Fair Work Act 2009
s.394 - Application for unfair dismissal remedy

Mr Phillip Gao
v
Commonwealth of Australia (as represented by the Department of Defence)
(U2021/8577)

Application for an unfair dismissal remedy

Introduction

[1] This decision is about whether Mr Gao was unfairly dismissed by the Department of Defence. He contends that he was unfairly dismissed when his employment was terminated after being found to have breached the APS Code of Conduct by taking and storing 39 images of Defence information on his personal devices. The Respondent contends that the dismissal was not unfair.

[2] After taking into account the views of the parties, I considered it appropriate to hold a hearing. 1 The Applicant was granted permission to be represented by Mr Collaery and the Respondent was represented by Mr Davidson of the Australian Government Solicitor. Giving evidence at the hearing on 2, 3 and 7 February 2022 was the Applicant and Mr Troy Quinn, his former supervisor. The following persons gave evidence for the Respondent:

•  Ms Patterson (Assistant Director, Conduct and Performance, Defence People Group);

•  Mr Stanyer (Director Business Operations, Land Systems Division, Capability Acquisitions Sustainment Group(CASG)); and

•  Ms Barbuto (Director Conduct and Performance).

[3] I have decided that the dismissal was unfair, and these are my reasons.

Factual context and findings

[4] The purpose of the summary below is to set out the facts as I find them and to provide context for the conclusions I have reached. It does not include all the evidence about events and interactions between the parties because it is not necessary for every detail to be recorded in a decision.

[5] The Applicant commenced employment with the Department of Defence on 17 July 2018 as an Executive Level 1 Project Manager. His role was Deputy Director of Reform and Governance within the Land Domain at CASG. 2

[6] Seven years earlier, in 2011, the Applicant had begun a commission as a finance officer in the Australian Army Reserves. He is a chartered accountant and holds a Master of Business Administration from the Melbourne Business School in addition to undergraduate and other qualifications. In the Army Reserves he has been promoted to various positions and been deployed on various operations and exercises. In 2019 he was promoted to captain, and across 2016 to 2019 contributed over 500 Army Reserve days.

[7] The Applicant held a Negative Vetting Level 2 security clearance and applied in August 2019 to upgrade his clearance to Positive Vetting.

[8] A few months after this, unbeknown to the Applicant, his supervisor at the time, Mr Stanyer, received a secret verbal briefing from another agency that the Applicant was under watch for security-related reasons. 3 Precautionary steps were then taken including restricting the Applicant’s access to certain electronic folders in the Department’s Objective records system.4

[9] Early in the morning on 25 September 2020, the Applicant and his wife were shocked when Australian Federal Police executed a search warrant at their home. He and his wife were strip-searched and told that the Applicant was facing life imprisonment. 5 The Applicant did not know the outcome of the investigation and whether he would be prosecuted for any offence for nearly 8 months, until he was informed on 13 May 2021 that the AFP investigation had been finalised.6 The AFP laid no charges and took no other action against the Applicant arising from its investigation and search.

[10] The same day the search warrant was executed, Defence Security and Vetting Service (DSVS) Security Intelligence and Threat (SIT) approached Defence People Group (DPG) to consider suspending the Applicant from duty until an investigation was finalised. Three days later, on 28 September 2020, the Applicant was suspended from duty where he remained until his employment was terminated on 3 September 2021. 7 Until 11 July 2021, this was a paid suspension, and from 12 July until the dismissal on 3 September 2021 it was unpaid. During the unpaid suspension, the Applicant accessed annual leave credits.8

[11] During the search, the AFP took the Applicant’s computer and personal devices and kept them for almost a year. 9 The AFP transferred a large quantity of data from these devices to DSVS SIT.10 The data contained hundreds of documents and images found on the Applicant’s personal devices.11

Relevant Defence Security systems and acronyms

[12] The evidence presented in the case references Defence specific systems and acronyms, the most relevant being:

•  The Defence Restricted Network (DRN) which is the basic protective communication network used by the Department of Defence to store information of a sensitivity up to and including ‘PROTECTED’ level. It is accessible to Defence personnel, including civilian contractors, with a basic security clearance. 12

•  Material bearing a higher security classification such as SECRET or TOP SECRET is stored on a different system, the Defence Secret Network or DSN. 13

•  ForceNet is a communication network for the Defence community. It is available to Defence members, sponsored family members and other approved users. Any person with a Defence email can register for a ForceNet account and access it from their home internet or from any device through a mobile application outside the DRN. 14

