Save this webpage as PDF
Court: High Court of Australia
Legislation considered: Migration Act 1958 (Cth) 
Links:  Judgment | Submissions and transcript
Download:  Casenote: Minister for Immigration and Border Protection v SZSSJ; Minister for Immigration and Border Protection v SZTZI [2016] HCA 29 (PDF)




This case note provides an overview of the key facts and findings of the High Court of Australia in Minister for Immigration and Border Protection v SZSSJ; Minister for Immigration and Border Protection v SZTZI [2016] HCA 29.  


The Data Breach 

On 10 February  2014, the Department of Immigration and Border Protection (‘the Department’) published statistics on its website which included embedded information disclosing the identities of 9,258 applicants for protection visas who were then held in immigration detention. The disclosed personal information was protected from unauthorised access and disclosure under Pt 4A of the Migration Act 1958 (Cth). It remained on the website for two weeks, and was accessed 123 times in this period ([3]-[5]). This incident came to be known as ‘the Data Breach’.

The Data Breach resulted in a risk that people would become aware of the identities of applicants for protection visas in Australia, particularly people residing in the countries of origin from which the visa applicants feared persecution or other harm ([7]). In response to the Data Breach, the Department commissioned an independent report from external consultants, KPMG, an abridged version of which was provided to affected individuals ([5]). 

International Treaties Obligations Assessments 

In addressing the Data Breach, the Department in March 2014 sent a standard form letter to each of the affected persons, advising them of the breach and expressing regret. The Department sent a follow up letter in June 2014, and then proceeded to complete International Treaties Obligations Assessments (ITOAs) to ‘assess the effect of the Data Breach with respect to affected applicants’, and in particular ‘Australia's non-refoulement obligations under the Refugees Convention, the Torture Convention and the International Covenant on Civil and Political Rights’ ([9]). In assessing this, officers were instructed to assume that the information of an applicant had indeed been accessed by authorities in the country from which the applicant feared harm ([8]-[10]).

Should an ITOA find that the non-refoulement obligation had been breached, the applicant’s case could be referred to the Minister for assessment. Under ss 195A and 417 of the Migration Act, the Minister has power to grant a visa if it is in the public interest to do so. Under s 48B, the Minister has the power to remove a statutory bar to making a visa application if it is in the public interest to do so. Exercise of powers under these sections is non-compellable, that is, that the decision whether to apply and consider them is entirely at ministerial discretion.

The respondents 

The information of both respondents was disclosed in the Data Breach. Following this, the Minister chose not to consider whether to exercise the non-compellable duties to grant visas under s195A, 417, or to remove a statutory bar to making a visa application, under s48B.

The first respondent (SZSSJ) was a Bangladeshi national, whose application for a protection visa had been denied, and whose rights to merits and judicial review had been exhausted. The respondent had been in immigration detention awaiting removal under s 198 for several years. After the Data Breach, SZSSJ had requested the KPMG report, and expressed concerns that he might be subject to forced removal during the ITOA process [17 – 22] The Department had informed SZSSJ about the ITOA, and asserted that he was unlikely to face adverse attention upon his return. SZSSJ commenced proceedings in the Federal Circuit Court claiming declaratory and injunctive relief, and alleging a denial of procedural fairness. The ITOA process had not been completed at this time, and the court held that procedural fairness had not been denied, and that SZSSJ did not face a realistic threat of sudden removal. The proceedings were dismissed ([23]).

The second respondent (SZTZI) was a Chinese national, who had been in immigration detention since 2013, following the expiry of a visitor visa. Following correspondence with the Department after the Data Breach, SZTZI was invited to provide further information of relevance to the ITOA. SZTZI requested the disclosure of ‘all relevant information’ related to the Data Breach, but this was denied ([26]). In subsequent correspondence, the officer completing the ITOA suggested that an inference could be drawn that SZTZI would not be exposed to serious harm upon returning to China, despite the Data Breach. SZTZI disputed this. When completing the ITOA assessment, the officer concluded that non-refoulement obligations were not engaged. SZTZI commenced proceedings in the Federal Circuit Court seeking declaratory and injunctive relief against the Minister and the officer who had conducted the ITOA, alleging contravention of procedural fairness. The Federal Circuit Court held that procedural fairness had not been owed or denied in the ITOA process, and found that it lacked jurisdiction in any case ([33]).

