Welcome to the summer edition of Government Bulletin.
In this special edition of our fortnightly publication, we put a spotlight on the government’s ongoing digital transformation and take a close look at some of the key trends and issues as a result of this digitisation.
Our experts analyse the key issues in:
- Overview: Open government and digitising the customer experience
- Construction & Infrastructure: Prefabrication and 3D printing – the future of the industry
- Corporate & Commercial: Facial recognition technology – Australia’s regulatory framework
- Data & Privacy:
- Planning, Environment & Sustainability: ePlanning reform
- Property & Real Estate: The rise of electronic transactions
- Workplace Relations & Safety: Technology in the workplace
Overview: Open government and digitising the customer experience
With governments at all levels across Australia continuing to push into digital transformation, we look at ‘open government and digitising the customer experience’ as the overarching theme in our summer edition of the Government Bulletin.
Initiatives such as Service NSW’s foray into digital driver’s licenses is a worthy example of this transition in service delivery.
With a massive take-up in the first 48 hours of being launched, the digital driver’s licenses has been praised for streamlining and simplifying the customer experience, but data and privacy concerns have also been raised.
Service NSW – the single customer service division for the delivery of government services – made great strides in 2019 in digitising several forms and reducing the overall complexity of dealing with government.
NSW is not alone in grappling with digital transformation and initiatives are many across the states.
For example the Queensland Government, as part of its “DIGITAL1ST” digital strategy for 2017 to 2021, is currently discussing projects such as digital hospitals, the use of drone technology to assist in turtle rehabilitation and new technology for emergency services.
At a Commonwealth level, a concerted approach is underway to develop a proposed national driver’s licence facial recognition solution, with the Identity-matching Services Bill 2019 the proposed statutory vehicle for implementing this.
Across the various states and at a national level, there is much to consider in bringing on these digital transformation initiatives, such as:
- tortious liability - is there potential tortious liability associated with the initiative and how should governments seek to reduce liability?
- copyright - are there copyright implications and how will copyright be treated?
- permissible sub delegation of legislative authority - is there an express authorisation that enables the decision to be made by an electronic system?
- personal information - is personal information involved and how will it be treated?
- public accessibility and disclosure - will the information be accessible or can it be disclosed on application?
- admissibility in court - will the data be admissible in a court or tribunal?
- maintaining the digital record - what are the record keeping obligations imposed?
Prefabrication and 3D printing – the future of the industry
With advancing technology, 3D printing, prefabrication and modularisation are gaining traction as being more practically viable for application on a larger scale in the construction industry.
These new technologies promise the industry lower construction costs, schedule and quality control and improved sustainability solutions. But they simultaneously present many challenges such as transportation of manufactured modules, coordination of 3D printers, and contractual allocation of new risks that may be challenging to the current construction market.
Prefabrication and modularisation
Prefabrication is a construction practice where building components (e.g. walls, floors, doors) are manufactured off-site and assembled at the site. Modularisation takes prefabrication one step further and typically means the entire unit of a building is constructed off-site.
With the aid of developing computerised systems, prefabrication and modularisation are expected to achieve greater precision, simplicity, standardisation and freedom of customisation with reduced costs.
Currently, modularisation is already capable of reliably constructing permanent or relocatable buildings for education, healthcare, commercial or residential use.
The use of 3D printing technologies in construction, also known as an Autonomous Robotic Construction System, involves the transportation of a 3D printer (industrial robots) to the site and automatically constructing the building with 3D printed concrete or mechanically cut bricks.
3D printing not only reduces the errors of human intervention, but may also substantially reduce the energy consumption, noise pollution and greenhouse gas emissions when compared to a traditional construction phase.
Architectural 3D printing technology requires further research and development as there are currently limited construction materials that are compatible with 3D printing.
Amendments to existing contractual arrangements
New technologies bring about new contractual issues and considerations.
Traditional standard form construction contracts (e.g. AS4902, AS4000) may continue to be used for projects that incorporate 3D printing, prefabrication or modularisation – subject to some important and carefully considered amendments and modifications.
