Re Meschino and Centrelink

CATCHWORDS – FREEDOM OF INFORMATION – refusal of access to documents – whether disclosure of computer file access report would or could reasonably be expected to have a substantial adverse effect on the proper and efficient conduct of the operation of the agency – whether disclosure would or could reasonably be expected to have a substantial adverse effect on the conduct by or on behalf of an agency of industrial relations – whether disclosure in the public interest – decision affirmed. 

Freedom of Information Act 1982 ss. 4, 11, 12, 13, 24, 24A, 40 and 43
Privacy Act 1988
Commonwealth Services Delivery Act 1997 ss. 6 and 8
Social Security Act 1991
Social Security (Administration) Act 1999 s. 204(1)
Attorney-General's Department v Cockcroft (1986) 64 ALR 97
Re Bayliss and Department of Health and Family Services (AAT 12277, 10 October, 1997)
Re Connolly and Department of Finance (1994) 34 ALD 655
Re James and Australian National University (1984) 2 AAR 327
Searle Australia Pty Ltd v Public Interest Advocacy Centre and Another (1992) 16 AAR 28
Dykstra and Secretary, Department of Family and Community Services [2002] AATA 422

DECISION AND REASONS FOR DECISION [2002] AATA 627

ADMINISTRATIVE APPEALS TRIBUNAL     )          
  )          S2000/414
GENERAL ADMINISTRATIVE DIVISION     )          

ReCARLO MESCHINO

Applicant

AndCENTRELINK

Respondent

DECISION

Tribunal:                   Miss S A Forgie (Deputy President)
Date:  25 July, 2002
Place:  Adelaide

Decision:The Tribunal affirms the decision of the respondent dated 5 October, 2000.

S A FORGIE
  Deputy President

REASONS FOR DECISION

On 25 October, 2000, the applicant, Mr Carlo Meschino, applied for review of a decision dated 5 October, 2000 made by a delegate of the Chief Executive Officer of the respondent, Centrelink, affirming an earlier decision made on 6 September, 2000 as varied on 20 September, 2000.  The initial decision was made in response to his request for access to certain documents dated 27 July, 2000.  That decision refused Mr Meschino access to three categories of documents: letters addressed to Mr Meschino; Newstart applications lodged by Mr Meschino; and a CRAM Report.  Subsequently, the delegate gave access to the first category of documents being the letters addressed to Mr Meschino.  Mr Meschino was also given access to his Newstart applications.  Consequently, the only document under consideration in this case was the CRAM Report. 

1. Mr Meschino represented himself at the hearing and Mr Underwood represented Centrelink. The documents lodged pursuant to s. 37 of the Administrative Appeals Tribunal Act 1975 ("T documents") were admitted in evidence together with a statement by Ms Joan Savic, material relating to the Commonwealth Public Sector Union ("CPSU") and Mr Meschino's Statement of Facts and Contentions with attachments.  Oral evidence was given by Ms Savic in support of Centrelink's case.

THE ISSUE

1. The issue in this case is whether the CRAM Report is exempt pursuant to s. 40 of the Freedom of Information Act 1982 ("FOI Act"). That raises two subsidiary issues. The first is whether its disclosure under the Act would, or could reasonably be expected to have a substantial adverse effect on the proper and efficient conduct of the operations of an agency within the meaning of s. 40(1)(d) or on the conduct by or on behalf of Centrelink of industrial relations within the meaning of s. 40(1)(e).  If its disclosure could be expected to have that effect, the second is whether its disclosure under the Act would, on balance, be in the public interest.

LEGISLATIVE FRAMEWORK

1. Section 11(1) of the FOI Act provides that:

"Subject to this Act, every person has a legally enforceable right to obtain access in accordance with this Act to:

(a)a document of an agency, other than an exempt document; or

(b)an official document of a Minister, other than an exempt document."

