BFR15 v Minister for Immigration and Border Protection

FEDERAL COURT OF AUSTRALIA

BFR15 v Minister for Immigration and Border Protection

[2018] FCA 1057

Appeal from:	BFR15 v Minister for Immigration [2017] FCCA 1043 AMJ15 v Minister for Immigration [2017] FCCA 1035 BFP15 v Minister for Immigration [2017] FCCA 1048 BIG15 v Minister for Immigration [2017] FCCA 1051
File numbers:	NTD 26 of 2017 NTD 28 of 2017 NTD 32 of 2017 NTD 34 of 2017
Judge:	RARES J
Date of judgment:	15 June 2018
Catchwords:	ADMINISTRATIVE LAW – appeal from Federal Circuit Court decision refusing Constitutional writ relief – unauthorised disclosure on internet by Department of personal information of protection visa applicants in immigration detention – whether primary judge erred in finding no jurisdictional error by Departmental officers in conducting International Treaties Obligation Assessments to assess effect of disclosure on non-refoulement obligations – where officers failed to act on instruction to assume that personal information may have been accessed by authorities in countries where protection visa applicants claimed fear of persecution or harm in accordance with decision in Minister for Immigration and Ethnic Affairs v SZSSJ (2016) 259 CLR 180
Legislation:	Convention against Torture and Other Cruel, Inhuman or Degrading Treatment or Punishment International Covenant on Civil and Political Rights Refugee’s Convention
Cases cited:	AMJ15 v Minister for Immigration [2017] FCCA 1035 BFP15 v Minister for Immigration [2017] FCCA 1048 BFR15 v Minister for Immigration [2017] FCCA 1043 BIG15 v Minister for Immigration [2017] FCCA 1051 Minister for Immigration and Border Protection v SZSSJ (2016) 259 CLR 180 Minister for Immigration and Ethnic Affairs v Wu Shan Liang (1996) 185 CLR 259
Date of hearing:	27 November 2017 (NTD 28 of 2017) 15 June 2018 (NTD 26 of 2017, NTD 28 of 2017, NTD 32 of 2017, NTD 34 of 2017)
Date of orders:	28 June 2018
Registry:	New South Wales
Division:	General Division
National Practice Area:	Administrative and Constitutional Law and Human Rights
Category:	Catchwords
Number of paragraphs:	31
Counsel for the Appellants:	Ms U Okereke-Fisher
Counsel for the Respondents in NTD 26 of 2017, NTD 32 of 2017, NTD 34 of 2017:	Mr C Lenehan
Solicitor for the Respondents in NTD 26 of 2017, NTD 32 of 2017, NTD 34 of 2017:	Australian Government Solicitor
Counsel for the First Respondent in NTD 28 of 2017:	Mr C Lenehan
Solicitor for the First Respondent in NTD 28 of 2017:	Clayton Utz
Counsel for the Second and Third Respondents in NTD 28 of 2017:	The Second and Third Respondents filed a submitting appearance, save as to costs

ORDERS

NTD 26 of 2017
BETWEEN:	BFR15 Appellant
AND:	MINISTER FOR IMMIGRATION AND BORDER PROTECTION First Respondent SECRETARY OF THE DEPARTMENT OF IMMIGRATION AND BORDER PROTECTION Second Respondent THOMAS MARWICK, DEPARTMENT OF IMMIGRATION AND BORDER PROTECTION Third Respondent

JUDGE:	RARES J
DATE OF ORDER:	28 JUNE 2018

THE COURT ORDERS THAT:

1.The appeal be allowed.

2.The orders made by the Federal Circuit Court of Australia on 11 May 2017, including as to costs, be set aside, and in lieu thereof:

THE COURT DECLARES THAT:

1.The International Treaties Obligation Assessment made in relation to the appellant on 23 June 2015 was not made in accordance with law.

THE COURT ORDERS THAT:

2.        The first respondent pay the applicant’s costs.

3.The first respondent pay the appellant’s costs.

Note:    Entry of orders is dealt with in Rule 39.32 of the Federal Court Rules 2011.

