Artboard 1Icon/UI/CalendarIcons/Ionic/Social/social-pinterest

Welcome to the annual summer edition of NSW Government Bulletin – a special edition of our fortnightly publication.

This year, our theme is "Times of crisis, times of change". We reflect on both a tumultuous year for policymakers and on the delivery of government services and the changing times in which the government operates.

 In particular, we highlight:

Our practice group experts, including these authors, will be speaking on this theme in further depth at our virtual government lawyers CLE intensive event, which will run from 22 February to 5 March 2021. 

Planning responses to change: The year in review

Like many other areas of the law, the planning and environment space was disrupted by the pandemic.

From a policy perspective, 2020 can be characterised as a year in three parts:

  • from January to March, the industry watched, waited and frantically sought to re-organise itself in response to the new demands around remote working and tremendous uncertainty about what the future would look like
  • from March to May, some fairly radical legislative reforms were introduced in response to the pandemic to seek to keep businesses going and supply chains ticking over
  • from May to December, an emphasis was placed on fast-tracking projects in the system to create an ongoing stimulus and economic opportunities.

It was only in the last three months of the year that anything was approaching a return to life before the pandemic, with a focus on wider and more structural reforms to the planning systems focusing on the continued roll-out of ePlanning, improved assessment processes around State significant development and refocusing on a development contributions reform.

With so much negative being said about the impact of the pandemic, perhaps the focus for the year in review should be on the positives.

NSW government’s timely response

The NSW government’s response in the planning space was timely and impressive. State government agencies learnt much from the Global Financial Crisis.

Legislative changes that extended lapsing periods and provided more time for appeals were all rolled out quickly and effectively.

Provisions relating to exempt development were judiciously used to extend trading hours for retail supply chain premises with a minimum of planning red tape.

A new Ministerial order power was introduced in the Planning Act that enabled the Minister for Planning and Public Spaces to, among other things, allow weekend working and extended hours of operation.

Changes to the regulation that underpins the system were made to facilitate online meetings and public hearings for various planning panels, remove existing requirements for physical copies of planning documents and mandate online lodgement across most councils in the state.

Detour in the Standard Instrument

The Standard Instrument Local Environmental Plan has been around since 2006. At this point, almost all local environmental plans adopt the Standard Instrument.

What couldn’t be anticipated was how useful the Standard Instrument would become for controlling our ability to move and gather during the pandemic.

During this period, our understanding of what constitutes a “nightclub” or a “recreation facility (major)” has come to mean either intentionally or unintentionally the same thing as in the Standard Instrument LEP.

We may never look at a “take away food and drink premises” in the same way again.

A flexible planning and environment court

The response of the Land and Environment Court to the pandemic has once again demonstrated the benefits of a specialist planning and environment court.

The Court responded well to the challenges posed by the pandemic. In a relatively short space of time, most processes were moved online. Useful guidance was given to practitioners and the Court demonstrated a willingness to listen to feedback from stakeholders and troubleshoot problems as and when they arose.

Most practitioners adopted relatively quickly to new ways of working and with a minimum of fuss. Even though most practitioners would concede that something was lost from an inability to get out on site quite so much and for resident objectors to be able, in some instances, to give their objections from within their homes, most would agree that the end of the cattle call of directions hearings and the time spent both travelling to Court and waiting in line to be heard couldn’t have come soon enough.

While the early days of the pandemic were characterised by complex arrangements whereby a solicitor had to witness the signing of an affidavit through a closed window, changes that were made that allow for witnessing by video link were again both welcome and hopefully a durable legacy of this pandemic time.

A brave forecast for 2021

The pandemic is here to stay so let’s make peace with that now. Hopefully, many of the innovations brought in in 2020 will prove their usefulness. The pandemic has accelerated the trend towards online lodgement. Hopefully, the considerable investment made in ePlanning over the past few years will continue to bear fruit.

A focus on acceleration can never be a bad thing. Potentially, a re-assessment of existing systems to reduce both complexity and timeframes will bring benefits to the wider system.

Towards the end of 2020, some of the larger more endemic planning policy problems like development contributions started to be examined again with a fresh eye.

The response to the pandemic has shown that things can change quickly, and sometimes for the better. The old adage of never letting a good crisis go to waste can be applied to the problem of fixing development contributions once and for all—but again that may just be very brave forecasting.