1. It is clear from the terms in which the right is couched that it is a qualified right.  The first qualification is that it is a right to have access to a "document of an agency" or to "an official document of a Minister".  In so far as an agency is concerned, that means that the right is access to a document in the possession of the agency (s. 4(1)).  The word "document" is defined in very broad terms:

"(a)   any of, or any part of any of, the following things:

(i)any paper or other material on which there is writing;

(ii)a map, plan, drawing or photograph;

(iii)any paper or other material on which there are marks, figures, symbols or perforations having a meaning for persons qualified to interpret them;

(iv)any article or material from which sounds, images or writings are capable of being reproduced with or without the aid of any other article or device;

(v)any article on which information has been stored or recorded, either mechanically electronically;

(vi)any other record of information; or

(b)any copy, reproduction or duplicate of such a thing; or

(c)any part of such a copy, reproduction or duplicate;

but does not include:

(d)library material maintained for reference purposes; or

(e)Cabinet notebooks" (s. 4(1))

The terms of the definition are broad enough to encompass within them records kept on paper and in electronic form such as in e-mail records or in documents kept in electronic form.  They are broad enough to encompass the CRAM Report.

1. The words "Subject to this Act" appear in s. 11 for a person's right is qualified by other provisions of the FOI Act. Those sections include ss. 12 and 13 (excluding access to certain categories of documents), 24 (permitting certain workload factors to be taken into account in refusing a request) and 24A (permitting a request to be refused if a requested document cannot be found or does not exist).  None is relevant in this case.  Apart from these qualifications, s. 11 is explicit in its terms that the right of access is not to every document of an agency.  It is only to every document in the possession of that agency that is not an "exempt document".  In so far as an agency is concerned, an "exempt document" is a document that is exempt by virtue of a provision of Part IV of the FOI Act (s. 4(1)). 

1. Only one section in Part IV is relevant and that is s. 40.  Four exemption provisions in that section are relevant:

"Subject to subsection (2), a document is an exempt document if its disclosure under this Act would, or could reasonably be expected to:

(a)prejudice the effectiveness of procedures or methods for the conduct of tests, examinations or audits by an agency;

(b)…

(c)have a substantial adverse effect on the management or assessment of personnel by the Commonwealth or by an agency;

(d)have a substantial adverse effect on the proper and efficient conduct of the operations of an agency;

(e)have a substantial adverse effect on the conduct by or on behalf of the Commonwealth or an agency of industrial relations."

Section 40(2) adds a rider to the exemption created by s. 40(1). Its effect is that a document that would otherwise be exempt under s. 40(1) is not exempt if its disclosure would, on balance, be in the public interest.

THE EVIDENCE

1. Ms Joan Savic is an Assistant Manager in Centrelink's Privacy and Information Access Team, which is part of its National Support Office in Canberra.  In that position, she has responsibility for overseeing policy issues relating to privacy and FOI.  From 1993 until 1995, Ms Savic was Assistant Manager of a customer service centre.  In that position, she had responsibility for various team leaders who were, in turn, responsible for the payment of pensions.  In addition, she was responsible for issues relating to the welfare of the staff in the centre.

1. Ms Savic said that she was aware that CRAM Reports had been released in the past but said that they should not be released because they had an audit function in Centrelink and because there are concerns about the safety of Centrelink's staff.  In relation to the audit function, Ms Savic said that a system, known as CRAM, was developed to interrogate the audit log of Centrelink's computer so that those gaining access to Centrelink's computer could be identified.  Identification of those gaining access was considered necessary to ensure that personal information held on the computer was kept secure and protected against unauthorised access, modification, use and/or disclosure.  That is in accordance with Privacy Principle 4 in the Privacy Act 1988.  Identification is also necessary to identify unauthorised access to detect and prevent fraudulent activity whether that activity is initiated by the staff or whether that activity is initiated by others but with the complicity of the staff.  CRAM Reports were created specifically for audit purposes access.  Access to Centrelink's computer has been logged since February, 1994.  Records of each access to the computer system are maintained with other information on data tapes.  The access is recorded by reference to the user's identification code.  If a CRAM Report were released, she said, it could identify extraordinary access of records by fraud or compliance investigators and so could lead to a change in the behaviour of either the customer or the staff member.  Extraordinary access could be identified by the aspects of the screen to which access had been obtained.  Investigators tended to check particular aspects and a person who knew of those aspects could change their behaviour to such an extent that any investigation into apparent extraordinary access to information held on the computer would be compromised. 

