the solution

Other Information

Welcoming a New Member to our Team!

We have recently welcomed Aryanna Singh to FOI Solutions. Aryanna gained admission to practice in September 2022 and completed her Bachelor of Laws (Honours) at Deakin University. Prior to joining FOI Solutions, Aryanna worked as a legal assistant in various practice areas including commercial law, disability discrimination law and migration. 

Aryanna possesses a strong interest in administrative law. 

 

In her final year of university, Aryanna wrote an Honours thesis on administrative law litigation. Her thesis considered the extent to which judicial review can hold administrative decision-makers to their representations. 

Aryanna looks forward to providing excellent service to FOI Solution’s government agency clients.   Welcome, Aryanna!

Training sessions coming up

FOI Solutions will be conducting its usual Basic and Intermediate FOI training sessions during various lunchtimes, in addition to other specalised training, in November and December as follows:

  • s 30(1) Public Interest Training - 22 November 2023
  • Professional Standards - Are You Complying? - 27 November 2023 
  • Session 1 - Privacy Refresher - 28 November 2023 
  • Privacy Sessions 1-3 - 1 December 2023 
  • Session 2 - Privacy - Internal Role - 5 December 2023 
  • Basic FOI Training 1 - 6 December 2023
  • Session 3 - Privacy - External Role - 7 December 2023
  • Basic FOI Training 2 - 8 December 2023 
  • Intermediate FOI Training: Exemptions 1 - 13 December 2023 
  • Intermediate FOI Training: Exemptions 2 - 15 December 2023

For more information or to register, please view our website or send an email to marketing@foisolutions.com.au requesting a copy of the flyer.

Question Time

Q:   What happens if a contractor has emailed out personal information - is my agency responsible?

A:   Section 118 of the Privacy and Data Protection Act 2014 addresses the relationship between employees and agents who carry out acts on behalf of the organisation.  Under s 118, an act done or practice engaged in by an employee or agent is taken to have been done or engaged in by the organisation unless the organisation establishes that it took reasonable precautions and exercised due diligence to avoid the act being done, or the practice being engaged in by its employee or agent.

 

In other words, if your organisation establishes that it took reasonable precautions and exercised due diligence to avoid the privacy breach from occurring, it would not be liable for a breach of privacy.  It is important to note that the required standard is that the steps are "reasonable".  This requires consideration of the circumstances and factors to determine whether the steps taken were reasonable to prevent the act or practice from occurring.  (See example case TSJ v Department of Health and Human Services [2016] VCAT 687).

 

Q: Is it a breach of privacy to reveal an FOI applicant's name when consulting?

A:   We are often asked this question; it is our general view that it is not.  Taking privacy obligations into account, the FOI Act envisages consultation in several instances, and in making a request under the FOI Act, an applicant should expect the legal parameters of that legislation to be used.  The PDP Act does not prevent personal information from being used when required or authorised by law, or where consent has been given, including implied consent.  

 

More than this, we believe it is likely that the obligation to make an administrative decision requires decision makers to consider all relevant information for that decision.  How can an FOI decision be made taking all relevant information into account, if a person consulted with does not know the identity of the FOI applicant? Consequently, we hold the view that it is not a breach of privacy to reveal an FOI applicant's name when consulting as long as it is within the parameteres of the FOI Act.