Author: Peter Holt

Evolving from crisis: Significant changes in building industry regulation in NSW

2020 saw significant changes introduced in the NSW building and construction industry as part of the NSW government's response to the Shergold Weir Report. The NSW government introduced a number of substantial pieces of legislation aimed at overhauling the industry through regulation and accountability. The increased regulation was implemented in the context of several highly publicised building failures, particularly in the residential apartment sector.

The Design and Building Practitioners Act 2020 (NSW) (D&BP Act) and the Residential Apartment Buildings (Compliance and Enforcement Powers) Act 2020 (NSW) (RAB Act) were introduced as part of the NSW government’s six pillars of reform, designed to protect consumers from poor building and construction practices and restore public confidence in the NSW building and construction industry.

The NSW government announced that these changes were about ensuring that “developers can no longer turn a blind eye to the work done by practitioners contracted for a project” and that “occupants of buildings (felt) safe and secure within their walls”.[1]

Design and Building Practitioners Act 2020 (NSW)

The D&BP Act took effect on 11 June 2020, with draft Regulations released in late November 2020 with submissions due 11 January 2021. Not all of the D&BP Act is currently in force, with the majority of the Act not due to commence until 1 July 2021.

The D&BP Act introduced a number of new regulatory requirements including:

  • a new duty of care – a duty of care is owed to landowners by people carrying out “construction work” to exercise reasonable care to avoid economic loss caused by defects
  • a register of practitioners – the D&BP Act imposes a comprehensive registration regime, requiring designers, engineers, and all people who contract to do building work to be named on a publicly available register of registered practitioners
  • compliance declarations – design and building practitioners must provide declarations as to whether building work complies with the requirements of the Building Code of Australia (BCA) before an occupation certificate (OC) is issued
  • compulsory insurance – any person who gives a compliance declaration must be adequately insured
  • disciplinary oversight – the Act gives the Secretary of the Department of Customer Service (Secretary) power to take disciplinary action against a registered practitioner, including imposing fines or suspending registration
  • information gathering and enforcement powers – the Act introduces powers of investigation for authorised officers and enforcement powers which include the ability to issue stop work orders where works are done in breach of the Act.

Duty of care

Significantly, the duty of care introduced by the D&BP Act is non-delegable and retroactive, meaning that owners and subsequent owners of land may claim for a breach of statutory duty where:

  • the loss first became apparent within the 10 years immediately before the commencement of the section; or
  • the loss first becomes apparent on or after the commencement of the section.

The retroactive effect of the duty of care is also likely to present issues for persons who are required to obtain adequate insurance under the D&BP Act. Insurers will now need to take into account any work the practitioner has completed in the last 10 years to appreciate the scope of their exposure.

The draft Regulations were highly anticipated as the D&BP Act provided that the classes of buildings, which limited the meaning of “building work” to which the D&BP Act applies, would be prescribed in the Regulations. This was problematic given that the duty of care provisions of the D&BP Act have been in force since June 2020.

Based on the second reading speech on the D&BP Act, it had been speculated that the duty of care would apply to construction work in a building that is a Class 1, 2, 3 and 10.

The D&BP Act itself is less than clear. On one reading of the Act (relying on the definition of “building” in section 36(2) of Part 4), the duty of care applies to all building classes. On an alternate reading of the D&BP Act (relying on the definition of “building work” in section 4 and the extension of the duty to residential building work in section 36), the duty currently applies to residential building work only (not limited by the building class), with the classes of buildings to which the D&BP Act otherwise applies to be prescribed in the Regulations.

What is now clear from the draft Regulations is that, despite the second reading speech, it is proposed that the compliance and disciplinary provisions of the D&BP Act will be limited to building work carried out on Class 2 residential apartment buildings and buildings that contain a Class 2 part. However, there are some exclusions. The most notable of which is work which comprises an exempt development, work carried out under development control orders and maintenance work on fire safety systems and other services.

However, the draft Regulations have not resolved the question of interpretation between the section 36 and section 4 approach regarding which building class the duty of care applies to. What is beyond doubt is that the draft Regulations would have the duty of care apply to building work carried out in Class 2 buildings, which the D&BP Act already extends to residential building work more broadly.