1. In her oral evidence, Ms Savic said that CRAM's existence is publicised because it is used to protect customer privacy and to build the customers' confidence in Centrelink.  It is also used as one means of proving a staff member's guilt or innocence when he or she is alleged to have misused information on the system.  CRAM Reports are constantly run by the investigation team in order to check for fraudulent behaviour.  In her oral evidence, Ms Savic said that release of a CRAM Report would compromise the investigations because access to it could identify monitoring activity that had occurred.  With that knowledge, a person who wants to behave fraudulently may adapt his or her behaviour. 

1. Ms Savic said that, in developing its policy in relation to the CRAM system, Centrelink had consulted with the CPSU.  The CPSU had written to Centrelink stating:

"I have no doubt whatsoever that providing CRAM reports to customers which identified all employees who may have accessed the customer's record would result in significant industrial issues.  The CPSU is especially sensitive to any matters which could impact on customer aggression and OH&S issues.  There would be a serious concern that the information available could result in staff being harassed in the workplace or even at home should the customer use the information to identify individuals through entries in telephone books.  It must also be borne in mind that the way Centrelink operates means that customers and staff are commonly from the same community and in many instances these communities are small, adding to the risk of harassment, whether it was benign or malevolent.  Such activity would be seen to be contributing to customer aggression and/or increased stress levels in the workplace.  The experiences of ATO and other agencies clearly demonstrate that the release of such information would generate increases in enquiry levels as customers contact employees to query their accesses to the customer's record.  Additionally, those experiences demonstrate the CPSU's view as to its significance as an industrial issue.  The fact that similar issues have already been raised by the CPSU with other agencies and the success the CPSU has had in protecting its members for releasing such information adds to the certainty that the CPSU would pursue the issue with vigour.  It would be my strong recommendation that CRAM reports not be released to customers." (Exhibit 2, paragraph 4)

1. Ms Savic said that staff security is compromised by the release of the CRAM report whether or not staff identifiers are removed.  Both staff and customers need to be protected.  With regard to staff identifiers, a flyer from the CPSU dated 27 October, 1999 advised that the CPSU had written to Centrelink to oppose its requiring decision-makers to be identified by their full names when written notification of the decisions is given to those affected by them.  The CPSU expressed its concerns about the safety of Centrelink's staff as release of their names meant that they were too easily identifiable out of hours (Exhibit 3).  The Secretary of the Community Services Section of the CPSU repeated the same sentiment in a letter to Centrelink dated 2 December, 1999 (Exhibit 3).  In a bulletin dated 31 October, 2001 advising its members that Centrelink staff did not need to use their full names, the CPSU noted that non-disclosure was necessary because:

"Members were concerned about their safety and reported instances where angry customers had contacted them at home, were waiting in their driveway for them when they got home from work and received threats to their safety and well being.  Members in compliance often send letters requesting payment of overdue accounts which aren't always well received by Centrelink customers." (Exhibit 3)

1. In her oral evidence, Ms Savic said that she was aware from anecdotal evidenced that staff in the office in which she now works had declined to work on certain claims because they feared harassment from the claimant.  Anecdotal evidence also suggested that staff members had been faced at home by angry claimants against whom an overpayment had been raised.  Some staff members had adopted pseudonyms to address the problem.  Centrelink does not issue copies of its telephone lists.  Staff members wear name badges but are given the option of using their first names or their first and last names.  On the computer, there is a tab that hides the surname of the staff member.  Within Centrelink, CRAM Reports are closely protected.  Fewer than 120 officers in Centrelink have permission to print them and they are securely stored.  If unauthorised use is revealed, a copy of the relevant CRAM Report would be maintained in a file together with any witness statements and letters of complaint.  The file is kept for 18 months if the complaint is substantiated.  The complainant is advised of the outcome in writing and advised to approach the Privacy Commissioner if he or she is not happy with Centrelink's response to the complaint.  The complainant is not advised of any action taken against the staff member who has made the unauthorised use as that would be a breach of the staff member's privacy, Ms Savic said.

1. In cross-examination, Ms Savic denied Mr Meschino's suggestion that access to CRAM Reports is refused in order to protect staff of Centrelink.  They are part of a process designed to ensure that the information held on Centrelink's  computer is used legitimately.  The information is not kept on any one file in the computer but relates to access to information held on all files in the computer system.  If a person asks for a CRAM Report, it is Centrelink's usual practice to ask that person whether he or she has concerns about those who may have had access to his or her files.  If he or she does have concerns, Centrelink is happy to investigate them and advises the person of the outcome of that investigation. 

