1.1 DataVic Access Policy

Making datasets freely available to the public is the State’s default position and where possible agencies must make datasets available with minimum restrictions, including the proactive removal of cost barriers.

1.2 DataVic Access Policy background

The DataVic Access Policy (the Policy) provides direction on licensing, pricing and management of Victorian government data so that it can be used and reused by the community and businesses.

The Victorian government holds, creates and collects a vast amount of data, ranging from demographic and economic to geospatial data. These datasets have the potential to drive innovation, reveal new research findings, create new business opportunities, and enable new services.

Around the world, governments are unlocking the value of its data by releasing it for public reuse. Governments have realised that many services can be developed externally. Rather than engaging directly in smart phone, web or other software developments, governments are releasing raw data and allowing the market to develop new and innovative products and services. In other jurisdictions, the market has delivered these products and services quickly and at no cost to government.

This Policy provides greater public access to Victorian government generated or owned data through the publication of datasets on the Victorian government Data Directory website, www.data.vic.gov.au (Data Directory).

1.3 Benefits of the Policy

Benefits of the Policy include

• stimulating economic activity and driving innovation and new services to the community and business
• increasing productivity and improving personal and business decision making based on improved access to data
• improving research outcomes by enabling access to primary data to researchers in a range of disciplines
• improving the efficiency and effectiveness of government by encouraging better management practices and use of the data

1.4 Ministerial responsibility for the Policy

The Minister for Finance is the Minister responsible for administering the Policy through the Department of Treasury and Finance (DTF).

1.5 Policy intent

The intent of the Policy is to:

• enable public access to government data to support research and education
• promote innovation
• support improvements in productivity and stimulate growth in the Victorian economy
• enhance sharing of, and access to, information rich resources to support evidence based decision making in the public sector

1.6 Policy Principles

The Principles underpinning the Policy are:

1.7 What agencies are covered by the Policy

Departments and agencies must take a number of steps to ensure that its data is made available and to comply with the DataVic Access Policy. The main steps are:

Further detail can be found on each topic in the relevant chapters.

---

7. data.vic.gov.au/datavic-access-policy-dataset-publishing-manual

This chapter contains the following key action.

1. The Government’s default position is that departments and public bodies datasets must be made available to the public.

3.1 Definition of datasets

The Policy has adopted a broad definition of ‘data’. The definition for data refers to datasets and databases owned and held by Victorian departments and public bodies and stored in formats including hardcopy, electronic (digital), audio, video, image, graphical, cartographic, physical sample, textual, geospatial or numerical form.

The Policy mandates that datasets must be made available in machine readable, reusable and open formats. The Policy also applies to data made available in the form of an Application Programming Interface (API), web service or data tool (as long as the tool has a machine readable output).

The definition of datasets is intentionally broad to ensure all agencies consider a broad range of datasets to be made available.

Agencies are encouraged to review existing and new datasets and determine whether it is appropriate that they be made available.

3.2 What must be made available under the Policy

The Government’s default position is that public sector datasets must be made available to the public, unless access is restricted for reasons of privacy, public safety, security and law enforcement, public health, and compliance with the law.

Agencies will be required to implement the Policy in all business areas that generate, create, collect, process, preserve, maintain, disseminate, or fund datasets. It is expected that making datasets available will be an ongoing (often scheduled) process and form a core part of departmental business activity.

Datasets that should be routinely published on the Data Directory include:

• datasets that are considered to be high value (see 0 below)
• datasets published in documents or reports that could be made more reusable (e.g. figures currently included in PDF reports, annual reports or reports already being provided to the Commonwealth)
• datasets which are already in machine readable format
• existing data catalogues (for example, Spatial Datamart)
• datasets currently made available on agency websites

3.2.1 High value datasets

A high value dataset is defined as a dataset that is likely to be of interest to the Victorian community, and/or a dataset that has potential for valuable reuse. A dataset should be considered ‘high value’ if it:

• is central to the department/agency functions e.g. DTF and budget data
• has been requested via ‘suggest a dataset’ (see (a)(i) 3.2.2 below)
• has previously/regularly been provided under the Freedom of Information Act 1982 ⁸
• supports a major reporting process of government, for example, annual report data
• planning data
• spatial data
• transport data
• administrative data
• financial data

Other types of data may also be high value. Agencies should consider which of its datasets are high value. Datasets that are not high value must still be released under the Policy, but agencies should prioritise high value datasets.

3.2.2 Dataset suggestions

The Data Directory includes a function called ‘suggest a dataset’⁹ that allows the community to make suggestions for datasets to be made available under the Policy. Once a suggestion has been received on the data directory, it will be forwarded to the relevant agency. It is the responsibility of the agency’s dataset custodian (see Section (a)(i) 10 Accountability for datasets) to respond to the request within four weeks and if appropriate provide the relevant dataset in a timely manner.

Suggestions received on the Data Directory will be recorded in a central register on the website that will be displayed to the public. The agency custodian will be responsible for updating the register to record outcomes of suggestions relevant to their agency.

It is recommended that agencies report suggestions for datasets received, and the outcome of these suggestions, in its annual report. Agencies are also encouraged to provide a link from its agency website to the ‘suggest a dataset’ function on the data directory.

Further detail on the ‘suggest a dataset’ process including responsibilities, expectations and timeframes of responses is available on the DTF website.¹⁰

3.2.3 Establishing a process to make datasets available following freedom of information requests

Datasets made available under a freedom of information request must be considered for release under the Policy. The release of data via the Data Directory is consistent with the intent and language of the Freedom of Information Act 1982. Datasets will still need to be assessed as supporting the Policy intent and not breaching any restrictions. The time requirements stipulated under the Freedom of Information Act 1982 do not apply to the Policy.

3.3 Collections of line agency data

Departments are encouraged to support its portfolio agencies in releasing data under the policy by collating data in meaningful collections, for example, Department of Health and Human Services making data available that it collects and compiles from hospitals.

3.4 Research data

The default obligation under the Policy is for agencies to make research datasets available. The advantages of sharing research data include that it:

• encourages scientific enquiry and promotes innovation
• leads to new collaborations between data users and data creators
• maximises transparency and accountability
• reduces the cost of duplicating data collection

Allowing access to the data which underpins research significantly increases the potential benefits of the research. For example, it allows other researchers to test the findings in a research paper, or to take the research in a different direction.

Accordingly, where an agency owns or licences the data that underpins a research paper, the data should be released under the Policy if it meets the criteria for open data release.

Further, where an agency funds research which is likely to be underpinned by data, it should consider including appropriate terms in the funding or grant agreement to:

• allow the agency to release the data (see Chapter 6 Licensing datasets for more detail)
• require or recommend that the researcher provide access to the data in a form that is compliant with the policy

3.5 Creating an information asset register

Victorian Government Information Management Standards require agencies to create and maintain an information asset register. Using its registers agencies will be able to identify and manage datasets which can be made available to the public.¹¹

3.6 Open data plan

Agencies are encouraged to develop and publish an open data plan. An open data plan describes the process for the release of an agency’s data. The strategy should include:

• a description of the agency and the types of data the agency manages on behalf of the State
• the agencies legislative and administrative framework
• a statement of compliance with the Policy
• the agencies governance and accountability framework
• a list of short and long term goals
• a plan for what data will be released and when
• a discussion on what data will not be released and why
• a list of all data already released

The supporting data to enable developing an open data strategy should be available in the agencies Information Asset Register (see section 3.5 for more information).

Publishing the agencies open data strategy should be done on the Data Directory.

