Data Availability and Transparency Act 2022
| Data Availability and Transparency | |
|---|---|
| Parliament of Australia | |
| Data Availability and Transparency Act 2022 | |
| Citation | No 11 of 2022[1] |
| Territorial extent | Australia |
| Enacted by | Australian House of Representatives |
| Date passed | 30 March 2022 |
| Enacted by | Senate |
| Date passed | 30 March 2022 |
| Date assented to | 31 March 2022 |
| Date commenced | 1 April 2022 |
| Date of expiry | 1 April 2027 |
| Legislative history | |
| Bill introduced in the Australian House of Representatives | Data Availability and Transparency Act 2020 |
| Introduced by | Stuart Robert |
| First reading | 9 December 2020 |
| Second reading | 30 March 2022 |
| Third reading | 30 March 2022 |
| Bill introduced in the Senate | Data Availability and Transparency Act 2022 |
| First reading | 30 March 2022 |
| Second reading | 30 March 2022 |
| Third reading | 30 March 2022 |
| Summary | |
| authorise the sharing of public sector data, and for related purposes | |
| Keywords | |
| data sharing | |
| Status: In force | |
Data Availability and Transparency Act 2022 (Cth) (DAT Act) is an Act[1] of the Australian Parliament that implements a scheme that authorises and regulates access to data held by the Australian Government.[2]
Background
In May 2017, the Productivity Commission released a report 'Data Availability and Use' that recommended, among other things, the Australian Government legislate a new data sharing and release arrangement for datasets of national interest.[3][4][5]
In response to this Productivity Commission report, the Australian Government in May 2018 foreshadowed new legislation to establish a new framework for sharing and releasing of public data.[6][7][8]
In September 2019, the Australian Government released a discussion paper on its proposed legislative reforms regarding the sharing and releasing of public data.[9]
In December 2020, the Australian Government introduced the Data Availability and Transparency (Consequential Amendments) Bill 2020 into Parliament.[10]
In February 2021, the Senate referred this bill to the Senate's Finance and Public Administration Legislation Committee;[11] this committee issued a report in April 2021.[12]
Following amendments to this Bill in March 2022, the Australian Parliament passed the Data Availability and Transparency Act 2022 into law.[13][14]
Overview
The Act creates a public-sector data sharing scheme that permits Australian Government (Commonwealth) bodies to share their data with other Commonwealth bodies, Australian state or territory government bodies, or Australian universities.[15]
The Act also permits under the scheme government bodies or universities to act as data service providers to other government bodies or universities.[16]
The Act establishes a National Data Commissioner to be the regulator of the data sharing scheme.[17] And it also establishes a National Data Advisory Council to provide advice to the Commissioner.[17]
The Act came in to effect on 1st April 2022.[18] It will sunset on 1st April 2027.[19]
The Act requires that the Minister (responsible for the scheme) initiate periodic reviews of the operation of the Act; a review must start by the third anniversary of the Act's commencement.[20]
Scheme Entities
The Act sets out definitions and authorisations for three types of entities under the scheme. Specifically, it defines and authorises:
- data custodians to share public-sector data;[21]
- users to obtain and use public-sector data;[22] and
- intermediaries to act as data service providers of public-sector data.[16]
The data custodian must be:
- the sole custodian of the data - otherwise, the authority to share must be obtain from all other custodians.[21]
The user or intermediary must be:
- a Commonwealth, state or territory government or body, or an Australian university; and
- accredited, either by the National Data Commissioner or the Minister responsible for the scheme.[22][16][24]
Data Sharing
The Act allows a data custodian to share their data either directly with an user, or through an intermediary;[21] the Act does not obligate custodians to share their data.[25]
The Act requires that sharing of data must:[26]
- be for one or more of the permitted data sharing purposes;
- be consistent with data sharing principles; and
- within a data sharing agreement.