Both parties appealed to the Full Court of the Federal Court.

Proceedings in the Full Court of the Federal Court 

The Full Court of the Federal Court identified three core issues. First, it asserted that the jurisdiction of the Federal Circuit Court was not excluded by s 476(d) of the Act. Secondly, it held that the ITOA process was a statutory process which required procedural fairness. Thirdly, it was concluded that procedural fairness had not been afforded to SZSSJ and SZTZI in the ITOA process ([32]). This third point was justified on two accounts: that the process had not been adequately explained, and that the Department had refused to provide an unabridged version of the KPMG report, and that more information should have been provided ([35]-[36]). The Department appealed the judgment to the High Court.  


The High Court considered three core issues:

  1. Whether the Federal Circuit Court had jurisdiction to entertain the proceedings;
  2. Whether the applicants were owed procedural fairness in the ITOA process; and
  3. Whether the applicants had been denied procedural fairness. 

In a unanimous judgement (French CJ, Kiefel, Bell, Gageler, Keane, Nettle and Gordon JJ) the High Court held that: 

  1. The Federal Circuit Court had jurisdiction to entertain the proceedings;
  2. The applicants were owed procedural fairness in the ITOA process; and
  3. The applicants were not denied procedural fairness.

Jurisdiction of the FCCA

The High Court held that under s476(d), the Federal Circuit Court was not prevented from hearing matters where the relief sought included a writ of mandamus or prohibition, or an injunction against an officer of the Commonwealth, on the grounds of procedural unfairness. 

The High Court held that the Federal Circuit Court was unable to assess ‘a challenge to a decision made by the Minister personally not to exercise a non-compellable power’, which can only be heard by the High Court, under s75(v) of the Constitution. However, ITOAs were deemed to be preparatory acts contributing to a Ministerial decision, not Ministerial decisions themselves under s 474(7). The Federal Circuit Court thus did have jurisdiction to hear and determine the matters in which the respondents sought relief, based on the proposition that the ITOA was conducted in a procedurally unfair manner ([73]). 

Whether procedural fairness was required

The High Court characterised the ITOA as a statutory process undertaken by an officer of the Department. It confirmed that procedural fairness was required in undertaking that process, based on the common law principle that a statue conferring a power the exercise of which can affect the interest of an individual carries an implied condition that the power be exercised in a manner that affords procedural fairness to that individual. The presumption operates unless clearly displaced by statute ([75]).

As the ITOA was a decision, made by an officer of the Commonwealth, which could prolong the detention of the respondents, procedural fairness was required. 

Whether procedural fairness had been afforded

The High Court found that procedural fairness had been afforded. First, it held that courts reviewing decisions in regards to jurisdictional error have ‘no jurisdiction simply to cure administrative injustice or error’, and can only assert and apply the law governing the exercise of administrative power ([81]).

Secondly, the High Court held that procedural fairness requires a procedure which is reasonable in the circumstances to grant a person the chance to put forward his or her case. It held that ordinarily there is no requirement that an individual be notified of information available to a repository which they have chosen not to take into account when making a decision ([82]). 

The High Court expressed that while the circumstances of the Data Breach were ‘extraordinary’ and ‘regrettable’, the fact that it was caused by the Department did not mean that the officer tasked with the assessment did not bring an impartial and unprejudiced mind to the assessment ([84]). The High Court held that the respondents had been put on notice of the nature and purpose of the assessment and the materials relevant to the procedure. The gaps in knowledge about who may have accessed the data, and the failure to provide the full KPMG report, did not constitute a denial of procedural unfairness, and both the respondents had the opportunity to be heard ([90]-[92]). 

Author: Caley Bawden

The Kaldor Centre plays a vital role in developing legal, sustainable and humane solutions for displaced people around the world.