‘Confidentiality’ often comes up when talking about information release. Many Acts and contracts have confidentiality obligations and it is a ground of refusal under the Right to Information Act 2009 (Qld) (RTI Act).

This article discusses what confidentiality is and is not and what it takes to establish that information is confidential under the RTI Act.

Confidentiality – what kind of confidential?

There are two types of confidentiality under the RTI Act:

  • Equitable confidentiality, which must meet a specific set of criteria.
  • Contractual confidentiality.

Under schedule 3, section 8 of the RTI Act information will be exempt from release if it would found an action for breach of equitable or contractual confidence.

Equitable confidentiality

Information that is subject to equitable confidentiality is exempt from release in response to an RTI access application.

In order to qualify as equitable confidentiality and be exempt from release, the information must meet four criteria.

Every criteria must be met. If it misses out on even one, the information will not be subject to equitable confidentiality.

The criteria are:

  1. The information must be specifically identified.
  2. The information must have the 'quality of confidence'. It must not be trivial or useless, it must not be in the public domain, common knowledge, or something the applicant already knows.
  3. The person who gave the information to the agency and the agency they gave it to must both have intended for it to be kept confidential.
  4. Giving the information to the applicant would be an unauthorised use of the information.
  5. Where the person the information belonged to was a government body, it will generally be necessary for disclosing it to cause them a detriment. This will not apply for non-government entities.

Contractual confidentiality

Agency contracts for goods or services often contain a confidentiality clause. If release of the information would breach this clause, it may be exempt under the RTI Act.

Legislative confidentiality

Many Acts contain confidentiality provisions that protect information. These confidentiality provisions are overridden by the RTI Act.

This doesn’t mean the information will automatically be released. The RTI Act has its own protections. The RTI decision maker will apply the RTI Act and refuse access to anything that would be contrary to the public interest to release.

What confidentiality is not

Documents stamped 'confidential' or 'commercial in confidence'

Documents may be marked 'confidential' or 'commercial in confidence'. They may have been marked by business units of the agency or by people outside the agency who originally provided the documents.

These kinds of markings do not mean the information in the documents is confidential. Information is only confidential if it falls into one of the above categories.

Email disclaimers

Many email systems automatically add a disclaimer to outgoing emails. These disclaimers generally include statements like: 'the contents of this email are confidential' and 'confidentiality is not waived if you receive it in error'.

Much like stamping a document 'confidential' or 'commercial in confidence', these disclaimers do not automatically make the email confidential. Its contents must still satisfy the relevant tests.

Confidentiality and privacy

Privacy is about individuals' personal information. The Information Privacy Act 2009 protects personal information in day to day government activities. The RTI Act has public interest factors against disclosure that protect personal information someone else applies for.

Privacy and confidentiality both protect information but they are not the same. In some circumstances personal information might also be confidential information, but it is important to understand the difference.

Print Page