Ex tempore decision in Services Australia v Anatoly Kern

12 December 2025

Molly Campbell
Special Counsel
Sparke Helmore Lawyers

Molly Campbell
Special Counsel
Sparke Helmore Lawyers
t: +61 2 6263 6337

Molly is an experienced administrative law practitioner, who specialises in Information Law (Information Release, Privacy and Freedom of Information (FOI)).

Chantal Tipene
Partner
Sparke Helmore Lawyers

Chantal Tipene
Partner
Sparke Helmore Lawyers
t: +61 2 9260 2542

Chantal is a government law specialist with more than 10 years' experience providing specialist legal advice to the Commonwealth, State and local government. Her experience ranges from major procurement and tendering projects to advising on administrative law matters. She understands the pressures that government departments face from her recent in-house experience as the Deputy General Counsel of the NSW Police Force. In 2011, Chantal was recognised by the Law Society of New South Wales as an Accredited Specialist in Government and Administrative Law.

On 10 December 2025, the Tribunal issued its written reasons following an ex tempore decision in the matter of CEO , Services Australia and Anatoly Kern – 2025/0298.

In this proceeding the Services Australia (the Agency) contended that the disclosure of positional email inboxes should be conditionally exempt under s 47E(d) of the FOI Act (operations of an Agency) and that disclosure would be contrary to the public interest in accordance with ss 11A and 11B of the FOI Act.

Section 47E(d) provides that: 'a document is conditionally exempt if its disclosure under this Act would, or could reasonably be expected to, have a substantial adverse effect on the proper and efficient conduct of the operations of an agency.'

Sparke Helmore represented the Agency in this matter, with Molly Campbell Special Counsel as solicitor advocate.

The Agency led the following arguments, supported by affidavit evidence of Chief Information Security Officer Garett McDonald in relation to the anticipated effects of disclosure of the positional mailboxes:

Disclosure would, or could reasonably be expected to increase the risk of misdirected communications and privacy breach
Disclosure would, or could reasonably be expected to increase the risk of targeted adverse behaviour from the FOI Applicant and other members of the public to non public points of contact within the Agency, and
Disclosure would, or could reasonably be expected to present an increased cybersecurity risk, relating to the potential unauthorised access, use and disclosure of the significant volume and sensitive nature of information held by Services Australia across its portfolio programs.

This is an excellent result for the Services Australia and the Commonwealth more broadly, noting that the Tribunal has now heard and accepted the Agency’s more recent cybersecurity and privacy breach arguments in relation to the anticipated effects of the disclosure of positional mailboxes.

The Orders of the Tribunal are as follows:

The Tribunal SETS ASIDE the reviewable decision in so far as it contains a finding that internal positional mailboxes are not conditionally exempt under s 47E(d) of the Freedom of Information Act 1982 (Cth) (FOI Act) and substitutes a decision that the information in the internal mailboxes on pages 13, 32, 36 and 43 of Document 1 is conditionally exempt under s 47E(d) of the FOI Act and that access to that information would be contrary to the public interest.
The reviewable decision is otherwise AFFIRMED.

The Agency’s position was that disclosure of the positional mailboxes in issue posed significant risks to the Agency’s operations, and its obligations to manage, protect and safeguard the sensitive personal information of millions of Australians (which is information also protected by portfolio secrecy provisions and in most cases the Privacy Act 1988 (Cth)). The Agency’s confirmed that the concerns were not limited to the disclosure of the information to the FOI applicant alone, and extended to the disclosure of this category of information more generally under the FOI Act.

In respect of the public interest test, the Agency submitted that disclosure was contrary to the public interest, drawing the Tribunal’s attention to the public interest factors it could and could not consider in respect of ss 11A(5) and 11B of the FOI Act. Specifically, the Agency submitted that whilst there were generally public interest factors in favour of the release of information under the Act, there were no obvious factors in favour of the disclosure of positional mailboxes, and again highlighted the factors which the Agency submitted weighed heavily against disclosure, as canvassed in the Agency’s evidence.

In respect of Mr McDonald’s affidavit evidence, the Tribunal had regard to:

Garret’s qualifications and seniority within the Agency, and the materials he considered in making his statement;
What a positional mailbox is and how positional mailboxes with previous domain names (i.e. @humanservices.gov.au) are dealt with;
The effect disclosure would have on the potential for misdirected communications and an increased risk of privacy breach;
The statistics relating to the volume of communications received by the Agency each year, and the number of customers who interact with the Agency across the various programs;
The Respondent’s previous targeted behaviours towards the Agency, and the anticipated risks associated with further targeted behaviours of the Applicant and other members of the public; and
The effect of disclosure of the agency’s cybersecurity functions.

We understand the reasons for decision will be published shortly on AustLii.

11-12-2025 | 12 Days of (Christmas) FOI

08-12-2025 | FOI Secondees – letters 'home' for Christmas

04-12-2025 | Information as to existence of certain documents – s 25 of the FOI Act

03-12-2025 | Case note: Aveo Group Limited and Australian Competition and Consumer Commission (Freedom of information)

18-11-2025 | Vinomofo data breach determination - the obligation to take reasonable steps

11-11-2025 | OAIC's Notifiable Data Breaches statistic dashboard

Media room