CONSIDERATION

1. Mr Meschino said that he had stumbled across the existence of CRAM Reports as he had not found any reference to them in Centrelink's pamphlets.  He said that he had experienced problems with Centrelink's investigating his complaints over the previous five years.  Were he able to see a CRAM Report, he would be able to see that something had been done with reference to his complaint.  It would enlighten him as to the processes that are used in a Centrelink investigation.  Public confidence in Centrelink's investigatory processes would be enhanced were those processes to be made known.  Only anecdotal evidence had been given of Centrelink staff members' being confronted by persons who are unhappy with Centrelink.  Despite that, Mr Meschino said that he was happy to be given a copy of the CRAM Report relating to access to his files with the names or identifications of staff members removed.  To date, he has not been able to obtain reports of investigations carried out regarding his complaints.  If CRAM Reports are not released, there is a general perception that Centrelink is engaged in covering up wrong-doing within its ranks.

1. Beginning with s. 40(1)(d), the words "would, or could reasonably be expected to" have been considered in cases such as Attorney-General's Department v Cockcroft (1986) 64 ALR 97 (Bowen CJ, Sheppard and Beaumont JJ). Bowen CJ and Beaumont J said in considering the same expression used in sub-paragraph 43(1)(c)(ii):

"In our opinion, in the present context, the words 'could reasonably be expected to prejudice the future supply of information' were intended to receive their ordinary meaning. That is to say, they require a judgment to be made by the decision-maker as to whether it is reasonable, as distinct from something that is irrational, absurd or ridiculous, to expect that those who would otherwise supply information of the prescribed kind to the Commonwealth or any agency would decline to do so if the document in question were disclosed under the Act. It is undesirable to attempt any paraphrase of these words. In particular, it is undesirable to consider the operation of the provision in terms of probabilities or possibilities or the like. To construe s 43(1)(c)(ii) as depending in its application upon the occurrence of certain events in terms of any specific degree of likelihood or probability is, in our view, to place an unwarranted gloss upon the relatively plain words of the Act. It is preferable to confine the inquiry to whether the expectation claimed was reasonably based (see Kioa v Minister for Immigration & Ethnic Affairs (1985) 62 ALR 321 per Gibbs CJ and Mason J." (page 106)

1. The expectation must be of "a substantial adverse effect" on the proper and efficient conduct of Centrelink's operations.  The words "substantial adverse effect" have been considered in a number of cases and were set out in a previous decision, Re Bayliss and Department of Health and Family Services (AAT 12277, 10 October, 1997, Deputy President Forgie):

"40. The phrase 'substantial adverse effect' and in particular the word 'substantial', have been considered in a number of cases. The word 'substantial', is not one of clear meaning. There are at least two alternative senses in which it may be used, on the one hand it may mean large or weighty or of considerable amount, on the other, it may mean real or of substance as opposed to nominal or illusory. In Palser v. Grinling (1984) 1 All ER 1 Viscount Simon held that in the context in which he had to consider it the word 'substantial' meant 'considerable, solid or big'.

41.In Tillmanns Butcheries Pty Ltd v. Australasian Meat Employees Union & Ors (1979) 27 ALR 367 Bowen CJ and Deane J considered the words 'substantial loss or damage'. Bowen CJ at page 374 said:

'The word 'substantial' would certainly seem to require loss or damage that is more than trivial or minimal. According to one meaning of the word the loss or damage would have to be considerable (see Palser v. Grinling [1984] AC 291 at 316-7). However, the word is quantitatively imprecise; it cannot be said that it requires any specific level of loss or damage. No doubt in the context in which it appears the word implores a notion of relatively, that is to say, one needs to know something of the circumstances of the business affected before one can arrive at a conclusion whether the loss or damage in question should be regarded as substantial in relation to that business.'