Registration scheme

The D&BP Act also creates a scheme for the registration of “registered practitioners” including:

  • registered design practitioners
  • registered principal design practitioners
  • registered professional engineers
  • registered specialist practitioners; or
  • registered building practitioners.

The D&BP Act provides that a person is to make an application for registration, which is to be determined by the Secretary, who may grant or refuse the application. The Secretary may refuse to register a person where, for example, the Secretary opines that the applicant does not have the appropriate qualifications, skills, knowledge or experience, or where the person “is not a suitable person to carry out the work” the subject of the application.

This broad definition (of a registered practitioner) means that many industry players will be caught by the registration regime and will be brought within the scope of the D&BP Act. As such, the Secretary will carry a significant administrative burden to develop a registration procedure, process those registration applications, and develop and publish those registrations on an online register that may be freely accessible by the public.

Disciplinary oversight

The D&BP Act empowers the Secretary to take disciplinary action against a registered practitioner in various circumstances, including:

  • where the practitioner has engaged in conduct that has fallen short of the standard of competence, diligence and integrity that a member of the public is entitled to expect of a reasonably competent practitioner
  • the practitioner has failed to comply with a condition of the registration
  • the practitioner has wilfully disregarded matters to which the practitioner is required to have regard to; or
  • other grounds prescribed by the regulations.

The scope of the powers afforded to the Secretary to take disciplinary action are significant. For example, if the Secretary is satisfied that a ground for disciplinary action against a practitioner has been established, the Secretary may (among other things):

  • caution or reprimand the practitioner
  • make a determination that requires the practitioner to pay, as a penalty, an amount not exceeding $220,000 (for a body corporate) or $110,000 (in any other case) to the Secretary within a specified time
  • impose a condition on the practitioner’s registration, including requiring the practitioner to undertake specified education or training 
  • suspend or cancel the practitioner’s registration, or
  • disqualify the practitioner, either temporarily or permanently, from being registered under the Act.

Information gathering and enforcement powers

The D&BP Act further empowers “authorised officers” appointed by the Secretary to:

  • require a person to provide information and/or records
  • direct a person to answer questions and record those answers
  • enter business premises without the need for a search warrant
  • when on premises, examine or inspect, take samples, conduct tests, take photographs, copy records, seize property, open up or demolish a building or structure, or do anything else authorised by the Regulations. 

The D&BP Act also gives the Secretary the power to issue a stop work order if the Secretary opines that the work is or is likely to be in contravention of the Act, and the contravention could result in significant harm or loss to the public, occupiers or potential occupiers of the building to which the work relates.

However, a stop work order issued under the Act only lasts for a maximum period of 12 months from the date on which the order takes effect.

Breach of a stop work order carries a maximum penalty of up to $330,000 and up to $33,000 per day in the case of a continuing offence for body corporates, and $110,000 and up to $11,000 each day for individuals.

Residential Apartment Buildings (Compliance and Enforcement Powers) Act (NSW) 2020

The RAB Act commenced on 1 September 2020 and applies only to Class 2 buildings within the BCA (including any building that contains a Class 2 component under the BCA).

The RAB Act regulates the circumstances in which an OC will be made, introducing a compulsory scheme which empowers the Building Commissioner to investigate defects in the final stages of residential apartment building projects and to refuse to issue an OC for any non-compliance.

The scheme operates as follows:

  • the RAB Act requires developers to notify the Secretary of when construction is to complete and when an application for an OC will be made
  • the Building Commissioner is an authorised officer and has broad powers to investigate potential defect(s)
  • if the Building Commissioner identifies a potential defect, the Secretary may take various enforcement actions that require the developer to rectify the defect(s)
  • if the developer fails to comply with any orders issued by the Secretary or fails to give notice of an application for an OC, the Secretary may issue a prohibition order that prevents an OC from being issued for the project
  • a developer would need to appeal the prohibition order within 30 days, or otherwise comply with the terms of the order so that the prohibition order can be lifted and an OC can be issued. Given the serious consequences from any of these orders, 30 days is not a long time. Developers, landowners, and financiers alike will need to be cognisant of this and seek urgent legal advice once an order is made.

Failure to comply with the terms of a prohibition order may result in an OC never being issued for the development and sales will, therefore, not be completed.

