The Data Availability and Transparency Act 2022 (the Act) authorises Commonwealth bodies to share their data with entities that are accredited as data users, and accredited users are authorised to collect and use data in accordance with a data sharing agreement. The Act extends these authorisations to individuals undertaking activities related to the data sharing agreement, where those activities are in scope of the individuals’ official duties. These individuals are referred to as ‘designated individuals’.
Types of designated individuals
The Act identifies individuals who are ‘designated individuals’ for entities and defines the ‘designation’ of each of those individuals (see section 123). The following types of employees or other individuals associated with the entity are designated individuals under the Act:
- authorised officers
- statutory office holders
- employees
- contractors
- agents.
The Act sets out the scope of the individual’s roles for which they are considered a designated person. For example, an APS employee of a data user entity undertaking analysis of shared data is a designated individual for the entity and the designation of that APS employee is the employee’s duties as an APS employee.
In addition, where an individual or a body corporate is engaged by an accredited entity to perform services under an ‘approved contract’, that individual, or the employees, officers and members of that body corporate, are designated individuals of the accredited entity, and the approved contract determines the designation of those individuals.
The types of designated individuals and their designation are set out in Table 1 below.
Table 1:
| Designated Individuals | Designation |
|---|---|
| An authorised officer of the entity or an individual authorised in relation to the DATA Scheme (see Guidance Note 2023:1) | Authorised officer or individual under the Act |
| A statutory office holder of the entity | The individual’s capacity as a statutory office holder |
| An APS employee in an entity | The individual’s duties as an APS employee |
| An employee, officer or member of an entity | The individual’s employment or authority |
| An individual who is party to an approved contract with an entity, or an employee of a body corporate that is party to an approved contract with an entity | The individual’s or body corporate’s contract with the entity |
| An individual who is an agent appointed by an entity, or an employee of a person that is an agent appointed by an entity | The individual or person’s authority as an agent. |
When the extension of the authorisations would not apply to the conduct of designated individuals
The authorisation to designated individuals provided does not apply if that would be inconsistent with a condition of accreditation imposed on, or applicable to, the entity, or with the terms of a data sharing agreement.
For example, an employee of an accredited user who is not an Australian citizen may be a designated individual for their entity. However, if there is a condition of accreditation applicable to the accredited user prohibiting employees who are not Australian citizens from collecting or using scheme data, an authorisation for the accredited user to collect and use data would not extend to that individual.
Approved contracts with bodies corporate
Where an accredited entity has an approved contract with a body corporate in the context of a particular data sharing agreement, the accredited entity’s authorisation to collect and use data extends to conduct of the body corporate, if the conduct is within the scope of the approved contract. For example, if an accredited user has a contract with a body corporate to provide analytics services and that contract is authorised by the relevant data sharing agreement, the accredited user’s authorisation in relation to the use of data covered by the data sharing agreement extends to the body corporate.
The authorisation to a body corporate does not apply if that would be inconsistent with a condition of accreditation imposed on, or applicable to the accredited entity, the terms of the approved contract or the data sharing agreement for the project.
Guidance note 2023:3
Last updated: 22 August 2023