---

8. www.legislation.vic.gov.au/in-force/acts/freedom-information-act-1982/107

9. data.vic.gov.au/contact-us

10. data.vic.gov.au/contact-us

11. Guidance on information management, including asset management, can be found at: www.vic.gov.au/information-management-policies-and-standards

This chapter contains the following key action:

1. Datasets must be made available unless access is restricted for reasons of privacy, public safety, security, law enforcement, public health and compliance with the law.

The Policy stipulates that datasets will be made available unless access is restricted for reasons of privacy, public safety, security, law enforcement, public health and compliance with the law. These and additional restrictions are detailed below.

Datasets must not be made available if one of the following restrictions applies and a solution for removing the restriction cannot be found.

• Section 4.1 - the dataset contains personally identifiable information and therefore does not support the Policy intent
• Section 4.2 - making the dataset available may have an adverse impact upon public safety
• Section 4.3 - the dataset attracts security restrictions
• Section 4.4 - the dataset contains information, the release of which is prohibited by court orders, legal proceedings or legal privilege, including legal advice
• Section 4.5 - making the dataset available may have an adverse impact upon public health
• Section 4.6 - the dataset contains third party copyright and the State does not have permission from the copyright owner to make the data available¹²
• Section 4.7 - the dataset is subject to a contract/agreement that does not allow it to be made available
• Section 4.8 - making the dataset available is in breach of statutory or legislative requirements including the Privacy and Data Protection Act 2014 or Health Records Act 2001 ¹³
• Section 4.9 - the dataset contains confidential information

Each of these restrictions are discussed below.

4.1 Personal information

The default obligation under the Policy is for agencies to make de-identified datasets available where possible. If a dataset contains personal information (refer to the definition of ‘personal information’ in the Privacy and Data Protection Act 2014) and cannot be de-identified, it is not suitable for release under the Policy. Further information on de-identification can be found in section 0 below.

An example of a dataset containing personal information is unit record information about births, deaths or marriages. While aggregate datasets on this information, for example a dataset to measure the number of births in the State over a 12 month period may be appropriate for release under the Policy, individual birth data records including personal information and are not appropriate for release.

4.2 Public safety

Datasets must not be made available under the Policy that contain information that adversely affects public safety unless it can be cleansed and the risks mitigated.

4.3 Security classification

If data has been classified with a security classification and cannot be cleansed to allow the removal of the classification then it is unsuitable for release under the Policy. Refer to the Victorian Protective Data Security Framework and Victorian Protective Data Security Standards for further guidance.

The Victorian Government Information Security Management Policy also requires agencies to assess the business impact of information release and classify information accordingly. For further information on dataset (information) classification, agencies should contact its Chief Information Officer or Information Security Adviser, and refer to:

• Agency Information Security policies and standards that are specific to the agency’s risk appetite and relevant legislation
• The Commissioner for Privacy and Data Protection website¹⁴
• State of Victoria, Information Security Management Policy¹⁵, Standards and Associated Guidelines, 2012
• Australian Government, Protective Security Policy Framework, 2012¹⁶
• Australian Government, Information security management guidelines – Australian Government security classification system, Version 2.1 - Commonwealth of Australia, 2014¹⁷

4.4 Legal documents

Datasets containing information subject to court orders, legal proceedings or legal privilege including legal advice, must not be made available under the Policy unless it can be de-identified or appropriate approvals obtained.

4.5 Public health

Datasets under the Policy that contain information that may adversely affect public health must not be made available unless it can be cleansed and the risks mitigated.

4.6 Third party copyright

Agencies must not make datasets available which contain third party copyright materials where the State does not have permission from the copyright owner. This includes circumstances where an agency co produces a dataset with another non Victorian state government agency at either the local, state or federal level.

Under the Copyright Act 1968, the owner of copyright has exclusive rights to reproduce, publish and communicate the work, and to license others to do so. The State generally holds copyright in works created by its employees, but not in any third party material that is incorporated into those works unless otherwise specified under contract.

Where a dataset has been developed by a third party under a contract or agreement, copyright ownership may be dealt with specifically and should be checked.

For further information on intellectual property and copyright, agencies may refer to the Whole of Victorian Government Intellectual Property Policy Intent and Principles and supporting Guidelines¹⁸ or seek professional legal advice.

Where appropriate an agency should secure appropriate permission to release third party copyright material particularly when negotiating a new contract.

4.7 Contracts and agreements

Agencies must consider the Policy when entering into contracts. Where possible agencies should secure appropriate permission to release data when new contracts are being developed by including a clause in contracts to facilitate making datasets available to the public. The Victorian Government Purchasing Board (VGPB) has developed standard contracts to support the release of open data.¹⁹

For more information on how to deal with copyright when establishing new contracts and agreements see Section (a)(i)8 Developing and procuring datasets and the Victorian Government Intellectual Property Policy Intent and Principles and supporting Guidelines.

Agencies may have already entered into contracts or agreements with third parties that specifically determine whether datasets can be made available and who owns copyright on material created under the arrangement. These contracts or agreements must be checked before releasing datasets and, where appropriate, agencies should negotiate with the contractor to have the data made available. This is best done when a contract is up for renegotiation.

4.8 Legislation

Agencies operate under various legislative provisions that specify conditions for restricting access or release of datasets. The Policy does not override existing legislation.

Legislation includes the following but is not limited to:

• Public Records Act 1973 ²¹
• Privacy and Data Protection Act 2014 ²²
• Health Records Act 2001 ²³

Agencies may be subject to other legislation particular to its business that specifies conditions for restricted access and/or release of its datasets.

Additional legislation relevant to information management compliance can be found in Appendix 3: Related legislation.

4.9 Confidential information

Datasets containing confidential information must not be made available under the Policy. Confidential information may include, but is not limited to:

• Cabinet in confidence information
• commercial in confidence information
• information protected by the Protected Disclosure Act 2012 ²⁴

---

12. Further guidance on agency ownership of copyright is provided in the whole of Victorian Government Intellectual Property Policy and Guidelines found at www.dtf.vic.gov.au/funds-programs-and-policies/intellectual-property-policy

13. Guidance in the Health Records Act 2001 can be found at www2.health.vic.gov.au/about/legislation/health-records-act

14. ovic.vic.gov.au

15. www.vic.gov.au/modernising-governments-approach-ict

16. www.protectivesecurity.gov.au

17. www.protectivesecurity.gov.au/information/sensitive-classified-information/Pages/default.aspx

18. www.dtf.vic.gov.au/funds-programs-and-policies/intellectual-property-policy

19. www.procurement.vic.gov.au/Buyers/Market-Approach-Templates/Contracts

20. www.dtf.vic.gov.au/funds-programs-and-policies/intellectual-property-policy

21. www.legislation.vic.gov.au/in-force/acts/public-records-act-1973/041

22. www.legislation.vic.gov.au/in-force/acts/privacy-and-data-protection-act-2014/025

23. www.legislation.vic.gov.au/in-force/acts/health-records-act-2001/045

24. www.legislation.vic.gov.au/as-made/acts/protected-disclosure-act-2012

This chapter contains the following key actions:

1. Datasets must be released in a machine readable, reusable and open format.
2. Personal, health and/or confidential information must be de-identified and aggregated.

5.1 Selecting a format

Datasets must be made available via the web in a machine readable open format.

Machine readable refers to a medium that stores data in a format that is readable by an electronic device and is therefore more usable, able to be manipulated and complies with accessibility standards. A machine readable file has a structure which allows easy interrogation of the contents. Machine readable open data can be used with spreadsheet software, statistics software, and custom written code. By releasing raw datasets in open standard formats, more people will be able to use and reuse them without having to invest in special software.

Extracting data from unstructured documents (for example, PDF’s) is enormously time consuming and can be the most laborious part of a data driven research project, and it can also lead to unnecessary errors.