Alternatively, the NEC4 suite of contracts, which are gaining momentum in Australia, would also be appropriate as they have inbuilt options for Early Contractor Involvement – which can be used to progress innovations and workshop risks in the early phases of a project.
Regardless of the form of contract used for the particular project, the following are some risks and issues that the new technologies of 3D printing, prefabrication or modularisation will likely present to any project, which will need to be carefully considered to ensure that they are appropriately captured in the risk allocation under the contract:
- involvement of subcontractors that supply technology and provide maintenance
- transfer of liability and risk of loss (e.g. delay of delivery, or damage or destruction while in transit from the manufacturing site to the project site)
- basis and timing of payment for off-site materials
- variation of design
- quality control over off-site production and interface with other construction materials and build elements
- workplace health and safety plus regulatory compliance.
Facial recognition technology – Australia’s regulatory framework
Commitments were made by Commonwealth, State and Territory governments to share and match identity information under the 2017 Council of Australian Governments (COAG) agreement on identity matching services.
One of the initial ways in which the COAG agreement is being implemented is through the development of a proposed national driver’s licence facial recognition solution. This would allow for comparison of facial images against a collection of driver's license images in that database. We take a look at the current status of that proposal and the steps that need to be taken for its implementation.
What is happening at a State and Territory level?
A number of State and Territory governments have passed legislation to enable implementation of the national driver’s licence facial recognition solution. NSW, Victoria, Queensland, South Australia and Tasmania have all passed laws permitting the sharing of driver’s licence information. Western Australia, the Northern Territory and the Australian Capital Territory are all in the process of amending their laws to enable them to share their data as well.
Victoria, Tasmania and South Australia were the first states to upload their data into a database which will eventually interface with the national driver’s licence facial recognition solution. The remaining States and Territories will follow over the next two years, assuming that the federal legislation necessary to implement the scheme is also passed.
The future of the Identity-matching Services Bill 2019
At a federal level the Identity-matching Services Bill 2019 (IMS Bill) is the proposed statutory vehicle for implementing the identity matching services envisaged by the COAG agreement.
The IMS Bill provides for the identity matching services to be provided via an “interoperability hub” operated by the Federal Department of Home Affairs. The hub would work on a question and response model. Users would not be able to browse the database, but would only have their identity verification questions answered (e.g. “Is this person who she says she is?”). In addition to allowing use by State and Territory governments, the IMS Bill proposes that some private entities, such as banks and telecommunications companies, would also be able to use the services.
The IMS Bill has provoked significant controversy. It has not yet been passed by the Federal Parliament and it is likely that it will require amendment to incorporate greater protections for individuals.
Balancing benefits with privacy
The COAG agreement has many beneficial aims. For example, the national driver’s licence facial recognition solution should, once in place, make it harder to use driver’s licences for identity theft, improve road safety and provide an easy and secure way to verify someone’s identity. This has significant benefits at both a State or Territory level and a Federal level in providing protections for Australians. Other benefits include supporting law enforcement, upholding national security, enhancing community safety and improving service delivery. These benefits however need to be weighed against the important consideration of protecting the privacy of individuals.
The IMS Bill was reviewed by the Parliamentary Joint Committee on Intelligence and Security (Joint Committee) in 2019. Numerous stakeholders raised concerns about the impact on privacy for individuals in their submissions. A common concern was the potential for the services to be used for mass surveillance and tracking. Non-privacy related concerns included the risks of unauthorised access to, and compromise of, the collected identity data.
The Joint Committee, while it supported the aims of the Bill, had serious concerns about the lack of detail and the limited safeguards in relation to the use of highly sensitive information contained in the IMS Bill. It recommended the IMS Bill be redrafted – the first time it has made such a recommendation in a significant period. The Joint Committee’s October 2019 report recommends the redraft take into account the following principles:
- the regime should be built around privacy, transparency and subject to robust safeguards
- the regime should be subject to parliamentary oversight and reasonable, proportionate and transparent functionality
- the regime should be one that requires annual reporting on the use of the identity-matching services
- the legislation should specifically require a participation agreement that sets out the obligations of all parties participating in the identity-matching services regime in detail.