ORDERS

NTD 28 of 2017
BETWEEN:	AMJ15 First Appellant AMK15 Second Appellant
AND:	MINISTER FOR IMMIGRATION AND BORDER PROTECTION First Respondent SECRETARY OF THE DEPARTMENT OF IMMIGRATION AND BORDER PROTECTION Second Respondent GREG BREWER, DEPARTMENT OF IMMIGRATION AND BORDER PROTECTION Third Respondent

JUDGE:	RARES J
DATE OF ORDER:	28 JUNE 2018

THE COURT ORDERS THAT:

1.The appeal be allowed.

2.The orders made by the Federal Circuit Court of Australia on 8 May 2017, including as to costs, be set aside, and in lieu thereof:

THE COURT DECLARES THAT:

1.The International Treaties Obligation Assessment made in relation to the appellants on 7 April 2015 was not made in accordance with law.

THE COURT ORDERS THAT:

2.The first respondent pay the applicants’ costs.

3.The first respondent pay the appellants’ costs.

Note:    Entry of orders is dealt with in Rule 39.32 of the Federal Court Rules 2011.

ORDERS

NTD 32 of 2017
BETWEEN:	BFP15 Appellant
AND:	MINISTER FOR IMMIGRATION AND BORDER PROTECTION First Respondent SECRETARY OF THE DEPARTMENT OF IMMIGRATION AND BORDER PROTECTION Second Respondent THOMAS MARWICK, DEPARTMENT OF IMMIGRATION AND BORDER PROTECTION Third Respondent

JUDGE:	RARES J
DATE OF ORDER:	28 JUNE 2018

THE COURT ORDERS THAT:

1.The appeal be allowed.

2.Orders 2 and 3 made by the Federal Circuit Court of Australia on 9 May 2017, including as to costs, be set aside, and in lieu thereof:

THE COURT DECLARES THAT:

1.The International Treaties Obligation Assessment made in relation to the appellant on 24 June 2015 was not made in accordance with law.

THE COURT ORDERS THAT:

2.The first respondent pay the applicant’s costs.

3.The first respondent pay the appellant’s costs.

Note:    Entry of orders is dealt with in Rule 39.32 of the Federal Court Rules 2011.

ORDERS

NTD 34 of 2017
BETWEEN:	BIG15 Appellant
AND:	MINISTER FOR IMMIGRATION AND BORDER PROTECTION First Respondent SECRETARY OF THE DEPARTMENT OF IMMIGRATION AND BORDER PROTECTION Second Respondent THOMAS MARWICK, DEPARTMENT OF IMMIGRATION AND BORDER PROTECTION Third Respondent

JUDGE:	RARES J
DATE OF ORDER:	28 JUNE 2018

THE COURT ORDERS THAT:

1.The appeal be allowed.

2.Orders 2 and 3 made by the Federal Circuit Court of Australia on 11 May 2017, including as to costs, be set aside, and in lieu thereof:

THE COURT DECLARES THAT:

1.The International Treaties Obligation Assessment made in relation to the appellant on 7 July 2015 was not made in accordance with law.

THE COURT ORDERS THAT:

2.The first respondent pay the applicant’s costs.

3.The first respondent pay the appellant’s costs.

Note:    Entry of orders is dealt with in Rule 39.32 of the Federal Court Rules 2011.

REASONS FOR JUDGMENT
(REVISED FROM THE TRANSCRIPT)

RARES J:

1. I caused these four appeals to be listed together.  Originally, each had been listed for hearing in the November 2017 sittings.  On 27 November 2017, I heard argument in AMJ15 and AMK15’s case (collectively AMJ15).  In each appeal, the appellant sought relief in respect of an unfavourable conclusion in the International Treaties Obligations Assessment (ITOA) that an assessor had reached in respect of the impact on the respective appellant(s) of what is colloquially termed the “data breach”.  The data breach referred to the publication on the Minister’s Department’s website for about two weeks in February 2014, of the names of 9,258 persons in immigration detention on 31 January 2014 who had claimed to be entitled to protection visas and certain of their personal details.

2. Following the discovery of the data breach, the Department undertook to conduct an ITOA assessment in respect of each of the 9,258 detainees affected.  In the event, the Department informed each detainee that the assessor conducting his or her ITOA would be instructed to assume that the authorities in his or her receiving country may have accessed his or her personal information comprised in the publication in the data breach (the assumption).  The background to the data breach is set out in the reasons of French CJ, Kiefel, Bell, Gageler, Keane, Nettle and Gordon JJ in Minister for Immigration and Border Protection v SZSSJ (2016) 259 CLR 180.