A dataset may also be made available in its original format (for example, PDF) where that format makes the dataset easier to understand or reuse. It is often useful to have a well formatted document to cross reference and sense check the machine readable data. The original document should be referenced within the metadata description of the machine readable file. The original document can also be referenced in the description of the dataset on the data directory.

5.1.1 Open standard formats

An open format is a specification for storing and manipulating content that any developer may use, that is usually maintained by a standards organisation, and is not locked into a propitiatory product.

The preferred open formats for datasets to be made available are:

• CSV (comma separated values) for simple spreadsheets and simple databases.
• (Note: CSV files can be previewed within the Data Directory without the need to download the file, allowing end users to decide it the file is suitable for its purposes)
• XML (extensible markup language) – a general purpose markup language for complex datasets, standardised by the main international standards organisation for the World Wide Web.
• XBRL (extensible business reporting language) - XBRL is a freely available global standard, standards based way to communicate and exchange business information between business systems.

Note: Excel and most databases allow users to export files to CSV or XML.

Open standards for spatial data are maintained by the Open Geospatial Consortium and include:

• KML (formerly Keyhole Markup Language) an XML language focused on geographic visualisation, including annotation of maps and images
• WMS (Web Map Service) a protocol that allows georeferenced map images to be served over the web
• WFS (Web Feature Service) allows requests for geographical features to be drawn across the web
• WCS (Web Coverage Service Interface Standard) provides access to coverage data in forms that are useful for client side rendering, as input into scientific models, and for other clients
• ESRI Shapefile – geospatial vector data format for geographic information systems software

5.1.2 Proprietary formats

A proprietary format is typically a file format that is restricted for use by a company or organisation. The restrictions can include the control of the specification of the encoding format or licences that only the company or licensees may use. Proprietary formats are usually discouraged for release and every effort should be made to release data in an open format. If however the main users require specific proprietary formats then they will be need to be considered for release.

The following formats have already been considered and deemed acceptable for release via the Policy due to the common usage of the format. An open format should always be considered as well for release.

• XLS and XLSX (Excel Workbook) Main spreadsheet format which holds data in worksheets, charts, and macros
• GTFS (General Transit Feed Specification) defines a common format for public transportation schedules and associated geographic information

5.1.3 Application Programming Interface

An API is a set of procedures, protocols, and tools that are used in developing software applications. An API makes it easier to for the programmer to develop software by providing all the building blocks necessary to connect and interrogate the dataset. For developers who build upon web services it is easier to take advantage of external services and data as an API to enhance its offering.

APIs are particularly suitable for real time or regularly updated information.

5.2 De-identifying and aggregating data

De-identified datasets are datasets where any information linking the data to an individual or business are deleted or modified to remove the capacity for identification.

The Public Records Office Victoria (PROV) provides guidance on personal and private records, as named in section 9 of the Public Records Act 1973. The relevant PROV fact sheet notes that information described as personal or private records ‘covers such material as personnel records, medical records, police and prison records and case records concerning students, welfare recipients, children in government care or compensation claimants’. ²⁵

To ensure that datasets containing personal²⁶, health²⁷ and/or confidential information are correctly and consistently de-identified and or aggregated in order to be made available under the Policy, a formal procedure must be documented and adhered to by agencies.

For simple datasets, the documented procedure could be in the form of a checklist to be completed when each dataset is made available.

This procedure must not be shared or released with the datasets to third parties as knowledge of the procedure could potentially allow re identification.

An example of identified and de-identified datasets can be seen below. The difference between Table 3 and Table 4 is the removal of specific age and location detail.

Note: The method used to de‑identify the table above is not applicable to all circumstances. It is used as an illustration only.

5.2.1 How do I de-identify a dataset?

For detailed information on de-identification, agencies can refer to a number of expert sources including Australian Bureau of Statistics (ABS), National ICT Australia (NICTA) and the Commonwealth Scientific and Industrial Research Organisation (CSIRO).

ABS provides guidance on confidentialised unit record files (CURFs).²⁸ CURFs are confidentialised by removing name and address information, by controlling and limiting the amount of detail available, and by very slightly modifying or deleting data where it is likely to enable identification of individuals or businesses.

The ABS and Australian Government has a number of factsheets to support de-identification, in particular from the National Statistical Service. These include:

• National Statistical Service – How to confidentialise data: the basic principles.²⁹
• National Statistical Service – 11. Confidentiality and Privacy.³⁰
• Frequently Asked Questions – About CURFs – How is CURF data confidentialised?³¹

5.2.2 How do I avoid the re identification of data?

As well as de-identifying information, effort should be made to ensure the risk of potential re identification is low. This will include:

• dealing with small cell sizes and points at which data is aggregated
• ensuring that the information made available can’t be linked to other publically available data which could then increase the risk of potential re identification

5.3 Preparing a data quality statement

When choosing to use a dataset, users need to assess if it is fit for purpose. A key factor in this decision is often the quality of the data. A data quality statement is an effective mechanism for communicating information about how data can be used, and can act as a qualifier or disclaimer for a dataset.

Data quality statements are an important risk management tool against datasets being misrepresented or misused, therefore the Policy recommends that one is created

A data quality statement can also be used to define key terms and identify any data standards which have been used.

5.3.1 How do I create a data quality statement?

It is recommended that the ABS, through its National Statistical Service (NSS) online data quality tool be used by agencies to create a data quality statement.

The data quality statement tool can be located on the ABS website.

The tool outlines the seven dimensions that demonstrate fitness for purpose and provides users with a step by step guide to assessing the quality of their data. Additional information on these dimensions can be found at 1520.0 – ABS Data Quality Framework, May 2009.³²

A template data quality statement produced by this tool is included at Appendix 2: Data quality statement.

It is important to note that other data quality statement processes are available for public sector use. Holders of spatial datasets may wish to use the ISO Standards approach to data quality statements, outlined in the Victorian Spatial Council’s Spatial Information Data Quality Guidelines³³. This document provides general principles for data quality, rather than a tool for agencies to apply to datasets. The Department of Environment, Land, Water and Planning has expertise in data quality for spatial datasets and can be contacted for information on this.

---

25. Public Records Office Victoria Fact Sheet Closure of Public Records under Section 9 of the Public Records Act 1973 prov.vic.gov.au/wp-content/uploads/2011/11/1110fs1.pdf

26. Personal information as defined by the Privacy and Data Protection Act 2014.

27. Health information as defined by the Victorian Health Records Act 2001.

28. www.abs.gov.au/

29. www.abs.gov.au/

30. www.abs.gov.au/

31. www.abs.gov.au/

32. www.abs.gov.au/

33. www2.delwp.vic.gov.au/

This chapter contains the following key action:

1. Creative Commons Attribution (CC BY) is the default licence for datasets released under the DataVic Access Policy.

6.1 Licensing datasets under the Policy

When datasets are made available, they need to be done so under licence, to the extent they are protected by copyright (see (a)(i) 6.2 below). Public sector datasets should be released under terms allowing flexible public re use without further permission. Applying Creative Commons (CC) licensing is the recommended way to achieve this. The default licence is CC BY 4.0 as it is the least restrictive licence for datasets released under the Policy.

Detailed information on licensing can be found in the Victorian Government Intellectual Property Policy Intent and Principles and supporting Guidelines.³⁴

6.2 Existence of copyright in a dataset

Copyright subsists in a dataset or database where the work of an author, in reducing that compilation to material form (including digital form) involves some intellectual activity that is directed not at collecting or inputting the data, but in expressing the work. Accordingly, a given dataset may or may not be subject to copyright.

As it is difficult to determine whether copyright subsists in a dataset, it is recommended that agencies apply a copyright licence. The licence should state that the data or dataset is subject to the terms of the licence to the extent that the data or dataset is protected by copyright.

