Australian Government agencies have been urged to enhance their information governance practices, particularly regarding the use of messaging apps, according to a recently released report from the Australian Information Commissioner, Elizabeth Tydd.
The report stemmed from a review involving 22 agencies and highlighted that while messaging apps are widely used within the Australian Public Service, many agencies lack the necessary policies and procedures to meet legislative obligations. “While the technology being used to conduct government business is evolving, the need for agencies to equip staff to uphold legislative obligations remains,” Tydd remarked, underlining the importance of transparency and accountability in modern governance.
The findings of the review revealed that 16 of the 22 agencies allowed the use of messaging apps, with three prohibiting their use and another three lacking a definitive stance on the matter. Among those that permitted messaging apps, there was a notable preference for Signal, with 12 agencies endorsing or encouraging its use, and one additional agency also approving WhatsApp.
Despite the prevalence of these communication tools, only half of the agencies had established policies governing their use for work purposes. Furthermore, these policies often failed to address crucial areas such as freedom of information (FOI), privacy, and other legislative obligations.
This report represents the first of its kind prepared for the Attorney-General under the provisions of the Australian Information Commissioner Act 2010, underscoring the Commissioner’s role in providing a comprehensive overview of information governance for government agencies. Tydd emphasised the importance of improving information governance to secure government information as a “national resource and a source of truth and accountability for the Australian community”.
The report included contributions from the National Archives of Australia, marking a co-regulatory approach that aims to enhance understanding of how messaging apps are employed and the challenges they present in record management. National Archives’ Director-General, Simon Froude, acknowledged the significance of the findings, stating that they would aid in developing guidance for agencies regarding the management of Commonwealth records.
The Office of the Australian Information Commissioner (OAIC) has pledged to continue collaboration with National Archives to assist agencies in comprehending their responsibilities related to recordkeeping, FOI, and privacy when utilising messaging apps. A follow-up assessment is planned in two years to gauge developments in the utilisation of these communication tools within government operations.
The Commissioner has outlined four key recommendations for government agencies:
1. Agencies should review existing policies or develop a policy to clearly set out whether or not they permit the use of messaging apps for work purposes.
2. Agencies that permit the use of messaging apps should establish policies and procedures that adequately address information management, FOI, privacy, and security considerations.
3. Agencies should evaluate the features of messaging apps required to support official work and conduct due diligence on selected apps.
4. Agencies that permit messaging apps should ensure that any preferred APP collects and handles personal information appropriately, possibly through a privacy threshold assessment.
The report aims to offer guidance to agencies on the responsible use of messaging apps, which are defined as mobile-based messaging applications like WhatsApp, Signal, Facebook Messenger, and Telegram. With many of these platforms allowing for the transmission of ephemeral messages, the need for clear governance becomes increasingly crucial in maintaining the integrity of government communications.
