ONDC has published a separate guidance note on charging of fees by data custodians.
Under the DATA Scheme, ADSPs may charge fees for services performed in relation to data sharing under the Scheme, including where the ADSP is a Commonwealth body (see section 140 of the Data Availability and Transparency Act 2022 (the Act)).
Where a Commonwealth body provides ADSP services, any fees charged must be consistent with applicable policies of the Australian Government. This includes the Australian Government Charging Framework (2023), the Australian Government Cost Recovery Policy (2023), and the Australian Government Public Data Policy Statement (2015). State and territory government ADSPs should determine whether they are subject to similar charging guidelines in their jurisdiction. University ADSPs should abide by university charging policies where these exist.
ADSP services under the DATA Scheme
Under the Act, the following data services must generally be provided by ADSPs:
- de-identification data services (section 16C(3))
- secure access data services (section 16C(4))
- complex data integration services (section 16D(3)).
For more information about these data services and the circumstances under which these data services may or must be used, please refer to the ‘Using an Accredited Data Service Provider (ADSP)’ guidance note.
If data is shared through an ADSP, the relevant data sharing agreement must specify any data services provided by the ADSP in relation to the data shared with the ADSP by the data custodian (see subsection 19(8)).
The Act does not prevent ADSPs from performing other data services, in addition to the three data services mentioned above. It also does not prevent the ADSP from charging fees for the other data services it performs in relation to data sharing under the Scheme.
The Act allows a data sharing agreement to deal with broader matters (for example, this could include data services not mentioned in the Act), so long as it is not inconsistent with the Scheme (see subsection 18(6)).
Including fees in data sharing agreements
The charging of fees by ADSPs, for services performed in relation to the DATA Scheme, is context and organisation specific.
Where fees are to be charged under a data sharing agreement, the agreement should set out the fees to be charged or the basis for determining fees (where they are yet to be settled or can only be indicative). A data sharing agreement should outline any expectations about charging fees, and which entity is responsible for payment of fees charged by an ADSP. ADSPs may also charge other fees for preliminary work performed, such as feasibility assessments before a data sharing agreement is established.
The following circumstances would generally be relevant to the charging of fees and should be included in a data sharing agreement, where applicable:
- whether an ADSP is using a third-party service provider engaged under an approved contract
- whether the ADSP is a non-corporate Commonwealth entity or a corporate Commonwealth entity for Public Governance, Performance and Accountability Act 2013 (PGPA Act) purposes
- whether the parties involved include State and Territory entities or universities (and governing legislation of each party and jurisdiction)
- who is responsible for unpaid fees between Commonwealth entities (section 141 of the Act)
- who is responsible for unpaid fees and cost recovery options; and
- who is responsible where there are incomplete processes and responsibilities for fees under these circumstances.
Where an ADSP performs services on behalf of the data custodian, the ADSP may charge the data custodian for the services performed. The data custodian may in turn pass on the ADSP’s fees to an accredited user as a service performed ‘on behalf of’ the data custodian. See ‘Charging of fees by data custodians’ for further guidance on how this charging option operates.
Approved contracts with third-party data service providers
An ADSP may rely on the services of a third party to perform data services in a data sharing project on its behalf. An ADSP may include the costs of these third-party services in their fees (without precluding other possible arrangements where other parties to the data sharing agreement may pay the third party directly for their services).
Third parties may provide services under an approved contract that must be authorised by, or approved under, the data sharing agreement in accordance with any requirements in the Data Availability and Transparency Code 2022 and Data Availability and Transparency (National Security Measures) Code 2022 (see section 123(3) of the DAT Act) and meet other legal obligations and policies for handling government data. For example, when using third parties, ADSPs should consider how they will support and implement a security governance framework when handling Commonwealth data in line with the Commonwealth Protective Security Policy Framework.
The third party does not need to be accredited under the DATA Scheme, but the ADSP (using third party services) is accountable to the other parties and the National Data Commissioner for all ADSP activity and services performed (including those performed by the third party) in relation to a data sharing agreement.
Handling complaints about fees
It is possible that an ADSP’s charging arrangements may lead to complaints, and responding to such complaints will usually be the responsibility of the ADSP. ADSPs are expected to have in place procedures for determining an applicable fee charging methodology and/or how much should be charged, and for handling complaints, including resolving conflicts and responding to incomplete service delivery or provision.
A DATA Scheme entity may also notify the National Data Commissioner about the conduct of an ADSP if it believes the ADSP has breached the Act or the data sharing agreement. ONDC has published a separate guidance note on handling complaints which can be accessed here.
Guidance note 2024:2
Last updated: 9 April 2024