Australian government workers are using messaging apps such as WhatsApp and Signal despite some agencies not having policies to support obligations to privacy, archiving, and freedom of information (FOI) laws, a report by the information regulator has found.
The review by the Office of the Australian Information Commissioner (OAIC), released on Wednesday, found while some government agencies permitted the use of messaging apps for workers, only half of those agencies had policies or procedures to guide their use.
The findings have highlighted challenges for accountability and transparency in government, where — much like in the private sector — encrypted messaging apps which can allow for disappearing messages have become increasingly commonplace.
The OAIC said its review of 22 government agencies included the likes of the Australian Federal Police, the Australian Taxation Office, the Digital Transformation Agency, Services Australia, and some government departments.
While only half of the 16 agencies which permitted messages apps had policies for their use, they “generally did not address” key legal obligations according to Australian Information Commissioner, Elizabeth Tydd.
Of the 19 agencies which either permitted the use of messaging apps or did not have a position on them, six were “unsure whether staff were using them to share personal information about members of the public”, Tydd said.
Government agencies needed to better equip their staff to uphold those legislative requirements by establishing policies or reviewing existing ones, she argued.
“Messaging apps raise novel considerations for key pillars of our democratic system of government, including transparency and accountability,” Tydd said.
“… Improving information governance will secure government information as a national resource and a source of truth and accountability for the Australian community.”
Image: 'Messaging apps: a report on Australian Government agency practices and policies' / OAIC
Disappearing messages ‘no good for our democracy’
Government agencies should also conduct their own due diligence checks on messaging apps they allow their workers to use, including on how the app collects and handles personal information, Tydd recommended in her report.
“A common function of these apps is the ability to send messages that disappear,” she said.
“How are agencies preserving those records and ensuring they can be searched and retrieved in response to an FOI request?”
Only two of the seven agencies with existing policies prohibited the use of disappearing messages, which the OAIC said could mean some agencies were failing to comply with Australia’s Archives Act and FOI Act.
None of those seven agencies required staff to create official accounts using their work phone numbers on messaging apps, which meant some were potentially using personal accounts for government business.
Independent senator David Pocock raised concerns over the report, writing on social media, "People want more integrity in politics. That means more accountability and transparency in how decisions get made.
“Hiding behind disappearing message to dodge legitimate freedom of information requests is no good for our democracy.”
The OAIC has handed its report to the Attorney-General, and said it would revisit the topic again in two years’ time “to understand how the use of messaging apps for government business has evolved”.
The Attorney-General's Department told Information Age it welcomed the report and would “carefully consider” its recommendations.
“While all Commonwealth agencies already have obligations under Australian archival law, privacy law, and freedom of information law, the report provides an opportunity to consider the recommendations and ensure policies are up to date,” a spokesperson said.
Concern over reported use of China’s WeChat
The release of the OAIC’s review into messaging apps comes after 7 News reported senior Australian government officials based in China were using Chinese app WeChat for both work and personal messages, including with their families.
The report raised concerns over the Chinese government’s access to WeChat data, given the app is owned by Chinese firm Tencent and subject to China’s National Security Law.
Greens senator David Shoebridge, the party’s spokesperson for home affairs, reportedly told 7 News, “There isn’t a back door for the Chinese government on WeChat; there’s a fully engineered front door that gives it guaranteed access to everything shared on it.”
The federal government has previously banned Chinese AI platform DeepSeek and Chinese social media app TikTok from government devices over national security concerns.