3. During the course of that hearing, having pre-read the appeal papers in the other three matters, I raised with counsel for the parties the question whether the assessor in each of the appeals had applied the assumption in the way in which the High Court in SZSSJ 259 CLR at 209 [91] had found that it should have been applied. That is now the issue in these four appeals.

4. The High Court held that the assumption obviated the need to provide any detainee with more detailed information about what access had occurred to his or her personal information in consequence of the data breach.  Crucially, their Honours held (SZSSJ 259 CLR at 208-209 [90]-[92]):

   90The assumption made in the ITOA process that their personal information may have been accessed by authorities in Bangladesh and China removed from the scope of factual inquiry any question of precisely who accessed their personal information as a result of the Data Breach. The assumption was sensible because the true extent of access to the personal information of each affected applicant must in practical terms have been unknowable. Once downloaded from the Department’s website, the document containing the personal information of the 9,258 visa applicants could have been forwarded to and interrogated by anyone, anywhere and at any time. Attempting to make a finding about precisely who had obtained access to the personal information of any one of them, and when, might be expected to have been a hopeless endeavour.

   91Sensibly interpreted and applied in the context of making an assessment of whether the Data Breach engaged Australia’s non-refoulement obligations with respect to them, the assumption was not simply that some of their personal information might have been accessed by some authorities. The assumption was rather that all of their personal information had been accessed by all of the persons or entities from whom they feared persecution or other relevant harm. That is how the assumption was in fact interpreted and applied by the officer who conducted SZTZI’s ITOA and how it could reasonably be expected to be interpreted and applied in the conduct of SZSSJ’s ITOA.

   92SZSSJ and SZTZI were not deprived of any opportunity to submit evidence or to make submissions relevant to the subject matter of the ITOA process as a result of not having such further information as might be inferred to have been contained in the unabridged version of the KPMG report. Exactly how and why the Data Breach occurred was simply not relevant to the question of whether one or more of Australia’s non-refoulement obligations were engaged in respect of them. And irrespective of what the unabridged KPMG report might have to say about the identities of the 104 IP addresses from which the document had been accessed during the fourteen day period of the Data Breach, the fact would remain that once the document was downloaded the personal information of SZSSJ and SZTZI could have been accessed by anyone. Even if the unabridged KPMG report might have allowed SZSSJ and SZTZI to prove by reference to the report that one or more of those IP addresses were associated with persons or entities from whom they feared harm, that proof would advance their cases for engagement of Australia’s non-refoulement obligations no further than the assumption already made in their favour.  (emphasis added)

   Background

5. Relevantly, each appellant was a citizen of the People’s Republic of China.  Each had been unsuccessful in the Refugee Review Tribunal in seeking protection visas, and each was in immigration detention at the time at which the data breach occurred.

6. For present purposes, the following is the procedural history for each appellant.  On about 12 March 2014, the Secretary of the Department wrote informing the appellant of the occurrence of the data breach in respect of protection visa applicants who were in immigration detention on 31 January 2014.  It apologised that the appellant’s personal information had been made accessible.  The letter stated that it had been possible for persons to access the appellant’s name, date of birth, nationality, gender, details about his or her detention, including when the person had been detained, the reason for the detention and where, and whether he or she had other family members in detention.  The letter stated that the information disclosed did not include the person’s address or former address, phone numbers, contact or other information about any protection claims that he or she or any other person may have made, or about the detainee’s state of health.  The letter promised that the Department would assess any implications for the individual personally as part of its normal processes, and invited each person to raise any concerns during those processes.

7. On 14 July 2014, or thereabouts, an officer of the Department wrote to each of the affected detainees inviting him or her to provide information in writing about concerns the person might have relating to the impact of the data breach on the person’s ability to return to his or her home country or country of usual residence.

8. In about August 2014, each of the appellants sent a standard form response to the Department that said:

   There is no way of knowing from whom I could face a real risk of harm as it may go well beyond the authorities in my home country, including foreign security and intelligence agencies, terrorist organisations and criminal syndicates.  In addition, the Human Resources Sections of companies and public service departments would also have access to the information and would undermine my ability to find employment.  Foreign governments may use this information as a reason not to grant visas for me [to travel]…  (emphasis added)

   The second sentence in the above passage (that I have emphasised) is of importance here for the purposes of these appeals.