•  DEFGRAM is a publicly-available message or information published by Defence. 15

•  Signal traffic is a Defence messaging system, that provides information in pdf format akin to email. 16

•  PMKeyS are personal identification numbers used to identify ADF and APS personnel in day-to-day dealings with the Department. It provides and delivers pay and personnel administration for all Defence personnel. 17 Access to most Defence systems is not possible with just a PMKeyS number, most also require a password, however access to Help Desk assistance, for example, does not require a password.18 From a security perspective, having a person’s PMKeyS number would allow access to personal information in the database such as next of kin and payroll information. 19

•  Dreams tokens are small battery powered devices that facilitate access to the DRN through the user’s own personal device. 20 When pressed it generates a new number which is an additional authentication to prove identity when logging onto secure networks including the DRN.21 It allows, for example, an employee to log into the DRN from a personal laptop.

Relevant Defence policies

[13] The Defence Security Principles Framework (DSPF) aligns Defence with the Commonwealth’s Protective Security Policy Framework (PSPF). Under the PSPF, all agencies must develop their own protective security policies and procedures. At Defence, this includes DPSF Control 17.1, Control 30.1, and Control 70.1.

[14] Control 17.1 – Information Systems (Physical) Security, deals with the physical security of information systems, setting out requirements for ICT systems, Protective Marking and Labelling, Storage of ICT equipment, and Roles and Responsibilities. Much of the document appears to be directed to the establishment of secure arrangements at the agency-level rather than the obligations of system users.

[15] Under the Visual Oversight section is a subsection titled ‘Digital cameras, recording devices and wearable computing’ which provides:

“32. Privately owned devices with recording capability (including still photography, video capture and audio recording) are not to be used to capture sensitive or classified information or be used in an environment in which this might inadvertently occur. Full policy on the use of portable electronic devices and private electronic devices is contained in DSPF Principle 22 – Mobility Device Security.

33. Any sensitive or classified information captured on a personal device is to be considered as a data spill and must be reported as a security incident in accordance with DSPF Principle 24 – Information Systems Security Incident Management.” 22

[16] Control 17.1 is directed at not having cameras in the workplace, primarily so that there is no accidental imaging of the DRN, internal layout of premises etc. In other words, the policy is directed to ensure there is no collateral damage caused by the imaging from a DRN screen at work. 23

[17] Control 30.1 Remote Access to Defence Systems includes:

“Privately Owned Devices

12. Defence personnel and persons engaged under a contract must not use privately owned devices to process or store any Defence Official Information that has not been authorised for public release.”

[18] The ICT Manual 24 (sometimes referred to as ICTMAN) is an administrative policy document that applies to all Defence personnel. It applies to the Applicant both in relation to his APS employment and to his role in the Reserves. The ICT Manual includes under the heading “Inappropriate Use” in Chapter 3:

“3.23 Defence ICT users must not make inappropriate use of Defence ICT resources. Inappropriate use of Defence ICT resources includes an attempt to inappropriately use Defence ICT resources. Inappropriate use involves the use of Defence ICT resources by a means or method, in a manner, location or situation, or for a purpose, that:

a. breaches Australian law or government policy;

b. involves dissemination of information that is likely to damage Australia’s reputation or the reputation of the Australian Government or Defence;

c. is likely to risk the defence or national security of Australia or the conduct of a military activity;

d. is contrary to Defence Values, Service Values, or APS Values;

e. is wasteful of time or other Defence resources;

f. infringes intellectual property rights or copyright, moral rights, or confidentiality;

g. breaches the privacy of another person; or

h. involves the unauthorised access to, unauthorised searching of, or unauthorised removal, modification or impairment of content in, a Defence database, such as PMKeyS or Objective.” (emphasis added)

[19] Earlier in the Manual, under ‘Scope and Applicability of this Manual’, it provides:

“1.3 This manual is an administrative policy framework document and applies to all Defence personnel.

1.4 The terms of the relevant contract may extend the application of any or all documents in the framework to a contractor, consultant or outsourced service provider.

1.5 The Secretary and the Chief of the Defence Force require Defence personnel to comply with provisions and manuals unless the particular circumstances warrant departure from the provisions.

1.6 When considering a possible departure from a manual, the Secretary and the Chief of the Defence Force require Defence personnel to:

a. consider whether a proposed departure from the provisions is reasonable and justified in the circumstances and will produce a better outcome for Defence;

b. consult their supervisor, wherever practicable, about a proposed departure – a properly informed decision may involve consulting the policy owner; and

c. be responsible and accountable for the consequences of departing from, or not adhering to, the content of a manual including where such departure or non-adherence results in a breach of applicable laws or leads to adverse outcomes for Defence.

