Explanatory Memorandum
(Circulated by authority of the Treasurer, the Hon Peter Costello, MP)SCHEDULE 2 - AMENDMENT OF THE CUSTOMS ADMINISTRATION ACT 1985
Item 1 - Subsections 16(1), (2) and (3)
This item repeals the existing subsections 16(1), (2) and (3) of the Customs Administration Act 1985 (which is the Act referred to in the clause notes for this Schedule) and substitutes new subsections (1), (1A), (2), (3), (3A), (3B), (3C), (3D), (3E).
New subsection (1) is an overview of the section and setting out its purpose following the insertion of the new provisions.
New subsection (1A) sets out definitions which will apply in section 16.
The existing definitions at Subsection (7) of AQIS, authorised officer of AQIS and food are moved to this subsection and a number of new definitions included.
In relation to the following definitions inserted under the new subsection (1A):
the term authorised person is intended to identify those persons who under subsection (2) will be subject to the obligation of secrecy and who may be authorised by the Chief Executive Officer of Customs (CEO) or his or her delegate to disclose information or a class or information in accordance with the section. The definition extends to persons who are engaged to provide goods or services to the Commonwealth through the Australian Customs Service e.g., contractors and consultants;
the definition of Commonwealth agency is inserted into the Act. This alters the current situation in which the term agency takes its meaning from that contained in the Freedom of Information Act 1982 . Inserting this definition eliminates the need to have to look at two Acts to find out what the term means;
the duties being performed by an authorised person subject to the secrecy provisions are those duties connected with responsibilities performed on behalf of Customs. The Acts secrecy provisions do not apply to other responsibilities of a person, for example where a State government employee performs some Customs functions, the secrecy provisions would not extend to those responsibilities concerning the state government;
an international organisation is defined as one falling within the meaning of the Diplomatic Privileges & Immunities Act 1967 or as identified as such within regulations made under the Act. This definition is necessary for the disclosure provision at subsection (3D);
the expression personal information has the same meaning as arises in the Privacy Act 1988. Later new provisions specifically address the disclosure of personal information and it is intended to remain consistent with that Act in the meaning of that expression.
the definition of principal officer is inserted into the Act. This alters the current situation in which the term agency takes its meaning from that contained in the Freedom of Information Act 1982 . Inserting this definition eliminates the need to have to look at two Acts to find out what the term means;
the protected information , that is, the information the subject of the Acts secrecy provisions is that acquired as a consequence of performing the duties of an authorised person;
State is defined expressly to include the Northern Territory and the Australian Capital Territory. The existing s.16(1)(c) defines State to include the Northern Territory, but makes no provision for the Australian Capital Territory;
State agency is a new definition in similar terms to that of Commonwealth agency. However, as the definition is applicable to the official disclosure provisions at subsection (3B) and (3C) and it is not intended that those provisions be used for disclosures to a municipal corporation or any other local government body, the definition expressly excludes these latter bodies.
Prohibition against disclosure etc. of protected information
New subsection (2) is an offence provision, which prohibits a person who is or has been an authorised person making a record or disclosing protected information except if authorised by the Section or as required or authorised by another law or in the course of performing duties. The maximum penalty is imprisonment for two (2) years.
This provision:
- •
- eliminates the reference in the existing s.16(2) to producing documents and refers solely to making a record or disclosing protected information; and
- •
- removes the complexity in the existing s.16(2) arising from the need to prove the elements of breach of confidence as part of any prosecution under the provision.
Authorised disclosures under this section
New subsection (3) ensures that disclosures under subsections (3A), (3B), (3C) or (3D) are authorised by the Section and that acting in accordance with those Subsections would constitute a lawful exception to the offence provision at subsection (2). (See paragraph (2)( c)).
- •
- The authorisation is subject to compliance with particular requirements in relation to personal information proposed in subsections (7), (8), (9) and (10).
CEOs authorisation - Commonwealth agency
New subsection (3A) provides that the CEO may authorise in writing the disclosure of information or a class of information by an authorised person to a Commonwealth agency for the purpose of its functions. This provision has a number of features:
- •
- The disclosure may be made to the principal officer of that agency or a person authorised to act on behalf of that agency. This seeks to correct the existing anomaly that disclosure to a Commonwealth agency under s.16(3)(a)(i) may only be made to the principal officer.
- •
- The provision provides for the disclosure of a class of information so as to allow a single authorisation in writing to suffice rather than multiple approvals for essentially the same kind of material.
- •
- This would permit computer transfer of a class of information, subject to conditions which may apply (see also paragraph ((3A)(d)). There is no provision in the existing provision for computer transfer of information.
