Tinkering with data policy isn’t enough to keep pace with what’s coming, says Productivity Commission chair Peter Harris.“The entrenched culture of risk aversion, reinforced by a range of policy requirements and approval processes, greatly inhibits data discovery, analysis and use.”
Releasing the PC’s draft report into data availability and use today — co-authored with commissioner Melinda Cilento — Harris understands that what comes next will be challenging for public servants invested in the current culture of risk aversion.
There will be opportunities for some agencies to raise funds by pricing datasets, but safeguards will need to be put into place. “Most agencies aren’t entrepreneurial — and we wouldn’t want them to be,” Harris told journalists yesterday. By coming clean about what data government does own, the processes of catching up to the likes of the UK and the US will begin.
While Harris clearly hopes all public servants will become much more informed about their responsibilities and opportunities, he acknowledges there is a long way to come.
The PC’s proposal comes in several components, designed to balance each other as they encourage data entrepreneurship, taxpayer value and personal privacy.
Come clean about government-owned data
The PC wants all public sector agencies to audit and reveal what datasets they already hold within a year. States and territories should turn over their audit results to the Commonwealth so that all public datasets, whether available or not, can be listed on data.gov.au.
Central agencies have a role in supporting best practice ensuring available data and metadata are catalogued and searchable, in machine-readable formats.
New South Wales and Western Australia were noted for having made good progress in areas of data availability for public-interest research, but taken as a complete picture, Australia is lagging behind comparable governments and economies. This means there is a lot of unmet potential in data integration, across sectors and across governments.
Public services commissioned to the private sector should be evaluated before contracting for valuable data that could be created through those services. Where such data is valuable or of strategic or public interest, governments should retain the right to access that data in a machine readable form.
The conundrum of personal data
Once data is known to exist, there’s the matter of making it accessible to researchers and safe for the individuals the data covers.
Government data holders, and some rare private sector data holders like hospitals and health insurers, are subject to more than 500 restrictions in Commonwealth legislation alone. This must be simplified, the PC urges. The inquiry acknowledges that many will remain valid, they are rarely reviewed and many will no longer be fit for purpose.
Sharing personal data between agencies has been limited by a belief in parts of the public sector that the community is uncomfortable with the notion. The PC, flatly, wants the public sector to start listening to the people, saying reliable surveys tell a very different story: that most individuals believe sharing personal information between government departments can be beneficial.
But the personal data that is shared between agencies shouldn’t be the same data that is shared with outsiders like researchers or for-profit entrepreneurs. So how is that handled? De-identification.
De-identification must be built into everything government does that creates data. The Office of the Australian Information Commissioner will lead the education of this skillset. It should also be sole authority with the power to certify, at its discretion, when entities are using best practice de-identification processes.
The PC has also proposed a “Comprehensive Right” for consumers to control what data organisations hold about them, including automated collection of metadata such as location. There will undoubtedly be much more coverage of this in the mainstream media, as it will significantly impact private sector data holders.
Data covered by a legislative requirement, such as those held by National Archives of Australia, would be except from this Comprehensive Right. Harris sidestepped the question of opting out of metadata collection used by law enforcement at a briefing with journalists yesterday.
What does this mean for public data custodians?
A whole new set of bureaucratic infrastructure could well be coming soon, if the reforms are adopted. This is likely to make it a lot easier for smaller agencies that hold data but lack the resources of expertise to determine what should and shouldn’t be released, and to whom.
A new National Data Custodian has been proposed to have responsibility for broad oversight and monitoring of Australia’s data system. This person won’t have all the responsibility though, as the PC has also proposed Accredited Release Authorities with sectoral expertise. Finally, the PC also recommends a committee of parliament be established to provide a mechanism for community input.
The data you hold might become part of a new class of National Interest Datasets, to be determined by the Australian government in consultation with state and territory governments. Harris estimates that these datasets might only grow to around 40 in number in the foreseeable future, and would need to satisfy a threshold of generating significant community-wide net benefits.
Datasets that don’t meet that threshold would still be releasable, but only if approved by the relevant Accredited Release Authority.
A tiered system of trusted users, which would include government agencies, universities and other entities, will replace the current unrestricted access policy of datasets released on data.gov.au.