1.7 Some manual provisions support Defence personnel to comply with obligations that exist in legislation or other applicable laws. Defence personnel must not depart from manual provisions in a way that would result in a breach of applicable laws.

1.8 Defence personnel may be subject to performance management, administrative action, or in some circumstances disciplinary action, where decisions or actions that depart from, or do not adhere to, manual provisions involve serious errors of judgement. …”

[20] The Manual goes on to provide a non-exhaustive but lengthy list of examples of inappropriate use of Defence ICT resources such as offensive, discriminatory and unlawful material, gaming sites, certain social media posts, and the like. The Manual does not appear to include a definition of Defence ICT Resources.

Information classification

[21] Another component of the DPSF is Principle 10 governing the assessment and protection of Official Information. Official information encompasses all information, however classified. Originators of information are required to determine the sensitivity of Official Information by assessing the damage that the compromise of, or unauthorised access to, that information or asset would likely cause to Defence and/or the Australian Government. This Business Impact Level assessment is:

Code of Conduct Procedures

[22] The Department’s Code of Conduct Procedures and Policy Guidance provides information about the Department’s processes for dealing with suspected misconduct. 26 The Policy Guidance includes a definition of ‘misconduct’ and provides that instances of suspected misconduct should be addressed at the lowest level possible and gives examples about what types of suspected misconduct might be dealt with at the local workplace level.

[23] It provides that allegations of serious misconduct where the possible breach is serious should be referred to the Directorate of Conduct and Performance, and allegations of serious misconduct such as sexual harassment, bullying, plagiarism, fraudulent procurement, blatant failure to comply with a lawful and reasonable direction despite guidance, and/or inappropriately accessing personal information held on Defence databases warrant immediate referral to the Directorate.

[24] Allegations of serious misconduct, if proven, will result in the application of a more serious sanction, which may include termination of employment. 27 The Guidelines set out the potential sanctions as:

(a) a reprimand;

(b) a fine of up to 2% of annual salary;

(c) a reduction in salary;

(d) a re-assignment of duties;

(e) a reduction in classification;

(f) termination of employment.

[25] It provides that the factors that the delegate may consider when deciding the sanction include, but are not limited to:

(a) the nature and seriousness of the breach;

(b) the relevance to the employee’s duties or the reputation of the APS;

(c) the likely effect of the proposed sanction on the employee;

(d) whether the sanction is equitable when compared to the sanctions imposed in other similar cases; and

(e) any other mitigating or aggravating factors. 28

The APS Code of Conduct Investigation into the Applicant’s conduct & finding of breaches

[26] Ms Patterson, assisted by a Senior Investigator, Ms Parkin, undertook a preliminary investigation to determine whether to commence a formal Code of Conduct Investigation into the Applicant’s conduct. 29 This involved reviewing the approximately 400 documents obtained from the devices seized in the search of the Applicant’s home and resulted in identifying 39 images that were of potential concern. Reviewing the documents took “many, many days.”30

[27] Ms Patterson’s evidence as to how she conducted the investigation is that she went through each image to determine if the Applicant had breached the Code by his action in taking the image. Her analysis did not assess the content of each image, for example, to assess the potential damage to security if it was compromised, other than that images with a higher security classification were viewed as involving a higher risk. 31

[28] On 11 May 2021, following confirmation that the AFP investigation had been concluded with no charges laid, DSVS SIT formally referred the Applicant’s conduct to Defence People Group. 32

[29] On the same day, Ms Patterson issued a notice of suspected misconduct (NOSM) initiating a Code of Conduct process. 33 She did so, having been satisfied that Mr Gao may have breached s.13(5) of the Public Service Act 1999 (PS Act) and as a result, may have breached s.13(2) of the PS Act.34

[30] The specific suspected breaches of the APS Code of Conduct were:

Allegation A: breach of s.13(5) of the PS Act - an APS employee must comply with any lawful and reasonable direction given by someone in the employee’s agency who has authority to give the direction, by:

•  Taking photographs (39 images) of DRN using his personal mobile device, contrary to his obligations as outlined in DSPF Control 17.1 – digital cameras, recording devices and wearable computing (DSPF control 17.1), and/or

•  Storing the personal information of defence employees on his personal devices without a work-related reason or consent from the individuals to do so, contrary to his obligations as outlined in Defence Information and Communications Technology Manual, specifically paragraphs 3.2 3d and g (ICT manual).