While the power to prohibit the issuing of OCs is unprecedented, the justification proffered for this power is that it “is the ultimate signal to the developer that they must resolve any non-compliance or face never having the building sold or occupied”.

 A prohibition order may be given where:

  • a developer fails to provide the expected completion notice or expected completion amendment notice, or does so outside of the required timeframe
  • the Secretary is satisfied that a “serious defect” in the building exists; and/or
  • any building bond required under section 207 of the Strata Act has not been given to the Secretary.

The potential impact on developers

Settlements of off-the-plan sales typically do not occur until after an OC is issued or a strata scheme is registered. In those circumstances, the RAB Act has the potential to hit the traditional developer hard as it stops cash flow from sales by restricting the issue of OCs.

It will be interesting to see how the potential threat to settlement might change the contracting and financing behaviour of developers and whether it may encourage, for example:

  • quality control by independent consultants during the building process, engaged by developers or even by financiers; or
  • developers to link final payments or returns of retentions to the issue of OCs, with this practice being reflected down the chain.

The regulator’s task ahead

The government’s sole focus is on protecting people buying off-the-plan apartments. There is no doubt that the RAB Act creates a strict and somewhat radical regime that places the Secretary (and the Building Commissioner) at the helm.

As a result, there is sure to be a significant administrative and compliance burden imposed both on developers who will need to create robust internal project management processes to ensure compliance with the Act, but also the Secretary and the Building Commissioner who bear the brunt of the compliance and enforcement burden.

For the RAB Act to achieve its desired outcome of revolutionising the NSW building and construction industry, the Secretary and the Building Commissioner will need to be sufficiently resourced to carry out their functions efficiently and effectively.

After all, by preventing the issue of OCs, they have placed themselves in the uncomfortable position of being between a developer and its financiers and purchasers, which will likely be a hostile environment if a dispute arises over the quality of construction of a residential apartment building.

Implications of the D&BP Act and the RAB Act for government

Other than the agencies involved in the direct administration of this scheme, councils and other agencies which are more broadly involved in the NSW property industry will need to understand the basic schema of each Act, the supply chain and other impacts of their introduction, particularly in the context of the importance of the building industry in the NSW economy.

While it is not the ordinary business of government to construct or develop Class 2 buildings, exceptions can arise. For example, it is claimed that the Sydney Park Olympic Authority (by owning the land) is, under the definitions in the Home Building Act, a developer and thereby liable for defects in the Opal Tower building.

Other than as accidental or incidental developer, other potential exposures (under the D&BP Act or having regard to the Civil Liability Act) may arise where government agencies are involved in design work or related activities, such as the NSW Government Architect or Public Works Advisory.

Subject to future directions for the scope of the D&BP Act, in particular, should there be a broadening of the building classes to which it relates towards those contemplated in the second reading speech, the NSW government, in its (substantial) capacity as an owner of built assets, may be a significant beneficiary of the increased accountability involved in the new regimes.

Authors: Christine Jones, Peter Holt, Georgia Appleby, Rebecca Weakley & Clare Giugni

[1]Second Reading Speech by Mr Kevin Anderson (Tamworth-Minister for Better Regulation and Innovation) dated 2 June 2020, Legislative Assembly Hansard, 2 June 2020, page 4.

Handling privacy incidents: Key recommendations for NSW agencies

On 18 December 2020, the NSW Auditor-General published its report into Service NSW’s handling of personal information regarding a data breach first identified in March 2020. The report made eight recommendations and provided a significant opportunity for Service NSW to elevate its privacy practices. It also contained “important learnings for all NSW government agencies, including local councils and public universities.”

Originally, the two separate business email compromise events involved 47 email accounts where around five million documents were at risk, of which half a million were likely to contain personal information. Original reports indicated that around 186,000 NSW residents had been affected. 

However, in December 2020, Service NSW revised this figure down to 106,000 people being affected and noting that approximately 25,000 people, who had incorrectly been notified about the breach, were no longer subject to any breach.

The other issue that is of significance is that the information at risk, which was often copies of scanned documents sent by email, were documents held outside of Service NSW’s Salesforce CRM system and so were not subject to the same level of security as information that was held within the system. This issue, together with the way their cyber risk and compliance function was managed within the NSW government cluster being outside of Service NSW but under the Department of Customer Service, raised significant operational issues.