9. As the Department’s processes developed, it determined that each person affected by the data breach would be assessed under an ITOA process which began on about 14 January 2015.  The purpose of the ITOA was to consider whether the circumstances of each person’s case engaged Australia’s non-refoulement obligations under the Refugee’s Convention, the Convention against Torture and Other Cruel, Inhuman or Degrading Treatment or Punishment, or the International Covenant on Civil and Political Rights and its second optional protocol.

10. Subsequently, the Department sent two letters to the affected detainees. The first informed each appellant of the ITOA process and provided him or her with the opportunity to comment on information relevant to that process and on adverse inferences that the assessor could draw (the adverse inferences letter).  The second letter included an attachment containing country information and also set out matters of concern relating to each individual.  Each letter to the appellants included references to the following country information:

    ·a 2006 report by the Austrian Centre for Country of Origin and Asylum Research Documentation that stated that Chinese authorities were not concerned about persons who had applied for political asylum in foreign countries, because those authorities expected that the persons had left China for economic reasons;

    ·reports from the Department of Foreign Affairs and Trade (DFAT) made in March 2007 and June 2012.  The March 2007 report stated:

    Our impression is that these days Chinese authorities view seeking to remain in Australia through a protection application as more commonplace behaviour rather than a sign of political disloyalty.

    ·the June 2012 report stated that the Embassy in Beijing had advised that it was aware that some failed asylum seekers who had returned from Australia had only had short interviews upon return that primarily dealt with why they had returned to China on an entry permit rather than on an ordinary passport;  and

    ·the appellant’s immigration history in Australia, including a summary of his or her claims for protection and any findings of the Tribunal in respect of which there had been no finding of any legal error by any court.  It suggested that the evidence before the Department appeared to indicate that each appellant, first, had not been a person of interest to the Chinese authorities prior to his or her departure from China and, secondly, did not have an adverse profile with the Chinese authorities that potentially could expose him or her to a real chance of serious harm or real risk of significant harm on return to China.

11. The letter concluded by inviting the persons to comment or respond.  None of the appellants did.

12. However, in AMJ15’s case there were two differences in the country information referred to in his adverse inferences letter and ITOA assessment, namely:

    ·the country information included two additional DFAT reports, one dated September 2006 and the second dated April 2011 namely:

    In September 2006, DFAT provided the following advice on the return of failed asylum seekers:

    It is not possible to comment definitively on how Chinese authorities would treat returnees to China who were failed asylum seekers. It would be very likely that Chinese authorities would interview them and might keep them under surveillance and detain them for a short period. Any further action would depend on the circumstances of the individual cases. Authorities maintain a dossier on every PRC citizen and we would expect authorities would record the person’s failed asylum attempt in this file. This conceivably could impede the person’s attempts to obtain employment (particularly government employment) or engage in further education.

    In April 2011, DFAT advised that the situation outlined in the information (CX161676) remains the same. DFAT confirmed that the post does not have any further update on the treatment of failed asylum seekers by the Chinese authorities.  (emphasis added, footnotes omitted)

    The ITOA Assessments

13. Each appellant received an ITOA assessment that found that Australia did not owe him or her non-refoulement obligations.  The assessment recited the history of the appellant’s circumstances, the country information and made the adverse inferences that had been put to him or her in the adverse inferences letter.

14. Each ITOA assessment dealt with the respective appellant’s claim about the consequence that human resources sections of companies and public service departments would have access to the data breach information substantially as in the following passage from BFR15’s ITOA (save that, first, in the second paragraph each ITOA made findings about each individual appellants’ occupation, skills and training, being that of a person of a similar (but different) skill and training level as BFR15 and, secondly, the sentence I have put in italics appeared in each ITOA except that for AMJ15):

    As noted above, in the departmental letter dated 01/05/2015, it was put to the claimant that there is no evidence to establish that Human Resource sections of private and public sector departments would take radical steps to source the information publicly disclosed on the department’s website so as to limit his ability to source and secure employment on return to China. The claimant failed to provide a response to this inference.