If the shared data includes personal information, privacy protections also apply.[26] If data is shared through an intermediary, the custodian of the (source) data and the data user must have a data sharing agreement in place.[16]
The Act requires that scheme entities register their data sharing agreements with the National Data Commissioner;[27] an agreement will have no effect until it is registered.[28]
Data sharing purposes
The Act permits sharing of data under the scheme for three purposes only:[29]
- delivery of government services;
- informing government policy and programs; and
- research and development.
Delivery of government services may relate to service delivery by the Commonwealth Government or a State or Territory Government.[29] The services can include:
- providing information;
- providing services (that is not a payment, entitlement or benefit); and
- making or determining eligibility for a payment, entitlement or benefit.
The Act specifically precludes sharing of data under the scheme for law enforcement-related purposes or national security purposes.[29]
Prohibited data
The Act also prohibits data sharing if the data:[30]
- relates to national security and law enforcement;
- infringes copyright and other commercial rights;
- is prescribed by regulation (not to be disclosed);
- relates to international matters;
- is being held as evidence before a court or is subject court/tribunal orders.
Data sharing principles and privacy protections
The Act sets out a series of principles under which any sharing of data must be consistent with. These principles relate to the appropriateness of the project, people, settings, data, and outputs of the data sharing.[31]
The Act defines a set of privacy protections:
- General[32]
- Purpose-specific[33]
- Data service providers:
- Privacy Act coverage.[36]
- compliance with Australian Privacy Principle.[37]
The Act also requires the National Data Commissioner make 'codes of practice' (data codes) regarding:[38]
- data sharing principles;
- general privacy protections; and
- purpose‑specific privacy protections.
National Data Commissioner
The Act sets out the functions of the National Data Commissioner.[17][39] These functions include
- accredit scheme entities;[40]
- give advice on the scheme to minister, and scheme entities;[41]
- provide guidance on the scheme through data codes and guidelines;[42]
- educate and support scheme entities;[43]
- maintain registers of users[44], intermediaries[45] and agreements;[46] and
- regulate and enforce the scheme.[47]
The function to regulate and enforce includes:
- hear[48] and deal[49] with complaints made against scheme entities (or the scheme);
- assess[50] and investigate[51] entities; and
- make determination[52] and recommendations.[53]
The Act provides the Commissioner with a number of enforcement options, which include
The Commissioner may also transfer the matters to another authority, including the police.[58]
Accreditation
The Act sets out the framework for how users and intermediaries are accredited.[40] This framework defines the power of the National Data Commissioner (and the Minister responsible for the scheme) to:
- accredit entities;[40]
- impose and vary conditions of accreditation;[59]
- renew accreditations;[60] and
- suspend or cancel accreditation.[61]
The framework also outlines the broad criteria for accreditation.[40] The criteria requires all users and intermediaries have policies, practices, skills and/or capability to perform:[62]
- data management and governance;
- risk management of unauthorised access; and
- privacy protection.
For intermediaries to act as data service providers, the criteria also requires they can perform data de-identification, secure data access and/or complex data integration.[63].
Registers, Codes, Guidelines and Rules
The Act requires that the Commissioner maintains registers of accredited users[44], accredited intermediaries[45] and data sharing agreements[46]; the Act requires that these registers have a publicly accessible part.[64]
The Act gives the Commissioner power to administrate the data sharing scheme through two kinds of legislative instruments:[65].
The Act requires that scheme entities comply with the data codes[68], and have regard to the guidelines.[69]
The Act also gives the Minister power to prescribe rules regarding the data sharing scheme, through a legislative instrument called 'rules'[70]; all scheme entities must comply with these rules.[68]
National Data Advisory Council
The Act creates a National Data Advisory Council to provide advice to the Commissioner on a range of matters relating to sharing and use of public data under the scheme. These matters include:[71]
- ethics;
- trade-off between data availability and privacy
- trust and transparency
- technical best practice
- industry and international developments
The Council has the following members:[72]
- National Data Commissioner
- Australian Statistician
- Australian Information Commissioner
- Australian Chief Scientist
The Act requires that the Commissioner appoint between five and eight other members.