The report contains eight key recommendations for Service NSW and these are spread across a timeline of urgent and immediate matters and matters to be done over the next year. Some of the recommendations could be applied proactively by other agencies or businesses to strengthen their risk position in the event of a business email compromise.

At this year’s virtual NSW Government CLE intensive in late February, we will be presenting a case study to drill down into these recommendations and lessons that other agencies can learn and take action to build resilience.

Author: Lyn Nicholson

Greater accessibility to public data: The new Commonwealth Data Availability and Transparency Bill and its implications for NSW

In 2016, the Productivity Commission was asked to undertake an Inquiry into public and private sector data availability and use. The recently introduced Data Availability and Transparency Bill 2020 is an important outcome from that Inquiry process. The Bill will provide for a new data sharing scheme for federal government data. If that scheme is successfully implemented, it could be used as a model by state and territory governments, including by the NSW government, to allow for a greater level of public sector data sharing.

The development of DATA

In the final week of the 2020 Parliamentary sitting year, the Australian Government introduced the aptly named Data Availability and Transparency Bill 2020 (which will be shortened to DATA if the Bill becomes law). The Bill is the culmination of an extensive inquiry and consultation process, which started with the Productivity Commission’s (PC) Inquiry into Data Availability and Use which commenced in 2016 and was completed in 2017.

In the view of the PC, at the time it completed its Inquiry, the then-current regulatory frameworks governing data availability and use, based as they were on risk aversion and avoidance, were not appropriate and inhibited Australian governments, businesses and not-for-profits from taking advantage of the benefits that would arise from the greater exploitation of data. Australia, in the PC’s view, also needed to move to a more transparent system of data sharing, allowing users to have greater confidence in data processes.

In responding to the PC’s report, the Government stated that it would create a National Data Commissioner to oversee a new data access framework and enact legislation to remove red tape limiting access to data for research and growth, while at the same time ensuring that privacy and data security were protected. The Bill is the new legislation that is intended to achieve this outcome. It has been the subject of extensive consultation – two discussion papers released in 2018 and 2019 on the appropriate form of the new legislation, followed by a consultation on an exposure draft of the Bill in 2020. 

One of the immediate benefits that the Government envisages will arise from the enactment of the new law will be the ability for citizens to provide their information to the Australian Government on one occasion only, without the need to provide that information each time they interact with a different agency. In a broader policy sense, as mentioned by the Minister for the National Disability Insurance Scheme and Minister for Government Services in the second reading speech for the Bill (available here), among other benefits, the newly authorised data sharing will allow governments across Australia to work together on nationally significant policies and programs such as to improve outcomes for people with a disability, improve health services and the like.

Key provisions of the Bill

Overall framework and different roles

The intention of the Bill is to provide a voluntary mechanism to increase the amount of data that is shared by the Commonwealth government while making sure that appropriate risk management is in place to provide data safeguards and also ensuring transparency. The Bill applies to “public sector data” collected by all Commonwealth entities and Commonwealth companies, whether it is facts, statistics or other information, with limited exceptions such as for national security or where intellectual property rights would be infringed by sharing. Existing mechanisms for data sharing (and data release) will continue to apply. It is important to note that the Bill provides for data sharing, that is, providing controlled access to data. It does not provide for public access to data. The Bill does not restrict, but does not positively authorise, the public release of data.

The Bill creates a National Data Commissioner and, in fact, an interim National Data Commissioner was appointed in 2018. The Commissioner will be a champion for data sharing, oversee DATA (including by taking enforcement action where necessary) and promote best practice. The Commissioner will be supported by a National Data Advisory Council to provide advice on matters relating to the operation of the data sharing scheme, such as ethical data use and technical issues. 

The Bill provides for the following “data scheme entities”:

  • data custodians: These are the Commonwealth bodies that collect the data in the first place and who have the right to control and deal with it (subject to exclusions for national security agencies and other limited categories). Each data custodian will maintain responsibility for the data it collects, including the sharing of that data. It will be at the discretion of data custodians as to whether they share data
  • accredited users: Accredited users are the “end-users” of the shared data. An entity will only be accredited by the Commissioner by demonstrating that it meets the security, privacy, infrastructure and governance requirements set out in the accreditation framework. The Commissioner will be required to accredit all non-corporate Commonwealth agencies as users. It is expected that accredited entities will include agencies from other levels of government as well as industry, research and other private sector entities
  • Accredited Data Service Providers (ADSPs): These are entities that have relevant experience in dealing with data and, like users, will require accreditation to participate in the scheme. The role of the ADSPs will be to assist data custodians and accredited users. Data custodians may share data with accredited users through an ADSP. An ADSP could provide services such as to de-identify data that was to be released as this is not a skill set that most data custodians would have. 


