Here's an uncomfortable truth: Australia spent four years designing a law to break down the walls between government data silos, passed it through parliament in 2022 with considerable fanfare, and has since produced exactly one dataset under it. One. In three years.
A statutory review of the Data Availability and Transparency Act 2022, tabled in parliament this week, delivers a damning verdict on one of the more ambitious pieces of bureaucratic reform the federal government has attempted in recent memory. The review, led by Dr Stephen King, a former Productivity Commission member and professor at Monash University, found the legislation is not merely underperforming. It has fundamental design flaws that have rendered it largely irrelevant to the agencies it was meant to transform.
The sole dataset built under the Act is the National Disability Data Asset (NDDA), a genuinely valuable initiative that links de-identified information about Australians with disability across health, employment, and support services. The eight data-sharing agreements registered under the Act all relate to the NDDA. As the review notes, no other requests for data under the Act have been agreed to. Even the agencies involved in the NDDA project have reportedly flagged plans to stop using the Act to facilitate their data access going forward.
Meanwhile, according to iTnews, data sharing across the federal government is happening — just without the law designed to govern it. A survey of 19 Commonwealth agencies conducted in June 2024 found those agencies held more than 11,000 data-sharing agreements operating outside the Act's framework. Every agency runs its own processes, its own rules, and often its own technical infrastructure. For anyone trying to access government data, that means a different obstacle course at every door.
The review identifies the core problem clearly: data custodians currently hold absolute discretion to refuse requests, including requests for de-identified datasets, without providing a meaningful explanation and without any avenue for appeal. The Act requires custodians to notify applicants of refusal reasons, but the review found this explanation need not actually be informative. There is no right of redress. In practice, agencies can simply say no, and that is that.
The case for reform is not merely bureaucratic tidiness. A 2017 Productivity Commission inquiry estimated the value of Australian public sector data at anywhere between $625 million and $64 billion per year. That range tells you something about how little we actually know about the data we hold. Researchers, universities, not-for-profit organisations, and Aboriginal community-controlled organisations are all potentially locked out of information that could directly improve the services they provide or study. Only eight universities are currently accredited under the scheme, restricting broader academic access considerably.
Strip away the rhetoric and ask the simple question: whose interests does the current system serve? Not researchers. Not service providers. Not the communities whose data governments have collected. The current posture rewards institutional inertia and protects agencies from the scrutiny that genuine data transparency would bring.
That said, the safeguards argument deserves its strongest hearing. Privacy advocates and civil libertarians are not wrong to be cautious about state data consolidation. The history of government data misuse, both here and overseas, is long enough to warrant serious structural protections. Labor's amendments during the bill's passage in 2022 were explicitly aimed at tightening safeguards and limiting scope, and those instincts were not irrational. The challenge is designing a system that protects individuals without handing bureaucracies a veto over the public interest.
The review's recommendations try to thread that needle. It proposes flipping the default: rather than data custodians being able to refuse requests for any reason, the Act should embed a presumption in favour of sharing, with refusals permitted only in defined and reviewable circumstances. It also recommends recalibrating the powers of the National Data Commissioner to provide genuine oversight, and expanding eligibility to include not-for-profit research institutes and Aboriginal community-controlled organisations.
The Act is due to sunset in April 2027 if not reformed. The government has a narrow window to act. Whether it will requires a more optimistic view of Canberra's appetite for genuine structural reform than the last three years have earned.