- •
- The CEO must be satisfied that the Commonwealth agency has undertaken not to further use or disclose material to be provided except for the purpose given in the authorisation. The material may not otherwise be disclosed except as required or authorised by law. The purpose must be specified in writing (paragraph (3A)(d)) and the CEO may not specify any purpose that is not related to the performance of the functions of the recipient agency concerned (subsection (3E)((a)).
- •
- The CEO may not authorise a disclosure of personal information under subsection (3A) without complying with the additional requirements set out at subsections (7), (8) and (10).
CEOs authorisation - State agency for Commonwealth purposes
New subsection (3B) provides that the CEO may authorise the disclosure of information or a class of information by an authorised person to a State agency for the carrying out of a Commonwealth function by that agency.
For example in relation to a State government official performing functions on behalf of Customs in a remote area. This provision is similar in substance to subsection (3A) including in relation to the requiring of an undertaking from the agency (Subsection (3B) (b)) and additional limitations which must be complied with concerning personal information (Subsections (7), (8) and (10). The existing provisions (s.16(3)) do not provide for disclosures to a State agency to carry out a Commonwealth function.
The CEO may not authorise disclosure for a purpose under this provision other than for a specified purpose relating to the performance by that State agency of a Commonwealth function (Subsections (3B) (d) and (3E)(b)).
CEOs authorisation - State agency for State purposes
New subsection (3C) provides that the CEO may authorise the disclosure of information or a class of information by an authorised person to a State agency for the performance of its own functions. Similarly to subsections (3A) and (3B) there is a requirement in relation to the requiring of an undertaking from the State agency (Subsection (3C) (b)) and additional limitations which must be complied with concerning personal information (Subsections (7),(8) and (10).
The existing provisions (s.16(3)((b)) limit disclosure to the State authorities to where the CEO is satisfied that the information will be used for an investigation whether an offence has been committed under State law. The new provision recognises that there may be circumstances where disclosure to a State agency may be necessary for different purposes including intelligence purposes with law enforcement authorities, revenue matters and so on.
The CEO may not authorise disclosure for a purpose for disclosure under this provision other than for the performance of the functions of the State agency concerned (Subsections (3C)(d) and (3E)(c)).
CEOs authorisation - certain agreements
New subsection (3D) provides that the CEO may authorise the disclosure of information or a class of information by an authorised person to a foreign country, an instrumentality or agency of a foreign country or an international organisation.
It recognises that an agreement may be entered into by the Commonwealth or a particular Commonwealth agency (including the Australian Customs Service) which may involve the disclosure of information. For example an agreement with a foreign Customs service or other law enforcement body. Where such an agreement exists, the CEO may under subsection (3D) authorise disclosure subject to an undertaking that the information will not be used or further disclosed except for the purpose for which the disclosure was authorised (Subsection (3D)(b) and (d)).
The existing provision (s.16(3)(c)) provides for disclosure to the government of a foreign country for the purpose of investigating whether an offence has been committed against the law of that country or for investigating whether circumstances exist by reason of which the Minister or CEO may exercise a power under Commonwealth law. The new provision seeks to address the deficiencies in the provision by recognising the existence of foreign agencies as such (e.g., foreign Customs and law enforcement agencies) as well as international organisations. While the new provision requires that an agreement exist, the authority to disclose is based on the subsection and a distinct decision by the CEO to disclose under the subsection is required.
The CEO may not authorise a disclosure under subsection (3D) unless the purpose is related to the purpose of the agreement concerned (See subsection (3E)(d)).
The CEO may specify the manner of disclosure as well as any conditions under which the disclosure is made (Subsection (3D)(d)). The new provision would permit the disclosure of information or a class of information by computer system if the CEO so specified in the authorisation.
The CEO may not disclose personal information under subsection (3D) unless the additional requirements at subsections (7), (8) and (10) are complied with.
Specified purpose in an authorisation by the CEO
New subsection (3E) limits the CEO from authorising a disclosure of information or a class of information under subsections (3A), (3B), (3C) or (3D) as discussed above.
Within those disclosure provisions, at paragraphs (3A)(d), (3B)(d), (3C)(d) or (3D)(d) respectively, the CEO is required to specify a purpose for which the disclosure is authorised to be made. This purpose must be within the limits of a purpose set out in subsection (3E) applicable to that subsection.
Subsection (3E) applies to the any disclosure of information or a class or information under those subsections, irrespective of whether or not personal information is involved
Where personal information is concerned, the requirements of subsection (3E) must be met as well as subsections (7) to (10) (discussed below) before the CEO can authorise a disclosure.
Authorised disclosure because of threat to health or life
New Subsection (3F) is inserted in recognition of the fact that there are emergency circumstances in which making a record or disclosing information must take place. Where there are reasonable grounds to believe that a serious and imminent threat to the health or life of a person or persons may exist and it is necessary to act to avert or reduce that threat, then subsection (3F) permits the making of a record, or the disclosure of information to another person.