    It is noted from the information provided by the claimant to the department that he has been working as a dry liner (gyprocker) in Australia. There is no evidence before the department to indicate that the claimant has any formal qualifications as a dry liner (gyprocker). Nor is there any evidence before the department to indicate that he is qualified or trained in any other profession. Given his lack of formal qualifications and high-level employable skills, I consider it implausible that the organisations where the claimant would seek employment on return to China, would seek to check the information that was published on the department’s website in February 2014 and use it as a motive to refuse his employment. Furthermore, it is noted that the information published on the department’s website in February 2014 has been removed and is no longer publicly available.

    The trial judge’s reasons

1. The trial judge was the same in each of the four appeals.  He found that, on a fair reading of the ITOA decision, the assessor had not rejected the assumption but had found that BFR15’s personal information would not be used by the persons from whom he feared harm (BFR15 v Minister for Immigration [2017] FCCA 1043 at [12]-[13]). His Honour accepted the submissions of the Minister that the assessor’s reasons conveyed a finding that the information would not be used to target him or deny him employment, on the basis that BFR15 was of no interest to the potential employers.

2. In BFP15 v Minister for Immigration [2017] FCCA 1048 at [10], his Honour found that BFP15’s circumstances were “not dissimilar” to those of SZSSJ’s co-appellant, SZTZI (see 259 CLR at 209 [91]), and that the High Court’s decision “effectively disposes of the claim set out in the application” that BFP15 had been denied procedural fairness in respect of the way in which the assumption had been applied.

3. In BIG15 v Minister for Immigration [2017] FCCA 1051 at [9], his Honour dismissed the procedural fairness ground on the basis of the High Court’s decision. And, in AMJ15 v Minister for Immigration [2017] FCCA 1035, his Honour found that he was bound by the High Court’s decision and then held that there had been no denial of procedural fairness.

   The issue

4. The issue in the appeals is whether the assessor failed to apply and act on the assumption that the High Court identified (in SZSSJ 259 CLR at 209 [91]) when the assessor wrote that he considered it to be implausible that the organisations with which the relevant appellant would seek employment on return to China, would seek to check the information published about him or her in the data breach and use it as a motive to refuse that person employment. In other words, did the assessor err in failing to apply the assumption in conducting the ITOA by assuming that the human resources sections of private and public sector departments “would [not] take radical steps” to source information about the appellant from the data breach so as to limit his or her ability to source and secure employment?

   The Minister’s submissions

5. The Minister argued that the assessor’s use of the word “implausible” (in the passage set out at [14] above) read in its context was a finding that if, and when, the appellant presented himself or herself for consideration for employment, it was highly unlikely or speculative that the person considering that application would access the data breach information concerning the appellant and then use it to refuse him or her employment. The Minister contended that the assessor’s reasons did not indicate that he had not made the assumption promised as part of the ITOA review, namely that potential employers may have had access to the data breach information.  He submitted that the way in which the assessor expressed his reasons demonstrated that the assessor had assumed that the information would be able to be accessed by the potential employer when the appellant wished to seek employment, but that even though it would be so available, any employer would not use the information in the manner that the appellant feared.  The Minister argued that was a factual finding that was open to the assessor consistently with the assumption that the Department had told the appellants would be made in conducting the assessment.  He contended that the assessor’s reasoning could be readily understood as a conclusion as to the likely use that would be made of the appellant’s personal information based on the evidence concerning the particular circumstances of the relevant appellant.  The Minister submitted that the reasons did not support a conclusion that the assessor had departed from the assumption, that he had been directed to make, regarding access to, or the capacity to access, the information, particularly having regard to the assessor’s acknowledgement that he had been given that instruction.

6. The Minister also argued that the 2006 DFAT advice, to which the assessor referred in AMJ15’s ITOA, properly read, conveyed that the dossier on every Chinese citizen that Chinese authorities maintained about relevantly, AMJ15, conceivably could, but need not necessarily, be used to impede that person’s employment.