Agencies may in some circumstances wish to seek specific legal advice about the State’s capacity to license particular intellectual property, including datasets.

6.3 Ownership of any copyright in datasets

Datasets and databases could include multiple copyright works, collated and or created by human labour or through the use of software programs. Datasets and databases may have a number of components that are protected by copyright including the model or schema for the database, data entry and output sheets and the data itself, to the extent to which it is, or includes, created or expressive works.

This chapter applies to State owned datasets. Where datasets are likely to include third party data made available to the agency under agreements or arrangements with third parties or terms of consent, the agency will need to consider whether these permit it to license the dataset using a non-restrictive licence.

6.4 Form of licence

The most appropriate form of licence for State owned data containing copyright material will vary depending on the type of material involved and the circumstances surrounding making the dataset available. Generally, the recommended form of licence for copyright material is a Creative Commons (CC) licence.

6.4.1 What is Creative Commons?

Creative Commons (CC) refers to international copyright licences which have been developed for use by the owners of copyright material, including governments. CC licences are designed to provide copyright owners with an efficient way to manage the rights contained in their copyright work, and to provide copyright users with simple and flexible terms for use.

A CC licence always requires that users attribute the work in the form specified by the licensor.³⁵ Attribution also requires the user to indicate if changes have been made to the work and to provide a link to the CC licence. CC also allows the copyright owner to apply one or more of three additional conditions, discussed below.

CC allows users of works to reproduce, communicate, distribute and perform those works without prior permission or payment. Some CC licences also allow users to make derivative works and to use works for a commercial purpose.

CC licences are applied by the licensor when the work is published. This process is automated via online tools. These tools include a version of the licence in ‘human readable’ form, the legal code which sets out the terms and conditions of the licence, and digital code which enables metadata to be attached to the on line version of the work.³⁶

CC licences are designed to be used ‘as is’. Each contains a non exclusive licence which is stated to be worldwide, royalty free, non exclusive and perpetual (subject to the termination provision). They do not provide for the imposition of licence fees, or licensing for a limited duration or purpose.

6.4.2 Creative Commons licences

The licence recommended for use by agencies under the Policy is CC BY 4.0.

There are 6 CC licences available. Each is identified by a combination of the symbols, an acronym and a descriptive label.

CC BY should be used with most copyright material that is made publicly accessible. However, in some limited circumstances, an alternative CC licence may be more appropriate. For example, if an agency needed to prevent any commercialisation of copyright material (which would not normally be the case under the Policy), CC BY NC may be the most appropriate licence. Agencies should carefully consider whether an alternative CC licence is appropriate, in consultation with its IP Coordinator, DTF at IPpolicy@dtf.vic.gov.au and, if required, legal advice.

The current version of CC licences is 4.0, which was released in November 2013. The original DataVic Guidelines recommended the use of the previous version 3.0, and some agencies have already released material under version 3.0. It is recommended that agencies now adopt version 4.0.

The following information in these Guidelines on CC relates to CC BY 4.0. The use of other CC licences may involve issues not addressed in the Guidelines. Legal advice should be sought before doing so.

6.4.3 How to apply a CC BY 4.0 licence to new material

Prior to making appropriate State owned copyright material available to the public, a CC BY licence should be applied as follows.

A CC BY licence may be applied to copyright material by attaching a notice to this effect to the work. Accordingly, departments and agencies are encouraged to apply CC BY licences to template documents.

In many cases, the following notice may be appropriate:

© State of Victoria ([name of agency, for example, ‘(Department of Treasury and Finance)’]) [year]

This work, [insert title of work], is licensed under a Creative Commons Attribution 4.0 licence [link to http://creativecommons.org/licenses/by/4.0/]. You are free to re use the work under that licence, on the condition that you credit the State of Victoria ([name of agency]) as author, indicate if changes were made and comply with the other licence terms.

[Optional addition to exclude aspects of the work from the CC licence:] The licence does not apply to [specify which aspects of the work the licence does not apply to, for example. ‘any branding’ or ‘any images or photographs’]

The ‘optional addition’ at the final sentence of the notice enables agencies to exclude aspects of a work from the CC licence. For example, it can be used to ensure that the State does not provide third parties with a licence to use its branding, in order to protect the State’s reputation. Images and photographs may also be appropriate to exclude because they are often owned by third parties. However, this exclusion should only be used in appropriate circumstances, and should not unduly limit the scope of the licence. Agencies are encouraged to consult with its IP Coordinator, DTF at IPpolicy@dtf.vic.gov.auand, if required, seek legal advice.

These Guidelines are licensed under CC BY 4.0. See the rear side of the cover page above for the copyright notice. DTF has also applied CC licences to its template documents and publications. More information is available at www.dtf.vic.gov.au/funds-programs-and-policies/intellectual-property-policy

It is recommended that the notice be accompanied by a symbol indicating the CC licence applied. The symbols are available on the CC website at http://creativecommons.org.au

The CC BY symbol is as follows:

For online materials, the agency should include the Digital Code provided by CC.

The CC Australia website contains useful material relating to the application of CC licences by government.³⁸

---

34. www.dtf.vic.gov.au/funds-programs-and-policies/intellectual-property-policy

35. For example, by attributing the name of the author or copyright owner.

36. This metadata, which can be added to by the licensor, allows works to be readily searched online.

37. A user of the work must attribute it as required by the licensor. For example, agencies should request that users of their copyright material attribute it to the State of Victoria. This condition also requires the user to indicate if changes have been made to the work and provide a link to the CC licence.

38. creativecommons.org.au/learn/government

This chapter contains the following key actions:

1. Metadata must be created for datasets released under the Policy.
2. All datasets made available under the Policy are to be linked to the Data Directory.
3. Agencies must make a determination about how often published datasets must be updated.

7.1 Where will data be published?

Most Victorian data is published and hosted on agency managed websites and web portals. All publically released datasets must also be linked to the Data Directory at www.data.vic.gov.au.

7.2 Publishing on the Data Directory

The Data Directory has been created to simplify discovery and access of Victorian data. All datasets made available under the Policy must be linked to the Data Directory. Data is not usually directly published on the Data Directory.

To publish a dataset, a data record, with appropriate metadata completed by the dataset custodian, is created on the Data Directory. The dataset is considered to be ‘published’ once the data record and metadata are on the Data Directory.³⁹

The data record on the Data Directory will point back to either:

• the dataset itself, such that the user can directly download the dataset from the agency website via the Data Directory without having to navigate to the agency website
• a page on the agency website that provides direct access to datasets via a data tool

Datasets are not published on the Data Directory unless there is an agreement between the Data Directory technical support and the agency to host the dataset on the Data Directory.

All activities relating to hosting and publishing are the responsibility of the dataset custodian (see section (a)(i)10 Accountability for datasets for further information on the role of dataset custodian).

A dataset publishing manual detailing the technical elements of publishing on the Data Directory is available on the DTF website.⁴⁰

7.2.1 Agency responsibility for datasets published on the Data Directory

Once the dataset is published on the Data Directory, agencies must take responsibility for managing its presence on the site. This includes dealing with user feedback and moderating content (for further information on agency roles see section (a)(i)10 Accountability for datasets).

7.2.2 Terms and conditions of use ⁴¹

Agencies should be aware of the legal compliance risks associated with hosting and publishing datasets online.

Information on legal compliance can be found in the Website Management Framework Guideline: WEB GUIDE 07 Managing Legal Risks Online.⁴² This guideline provides general advice on identifying and managing legal risks within an online environment. It includes standard terms and conditions which all agencies must use in relation to its datasets and online content.

