Prime Minister Malcolm Turnbull talks the talk about open government, transparency and open data, but his use of his own email server and message-destruction apps such as Wickr and Confide show he doesn’t walk the walk.
Turnbull has long been an advocate for open data in government. He is often fond of talking about how easy it is to catch a train in Sydney because the New South Wales government made the data accessible to app developers. He claimed at an app launch this week that his government had “a big open data agenda”.
“Now there are obviously some categories of government data that cannot be made available … for security reasons. There are others where there are big privacy concerns but generally data that belongs to the government should be … available to be used by developers by the public in a creative and innovative way.”
But his actions suggest the Prime Minister is all for open government data so long as it is not his own.
The Australian reported today that Turnbull’s office had confirmed he had been using a private server for his emails during his time as communications minister, and continued to use the server as prime minister. His office said the Prime Minister did not use the private email for classified emails, as that would be in breach of security rules, but most daily non-classified email communication was made using Turnbull’s private email address.
Leaving aside the security of having the elected leader of the government running his own email server for government-related emails, Turnbull taking responsibility of managing his email server from the public service presents a greater issue about transparency in government.
The Prime Minister’s Office has stated that it believes that all communications or records of a minister related to his or her duties are “potentially” subject to freedom of information laws regardless of whether that communication is using a private service, but this has yet to be tested by a freedom of information request — which, as Crikey has already reported, the government is currently attempting to make much harder to do.
In theory, under freedom of information, any document, email, Post-It note, SMS or any other form of communication can be accessed by the public through the FOI process. However, there is a wide range of exemptions. In practice, of course, the success of FOI requests depend on the skill of the officer undertaking searches to know where to look, and to find the documents requested.
In Turnbull’s case, were the officers aware that Turnbull had his own email server? None of the FOI requests I made to Turnbull’s office in the past resulted in any emails disclosed from his personal server. I wager if any request had revealed personal emails, reports about Turnbull’s own email server would have surfaced some time ago.
This is not the fault of the public servant acting as the officer responsible for responding to freedom of information requests. At a recent FOI seminar, I heard from several lawyers who said that, on multiple occasions, they have had an FOI returned with no documents found, only to find later, when a case is taken to the court, the document is miraculously found during the more thorough search process.
Most of the time, unless you are specific about what you want in an FOI request — the type of document or communication and what that communication is about — the officer responsible won’t know exactly what you are looking for.
An FOI officer would have much greater administrative access to conduct a thorough search for an email server owned by the government than for a private server. Would someone in Turnbull’s office grant administrative access to the FOI officer, or would his office just forward all the emails it thought relevant? The Hillary Clinton email server scandal showed when that happens, a lot of emails somehow end up disappearing.
It is also worth noting that Turnbull having his own server completely undermines the government’s policy of forcing telecommunications companies to retain customer communications data for access by government agencies without a warrant. We are just days away from the government beginning forcing telecommunications companies to keep two years’ worth of records of all emails sent to and from their own email servers — for those of us who still use email addresses provided by our ISPs anyway — but Turnbull’s own mail server will not be subject to this new regime.
Anyone who wants to bypass the new regime can just get their own private server like the Prime Minister, or use a service like FastMail.
Interestingly, Turnbull’s office told The Australian that it believed Wickr and other self-destructing communications apps were subject to FOI, too. It is unclear how an FOI request — which usually takes at least 30 days to get a response — would be able to obtain a message sent via Wickr when the app destroys messages within a few minutes or a few days, depending on settings.
The rise of a more tech-literate prime minister and a 21st-century government focused on using technology to improve how government works raises a few complications about transparency in government and how records will need to be kept in the future. Turnbull’s pet project — the Digital Transformation Office — is at the forefront of government developing new ways of using technology to improve access to government services.
Internally, Crikey has learned that staff at the Digital Transformation Office are using secure messaging app Slack to communicate. This sort of communication should be recorded for FOI purposes, but when asked, DTO could not explain whether the communications were recorded, only that sensitive discussions were not on Slack: “The DTO is trialling a range of different digital channels, including Slack, to communicate internally,” a spokesperson told Crikey. “Sensitive information with protective markings is only shared and stored on secure government networks.”
Crikey has filed an FOI request with the DTO for communications on Slack, but the agency ostensibly responsible for open data and information at the time of writing did not appear to have a freedom of information email address listed on its website.