific defences (which reverse the evidential burden of proof) in this instance.
Minister’s response
3.90
In response, the minister advised that it is appropriate for the defendant to bear the evidential burden in these circumstances because evidence to establish whether:
the relevant conduct occurred wholly in a foreign country (but not on board an Australian aircraft or ship); and
the defendant is not an Australian entity (as defined in clause 9 of the bill) is ‘best able to be adduced by, and within the knowledge of, the defendant.’
3.91
The minister also advised that evidence that suggests the reasonable possibility that the conduct in question is lawful in a foreign country is also best raised by the defendant, as:
the defendant would have knowledge of that foreign jurisdiction; and
and it would be significantly more difficult or costly for Australian-based prosecutors to bear this burden.
3.92
Furthermore, the minister stated he was ‘willing to consider’ an addendum to the EM ‘at an appropriate time’ that incorporates the explanation he provided the Scrutiny committee.
3.93
The Scrutiny committee was satisfied with the minister’s response, and therefore made no further comment on the matter. It did, however, request that an addendum to the EM containing the key information from the minister be tabled in the Parliament as soon as practicable.
3.94
It made this request noting the importance of explanatory materials as a point of access to understanding the law, and if needed, as extrinsic material to assist with interpretation.