42.Deane J at page 382 said:

'The word 'substantial' is not only susceptible of ambiguity; it is a word calculated to conceal a lack of precision. In the phrase 'substantial loss or damage', it can, in an appropriate context, mean real or of substance as distinct from ephemeral or nominal. It can also mean large, weighty or big. It can be used in a relative sense or can indicate an absolute significance, quantity or size … As at present advised, I incline to the view that the phrase, substantial loss or damage, in s45D(1) includes loss or damage that is, in the circumstances, real or of substance and not insubstantial or nominal. It is, however, unnecessary that I form or express any concluded view in that regard, since the ultimate conclusion which I have reached is the same regardless of which of the alternative meanings to which reference has been made is given to the word 'substantial' in s45D(1).'

43.In Harris v Australian Broadcasting Corporation and Others (1983) 50 ALR 551, Beaumont J considered whether reports of an independent review of the Legal Department of the respondent were exempt within the meaning of paragraph 40(b) of the Act. Beaumont J said that it is possible that the reports could embarrass those charged with supervising or reviewing the operations of the Legal Department but went on to say on page 564:

'However, I am not persuaded that any such effect, even if adverse, could fairly be described as 'substantial' in its impact. In my view, the insertion of a requirement that the adverse effect be 'substantial' is an indication of the degree of gravity that must exist before this exemption can be made out.'

Beaumont J was considering section 40 as it existed before it was replaced in 1983. The particular words which he considered, however, have not been varied and are still relevant.

44.Muirhead J has also considered the expression 'substantial adverse effect' as it appears in section 40 in the case of Marco Ascic v Australian Federal Police (1986) 11 ALN N184.  Muirhead J considered the passage from the Harris case to which I have referred above and said:

'The reference to 'gravity' in that dictum (and I say so with respect) causes me some difficulty. 'Substantial' is a word of common usage which can stand on its own feet and the word ascribed to it in statutory interpretation will depend on the statute and of course the issues under consideration. Deane J gave detailed consideration to the word in Tillmanns Butcheries Pty Ltd v. Australasian Meat Industry Employees' Union (1979) 27 ALR 376 at 382. Whilst the court there was considering an application under s. 45D of the Trade Practices Act which refers to 'substantial loss or damage' his Honour's words that 'substantial loss or damage … includes loss or damage that is in the circumstances, real or of substance and not insubstantial or nominal' appear to me to be appropriate to most circumstances and closer to the plain meaning of the word and its dictionary interpretations.' (page N185)

45.      This Tribunal, presided over by Beaumont J, has considered paragraph 40(1)(c) in Re Williams and Registrar of the Federal Court of Australia (1985) 8 ALD 219 (Mr McMahon, then Senior Member and Dr Renouf, Member). Beaumont J said at page 222 that the difficulties in establishing that 'substantial adverse effects' will occur are formidable. This was referred to by the Tribunal in Re Dyrenfurth and Department of Social Security (1987) 12 ALD 577 (Deputy President Todd, Senior Member Balmford and Mr Cohn, Member). The Tribunal said:

'If we had been approaching the present matter in, as it were, a vacuum, we might have been tempted to think that the difficulties were not so formidable. But the fact is that the practice of the respondent agency is stated to be what we might call a generous one. We have already set out the agency's guidelines. It is perfectly true that in general terms this Tribunal is not bound by an agency's guidelines, but that is not the point here. We are uncertain to what extent they are applied (see T26), but they exist as a fact, and their existence in that form seems to us to undermine the suggestion of substantial adverse consequence.' (page 585)

46.      Finally, I will refer to the conclusion adopted by the Tribunal in Re Thies and Department of Aviation (1986) 9 ALD 454 (Deputy President Thompson, Senior Member Hallowes and Mr Trinick, Members) that a 'substantial adverse effect' 'connotes an adverse effect which is sufficiently serious or significant to cause concern to a properly informed reasonable person' (page 463).

47.      … It seems to me that the ordinary meaning of the words 'substantial adverse effect' leads to a conclusion that something more than 'concern' is required before the adverse effect can be said to be a substantial adverse effect.  Concern may be generated by matters of many differing degrees of gravity.  What is required by the exemption in paragraph 40(1)(d) is made out is an adverse effect that is real or of substance and not that which is insubstantial or nominal.  That is consistent with the judgements of Federal Court in Ascic and in Tillmans Butcheries by both of which I am bound."

