In a tense and confusing exchange, one of the department’s assistant secretaries, Daniel Fortune, said foreign-born and foreign-resident directors could be considered an «issue identified with foreign engagement», but foreign citizens could be on the staff at a security-vetting company if they were not involved in the vetting process.
The vetting process ensures public servants’ pasts can be verified and they aren’t vulnerable to blackmail or coercion.
Sensitive personal information of Australia’s most senior public servants, including sexual behaviour, financial, medical, drug and alcohol issues, is being whizzed around by Toll couriers to private contractors.
Highly sensitive personal information is required to be revealed and verified in the clearance process, including sexual history, financial history and drug use, and Mr Hill is concerned information could fall into the wrong hands, through lax oversight or poor cybersecurity and document-handling practices. He has called for the process to be brought back under government control.
«Quite simply, top-secret security-clearance checks should be a core function of government, not given to mysterious private contractors,» Mr Hill said.
«Sensitive personal information of Australia’s most senior public servants, including sexual behaviour, financial, medical, drug and alcohol issues, is being whizzed around by Toll couriers to private contractors.»
While the vetting companies aren’t allowed to retain hard copies of documents about officials, lists of people interviewed in relation to clearances can be kept on private IT systems for 90 days after a check has been completed. Mr Fortune said the companies kept only «disaggregated information».
By the end of Tuesday’s hearing, the public accounts and audit committee’s chairman, Liberal senator Dean Smith, joined Mr Hill and Labor MP Gai Brodtmann in expressing frustration at the answers given to their questions.
Mr Hill is incensed by Defence, after it took three months to answer questions taken on notice.
«For six months, the government has failed to explain why private contractors retain information in their firms including lists of people spoken to during security clearances,» he said.
«For six months, the government has failed to explain how contractors comply with minimum cybersecurity standards. Things would be much safer if the most sensitive checks were conducted by Department of Defence officials not mysterious private contractors.»
The Australian Government Security Vetting Agency is in the middle of reforming its panel of contractors for security vetting, removing the option for companies to only work on clearances at lower levels, and requiring companies to be available to work across the whole country.
Sally Whyte is a reporter for The Canberra Times covering the public service.