   Consideration

7. In Minister for Immigration and Ethnic Affairs v Wu Shan Liang (1996) 185 CLR 259 at 272 Brennan CJ, Toohey, McHugh and Gummow JJ said:

   the reasons of an administrative decision-maker are meant to inform and not to be scrutinised upon over-zealous judicial review by seeking to discern whether some inadequacy may be gleaned from the way in which the reasons are expressed. In the present context, any court reviewing a decision upon refugee status must beware of turning a review of the reasons of the decision-maker upon proper principles into a reconsideration of the merits of the decision.  (footnote omitted)

8. Nonetheless, I am of opinion that the way in which the reasons in each ITOA are expressed indicates that the assessor ignored the High Court’s interpretation of the assumption he had been directed to make.  That is because, the High Court in SZSSJ 259 CLR at 209 [91] held that sensibly interpreted and applied the assumption required the assessor to assume that “all of their personal information had been accessed by all of the persons or entities from whom they feared persecution or other relevant harm”. The High Court explained (at 259 CLR 209 [90]) that that sensible interpretation of the assumption was necessary because it would be a hopeless endeavour to attempt to make a finding about precisely who had obtained access to the personal information of any of 9,258 persons affected by the data breach.

9. As their Honours explained, the substantive benefit of interpreting the assumption in the plenary way in which they did, would ensure that the assessor could consider Australian’s

   
   

   non-refoulement obligations in respect of each individual affected by the data breach on the basis that every person or entity from whom he or she feared harm, in fact, had accessed that information.  In that context, an assessment could be made on the basis the person or entities from whom that individual feared harm would have accessed the particular information revealed by the data breach about the individual so that the assessor could evaluate whether the person or entity would have acted in the way that the appellant feared, arrived with the information about the detainee revealed by that access, as opposed to in some other way.

10. In these four appeals, the assessor never approached a consideration of whether the potential employer in China would know the personal information revealed in the data breach, when considering whether or not to employ the relevant appellant in whatever role he or she sought, in order to assess how that knowledge would have affected the appellant’s employment prospects.  Rather, the assessor eschewed that task saying that it would be “implausible” that a person or entity considering the relevant appellant for employment would bother to make him or herself familiar with the circumstances or to look for what might be known from the data breach about the appellant, and then use that information as a reason not to employ him or her.

11. In my opinion, that reasoning is contrary to how the High Court said that the assessor should have applied the assumption.

12. As I have noted, there are two features that distinguish AMJ15’s appeal from those of the other three appeals, namely, the 2006 DFAT advice, that was before the assessor and absence of the additional italicised sentence in the reasons (see [14] above).  I accept the Minister’s argument that the 2006 DFAT advice (as confirmed in the 2011 DFAT advice) said that information in the dossier on each person kept by the Chinese authorities conceivably could, but not necessarily would, impede the person’s attempts to obtain employment, but this was not necessarily the case.

13. Once again, the assumption that AMJ15’s personal details would be accessed by Chinese authorities when he sought employment, at least, in the public sector because this information would be on his file, meant that it was conceivable that they could use the information against him.  I do not regard the absence of the italicised sentence in AMJ15’s ITOA assessment as affecting my conclusion that his assessor did not carry out the ITOA in accordance with the assumption.

14. Accordingly, it is difficult to understand the assessor’s finding of implausibility given that, at least for public sector employment, AMJ15’s dossier would have been accessed, to seek employment and his personal information released in the data breach would have been recorded in that dossier. In the three ITOA’s other than AMJ15’s, the assessor emphasised in the additional sentence to his reasons (set out at [14] above) that the information in the data breach had been removed from the Department’s website and was no longer publicly available. The assessor’s use of that sentence demonstrated that he was reasoning on the basis that the persons from whom the appellants feared harm would not access the data breach information at all.

15. Each assessor reasoned to his finding of implausibility in a way that denied the operation of the assumption that the High Court said was the sensible interpretation and application of it.  It follows that each assessor made a jurisdictional error in failing to conduct each ITOA in accordance with the assumption as explained by the High Court.

16. For these reasons, in my opinion, the trial judge misunderstood what the High Court decided and how each assessor failed to apply the assumption properly, indeed at all, in conducting the ITOA.

    Conclusion

17. The appeals must be allowed with costs and the decisions of the trial judge must be set aside.  I will direct the parties to prepare appropriate orders to give effect to these reasons.

I certify that the preceding thirty-one (31) numbered paragraphs are a true copy of the Reasons for Judgment herein of the Honourable Justice Rares.

Associate:        
Dated:             12 July 2018