Data sharing will only be authorised for specified purposes. These are:

  • the delivery of government services
  • informing government policy and programs
  • research and development.

Certain purposes are prohibited by the Bill, being enforcement-related purposes, such as prosecuting an offence, and any purpose relating to or prejudicing national security. Other purposes may be prescribed by rules made under DATA.

Appropriate safeguards – the data sharing principles

If a proposed sharing is for a permitted purpose, then the data custodian must consider the data sharing principles to assess and control the risks of sharing. Risks will be assessed by applying the following data sharing principles:

  • project principle: Will the data be shared for an appropriate project or program of work, including by reference to public interest, consent (where applicable for personal information) and ethics requirements?
  • people principle: Can the users be trusted and do they have the right skills for the relevant project?
  • setting principle: Is the sharing environment appropriately controlled, that is, is it tailored to the data type and sensitivity and subject to reasonable security standards?
  • data principle: Will the data be protected, including by taking a data minimisation approach to ensure only data necessary to undertake the project is shared?
  • outputs principle: Are the results and outcomes of the project agreed, including the intended uses of the outputs?

Governance and transparency

If the proposed sharing is for a permitted purpose and consistent with the data sharing principles, then the relevant data may be shared, notwithstanding the existence of any law that would otherwise prevent that sharing. Where this is to occur, a data sharing agreement must also be entered into between the relevant parties. Data sharing agreements are intended to be a key governance and transparency measure. 

The mandatory minimum terms for a data sharing agreement are prescribed in the Bill and include, for example:

  • identification of the data that is to be shared
  • identification of the purpose for which the data is to be shared and prohibition of use for other purposes
  • identification of the agreed outputs of the shared data
  • specification of how the data sharing principles are to be applied
  • if an ADSP is to be used for data sharing, specification of the services to be provided by that ASDP
  • specification of how the outputs are to be shared or released
  • specification of how responsibilities will be allocated in relation to data breaches.

Data sharing agreements will be required to be registered a public register to further increase transparency.

NSW data sharing legislation and open data policy

NSW has in place data sharing legislation and has an open data policy. The Government Information (Public Access) Act 2009 (NSW) (GIPA Act) facilitates providing access to public sector data to the public, subject to appropriate guard rails. The GIPA Act is supported by the NSW Government Open Data Policy, and reflects the government’s objective for “better, faster and more open data”. The Open Data Policy provides for six open data principles that are to be applied by NSW government agencies in the management of data, requiring that data is managed so that it is:

  • open by default, though protected where required
  • prioritised, discoverable and useable
  • primary and timely (i.e., so that it is released as collected, in the form collected unless there is a compelling reason for a different approach)
  • well-managed, trusted and authoritative
  • free where appropriate
  • subject to public input.

The Data Sharing (Government Sector) Act 2015 (NSW) (Data Sharing Act), on the other hand, is intended to facilitate a greater degree of data sharing between government agencies, as well as with the Data Analytics Centre, while ensuring that data (particularly personal information) is appropriately protected. 

The NSW data sharing regime was mentioned favourably in the report from the PC’s Inquiry. Nonetheless, at the current time, the NSW regime does not extend as far as the Bill. This is the case as the NSW frameworks do not allow for public sector data to be shared on a restricted basis outside of government with appropriately accredited entities. As the PC noted in the report from its Inquiry, improved data access and use have the potential to assist in the development of innovative products and services that will have benefits for Australians and the Australian economy. There are some public sector data sets that are not appropriate for open access but that could be used beyond the public sector to achieve such benefits – provided of course appropriate safeguards are in place. Therefore the Bill may serve as a useful precedent for NSW for expanding the availability of its public sector data.

Author: Angela Flannery

The information in this publication is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, we do not guarantee that the information in this newsletter is accurate at the date it is received or that it will continue to be accurate in the future.

Published by:

Share this