Fact Sheet - State Owned Corporations (SOCs) and your right to government and personal information

This fact sheet appears below or can be viewed and download it here Fact Sheet - State Owned Corporations (SOCs) and your right to government and personal information, updated September 2020

In NSW, the State Owned Corporations Act 1989 has established a number of commercial businesses that are owned by the NSW Government. These businesses are established on behalf of the people of NSW to provide critical services. This fact sheet has been designed to provide citizens in NSW information about how information access and privacy laws apply to State Owned Corporations.

What is a State Owned Corporation?

State Owned Corporations (SOCs) are established under the State Owned Corporations Act 1989 (SOC Act) and must comply with the requirements set out in that Act, as well as any other applicable legislation that is relevant to their functions.

There are currently seven statutory SOCs in NSW as listed in Schedule 5 of the SOC Act:

  • Essential Energy
  • Forestry Corporation of NSW
  • Hunter Water
  • Port Authority of NSW
  • Sydney Water
  • Landcom
  • Water NSW

Each of the seven SOCs are established and governed by their own legislation.

SOCs and your right to government information in NSW

The Government Information (Public Access) Act 2009 (GIPA Act) gives citizens a legally enforceable right to access government information[1]. That enforceable right also applies to SOC’s.

Under Schedule 4 Clause 2 of the GIPA Act, SOCs are included in the definition of a “public authority”. This means that SOCs are subject to the GIPA Act.

Government information means any information contained in a record[2] held by the NSW government agency. This can include records of the agency (including SOCs), and your own personal information.

Do all aspects of the GIPA Act apply to SOCs?

Yes, as a public authority SOCs are subject to the provisions of the GIPA Act like other state agencies and are required to give out certain information without the need for a formal access application.

SOCs are required to release open access information and make it publicly available free of charge.[3] SOCs are also authorised to proactively release government information they hold, unless there is an overriding public interest against disclosure.[4]

SOCs can also provide government information to a citizen in response to an informal request, unless there is an overriding public interest against disclosure.[5]

Each SOC will have information about how to access information on their website and details on contacting the SOC if you are unable to locate the information.

Are there any exceptions under the GIPA Act?

Yes, one difference for SOC’s relates to the contract register requirements under the GIPA Act. As a SOC is a commercial business owned by NSW, their obligations in relation to access to government information are slightly different from other government agencies in relation to government contracts. In particular, under section 39 of the GIPA Act, SOCs are not required to include information about, or a copy of a government contract in its government contract register, if it relates to activities that the SOC (or its subsidiary) is engaged in where they are competing with other persons in the same market.

However, the general principles of open government information apply to SOCs and they are required to meet GIPA obligations to maintain and advance a system of government that is open, transparent and accountable.[6]

More information about your right to access government information and how to make a request is available in the IPC Fact Sheet Your right to access government information in NSW.

SOCs and the protection of your privacy

Privacy protection under NSW legislation

In NSW, your privacy is protected under the Privacy and Personal Information Protection Act 1998 (PPIP Act). Under the PPIP Act, SOCs are not considered to be a public sector agency. This means that SOCs are not subject to the requirements of the PPIP Act unless they elect to follow the act.

The IPC is aware that the following SOCs have voluntarily elected to follow the NSW PPIP Act:

  • Hunter Water
  • Sydney Water
  • Landcom
  • Water NSW

Where the SOC has elected to follow the PPIP Act, they should follow the 12 Information Protection Principles (IPPs) when dealing with an individual’s personal information.  Each SOC will provide citizens with information about how they will deal with any concerns from citizens.

Does the Federal Privacy Act apply to SOCs?

Privacy protection under federal legislation

The Privacy Act 1998 (Cth) (Privacy Act) regulates the way that personal information of individuals is handled at the federal level. Australian government agencies and organisations as defined in the SOC Act have responsibilities under the Privacy Act. Organisations that are not covered by the PPIP Act may be covered by the Privacy Act.

The following SOCs have identified as being bound by the Privacy Act:

  • Essential Water
  • Forestry Corp
  • Port Authority

The Privacy Commissioner does not have jurisdiction over the conduct of SOCs that have identified as being bound by the Privacy Act.

Privacy issues are instead, dealt with by the Office of the Australian Information Commissioner (OAIC). For more information, you can contact the OAIC on 1300 363 992 or via its website - https://www.oaic.gov.au/.

What can I do if I think my privacy has been breached?

Each of the seven SOCs have published their own privacy policy that is available on their websites.

If you are concerned that a SOC has not met their privacy obligations under their policy, you may be able to resolve the complaint directly with the SOC through their complaints process.

Proposed Amendments to the PPIP Act

To address the issue of SOCs specifically being excluded from the PPIP Act, the Privacy and Personal Information Protection Amendment (State Owned Corporations) Bill 2019 was introduced into the NSW Parliament as a private member’s bill.

The object of the bill was to remove the exclusion of SOCs from the PPIP Act and extend it to include SOCs that are not subject to the Privacy Act. The effect of the amendment would have been to hold SOCs that are not bound by the Privacy Act accountable under the PPIP Act.

On 5 March 2020, the proposed amendment was defeated by the NSW Legislative Assembly. Although the proposed amendment did not proceed,  the NSW Attorney General committed to applying the PPIP Act to State Owned Corporations during parliamentary debate on the bill.  Accordingly, consultation in order to identify the most appropriate approach to bringing State‑owned corporations under privacy legislation has been initiated.

For more information

Contact the Information and Privacy Commission NSW (IPC):

Freecall:           1800 472 679
Email:             ipcinfo@ipc.nsw.gov.au
Website:           www.ipc.nsw.gov.au

NOTE: The information in this fact sheet is to be used as a guide only.
Legal advice should be sought in relation to individual circumstances.

[1] Section 4 GIPA Act

[2] Clause 10, Schedule 4 GIPA Act

[3] Section 6, GIPA Act

[4] Section 7, GIPA Act

[5] Section 8, GIPA Act

[6] Section 3, GIPA Act