Agencies should also be aware that when they publish datasets on the data directory, the website is governed by terms and conditions of use.

The Data Directory terms of use include guidance on:

• lawful use
• links to and from the website
• data and systems integrity
• the website code of conduct
• copyright and attribution
• copyright in user comments
• the website moderation policy and process
• disclaimers on the site, links to external websites and security
• limitations on the use of datasets

For specific terms and conditions, refer to www.data.vic.gov.au/disclaimer.

7.3 Metadata for the creation of a record on the Data Directory

Metadata provides contextual information to users of government data. It helps them find information through searches and helps them understand how the information can be used.

The following description of metadata must be provided when creating a data record. Detail on how to provide the metadata statement is found in the Policy - Dataset Publishing manual on the DTF website.⁴³ This standard is derived from the Victorian Government Guideline: Information Management Roles and Responsibilities.⁴⁴

7.4 Frequency of update

Agencies must make a determination about how often published datasets must be updated. Criteria to consider include:

• the resources required for data extract and preparation
• how much of the date has been de-identified or aggregated
• whether the dataset is an important input to other processes
• regular reporting requirements that could be aligned to making particular datasets available, for example for quarterly, end of calendar year or end of financial year reports

7.5 Legal compliance risks associated with hosting and publishing datasets

Agencies should be aware of the legal compliance risks associated with hosting and publishing datasets online. Under the Whole of Victorian Government Standard Website Management Framework⁴⁵, the minimum information requirements dictate the use of copyright and disclaimer statements.⁴⁶ Agencies are to ensure compliance with the Copyright Act 1968 (Cth), taking into account the purpose and functionality of the website. For specific terms and conditions, refer to www.data.vic.gov.au/disclaimer.⁴⁷

7.5.1 Copyright statements

Copyright statements for agency websites can take a number of forms. It should be noted that datasets downloaded through the Data Directory are subject to the terms and conditions of the Data Directory at the point of download, as well as the applicable creative commons licence. Agencies must ensure that where datasets are available for download from its own website, the terms and conditions on the agency website are identical to those of the Data Directory. More information can be found on the Data Directory at:

• www.data.vic.gov.au disclaimer

See also information on copyright and attribution at:

• www.data.vic.gov.au copyright and attribution

7.5.2 Website disclaimers

Website disclaimers are used to draw to the attention of users that the State or agency is not responsible for loss that arises from use or reliance on information or material on the website.

The State makes no statements, representations or warranties as to the accuracy or completeness of the content of a website and does not accept any liability for the information on a website.

The State also assumes no responsibility or liability for the condition or content of any third party website or for the operation or function of any service or facility offered on any third party website.

For more information on website terms of use and disclaimers see the Victorian Government‘s Intellectual Property Policy Intent and Principles and supporting Intellectual Property Guidelines.⁴⁸

---

39. When a dataset is ‘hosted’, it is placed on a website server in preparation for being made available on the world wide web. A dataset is ‘published’ when the dataset is linked to the data.vic web portal.

40. www.vic.gov.au/datavic-access-policy-dataset-publishing-manual

41. For more information refer to the whole of Victorian Government Intellectual Property Policy Intent and Principles and supporting Guidelines, available at: www.dtf.vic.gov.au/funds-programs-and-policies/intellectual-property-policy

42. www.digital.vic.gov.au/wp-content/uploads/2014/07/WEB-GUIDE-07-WMF-Mana…

43. www.vic.gov.au/datavic-access-policy-dataset-publishing-manual

44. www.vic.gov.au/information-management-policies-and-standards

45. State of Victoria, Whole of Victorian Government Standard Website Management Framework, 'Minimum Information Provision' (2011) available at www.digital.vic.gov.au/wp-content/uploads/2014/07/WEB-STD-09-WMF-Minimu…

46. Other notices such as security and privacy are also required, but these are not considered in this section

47. State of Victoria, Whole of Victorian Government Standard Website Management Framework, Legal Compliance (2010) available at: www.digital.vic.gov.au/wp-content/uploads/2014/07/WEB-STD-03-WMF-Legal-…

48. www.dtf.vic.gov.au/funds-programs-and-policies/intellectual-property-policy

This chapter contains the following key action:

1. Agencies must consider the Policy when developing and procuring datasets and databases.

8.1 Developing databases and datasets

When developing a database or dataset consideration should be given in the design phase to enabling public access to the data that is suitable for release under the Policy. There are many ways this can be achieved. It may be as simple as designing a report suitable for releasing to the public. It could also be as complex as developing a mirror image of the database on a separate server and developing an API that gives the public direct read access to a separate secure and stable instance of the dataset.

8.2 Procuring databases and datasets

The State enters into many contracts that result in the use, creation or assignment of data in some form. The data generated can be the purpose of the procurement (e.g. research), or arise incidentally. In both of these cases data IP rights and issues must be addressed.

Procurement processes and contracts must reflect the requirements of the Policy and the IP Policy for all State procurement.

When procuring databases and datasets agencies should secure appropriate permission to release the data when contracts are being developed or renegotiated. This should be done by including a clause in the contract to facilitate making datasets available to the public. The VGPB has developed standard contracts to support the release of open data.⁴⁹ The following is an extract of a clause within the VGPB standard contract:

Data
The ownership of all Data, including any Intellectual Property Rights, shall vest in the Organisation upon the time of its creation.

This is an intended departure from how other Intellectual Property is dealt with and consistent with both the DataVic and IP policies. For all other IP the Intellectual Property clause limits the states reuse of the IP and gives ownership of the IP to the supplier as noted below.

Contract Intellectual Property

(a) The ownership of any Contract Intellectual Property shall vest in the Supplier upon the time of its creation.

(b) The Supplier hereby irrevocably and unconditionally grants to the Organisation, free of additional charge, a non exclusive, worldwide perpetual, transferable licence (including the right to sublicense) to use, reproduce, adapt, modify, publish, distribute and communicate any Contract Intellectual Property only to the extent necessary to achieve the purposes of the procurement.

If an agency does not wish to maintain ownership of a dataset a contract to license the data to use, reuse and share should be negotiated.

Note: within the VGPB contracts the following terms are defined as:

• Data: any information, data, datasets or databases created by or on behalf of the supplier in the course of providing the services
• Organisation: Agency of the State of Victoria

---

49. www.procurement.vic.gov.au/Buyers/Market-Approach-Templates/Contracts

This chapter contains the following key action:

1. Datasets will not be commercialised unless an agency has a statutory function to do so, or Ministerial approval is granted.

9.1 Commercialisation background

Releasing government datasets at no or minimal cost will create more opportunities for the community to engage with data and for the private sector to reuse and add value to datasets. Making datasets freely available is the State’s default position and where possible agencies must make data available with minimum restrictions, including the removal of cost barriers.

Research and economic modelling has found that releasing public sector data at no or minimal cost maximises economic benefits.

Broadly, intellectual property including datasets must not be commercialised unless there is a clear net benefit to the community. The government is not in the business of commercialising datasets. Approval to commercialise will only be granted in exceptional circumstances.

Detailed information on commercialisation of data and IP can be found in the Whole of Victorian Government Intellectual Property Policy and supporting Guidelines.⁵⁰

9.2 When may a dataset be commercialised?

There are times when the decision will be made to commercialise government data. In these cases the decision will be based on a number of considerations.

An agency may commercialise, or apply the Cost Recovery Guidelines to, data if:

(a) it has an explicit statutory function to do so; or

(b) it has been explicitly authorised by the Minister for Finance⁵¹ to do so because of a clear net benefit to the Victorian community.

Each basis for commercialisation is discussed further below.

Accordingly, the State discourages the commercialisation of data except where provided for by legislation or in other exceptional circumstances.