These are all sensible recommendations to provide appropriate transparency and safeguards the potential misuse of the services.
Australia’s Home Affairs Minister Peter Dutton, who has responsibility for the IMS Bill, has committed to working with the Joint Committee to ensure that the IMS Bill becomes law. The Joint Committee’s report will be a very helpful guide in ensuring that the Federal government is able to incorporate in a revised bill appropriate protections while at the same time ensuring that the aims of the legislation are able to be achieved.
When the proposed national driver’s licence facial recognition solution is implemented, State and Territory governments will still need to take care to ensure they balance the benefits of use of the solution with ensuring the protection of the privacy of Australians.
The NSW government’s digital strategy had a number of wins in 2019.
The digital driver’s licence successfully concluded two trials and when released to the state as a whole, it had a massive take-up in the first 48 hours.
Service NSW, the single customer service division for the delivery of government services has also made great strides during the year in digitising a number of forms, simplifying processes and reducing the complexity of dealing with government, for example gun licences.
The NSW digital strategy and the Open Data policy has allowed the sharing of government data on over 10,000 datasets and the development of many applications which have been useful to consumers, in particular around transport usage.
NSW has not been dogged by the problems which have persisted at a federal level where de-identified or purportedly de-identified data sets have been released and subsequently been able to be re-identified.
NSW is set to remain at the forefront of digitisation, through the demonstration of significant commitment to preserving privacy. This is led by the NSW Chief Data Scientist Dr Ian Oppermann – one of the leaders in the field of de-identification and the editor of the recent publication “Privacy-Preserving Data Sharing Frameworks – People, Projects, Data and Output” by the Australian Computer Society in December 2019. This publication further provides a forward written by the NSW Minister for Customer Service.
However, this has not always been the case and the introduction of the Opal card – which allowed individuals to be tracked – raised the ire of many. In particular, the then NSW Information and Privacy Commissioner and resulted in a private action being taken by a privacy advocate who initially was successful in the NSW Civil and Administrative Appeals Tribunal (NCAT) in February 2018. It was claimed that Transport for NSW had breached the individual’s privacy and the NSW Privacy and Personal Information Protection Act, but in August 2018 the NCAT Appeal Panel set aside the decision.
All of this change is occurring as the tide of trust in digital platforms appears to be slowly turning and individuals are moving to take back control of both their data and digital personas. NSW appears well-placed to operate in that environment, balancing data sharing and privacy.
Queensland: The DIGITAL1ST strategy
The Queensland Government is seeking to lead the way in digital government as part of its “Digital1st” digital strategy for 2017 to 2021. The government predicts millions of dollars a year in savings through projects such as digital hospitals, use of drone technology to assist in turtle rehabilitation and new technology for emergency services.
The Government is also looking at projects like digital driver’s licences, with a trial of a digital licence app due to be released in the Fraser Coast region in the coming months.
However, with the push to use digital technology comes a number of challenges to ensure that data is used properly and citizens’ privacy is protected. Already there have been challenges in the Government’s digital hospital projects, with concerns that Queensland Health’s integrated electronic medical record software was causing a spike in mislabelling of blood tests.
Following privacy concerns relating to the introduction of My Health Record nationally, the focus is on ensuring these new technologies are used in the right way, without jeopardising patient privacy.
In this light, Queensland’s current privacy regime presents potential concerns. The Information Privacy Act 2009 (Qld) provides a regime that is generally seen to be in need of review and updating, particularly in light of global privacy standards having been lifted to a much higher bar recently through introduction of the European General Data Privacy Regulation (GDPR) and other similar regimes. Notably, the Commonwealth Government’s intention is to amend the Privacy Act 1988 (Cth) to bring in higher penalties more in line with GDPR, even though it was last updated more recently (in 2018) than the Queensland legislation.
However, it should be noted that there has been a potential increase in privacy protection for Queenslanders with the enactment of the Human Rights Act 2019 (Qld), which provides protection from unlawful or arbitrary interference by government with a person’s privacy.