Subsection (3)(b) ensures that subsection (3F) is considered an authority to make a record or disclose protected information.
Under this item, subsection 16(7) is repealed. That provision contained definitions placed within the new subsection (1A). New subsections (7), (8), (9) and (10) are substituted for subsection 16(7).
Disclosure of personal information
New subsections (7), (8), (9) and (10) impose requirements in relation to an authorisation for disclosure of information which may be or contain personal information. These apply in addition to any requirements arising in the authorisation provisions at subsections (3A), (3B), (3C), (3D) or (4).
This reflects a considerable change from the existing s.16(3), which does not expressly mention personal information, though disclosure is subject to the requirements of the Privacy Act 1988. These new requirements are intended to be consistent with that latter Act.
New subsection (7) ensures that where personal information is concerned the provisions under the section do not authorise disclosure unless in the case of:
- •
- particular information: there is compliance with subsection (8); and
- •
- a class of information: there is compliance with subsections (8) and (10).
The subsection essentially requires that any authorisation of the CEO for the disclosure of personal information must meet the terms of subsection (8) and conform with one or more of the purposes set out in subsection (9) for that disclosure to be lawful. Where the intended authorisation concerns a class of information, it must also conform with these requirements together with those set out in subsection (10) with respect to the regulations.
New subsection (8) applies to any disclosure of particular information or a class of information that contains personal information. It requires the CEO to be satisfied that the disclosure is necessary for one of the purposes at subsection (9) and that the given purpose must be specified in any written authorisation under subsections (3A) to (3D) or otherwise a written approval in relation to subsection (4). It also requires that the actual disclosure be made for that purpose.
New subsection (9) specifies the only permissible purposes for which information or a class of information containing personal information may be authorised to be disclosed under the section. They are:
- (a)
- the administration or enforcement of a law of the Commonwealth, of a Territory or of another country that relates to:
- (i)
- criminal law; or
- (ii)
- a law imposing a pecuniary penalty or providing for the forfeiture of property;
- (b)
- in relation to a law referred to in paragraph (a), the prevention of crime, or the detection or analysis of criminal conduct, in respect of that law;
- (c)
- the administration or enforcement of a law of a State that relates to:
- (i)
- criminal law; or
- (ii)
- a law imposing a pecuniary penalty or providing for the forfeiture of property;
- (d)
- in relation to a law referred to in paragraph (c), the prevention of crime, or the detection or analysis of criminal conduct, in respect of that law;
- (e)
- a purpose relating to the protection of public health, or the prevention or elimination of risks to the life or safety of an individual or a group of individuals;
- (f)
- the collection of the public revenue of the Commonwealth, a Territory or another country;
- (g)
- the collection of the public revenue of a State;
- (h)
- a purpose relating to a law of customs or excise;
- (i)
- a purpose relating to immigration, quarantine or border control between Australia or another country;
- (j)
- the administration of laws with respect to commerce:
- (i)
- between a State and another State; or
- (ii)
- between a State and a Territory; or
- (iii)
- between a Territory and another Territory; or
- (iv)
- between Australia and another country;
- (k)
- the administration or enforcement of laws with respect to commerce within a State.
New subsection (10) is a requirement in addition to subsections (7), (8) and (9) that applies to the situation where a class of information containing personal information may be disclosed. The new subsection (10) requires that the identity of the:
- •
- Commonwealth agency;
- •
- State agency;
- •
- instrumentality or agency of a foreign country; or
- •
- international organisation,
to which a disclosure is being authorised must first be specified in regulations. It also requires the regulations to specify the class of information that may be disclosed to that agency, country, instrumentality or organisation concerned. These regulations must be in existence before any such authorisation for disclosure is made.
The purpose of the particular disclosure of a class of information containing personal information must be a permissible purpose set out at subsection (9).
New section 16AA is intended to make provision for the purposes of a prosecution for an offence against the secrecy provision at the new subsection 16(2) as well as related offences arising at ss. 5, 6, 7, 7A or 86(1) of the Crimes Act 1914 . It provides a means of proving the state of mind of a body corporate and individuals in relation to particular conduct as well as to attribute the conduct of a director, employee or agent of a body corporate to that body corporate where the conduct was within actual or apparent authority.
This new section is necessary as the offence provision at subsection 16(2) concerns the conduct of an authorised person which can include a director, employee or an agent of a body corporate engaged to provide goods or services to the Commonwealth through the Australian Customs Service (See the definition of authorised person at new subsection 16(1A)).
Under consultancies and contracts for the provision of services, such parties may gain access to protected information. Therefore, the same legal responsibility under the new provisions are to apply to these as to officers or employees of the Australian Customs Service.