External Links
References
- ↑ Data Availability and Transparency Act 2022 (Cth)
- ↑ Witzleb, Normann (2023-04-12), Hennemann, Moritz; Lewinski, Kai von; Wawra, Daniela; Widjaja, Thomas, eds., "Responding to Global Trends? Privacy Law Reform in Australia", Data Disclosure, De Gruyter, pp. 147–168, doi:10.1515/9783111010601-009, ISBN 978-3-11-101060-1, retrieved 2023-06-08
- ↑ Duckett, Chris (May 8, 2017). "Productivity Commission calls for Data Sharing Act as consumer opt-out rights binned". ZDNET. Retrieved 2023-06-07.
- ↑ Page, Rosalyn (July 5, 2021). "The security implications of the new Australian data-sharing scheme". CSO. Retrieved June 15, 2023.
- ↑ Stephenson, Niamh; Smith, Catherine; Vajdic, Claire M. (August 2022). "Health and public sector data sharing requires social licence negotiations". Australian and New Zealand Journal of Public Health. 46 (4): 426–428. doi:10.1111/1753-6405.13261.
- ↑ Barbaschow, Asha (2020-04-21). "COVID-19 stalls Australia's Data Availability and Transparency Act". ZDNET. Retrieved 2023-06-15.
- ↑ Barbaschow, Asha (May 1, 2018). "Australia to invest AU65m on reforming its data system". ZDNET. Retrieved 2023-06-07.
- ↑ de Oliveira Costa, Juliana; Bruno, Claudia; Schaffer, Andrea L; Raichand, Smriti; Karanges, Emily A; Pearson, Sallie-Anne. "The changing face of Australian data reforms: impact on pharmacoepidemiology research". International Journal of Population Data Science. 6 (1): 1418. doi:10.23889/ijpds.v6i1.1418. ISSN 2399-4908. PMC 8107783 Check
|pmc=value (help). PMID 34007904 Check|pmid=value (help). - ↑ Barbaschow, Asha (2019-09-02). "Consent removed from Australia's proposed data-sharing legislation". ZDNET. Retrieved 2023-06-14.
- ↑ Sadler, Denham (2020-12-09). "Data sharing reforms finally hit the Parliament". InnovationAus.com. Retrieved 2023-06-15.
- ↑ Sadler, Denham (2021-04-05). "Govt data sharing plan 'violates expectations'". InnovationAus.com. Retrieved 2023-06-15.
- ↑ Sadler, Denham (2022-02-08). "Reworked data-sharing legislation returns to Parliament with Labor's support". InnovationAus.com. Retrieved 2023-05-30.
- ↑ Hendry, Justin (2022-03-31). "Public sector data sharing laws pass parliament with Labor changes". iTnews. Retrieved 2023-05-30.
- ↑ Burton, Tom (2022-04-01). "End to multiple forms as 'tell us once' becomes possible". Australian Financial Review. Retrieved 2023-06-15.