Another key area for government to consider in relation to privacy relates to emerging technologies such as drones. Current regimes are not designed to apply to this type of technology, and leave citizens uncertain as to their rights and obligations in relation to potential invasions of privacy by drones.
A further key question for the government is the emerging area of data ethics – reflecting the increasing focus not on simply “can data be collected and used?”, but on the question of “should data be collected and used?” In the light of a significant drop in trust by consumers generally, prompted by significant data breaches on an almost daily basis, a strong approach on ethical collection of data can be a significant step in restoring that trust.
ePlanning was originally proposed in 2013 as part of the proposal to establish a new planning act in NSW. While the new act never eventuated, in July 2014 the NSW Government made a range of ePlanning tools available and in November 2015 the Environmental Planning and Assessment Act 1979 was amended to give statutory recognition to the NSW planning portal (Portal).
Services that enable users to identify the relevant planning controls that apply to a particular parcel of land have been available since 2015.
Since the middle of 2019, the Department of Planning, Industry and Environment has also made available new services relating to online lodgement, concurrence and referrals.
Since March last year, online lodgement facilities have been available through the Portal. The current functionality which allows for pre-lodgement, lodgement, assessment and determination to be completed online is now being trialed in 22 councils across the State.
The online lodgement service is providing benefits to both applicants and councils. Applicants are no longer required to attend council to lodge an application, application processing times have been reduced and application processes have been streamlined by the removal of some required forms.
Allowing online lodgement through the Portal has resulted in real benefits including improved determination times. It has digitised the application process and enabled efficiencies to internal processes by freeing up resources to be redirected to higher value work and other customer service roles.
Importantly it seems that the business case behind the adoption of electronic systems - that an initial outlay to develop the new systems and integrate them with existing in-house systems - has seen both a time saving for applicants and greater efficiency for council. The experience is that counter staff are being re-deployed to other needs within the organisation.
Concurrence and referrals
Around 15 per cent of development applications need to be referred to state government agencies because the development requires an approval under additional legislation.
The Online Concurrence and Referral system available through the Portal allows councils to refer an application to the relevant agency. This system facilitates applicants to make payments online if required and enables both applicants and councils to track the progress through the relevant agency. Agencies are able to use the system to manage requests.
Although not mandatory the service is being used by some 77 councils and almost all the relevant state government agencies. The system has reduced the processing time of those applications that need referrals by around 20 days, well over the 10-day reduction initially projected.
NSW Government said it will mandate online lodgement
The Premier has recently announced at a meeting of the Committee for Economic Development of Australia that in 2020 reforms will be introduced making ePlanning mandatory for metropolitan councils within the Sydney region. This will include mandating online lodgement for development applications.
The push to facilitate eConstruction through the portal
The recent Parliamentary Inquiry looking at building standards has suggested that building plans should be lodged and made available on the Portal. Certainly the technology stack to deliver those kinds of services are already in place. For a relatively modest additional cost these features could be enhanced to deliver on the NSW Government’s commitments in this area.
The immediate challenges ahead
In order to mandate ePlanning services such as online lodgement, further enhancements are required to improve the functionality and the range of services able to be provided.
To achieve the full integrated functionality conceived of under the ePlanning platform, the existing software vendors need to provide integration points to allow for the exchange of information between their systems and the Portal.
To enable the ongoing reform and development required to facilitate the ePlanning platform long term, a stable funding source will need to be secured. The success of the services available to date, particularly online lodgement, make a good case for long term investment but the NSW Government needs to come out with a funding model to support the system.
A bright future
The success of the Portal is already evident from the high volumes of applications being submitted online, the large numbers of concurrence and referrals, statistics on the use of the Planning Viewer and the adoption of the web services.
It has been a long haul with considerable capital funds having been invested in providing services. The progress of the NSW Government is particularly significant in light of the low and fragmented ICT base it was coming off in 2015. The NSW Government should be commended for its investment and support for the various services.