Allegation B: breach of s.13(2) of the PS Act – an APS employee must act with care and diligence in connection with APS employment as a result of the actions outlined above.

[31] The NOSM set out the potential sanctions that may be imposed if the Applicant was found to have breached the Code, as provided in the Code of Conduct Procedures and Policy Guidance. The potential sanctions were:

(a) a reprimand;

(b) a fine of up to 2% of annual salary;

(c) a reduction in salary;

(d) a re-assignment of duties;

(e) a reduction in classification;

(f) termination of employment.

[32] The NOSM advised that if Ms Patterson concluded that the Applicant had breached the Code, a separate delegate would make the decision as to what, if any, sanction should be imposed. 35

[33] Ms Patterson initially gave the Applicant 7 days to respond, with an extension granted upon his request. 36

[34] Ms Patterson made arrangements for the 39 images to be sent to the Applicant’s Hotmail email address. He was also provided with a table setting out the Alleged Incident, Evidence: Known Facts, Image Reference and Date of Incident (blank). 37 The first two columns are replicated in the table below. The Image Reference enables the date the image was taken to be identified. For example, the reference for image B1 is “IMG-20170504-WA0001 BN28711559”. The first part of the reference – 20170504 - records that the image was taken on 4 May 2017.

[35] In addition to the information contained in the Alleged Incident and Evidence: Known Facts columns, the table below includes the image number, security classification (where this is marked and visible), the date the image was taken (gleaned from the Image Reference data), and a further description of each image based on review of the actual images and evidence presented.

[36] On 4 June 2021, the Applicant responded decrying the treatment he had been subjected to, including that every personal image and document on his personal devices had been reviewed. He denied all allegations and provided a table noting, for each image, whether the image was a personal document or was for a work-related reason, detailed the work-related reason on several images, and responded that:

•  none of the information that he took photos of were sensitive or classified information;

•  all the information was for work purposes including for his Army Reserve work or APS employment; and

•  all information was unclassified and could have been emailed to his personal email address without concern. 39

[37] On 21 June 2021, Ms Patterson determined that the Applicant had breached the APS Code of Conduct. Ms Patterson found allegations A and B to be substantiated on the balance of probabilities and that the Applicant had breached sections 13(5) and (2) of the PS Act. 40

[38] In relation to allegation A, she found that Control 17.1 and the ICT Manual were lawful and reasonable directions. 41 Ms Patterson found that the Applicant had, contrary to Control 17.1 at paragraph 32, used his personal device to capture sensitive or classified information and/or used in an environment in which this might inadvertently occur. She further found that as there was no evidence that the Applicant reported the security incident after taking photographs of sensitive information on the DRN using his personal mobile device, by failing to report a security incident, he had also contravened Control 17.1 at paragraph 33. Ms Patterson was satisfied that images B18 and B32 carried the protected marker of ‘Sensitive’ and B29 ‘Protected’.42

[39] Ms Patterson found that images B12-14 and B19 evidenced that the Applicant stored personal information of Defence employees on his personal device. The personal information included PMKeyS numbers, dates of birth, and bank details of Defence employees. 43 Ms Patterson concluded that this was contrary to paragraph 3.23 of the ICT Manual, in particular: “inappropriate use involves the use of Defence ICT resources by a means or method, in a manner location or situation, or for a purpose, that …(d) is contrary to Defence Values, Service Values, or APS Values; or … (g) breaches the privacy of another person.”44

[40] Ms Patterson arrived at this conclusion as she was not satisfied by the Applicant’s explanation that he was provided this information for work purposes as he had failed to provide any evidence to support that statement and because the information was stored on his personal devices instead of remaining stored on the DRN. 45

[41] Ms Patterson considered the Applicant’s claim in relation to B19 that he had been provided with a payslip from Troy Quinn as there was no evidence that Mr Quinn consented to the Applicant taking a photograph of his payslip on the DRN and storing it outside of Defence’s secure network. In relation to B12 and B13, Ms Patterson discounted the Applicant’s claim that he required these documents for his deployment on the basis that he could have accessed them whilst they remained securely stored on the DRN. 46

[42] In light of her findings in respect to Allegation A, Ms Patterson found that his conduct also amounted to a failure to act with care and diligence in connection with his employment, contrary to s.13(2) of the PS Act. 47