We note that this was also the interpretation of the words "a substantial adverse effect" adopted by Deputy President McMahon in Re Connolly and Department of Finance (1994) 34 ALD 655.

1. The substantial adverse effect must be on the "proper and efficient operations of the agency". It seems to us that s. 40(1)(d) uses the word "operations" in this context in its ordinary meaning.  That meaning is:

"…4a An act of a practical or technical nature, esp. one forming a step in a process. … b …Also, a business concern or enterprise…" (The New Shorter Oxford English Dictionary, 3rd edition, 1993)

In Re James and Australian National University (1984) 2 AAR 327, the Tribunal considered s. 40(1)(d) in the context of a request for documents recording lecturers' comments in student record sheets together with the names of examiners of honours theses and their tentative grades.  Deputy President Hall said that:

"          The question, in the present case, therefore, is whether the expression 'the conduct of the operations of an agency', when applied to the University, extends not only to the way in which it carries out its 'administrative' operations, but also its 'academic' operations. …
As a matter of ordinary English I think that the expression 'the conduct of
the operations of an agency' is capable of extending to the way in which an
agency discharges or performs any of its functions.  So construed, I agree with
Mr Toper that it is capable of extending to the discharge by the University of
its academic functions in relation to the awarding and conferring of degrees

and diplomas (see s. 6 of the Australian National University Act 1946 (Cth))." (page 340-341)

This passage was expressly approved by the Full Court of the Federal Court in Searle Australia Pty Ltd v Public Interest Advocacy Centre and Another (1992) 16 AAR 28 (Davies, Wilcox and Einfeld JJ) (page 32).

1. The Commonwealth Services Delivery Agency, commonly known as Centrelink, was established under s. 6 of the Commonwealth Services Delivery Act 1997 ("CSD Act").  Section 8 of that legislation provides that its functions are:

"(1)The Agency has the following functions:

(a)the provision of Commonwealth services in accordance with service arrangements, and doing anything included in the arrangements that is incidental, conducive or related to the provision of the services;

(b)any functions conferred on the Agency under any other Act;

(c)any functions that the Minister, by written notice given to the Chairman, directs the Agency to perform;

(d)doing anything incidental, conducive or related to the performance of any of its other functions.

(2)…"

1. In Dykstra and Secretary, Department of Family and Community Services [2002] AATA 422, I elaborated upon Centrelink's functions under s. 8(1)(a) of the CSD Act:

"4.      … Its Chief Executive Officer may enter arrangements with the principal officer of a Commonwealth authority for the provision of Commonwealth services (CSDA Act, s. 7(1)).  "Commonwealth services" mean "… a service, benefit, program or facility for some or all members of the public that is provided for by the Commonwealth, whether under an enactment or otherwise" (CSDA Act, s. 3).  Arrangements may include arrangements for doing anything incidental or related to the provision of the Commonwealth services e.g. making specified employees or classes of employees available to exercise powers or perform functions delegated to them under specified enactments (CSDA Act, s. 7(2)).  Such arrangements have been entered into between the principal officer of the Department of Family and Community Services ("Department") and the Chief Executive Officer of Centrelink in relation to pensions, benefits and allowances paid or payable under the Social Security Act 1991 ("1991 Act").

5.        Pursuant to s. 234(1) of the Social Security (Administration) Act 1999 ("Administration Act"), the Secretary of the Department of Family and Community Services ("the Secretary") may delegate all or any of his or her powers under the social security law (i.e. certain Acts including, for the purposes of this case, the Administration Act and the 1991 Act (Administration Act, s. 3)) to an officer.  Pursuant to s. 234(2), he may also delegate them to the Chief Executive Officer of Centrelink ("the CEO") or to an employee of Centrelink.  If the Secretary does delegate his powers to the CEO or to an employee of Centrelink a power under the social security law to give the Secretary or the Department a document or information, the delegate may, in exercising that power, require that it be given to the CEO or to Centrelink, as the case may be (Administration Act, Schedule 5, cll. 1(1) and (2))."