Potentially by the end of 2020 we will see mandated online lodgement at each of the metropolitan councils, integration into council’s in-house systems, and publication of lodgement data along with existing web map services.
The push to integrate eConstruction will enable public access to not only the planning approvals, but also the construction certificates and occupation certificates required to construct the building.
At that point, NSW will be able to rightly say ePlanning has a bright future and that the promise of the program has been fulfilled.
The rise of electronic transactions
All Australian jurisdictions have Electronic Transaction Acts (ETAs) providing for the use of electronic communications and electronic signatures to sign agreements and to give information for authorities and for other purposes, such as presale disclosure obligations for contracts.
The first ETA was passed by the Commonwealth Government in 1999. The various States and Territories have followed suit and most of them quite soon afterwards. But while the legislation has been around for a while, it is only the last few years that have seen electronic transactions making substantial inroads for property transactions long dominated by the printed document.
What is an electronic transaction?
There are two basic categories:
- the more traditional form where documents are printed, signed and scanned and then emailed or faxed to other parties to create the agreement
- agreements where the contract terms and the signatures are purely electronic. This can be as simple as an email with the printed name of the party placed at the bottom of the email as their signature. There are a number of electronic signing and exchange platforms now provided by technology companies. Perhaps the most commonly used is DocuSign.
It is important to distinguish between the formation of the agreement for the transaction and the performance of the agreement. The classic idea of the smart contract is that it is self-executing when the performance conditions in the contract terms are triggered. You can foresee a development path where at least simple property conveyancing moves to smart contracts formed electronically through a real estate sales platform (using something like DocuSign for the contract exchange) and then automatically executed through an Electronic Conveyancing and Lodgement Network such as PEXA.
What do the Electronic Transactions Acts provide?
The Electronic Transactions Act 1999 (Cth) is the model for the relevant legislation in each other jurisdiction. It relevantly:
- has the object of facilitating and promoting confidence in the use of electronic transactions
- states that for a law of the Commonwealth, a transaction is not invalid because it took place wholly or partly by electronic communications
- validates the provision of information or a document for a law of the Commonwealth if certain conditions are fulfilled
- states the circumstances in which a requirement for a signature can be satisfied in an electronic communication
- specifies the time an electronic communication is taken to be given and to be received
- contains a set of specific rules relating to contracts formed through electronic communications, with a particular focus on the dangers inherent in automated contracting systems
- is subject to various exceptions.
In all cases for communications and transactions between parties, there must be consent to the use of the electronic communication for the purpose.
In all cases for the validly of signatures provided in an electronic communication:
- there must be consent to the use of the electronic communication to provide the signature
- there must be a method to identify the person signing and to show their intention
- the method must be either:
- reliable for those purposes in all the circumstances; or
- subsequently proven to have fulfilled those functions.
There is an old saying that a verbal contract is as good as the paper it is written on. In most areas of commerce that statement is more about the difficulty involved in proving a verbal contract. But for property transactions it has been literally true since the original Statute of Frauds was passed by the English Parliament in 1677.
The essence of the ETA is that a computer file exchanged by email or other electronic means is as good as a paper contract signed and exchanged the old-fashioned way, provided that the computer file includes something clearly intended to be an electronic signature for each party showing they intend to be bound by the contract.
What transactions and documents are excluded?
In most jurisdictions, instruments required for lodgement with a land registry must be originally signed unless the transaction is conducted through an Electronic Lodgement Network in which the relevant instruments are electronically signed and lodged.
In Queensland scanned documents may be lodged electronically for most common dealings, but the original wet-signed document must be held by the practitioner.
In most jurisdictions, a deed must be wet-signed. In NSW, the Conveyancing Act has permitted electronic signed and witnessed deeds since 22 November 2018.
Section 127 of the Corporations Act 2001 is a statutory expression of the indoor management rule and a party can rely on execution by a corporation that is consistent with section 127. The Commonwealth ETA does not apply to the Corporations Act, which means that electronic signatures are arguably not signatures to which s.127 applies. This does not mean that Corporations cannot use electronic transactions. Instead, parties need to ensure that the method of signing used for the transaction is otherwise sufficient. For example, a wet-signed document can be scanned and emailed and s.127 will then apply, though it is important to ensure both signatories for a company sign the same document.