9.2.2 Commercialisation under explicit statutory function

An agency may commercialise or apply the Cost Recovery Guidelines to data if it has an explicit statutory function to do so. In such cases there is no need for the agency to seek authorisation for commercialisation or cost recovery.

Some statutes may provide an agency with a power, rather than a function, to commercialise data. Whether this allows commercialisation under the Policy will depend on the surrounding circumstances.

Agencies that intend to commercialise data should carefully consider whether there actually is an explicit statutory function to do so. If there is any doubt about whether this applies, an agency should consult with DTF at IPpolicy@dtf.vic.gov.au.

9.2.3 Commercialisation with Ministerial authorisation

If an agency intends to commercialise or apply the Cost Recovery Guidelines to data without an explicit statutory function to do so, it requires explicit authorisation by the Minister for Finance⁵² under Principle 8(b) of the IP Policy.

This Principle applies when:

• an agency proposes to enter a new commercialisation arrangement in relation to existing data (even where that data has previously been commercialised)
• an agency proposes to develop data to be commercialised (including developing new data for the purpose of an existing commercialisation arrangement)
• an existing commercialisation arrangement comes up for renewal or amendment

Commercialisation or application of the Cost Recovery Guidelines may be authorised where the agency has demonstrated that it will result in a clear net benefit to the Victorian community. A ‘net benefit’ is an overall positive impact on the community. It takes into account the costs and benefits related to:

• public health and safety
• social and community impact
• environmental impact
• competition
• economic impact

Approval to commercialise or apply the Cost Recovery Guidelines will only be granted where a clear net benefit to the Victorian community has been demonstrated, having regard to all of the circumstances. For example, the possibility of a financial return from commercialisation will not, of itself, necessarily constitute a clear net benefit to the Victorian community.

Agencies are strongly encouraged to consult with DTF at IPpolicy@dtf.vic.gov.au prior to making a request for authorisation of commercialisation. Doing so is likely to reduce the time required for the agency to develop the request and for the request to be considered.

Detailed information on gaining Ministerial authorisation for commercialisation of data and IP can be found in the Whole of Victorian Government Intellectual Property Policy and supporting Guidelines.⁵³

9.3 Freemium commercialisation model

There are occasions when a ‘freemium’ commercialisation model may be required to support the publics need when releasing data to the public. This is usually only required if the public require higher levels of support beyond the access to the dataset.

In the freemium model the dataset continues to be made available at no or minimal cost. The supporting elements that improve access to the dataset, including improved levels of reliability and service, contracted service level agreements and access to technical and specialist support may be considered suitable of commercialisation.

In such cases there is no need for the agency to seek authorisation for commercialisation or cost recovery as long as the data is still available at no or minimal cost.

9.4 What other policies must be considered when commercialising datasets?

9.4.1 Cost recovery

Where seeking approval to commercialise, (or continue to commercialise) datasets, a cost recovery model must be considered. This allows an agency to comply with the principle of making government data available at no or minimal cost.

Agencies must use the Victorian Government Cost Recovery Guidelines⁵⁴ to propose an appropriate charging model. The guidelines provide a framework for use by government entities when considering, developing and reviewing user charges and regulatory fees. They ensure that cost recovery arrangements in Victoria are transparent, efficient, effective and consistent with legislative requirements and government policy.

9.4.2 Competitive neutrality policy

Decisions to commercialise datasets are subject to the Victorian Government Competitive Neutrality Policy⁵⁵ which is concerned with transparent cost identification and pricing in a way that removes advantages arising from public ownership. Competitive neutrality ensures that the significant business activities of publicly owned entities compete fairly in the market.

---

50. www.dtf.vic.gov.au/funds-programs-and-policies/intellectual-property-policy

51. The IP Policy refers to the Treasurer in this Principle, but in practice the Minister for Finance is responsible for authorisation requests under Principle 8(b) of the Victorian Government Intellectual Property Policy and supporting Guidelines.

52. The IP Policy refers to the Treasurer in this Principle, but in practice the Minister for Finance is responsible for authorisation requests under Principle 8(b).

53. www.dtf.vic.gov.au/funds-programs-and-policies/intellectual-property-policy

54. https://www.dtf.vic.gov.au/financial-management-government/indexation-fees-and-penalties

55. https://www.dtf.vic.gov.au/home

This chapter contains the following key action:

1. The agency head has overall accountability for implementing the Policy within their agency.
2. Each dataset made available must have an assigned custodian to ensure the dataset is managed through its lifecycle.
3. The progress of agencies compliance with the Policy will be reported to the responsible Minister and to Cabinet.

10.1 Who has accountability?

The agency head⁵⁶ has overall accountability for implementing the Policy within their agency. This would typically be the Secretary of the Department or the CEO of the Agency. It is recommended, however, that the agency assign responsibility for the implementation of the Policy to an agency wide committee reporting to the agency head. The committee would monitor, report and steer the agency through making datasets available.

An agency’s Information Management Governance Committee (IMGC) would be the recommended body to perform this function.⁵⁷

The IMGC or equivalent would be responsible for:

• providing leadership and fostering an organisational culture of releasing datasets
• building organisational capability in developing, releasing and managing datasets
• monitoring and reporting compliance with the Policy
• identifying information assets with the potential for high public value
• collaborating with other agency IMGCs to share lessons learnt and promote intra departmental initiatives
• collaborating with the whole of Victorian Government IMG’s to identify opportunities to achieve consistencies and efficiencies
• considering dataset suggestions as provided by the public

Information Management Standards and Guidelines include recommended membership and sample terms of reference for the IMGC. For more information see:

• Whole of Victorian Government Standard – Agency Information Management Governance⁵⁸
• Whole of Victorian Government Guideline – Information Management Roles and Responsibilities⁵⁹

10.2 Custodianship of released datasets

Each agency must have an assigned custodian to ensure that datasets released on the Data Directory are managed through their lifecycle. It is recommended that the custodian’s role include responsibility for such coordination activities as:

• maintaining a data asset register
• identifying and coordinating datasets to be made available
• defining the appropriate data quality statements
• uploading datasets to the data directory
• managing dataset suggestions and feedback via the data directory
• reporting the progress of making datasets available to the IMGC and DataVic Access Policy team

10.2.1 Custodianship framework

Existing Victorian Government Information Management Standards require agencies to develop a custodianship framework.

A recommended model for data custodianship follows. There are six key roles: Owner, Information Management Group, Information Management Governance Committee, Custodian, Administrator and User. This model also includes a seventh user (Supplier) for data acquired from an external source. This model (developed based on the Whole of Victorian Government Chief Information Officer’s Roles and Responsibilities Guide) is represented graphically below:

Figure 1: Custodianship framework

For more information see:

• Whole of Victorian Government Standard – Information Asset Custodianship ⁶⁰
• Whole of Victorian Government Guideline – Information Management Roles and Responsibilities ⁶¹

10.3 DataVic Access Policy accountability checklist

The following checklist for accountability compliance requirements can be used by agencies to assist implementation. (Note: Some activities may not apply to your agency).

Once requirements have all been marked ‘Yes’, Policy accountability elements are in place.

10.4 Dataset feedback

The Data Directory includes a function that allows users to provide feedback on datasets published on the website.

Agencies will be notified when a feedback request is made. Agencies are responsible for moderating and managing the treatment of feedback. The custodian nominated by the agency should undertake this role. The timeframes for responding to feedback are the same as the ‘suggest a dataset’ process.