1. There is no question in this case that the Secretary has delegated powers to employees of Centrelink in relation to pensions, benefits and allowances paid or payable under the Social Security Act 1991.  In doing so, they must ensure that pensions, benefits and allowances are paid to those who are entitled to receive them and that they are not paid to those who are not entitled to receive them.  They are subject to the Privacy Act 1988.  For the reasons I gave in Dykstra, employees of Centrelink are officers for the purposes of the social security law and, in particular, may be guilty of an offence should they, for example, make use of information that they are not authorised or required by or under social security law to make use of in that way where they knew, or ought to have known, that the information was protected information (Social Security (Administration) Act 1999, s. 204(1)).

1. In order to ensure that employees are fulfilling their functions and that they are not, and so Centrelink is not, in breach of any legislative or other duty, it is to be expected that Centrelink will have developed a system of checks and balances to monitor the use of the information it records.  Such a system is essential for the  proper and efficient conduct of its operations as it enables Centrelink to ensure that its information is protected from misuse and its pensions, benefits and allowances are not paid through fraud or misuse of its systems.  On the basis of the evidence of Ms Savic, I am satisfied that one such system that it has developed is the CRAM Report.  It has been developed to monitor the use made of the information maintained on Centrelink's computers.  Release of a CRAM report would show the footsteps in the computer file of the investigators as well as those of any other employ gaining access to that file. 

1. Access to a document under the FOI Act must be considered not on the basis of the identity and qualities of the person who seeks that access but on the basis that it may be seen by anybody. As it is usually expressed, access under the FOI Act is access to the world at large. In that world, it is reasonable to expect, that there are those who would seek to subvert Centrelink in its proper functions. It is reasonable to expect that they may wish to gain, either for themselves or others, a pension, benefit or allowance to which they are not entitled under the social security law or that they may wish to gain information that is held about a person on Centrelink's files for reasons unconnected with any function they may have under the social security law. It is also reasonable to expect that such people may be employed by Centrelink from time to time.

1. Whether employed by Centrelink or not, I am satisfied that it is reasonable to expect that, were they able to gain access to a CRAM Report that showed the access made to a particular file, they would be able to glean whether the file had been the subject of scrutiny by investigators within Centrelink. On the basis of the evidence of Ms Savic, I am satisfied that this would enable them either to desist or to modify their behaviour either in relation to that file or generally. That would follow either from the knowledge that the file had been checked or from being able to identify the particular aspects checked by the investigation team and so enable them to modify their behaviour generically, as it were. The value of the CRAM Reports would be substantially compromised as a result of disclosure. That in turn would lead to a substantial adverse effect on Centrelink's proper and efficient monitoring of the manner in which its functions are carried out and so on the proper and efficient conduct of its operations within the meaning of s. 40(1)(d) of the FOI Act.

1. That brings me to s. 40(2).  Mr Meschino feels that he would gain some benefit were he able to see that the investigation team had checked his file as he would feel that some action had been taken in relation to his complaints.  Even if he were able to gain that benefit, I have reached the view that it would be outweighed by the public interest in ensuring that social security pensions, benefits and allowances are properly paid and that the personal information held about a vast number of Australians on Centrelink's computer data bases are not misused.  As I have said, access to the CRAM Report is not to be considered in the context of the use that Mr Meschino would like to make of it but in the context of what use could be made of it by the world at large.  The world at large comprises the honourable and the dishonourable and, in the case of the CRAM Report, I consider that its disclosure would not, on balance, be in the public interest.  The detriment that its release could cause in frustrating a monitoring tool used by Centrelink to protect person's personal privacy as well as the public purse far outweighs any benefit the public may obtain from knowing whether or not a CRAM Report has been used to investigate a particular complaint made against Centrelink and its employees.  There are other means of finding out whether a complaint has been investigated.  They arise through the internal mechanisms offered by Centrelink or through the Ombudsman.

1. It follows that I consider that the CRAM Report sought by Mr Meschino is exempt pursuant to s. 40(1)(d). There is no need for me to consider whether it is also exempt under s. 40(1)(e).  Therefore, for the reasons I have given, I affirm the decision of the respondent dated 5 October, 2000.

I certify that the twenty-six preceding paragraphs are a true copy of the reasons for the decision herein of
Miss S A Forgie (Deputy President),

Signed:          …………………………………..
  Paul Paczkowski      Associate

Dates of Hearing  26 February, 2002
Date of Decision  25 July, 2002
For the Applicant  Self represented
For the Respondent  Mr Underwood, departmental advocate