Electronic transactions remain relatively novel and some institutions and law firms still refuse to accept electronic transactions.
In day-to-day practice it is better to profit from the mistakes of others. The cutting edge of legal theory can be an uncomfortable place. Until the various issues are clarified by clear and authoritative court decisions and legislation, discretion is the better part of valour. All organisations should have an electronic signing and transactions policy giving clear guidance to when the organisation will permit the use of electronic signatures and transactions.
Technology in the workplace
Government agencies will increasingly be challenged by the introduction and management of technology designed to offer employers an efficient and accurate means to secure their workplaces, and monitor and record their employees’ time and attendance.
In the past, these technologies have included surveillance cameras, IT monitoring, GPS tracking and mobile phone tracking. These technologies have largely been accepted into the workplace and, in some jurisdictions, are governed by express legislation like the Workplace Surveillance Act 2005 (NSW).
The boundaries are now being tested with new technologies, in particular biometric technology which captures facial, fingerprint and iris scans. How should a government agency deal with these technologies?
One significant concern is the potential misuse of biometric information gathered through such technology. While a password can be easily changed, a record of a fingerprint or iris scan could lead to identify theft and other significant security breaches if the information was stolen.
In addition to the security needed around the storage and use of such biometric information, the more fundamental question relates to privacy.
Jeremy Lee v Superior Wood Pty Ltd
In Jeremy Lee v Superior Wood Pty Ltd  FWCFB 2946 (Lee) the Full Bench of the Fair Work Commission examined the boundaries of an employer’s ability to compel their employees to provide their biometric data in order to comply with sign-in policies that rely on this information.
The finding at first instance in Lee was that a sawmill employee was fairly dismissed because his failure to comply with an Attendance Policy, requiring fingerprint scanning to sign on and off from work, was a valid reason for the dismissal. The Full Bench upheld an appeal by the worker against this finding and reversed it.
The Full Bench found the policy did not form part of the applicant’s employment contract, having come into existence well after he was employed. Therefore, his obligation to comply with it, and thus the validity of his dismissal, “[depended] on whether the direction to do so, using the scanners to sign in and out of work each day, was a reasonable and lawful direction”.
This was found not to be the case as the requirement contravened the Privacy Act by:
- requiring the collection of the applicant’s sensitive information without his consent, contravening Australian Privacy Principle (APP) 3
- failing to properly inform the applicant by not issuing a privacy collection notice, as required by APP 5.
Further, none of the exemptions in the Privacy Act, namely ss 16A and 7B(3), applied to the employer in this case. In particular, s 7B(3), creating an exemption for the use of information held as employee records was confined to presently held information and did not apply to the prospective holding of information. Of course, this exemption does not apply to most government employers.
The subsequent finding that “the direction to Mr Lee to submit to the collection of his fingerprint data, in circumstances where he did not consent to that collection, was not a lawful direction” meant that his failure to comply with it was not a valid reason for his dismissal.
Implications for government agencies
The result in Lee indicates that attempts by employers to implement compulsory tracking or sign-on systems which require the collection of biometric data are likely to come up against a combination of privacy and unfair dismissal laws – that is, the failure to gain the meaningful consent of employees subject to any such system will bring not only the collection of their data, but the direction of employees to provide the data into conflict with the Privacy Act (or the equivalent State or Territory privacy legislation that applies to state or territory government employers). Failure to comply with such a policy will therefore in many circumstances not provide a valid reason for dismissal and this may limit the capacity for employers to compel compliance.
If you are an employer who wishes to impose a requirement for employees and other persons performing work in your workplace to provide biometric data as part of a system to track employees’ time and attendance, you need to do the following:
- give employees written notice of intention to collect data
- use reasonable and lawful means to solicit employee consent to collection.
You will then be better placed to discipline employees who unreasonably withhold their consent.