[43] At Ms Patterson’s request, Mr Stanyer prepared a Workplace Impact Statement dated 5 July 2021 which was provided to the Applicant along with the notice. 48 In preparing it, Mr Stanyer considered the allegations against the Applicant and the potential risk this posed to Defence, considering the information the Applicant had access to in his duties.49 Mr Stanyer’s assessment was that the nature of his work required individuals to act with a high level of integrity, discretion, probity and security awareness – individuals who can be trusted without question, and that in his view, the Applicant’s actions had irreparably eroded this trust. Additional impacts included the financial and productivity impact of the Applicant’s extended absence and the potential for Defence’s reputation to be damaged should the matter reach local or international media. Mr Stanyer considered it unviable for the Applicant to return to work at any level due to the demonstrated behaviour.50

[44] Mr Stanyer also gave evidence that to his knowledge the Applicant had not demonstrated any awareness that breaching Defence security policies is wrong or that it promotes an unhealthy culture of non-compliance with security requirements. In his assessment, the Applicant’s inability to appreciate the risks posed by compromising information security meant that it was not possible to reassign him other duties and he was unsuitable for redeployment in any part of Defence. 51 Mr Stanyer’s concern was that it was a repeated behavioural issue, was contrary to Defence values, and meant that the opportunity to continue to breach that policy is much higher.52 He said that as the Applicant was not prepared to comply with a very important set of Defence principles, the risk is clearly increased and that other information could be compromised. The key issue for him was that the Applicant breached the rules and secondly, that there was no recognition he had done the wrong thing.53 He said there would be few mitigating factors that would change his judgment or assessment.54 Mr Stanyer also agreed that it was very much to his mind that there is a potential threat from abroad.55

[45] A separate delegate, Ms Barbuto, was responsible for determining the appropriate sanction. Ms Barbuto’s evidence is that her assessment of the seriousness of the conduct was not based on an image by image analysis of the content of the 39 images and the security risk involved given the content of the 39 images. 56 Her analysis was principally based on the method with which the Applicant had handled and stored the information. However, she did form a view as to how serious the potential compromise of the information was in terms of national security.57

[46] During cross-examination Ms Barbuto went through each of the images and expressed a view about the potential compromise of the information based on the content of each image. She singled out the following images as concerning from this perspective: 58

•  B7 – Ms Barbuto held concerns given that it included some information about a Defence exercise and should be secured appropriately on the Defence system. It was not relevant that the particular information about the Talisman training operation was available on the Army’s public website; 59

•  B8 -B10 – the concern was that it included some information about a Defence exercise;

•  B12-B13 – significant concerns held because the content of this image included personal information, and employees expect their personal information to be held securely;

•  B19 – concerns regarding an image of a payslip of Mr Quinn;

•  B22 – concerns given that it includes the names and phone numbers of individuals;

•  B23-B28 – concerns that it contained quite detailed information on Defence’s bushfire response and should have remained within Defence system. It did not matter that the information was distributed widely to civilians and others;

•  B29 – whilst Ms Barbuto was not concerned about the content, she was quite concerned as it was classified by the author as Protected: Sensitive;

•  B30 – concerned that it included personal information of 5 persons (name, rank, PMKeyS number);

•  B33 – concerned as the Applicant had no plausible explanation for having it.

[47] Ms Barbuto’s evidence was that her assessment of the Applicant’s conduct as serious was due to the fact that the Applicant did not follow the policies and procedures in place and in addition, he failed to provide plausible explanations as to why he needed those documents to be stored on his personal device when Defence provides remote access to documents through Dreams tokens, and also that he failed to acknowledge that his behaviour was unacceptable. 60 In relation to the Applicant’s claim that it was common for employees to send information from the DRN to their personal email addresses, there was no evidence of that provided to her and she did not take any steps to find out, as she was dealing only with the Applicant’s behaviour and misconduct.61

[48] On 21 July 2021, Ms Barbuto, issued the Applicant a notice of intent to sanction. 62 The notice advised that Ms Barbuto was proposing to terminate the Applicant’s employment based on:

•  The Determination of breach dated 21 June 2021;

•  The notification of suspected misconduct and attachments dated 11 May 2021;

•  Mr Gao’s response to notification of suspected misconduct received 4 June 2021; and

•  The Workplace Impact Statement prepared by Mr Stanyer dated 5 July 2021.