Further detail on the ‘suggest a dataset’ process including responsibilities, expectations and time frames of responses is available on the DTF website.⁶²

10.5 Reporting

10.5.1 Compliance reporting to Government

There are two ways in which implementation of the Policy will be reported. These are:

• quarterly reports from DTF to the Minister for Finance on the progress of the Policy, which include an update on the total number of datasets published
• annual reporting to Cabinet by the Minister for Finance which will detail how many datasets agencies have published on the Data Directory. This will involve a chart comparing the number of datasets made available by each agency as well as requests for datasets and progress on release

DTF may (at its discretion) request status reports from agencies on their implementation of the Policy for the purpose of accurately reporting how many datasets have been made available.

10.5.2 Data Directory reporting

The Data Directory has an analytics page supplying usage data on all data released via the portal.⁶³ This page has been set up to support agencies and the public to gain an understanding of the usage of the site. Statistics may include:

• total published datasets
• number of datasets updated in period
• number of new datasets updated in period
• number of downloads
• time since datasets were last updated

On request the technical support team can also supply agencies with tailored web statistics reports from the data portal.

10.5.3 Annual reports

Agencies are encouraged to release the data supporting the development of its annual report and to incorporate policy achievements into its annual report. The ‘Model Report’⁶⁴ template developed by DTF to assist Victorian government departments and public sector entities with the planning and preparation of disclosures in its annual reports includes a section on DataVic compliance to support this process.

Suggested items include:

• outcomes from the previous year’s program of works targets
• a list of categories of datasets that have been made available
• suggestions for datasets received and the outcome of the suggestions
• feedback for datasets received and the outcome of the feedback
• any known benefits of making datasets available achieved to date
• strategies for the coming year, including a list of proposed categories of datasets to be made available

On request the technical support team can supply statistics to support this process.

Example from the Model Report

Compliance with the DataVic Access Policy

The Victorian Government’s DataVic Access Policy enables the sharing of Government data at no, or minimal, cost to users. The policy intent is to support research and education, promote innovation, support improvements in productivity and stimulate growth in the Victorian economy as well as enhance sharing of, and access to, information rich resources to support evidence based decision making in the public sector.

Government data is progressively published in a machine readable format on www.data.vic.gov.au, to minimise access costs and maximise use and reuse.

[Department/agency]’s release of government data in accordance with the policy is proceeding at a steady rate, with (number of datasets) of [Department/agency]’s datasets and data tools now available on the Victorian Government Data Directory. As part of the Department’s (Information, Communications or Technology) Strategy, (number of datasets) [Department/agency] datasets are to be published for the calendar year ending 31 December 2015; as at the end of June 2015, (number of datasets) datasets have been published.

The release of these datasets has made a valuable contribution to the policy. In addition, [Department/agency] has made the (name high value datasets) available online in machine readable format.

Consistent with the DataVic Access Policy issued by the Victorian Government in 2012, the financial statements, performance statements and tables included in this Annual Report will be available at www.data.vic.gov.au in machine readable format.

10.6 Risk management

Risks associated with the Policy must be considered and managed as part of an agency’s risk management framework.

Failure to properly manage intellectual property risks was identified in the Victorian Auditor General’s Report Managing Intellectual Property in Government Agencies (2003)⁶⁵ as posing a number of risks to the public sector. For a list of the potential risks identified by the Victorian Auditor General, agencies may refer to the Whole of Victorian Government Intellectual Property Intent and Principles.

It is recommended that agencies consider processes for managing the risk of infringing third party intellectual property rights, such as record keeping management of any third party copyright arrangements, or licensing terms (see Chapter 6: Licensing datasets).

---

56. The head of a department, public body, public statutory body, body, office or trust body as described by the Financial Management Act 1994.

57. Under whole of Victorian Government Information Management Standards, it is now mandatory to establish and maintain an Information Management Governance Committee.

58. www.vic.gov.au/information-management-policies-and-standards

59. www.vic.gov.au/information-management-policies-and-standards

60. www.vic.gov.au/modernising-governments-approach-ict

61. www.vic.gov.au/modernising-governments-approach-ict

62. www.data.vic.gov.au

63. www.data.vic.gov.au

64. www.dtf.vic.gov.au/financial-reporting-policy/model-report

65. www.audit.vic.gov.au/report/managing-intellectual-property-government-agencies

Application Programming Interface (API): A specification intended to be used as an interface by software components in order to communicate with each other.

Confidentialised Unit Record Files (CURF): A record in which name and address information, are controlled and limited, or data are deleted or modified to disable identification of individuals or businesses.

Custodian: Individual responsible for managing the lifecycle of a dataset.

Data: Datasets and databases stored in formats including hardcopy, electronic (digital), audio, video, image, graphical, cartographic, physical sample, textual, geospatial or numerical form.

Data quality statement: A presentation of information about the quality of a statistical collection or product.

Data record: A collection of data items related in some fashion and usually connecting.

Data tool: A tool included with a dataset which can load and/or manipulate data.

Dataset: Data that is machine readable, reusable and open format. In this Policy, the term also applies to data made available in the form of an API, web services and existing data tools.

De-identify: The process by which data is stripped of information which would allow the identification of the source of the data.

Metadata: Listed information that describes an information resource, or helps provide access to an information resource.

Net benefit: having an overall positive impact on the relevant community. A net benefit takes into account the costs and benefits related to:

• public health and safety
• social and community impact
• environmental impact
• competition
• economic impact

Open format: An open format is a specification for storing and manipulating content that is usually maintained by a standards organisation.

Unit record: A collection of data elements for a given object. Also a row in a database.

Uniform Resource Identifier (URI): A string of characters used to identify a name or a resource.

Victorian Government data: Datasets and databases owned and held by the Victorian Government and stored in formats including hardcopy, electronic (digital), audio, video, image, graphical, cartographic, physical sample, textual, geospatial or numerical form.

Web service: A method of communication between two electronic devices over the web.

These Guidelines specify a set of key actions that will help agencies comply with the Policy and are identified by text boxes at the start of relevant chapters. The list of key actions are:

1. The Government’s default position is that departments and public bodies datasets must be made available to the public.
2. Datasets must be made available unless access is restricted for reasons of privacy, public safety, security, law enforcement, public health and compliance with the law.
3. Datasets must be released in a machine readable, reusable and open format.
4. Personal, health and/or confidential information must be de-identified and aggregated.
5. Creative Commons Attribution (CC BY) is the default licence for datasets released under the Policy.
6. Metadata must be created for datasets released under the Policy.
7. All datasets made available under the Policy are to be linked to the data directory, www.data.vic.gov.au.
8. Agencies must make a determination about how often published datasets must be updated.
9. Agencies must consider the Policy when developing and procuring datasets and databases.
10. Datasets will not be commercialised unless an agency has a statutory function to do so, or Ministerial approval is granted.
11. The agency head has overall accountability for implementing the Policy within their agency.
12. Each dataset made available must have an assigned custodian to ensure the dataset is managed through its lifecycle.
13. The progress of agencies compliance with the Policy will be reported to the responsible Minister and to Cabinet.

This attachment sets out an unpopulated data quality statement as discussed in section 5.3.1 How do I create a data quality statement? and illustrates the categories contained within the ABS data quality statements, that the ABS data tool will populate.

---

66. www.abs.gov.au

This list is not exhaustive. It is recommended that agencies take care to consider legislation relevant to their portfolio.

Audit Act 1994 (Vic)⁶⁷

The Audit Act establishes the legislative framework governing the ongoing role and functions of the Auditor General.

Copyright Act 1968 (Cwlth)⁶⁸

The Copyright Act defines the legally enforceable rights of creators of creative and artistic works under Australian law.

Electronic Transactions (Victoria) Act 2000⁶⁹

The Electronic Transactions (Victoria) Act gives electronic transactions and communications the same status, for legal purposes, as paper based transactions and documents.

