In a turn of events usually reserved for a comedy of errors, the Australian Government has suffered a huge breach of privacy after the ABC published the infamous Cabinet Files[1]. The story goes: top-secret and highly confidential government files were found inside an old filing cabinet, which was on sale at an ex-government furniture shop. As a result, the ABC has been publishing at best: embarrassing and, at worst: damning news pieces that implicate top political figures in controversial policies and reveal an almost cavalier attitude to the handling and treatment of highly classified intelligence documentation.
The ABC has been emphatic that these files are not a leak. Furthermore, they made it very clear that had they not been the ones to obtain these documents, the repercussions could have been far worse: as there are other parties with darker agendas who could have obtained the information.
As a result of this massive exposure, ASIO has taken custody of the ‘Cabinet Files’ and are working with the AFP to investigate the extent of what is essentially negligence of security and confidentiality policy.
What is more shocking than the contents of the ‘Cabinet Files’ is the fact that, as stated above, this is not a leak. The mundanity of how these documents were found seems absurd. Australia’s international reputation, especially with regard to intelligence and security policy has been badly damaged[2].
The ‘Cabinet Files’ reveal information that could potentially damage Australia’s international relations. Further, the fact that this security breach was caused by complete mismanagement of physical files could imply that Australia is incompetent at intelligence gathering and security policy. The embarrassment is further compounded by the fact that the Prime Minister had confidently announced that Australia intends to export military materials to its allies[3]. Australia’s allies will be hard pressed to engage in any military contracting if their information could be so easily exposed.
While the negligence has occurred on a very low level of the Australian government apparatus, it is now up to Australia’s intelligence community, namely ASIO, to account for the intelligence breach it did not even cause!
The Australian government, as an institution and as an organisation, has failed in managing its documents properly. It is clear that simple procedures such as inventory checks, document audits and archiving could have prevented this exposure. It is common in other organisations such as law firms or social services, to conduct regular audits where client files are reviewed, archived or sent offsite for safekeeping (or destroyed after a statutorily mandated amount of time). There are also specialised services that can digitise paper files and reduce paper trails. It seems inconceivable that somehow these procedures were not carried out in the offices of our government. What adds insult to injury is that these cabinets remained locked for some time even after they were purchased second-hand (it seemed the keys had been lost originally). It was only when the locks were drilled through that the documentation was revealed.
The ABC has not revealed how they obtained the information and has stated that they will collaborate with ASIO and the AFP[4]. It remains a mystery as to how the ABC obtained these documents, and there is no doubt that more information might be revealed in the course of the investigation unless ASIO and the AFP enforce gag orders on the press to prevent further breaches. The result of doing so, however, could damage Australia’s reputation as an open democracy.
As a news broadcaster, it is inevitable to think that the ABC would not have revealed these documents. Regardless of the sensitivity of the information, it is the role of the press to reveal this kind of information and, if anything, the exposure of these documents has allowed the public to scrutinise the activities of its politicians and hold them accountable. Nevertheless, it is also the role and responsibility of the government to protect itself properly to avoid such embarrassing exposures, regardless of whether we agree or not with their politics and policy.
Something as simple as not tidying up old paperwork has led to a huge breach of government security. The fact that documents spanning several administrations were found in the ‘Cabinet Files’ implies that there was little to no audit of physical assets and one can only wonder where (and when) more misplaced documents could come to light.
In light of this incredible turn of events, government administrators and policy makers ensure that proper information management procedures are followed to a T. It is understandable that on occasion, files can pile up in an office, or certain government officials prefer to read physical documents as opposed to digital versions. Like any other organisation, auditing and document management procedures are put in place to ensure that information stays safe.
In light of Wikileaks, the Panama and Paradise papers, it is crucial that organisations conduct regular and thorough internal safety audits. In this case, something as simple as checking the locked cabinets before putting them up for sale could have prevented getting egg on everyone’s faces.
For further information on security audit and best practice physical and information security policy and procedure, please do not hesitate to contact Agilient.
The Agilient Team
[1] https://www.abc.net.au/news/2018-01-31/cabinet-files-reveal-inner-government-decisions/9168442
[2] https://www.defenceconnect.com.au/key-enablers/1847-what-do-the-cabinet-files-mean-for-australia-s-allies?utm_source=DefenceConnect&utm_campaign=02_02_18&utm_medium=email&utm_content=2
[3] https://www.sbs.com.au/news/defence-exports-turnbull-unveils-3-8b-fund-to-boost-foreign-sales-of-australian-arms
[4] https://www.sbs.com.au/news/abc-agrees-to-return-cabinet-papers