Queensland’s corruption watchdog has called for tougher penalties for public servants who misuse confidential information, following nine public hearings conducted in November.
In a new report titled Operation Impala, the Crime and Corruption Commission set out 18 recommendations designed to strengthen agencies’ practices while protecting the confidential information of the public.
The recommendations called for stronger IT access controls and audits of access, and increased accountability for public servants who access information. The report also recommended increased training on the responsibilities involved in dealing with confidential information, and on the consequences of unauthorised access or use.
The report noted “shortcomings in the legislation dealing with both the sanctions for improper access to or misuse of confidential information, and the forms of reparation available to the affected parties, either from the agency or the public officer involved in the improper conduct”.
In response to this, recommendation 10 suggested a new criminal offence that would make it easier to prosecute information breaches.
It proposed public servants who access confidential information face five years’ jail, with the sentence extended to 10 years if the offender obtained a benefit, disclosed the information to a third party, or used it to help commit a crime.
CCC chair Alan MacSporran said the new offence — if adopted — would mean public servants would no longer see the misuse of information as minor indiscretions or misguided curiosity.
“Creating a new offence in the Criminal Code will leave public servants in no doubt as to the seriousness of accessing, or disclosing, confidential information without a lawful reason,” he said.
“A new offence will appropriately classify this type of conduct as criminal in nature, and in our view, this aligns with the seriousness and consequences of accessing and disclosing Queenslanders’ confidential information.”
Operation Impala looked at the systems and cultures of seven state agencies to find out how and why public servants had accessed confidential information without any legitimate reason, according to MacSporran.
“We also wanted to understand how agencies responded to misuse of confidential information, whether by disciplinary action or by referring matters to the police or the CCC for consideration of criminal charges,” he said.
“We found during the hearing that agencies were at different levels of maturity in this area. Their approaches and sensitivity to risk depend on the types of information they collect, and how strongly the individual agency emphasises the importance of protecting people’s confidential information.
“Although individual agencies’ approaches may differ, it was evident they are all very sensitive to any loss of public trust in their operations, understand the damage that can be caused to people who are impacted by the access and disclosure of confidential information and they are committed to improving their systems.”
Improper access to and disclosure of confidential information by public sector employees has been one of the CCC’s key areas of focus since 2016.