- ↑ Data Availability and Transparency Act 2022 (Cth) s 4
- ↑ 16.0 16.1 16.2 16.3 Data Availability and Transparency Act 2022 (Cth) s 13b
- ↑ 17.0 17.1 17.2 Data Availability and Transparency Act 2022 (Cth) s 39
- ↑ Data Availability and Transparency Act 2022 (Cth) s 2
- ↑ Data Availability and Transparency Act 2022 (Cth) s 143
- ↑ Data Availability and Transparency Act 2022 (Cth) s 142
- ↑ 21.0 21.1 21.2 Data Availability and Transparency Act 2022 (Cth) s 13
- ↑ 22.0 22.1 Data Availability and Transparency Act 2022 (Cth) s 13a
- ↑ 23.0 23.1 Data Availability and Transparency Act 2022 (Cth) s 11
- ↑ Data Availability and Transparency Act 2022 (Cth) s 73
- ↑ Data Availability and Transparency Act 2022 (Cth) s 25
- ↑ 26.0 26.1 Data Availability and Transparency Act 2022 (Cth) s 12
- ↑ Data Availability and Transparency Act 2022 (Cth) s 33
- ↑ Data Availability and Transparency Act 2022 (Cth) s 18
- ↑ 29.0 29.1 29.2 Data Availability and Transparency Act 2022 (Cth) s 15
- ↑ Data Availability and Transparency Act 2022 (Cth) s 17
- ↑ Data Availability and Transparency Act 2022 (Cth) s 16
- ↑ Data Availability and Transparency Act 2022 (Cth) s 16a
- ↑ Data Availability and Transparency Act 2022 (Cth) s 16b
- ↑ Data Availability and Transparency Act 2022 (Cth) s 16c
- ↑ Data Availability and Transparency Act 2022 (Cth) s 16d
- ↑ Data Availability and Transparency Act 2022 (Cth) s 16e
- ↑ Data Availability and Transparency Act 2022 (Cth) s 16f
- ↑ Data Availability and Transparency Act 2022 (Cth) s 126
- ↑ Data Availability and Transparency Act 2022 (Cth) s 42
- ↑ 40.0 40.1 40.2 40.3 Data Availability and Transparency Act 2022 (Cth) s 74
- ↑ Data Availability and Transparency Act 2022 (Cth) s 43
- ↑ Data Availability and Transparency Act 2022 (Cth) s 44
- ↑ Data Availability and Transparency Act 2022 (Cth) s 45a
- ↑ 44.0 44.1 Data Availability and Transparency Act 2022 (Cth) s 129
- ↑ 45.0 45.1 Data Availability and Transparency Act 2022 (Cth) s 128
- ↑ 46.0 46.1 Data Availability and Transparency Act 2022 (Cth) s 130
- ↑ Data Availability and Transparency Act 2022 (Cth) s 45
- ↑ Data Availability and Transparency Act 2022 (Cth) s 88
- ↑ Data Availability and Transparency Act 2022 (Cth) s 91
- ↑ Data Availability and Transparency Act 2022 (Cth) s 99
- ↑ Data Availability and Transparency Act 2022 (Cth) s 101
- ↑ Data Availability and Transparency Act 2022 (Cth) s 102
- ↑ Data Availability and Transparency Act 2022 (Cth) s 103a
- ↑ Data Availability and Transparency Act 2022 (Cth) s 112
- ↑ Data Availability and Transparency Act 2022 (Cth) s 115
- ↑ Data Availability and Transparency Act 2022 (Cth) s 114
- ↑ Data Availability and Transparency Act 2022 (Cth) s 116
- ↑ Data Availability and Transparency Act 2022 (Cth) s 73
- ↑ Data Availability and Transparency Act 2022 (Cth) s 78
- ↑ Data Availability and Transparency Act 2022 (Cth) s 84
- ↑ Data Availability and Transparency Act 2022 (Cth) s 81
- ↑ Data Availability and Transparency Act 2022 (Cth) s 77
- ↑ Data Availability and Transparency Act 2022 (Cth) s 77
- ↑ Data Availability and Transparency Act 2022 (Cth) s 117
- ↑ Data Availability and Transparency Act 2022 (Cth) s 117
- ↑ Data Availability and Transparency Act 2022 (Cth) s 126
- ↑ Data Availability and Transparency Act 2022 (Cth) s 127
- ↑ 68.0 68.1 Data Availability and Transparency Act 2022 (Cth) s 26
- ↑ Data Availability and Transparency Act 2022 (Cth) s 27
- ↑ Data Availability and Transparency Act 2022 (Cth) s 133
- ↑ Data Availability and Transparency Act 2022 (Cth) s 61
- ↑ Data Availability and Transparency Act 2022 (Cth) s 62
This article "Data Availability and Transparency Act 2022" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Data Availability and Transparency Act 2022. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.
| This page exists already on Wikipedia. |