Evidence Act 2008 (Vic)⁷⁰

The Evidence Act sets out the State rules of evidence. Generally speaking, the Act applies to proceedings in State courts and before other persons or bodies required to apply the laws of evidence.

Financial Management Act 1994 (Vic)⁷¹

The Financial Management Act lists agencies requirements in keeping proper financial accounts, risk management, audit requirements, financial reporting, annual reporting to Parliament and responding to Ministerial requests for information.

Freedom of Information Act 1982 (Vic)⁷²

The Freedom of Information Act lists agencies requirements in giving the public access to requested information held by public sector entities.

Health Records Act 2001 (Vic)⁷³

The Health Records Act is a framework designed to protect the privacy of individuals' health information. It also regulates the collection and handling of health information.

Privacy and Data Protection Act 2014 (Vic)⁷⁴

The Privacy and Data Protection Act provides for the responsible collection and handling of personal information in the Victorian public sector, and for the establishment of a protective data security regime.

Public Administration Act 2004 (Vic)⁷⁵

The Public Administration Act reflects the State Government’s belief that the fundamental role of the public service is to serve the public interest and defines a comprehensive approach to supporting good public administration.

Public Records Act 1973 (Vic)⁷⁶

The Public Records Act details the procedures to manage the holding, disposal and transfer of public records.

---

67. www.legislation.vic.gov.au/in-force/acts/audit-act-1994/066

68. www.legislation.gov.au/Details/C2010C00476

69. www.legislation.vic.gov.au/in-force/acts/electronic-transactions-victoria-act-2000/003

70. www.legislation.vic.gov.au/in-force/acts/evidence-act-2008/025

71. www.legislation.vic.gov.au/in-force/acts/financial-management-act-1994/065

72. www.legislation.vic.gov.au/in-force/acts/freedom-information-act-1982/107

73. www.legislation.vic.gov.au/in-force/acts/health-records-act-2001/045

74. www.legislation.vic.gov.au/in-force/acts/privacy-and-data-protection-act-2014/025

75. www.legislation.vic.gov.au/in-force/acts/public-administration-act-2004/076

76. www.legislation.vic.gov.au/in-force/acts/public-records-act-1973/041

Datasets created or managed by public sector agencies are public records and should be managed accordingly. Related policies and standards to support this include:

Victorian Government Intellectual Property Intent and Principles

The Whole of Victorian Government Intellectual Property Policy Intent and Principles is the State’s framework for the ownership and management of its IP, as well as for the use by the State of IP belonging to other parties.

Recordkeeping standards

The Public Record Office Victoria (PROV) sets recordkeeping standards for the efficient management of public records under section 12 of the Public Records Act 1973. The standards apply to all records created by the Victorian Government and detail requirements for the creation, maintenance and use of these records.

Information management standards

The whole of Victorian Government Information management standards describe the way in which an organisation should plan, identify, create, receive, collect, organise, govern, secure, use, control, disseminate, exchange, maintain, preserve and dispose of its information.

Victorian Protective Data Security Standards (VPDSS)

The Data and Privacy Protection Commissioner is responsible for the whole of Victorian Government protective data security framework which includes protective data security standards, protective data security plans prepared by public sector bodies to implement the standards, and specific law enforcement data security standards.

Victorian Government Website Management Framework

The Website Management Framework provides standards and guidelines on website content, services and processes, including content ownership approval and review. The 15 inner government agencies must comply with the Content Ownership Approval and Review standard which requires that all website content has an owner. It is recommended that agencies seek to align the process of assigning dataset custodianship and website content ownership where possible.

Cost Recovery Guidelines

These Guidelines clarify the Government’s policy principles underpinning cost recovery arrangements. The guidelines provide a rigorous framework for use by government entities when considering, developing and reviewing user charges and regulatory fees.

Competitive Neutrality Policy

Competitive neutrality ensures that the significant business activities of publicly owned entities compete fairly in the market. It is about transparent cost identification and pricing in a way that removes advantages arising from public ownership. This policy outlines a process for lodgement and investigation of complaints against public entities.

Data integrity manual

The data integrity manual supplements the Standing Directions of the Minister for Finance on Information Management and Information Technology Systems (Standing Direction 3.4.13).

---

77. www.dtf.vic.gov.au

78. www.prov.vic.gov.au/government/standards-and-policy/all-documents/recordkeeping-standards-framework

79. www.vic.gov.au/information-management-policies-and-standards

80. https://ovic.vic.gov.au/

81. https://www.vic.gov.au/modernising-governments-approach-ict

82. www.dtf.vic.gov.au

83. www.dtf.vic.gov.au

84. www.dtf.vic.gov.au

This checklist provides guidance on the process involved when making datasets available. Agencies may not have to undertake every step in this checklist in order to publish a dataset.

The Victorian government recognises the benefits associated with mandating a whole of government approach to the availability of Victorian government data for the public good.

The DataVic Access Policy provides direction on the release, licensing and management of Victorian Government data so that it can be used and reused by the community and businesses.

The Victorian government holds, creates and collects a vast amount of data, ranging from demographic and economic to geospatial data.

Victorian government data refers to datasets and databases owned and held by the Victorian government and stored in formats including hardcopy, electronic (digital), audio, video, image, graphical, cartographic, physical sample, textual, geospatial or numerical form.

Victorian government data does not include software.

Not all Victorian government data is suitable for release under the policy. Access to some data will need to be restricted for reasons of privacy, public safety, security and law enforcement, public health and compliance with the law. Only data owned by the State of Victoria or sufficiently licensed to the State of Victoria will be released under this policy.

Expected benefits of the policy

The policy is expected to achieve the following benefits:

• stimulate economic activity and drive innovation and new services to the community and business
• increase productivity and improve personal and business decision making based on improved access to data
• improve research outcomes by enabling access to primary data to researchers in a range of disciplines
• improve the efficiency and effectiveness of government by encouraging better management practices and use of the data

Relationship to other policies

This policy operates in conjunction with the whole of Victorian government Intellectual Property Policy, and, like the Intellectual Property Policy, applies to all departments and public bodies (agencies).

DataVic Access Policy intent

To enable public access to government data to support research and education, promote innovation, support improvements in productivity and stimulate growth in the Victorian economy.

To enhance sharing of, and access to, information rich resources to support evidence based decision making in the public sector.

DataVic Access Policy principles

Principle 1

Government data will be made available unless access is restricted for reasons of privacy, public safety, security and law enforcement, public health, and compliance with the law.

Principle 2

Government data will be made available under flexible licences.

Principle 3

With limited exceptions, government data will be made available at no or minimal cost.⁸⁵

Principle 4

Government data will be easy to find (discoverable) and accessible in formats that promote its reuse.

Principle 5

Government will follow standards and guidelines relating to release of data and agency accountability for that release.

Governing framework for this policy

The DataVic Access Policy is administered through the Department of Premier and Cabinet. The Department of Premier and Cabinet also maintains the primary gateway to government data – www.data.vic.gov.au.

The DataVic Access Policy Intent and Principles will be supported by mandatory standards and guidelines approved by the Assistant Treasurer. Standards and guidelines will cover a range of topics including:

• metadata standards
• copyright licence tools (in conjunction with the Intellectual Property Policy)
• the assessment of data quality and appropriate data quality statements for datasets
• other terms and conditions of use, including disclaimers and limitation on use of data
• data governance and roles and responsibilities

Departmental Secretaries and agency heads are responsible for authorising the release of datasets maintained by their agency, subject to this policy.

---

85. An agency may commercialise, or apply the Cost Recovery Guidelines to, government data if:
(a) it has an explicit statutory function to do so; or
(b) it has been explicitly authorised to do so by the relevant Minister after consulting with the Treasurer, because of a clear net benefit to the Victorian community.