Legal Insights

To share or not to share, DAT is the question: Key takeaways from the DAT Act Review

• 05 March 2026 • 5 min read

Introduction 

On 3 March 2026, the Australian Government tabled in Parliament the final report into the Statutory Review (Review) of the Data Availability and Transparency Act 2022 (Cth) (DAT Act). 

The Review considered the effectiveness of the DAT Act and has made recommendations for its improvement. 

In this article, we discuss the key takeaways from the Review, to assist Australian Government agencies to understand the recommendations and potential future changes to the DAT Act. 

What is the DAT Act?

The DAT Act was legislated as a response to the 2017 Productivity Commission Inquiry into Data Availability and Use

The DAT Act was designed to: 

  • promote better availability and transparency of public sector data;
  • allow for better sharing of public sector data consistent with the Privacy Act 1988 (Cth) and security requirements; and
  • establish institutional arrangements for sharing public sector data. 

To that end, the DAT Act has established a data sharing scheme under which:

  • Commonwealth bodies are authorised to share their public sector data with entities that have been accredited by the National Data Commissioner (Commissioner) (Accredited Users), or with an Accredited User through an intermediary accredited for that purpose (described as an accredited data service provider (ADSP) in the DAT Act); and
  • Accredited Users and ADSPs are authorised to collect and use the public sector data. 

However, public sector data can only be shared under the DAT Act for the following purposes: 

  • delivering government services (at Commonwealth, State, or Territory level);
  • informing government policy and programs; and
  • research and development. 

Without legislative intervention, the DAT Act is scheduled to ‘sunset’ (end) on 1 April 2027.

Key takeaways from the Review 

The Review states:

‘the DAT Act has not been effective in achieving its objectives. This is due, in a large part, to it being a complex and prescriptive framework that is voluntary for Commonwealth data custodians. Further, disincentives for custodians to use the DAT Act or share more data are likely to persist so long as they have unlimited discretion to refuse requests’   

The Review also notes that although there are some instances where the DAT Act has been used to facilitate data sharing (primarily for the National Disability Data Asset or ‘NDDA’), broad and timely data sharing of public data under the DAT Act has been limited by an aversion to risk, resource constraints, inconsistent approaches, inflexible prescriptive requirements, limited visibility of data holdings and a lack of centralised or standardised data sharing pathways. 

The Review includes recommendations, particularly including that the Australian Government should:  

  1. not allow the sunsetting of the DAT Act, subject to it being amended in accordance with the recommendations in the Review;
  2. amend the DAT Act to take a principles-based approach to data sharing, rather than the overly prescriptive approach currently taken;
  3. alter the default posture to be in favour of data sharing, with data custodians only able to refuse sharing requests in limited circumstances (subject to review and oversight); and
  4. embed Indigenous data governance frameworks into decision-making processes and expand the participation in the DAT Act so that First Nations peoples are better heard, recognised and empowered to contribute to positive outcomes for Indigenous communities

Next steps for Australian Government agencies 

The Review found that the DAT Act is not fit for purpose. It is now incumbent on the Australian Government to consider the Review’s findings and recommendations and consider making amendments to the DAT Act.  It seems likely that the first step may be to extend the imminent sunsetting provisions, while further consideration is given to how best to implement the recommendations of the Review. 

We suggest that Australian Government agencies should:

  • review their publicly available information about the DAT Act, to ensure it remains appropriate in light of the Review; 
     
  • given the indications in the Review that a default position favouring data sharing should be adopted, with an entity only able to refuse a data sharing project in limited circumstances, consider if there have particular data holdings that may require particular legislative treatment as part of future reforms; 
     
  • consider progressing any data sharing project proposals currently under consideration, to avoid any unnecessary complications following the passage of any reforms; and 
     
  • review their data holdings and ensure that they have been properly mapped so that the agency can understand what data it holds, the purposes for which that data was collected, the purposes for which it can be used, and the potential purposes for which it may be disclosed. 

Please reach out to the Privacy, Data and Information Law team at Maddocks if any assistance is required in relation to these matters.

Katherine Armytage

Katherine has a highly regarded and dynamic practice in information law, with a particular focus on privacy and data protection.

View profile

Indi Prickett

Indi provides high‑quality privacy, FOI, probity and procurement advice to Australian Government clients, including PIAs for complex ICT systems and Privacy Act guidance.

View profile

Recent articles

Online Access