Gov agencies must allow investigator access to IT systems under robodebt bill

Government agencies could be compelled to allow independent investigators access to their IT systems and devices under a bill designed to prevent a future robodebt scandal.

Introduced Thursday, the Oversight Legislation Amendment [pdf] attempts to grant Commonwealth Ombudsman investigators more powers to access agency documents and records, with the proposal making specific reference to “by remote means”.

Remote access specifies "access by any means that does not require being physically present at the premises”.

Examples of access include user account and password or by a device such as a laptop “provided to the authorised person for the purpose of accessing systems other than while physically on premises”.

The new proposals are “intended to modernise the information-gathering powers of the Ombudsman", ensuring it has the power to investigate in line with “contemporary practices”.

It imposes a statutory duty on the public service to assist investigators and makes it an offence to withhold “reasonable” facilities and assistance from the Ombudsman.

However, this will not apply if there is an "unacceptable risk to the security of any of the documents or other records held in electronic form".

According to Attorney-General Mark Dreyfus, the amendments are supported by $2.3 million over four years from 2023-2024, and $700,000 ongoing, which will be used to build capacity in the Ombudsman’s complaints team.

“The Royal Commission found that some officials and agencies engaged in behaviour designed to mislead the Ombudsman and impede their investigation into the Robodebt Scheme," Dreyfus said in a statement.

“The bill will ensure this can never happen again.”

Process deficiencies 

Robodebt was a highly criticised program of automating Centrelink debt recovery between 2015 and 2019.

The scheme automatically raised incorrect debts against welfare recipients with insufficient human oversight.

It is estimated to have raised more than $1.7 billion in debts.

In November 2020, the government reached a $1.8 billion settlement that was approved by the court a year later.

In 2023, the Royal Commission released a damning report into the scheme and investigation that - among other findings - described public servants as engaging “in behaviour designed to mislead and impede the Ombudsman”. [pdf]

The report also called out “deficiencies” in the Ombudsman’s processes, “diluting the effectiveness of the investigation”.

The commission noted that while the federal Auditor-General had the power “to directly access the IT systems of agencies”, the Ombudsman did not.

The report described how current Commonwealth Ombudsman Iain Anderson considered “obtain[ing] specialist services to ‘actually trawl through agency IT systems to be able to locate documents or to … double-check whether the agencies' had provided the documents.”

However, the commission noted that powers were not required if an agency “participated in good faith”.

The commission recommended that a statutory duty be imposed on departmental secretaries and agency chief executive officers “to ensure that their department or agency use its best endeavours to assist the Ombudsman in any investigation concerning it”.

Gov agencies must allow investigator access to IT systems under robodebt bill

Gov agencies must allow investigator access to IT systems under robodebt bill

Gov agencies must allow investigator access to IT systems under robodebt bill

Gov agencies must allow investigator access to IT systems under robodebt bill

Gov agencies must allow investigator access to IT systems under robodebt bill