[49] In considering whether termination was the appropriate sanction, Ms Barbuto had regard to her view that:

(a) The Applicant’s breach of the APS Code of Conduct was significant due to his failure to comply with his obligations in relation to his employment with Defence and as an APS employee. Capturing multiple photographs of documentation from the DRN and storing them on a personal device compromised the security of the information, and the information captured “is of significant concern as not only did it comprise of documentation in relation to performance matters related to yourself in your ADF capacity but also include particularly sensitive information regarding Defence operations. Specifically, documentation which included Signal traffic containing information on deployments/Defence specific projects/Tasks orders and details of ADF support to exercises. Further to this the information that you captured also contained personnel details of other employees such as PMKeys numbers and dates of birth and more concerningly a capture of another employee’s payslip which increases the significance of the matter.” 63

(b) Ms Barbuto found that an aggravating factor was the Applicant’s distinct absence of remorse or comprehension in relation to the severity of his behaviour, from his response of 4 June 2021, namely:

(i) the Applicant’s contentions that none of the information was ‘sensitive or classified’ and that he could have emailed this information to his personal email address were wrong, as the majority but not all the documents were marked ‘unclassified’;

(ii) that the Applicant had failed to comprehend that taking photos of the DRN at any time and for any purpose is prohibited;

(iii) this was compounded by the Applicant’s claims that the actions were based on work-related requirements;

(iv) his explanations for other documents were implausible as there were other avenues to source the information;

(v) regarding the payslip (B19), whilst a plausible explanation, there was no evidence to confirm he had Mr Quinn’s consent to capture and retain a copy on his device;

(vi) he had provided no explanation about the Dreams token (B33) and there was no work-related reason to have an image of it.

(c) Ms Barbuto further considered the Workplace Impact Statement and formed the view that the Applicant’s misconduct had created a significant erosion of trust in his ability to act with integrity and that his continued employment posed significant risks which were unsustainable. 64

(d) Ms Barbuto concluded that, “On the basis of all the above, given the significance of your breach, the fact that it was deliberate and occurred multiple times, your absence of contrition and the security implications associated with your misconduct which still remain, my preliminary view is that termination of your employment is the most appropriate sanction in this matter.” 65

[50] The Applicant was initially given 7 days (by 28 July 2021) to respond to the proposed termination of his employment and sought an extension. This was not initially granted on the basis that no evidence beyond what had already been provided to the Applicant was involved, other than Mr Stanyer’s Workplace Impact Statement.

[51] The Applicant responded in an emotional way reiterating his request for an extension to respond to the intended termination of his employment. 66 He referred to the impact the strip search by the AFP had on him and noted that his partner had given birth 4 days earlier and was still in hospital with his son undergoing treatment. He said that he had not been expecting to face being dismissed and needed the time to properly consider his reply.

[52] The Applicant was ultimately given until, and did respond on, 20 August 2021. His response included: 67

(a) That the errors by the decision-makers were of such a magnitude that it suggested some other motive behind the attempt to terminate his career;

(b) He is a loyal Australian who has served with diligence and loyalty in the Reserves and APS;

(c) He has never knowingly exposed or compromised any classified information entrusted to him, nor has he knowingly risked the exposure of any ‘Official’ or ‘Sensitive’ information;

(d) The profound change in attitude by Mr Stanyer as detailed in the Workplace Impact Statement suggests that he received information and/or a briefing about his actions far beyond the dimension of his conduct that could be reasonably conveyed by a proper analysis of the 39 images located on his mobile phone following the AFP search.

(e) The review of his conduct by Ms Barbuto was so one-sided that it furthered his belief that there is an agenda to his termination;

(f) That the events have flowed since he requested an upgrade of his security clearance. As a mainland Chinese born Australian, his request for an upgraded security clearance triggered an untoward reaction;

(g) He belongs to Generation Y, which means his work method is to work flexibly and perform work at any hours to get the job done. This involves using his mobile phone as an extension and sometimes as an alternative to his personal computer for portability and convenience, which are biometric and password protected.

(h) Only five of the images are images of a DRN screen. These images were captured in good faith to aid in the expeditious conduct of his work. He does not, and would not, share any of these images nor any other Defence information unless there was a clear need to know reason or it was for work purposes. Nothing was compromised and many Defence staff, both APS, ARES and ARA routinely project Unofficial/Unclassified DRN screen work and documents to personal emails. He accepts without reservation that no DRN screen material should be captured on his personal device, but the criticism of his actions is selective and unfair, having regard to the widespread use of DRN screen capture for work and storage of personal information.

(i) The Applicant considers each of the 39 images and provides his reason for accessing the document, his view on the classification and whether the document would have been released under FOI if he had requested it. He gave the following explanations:

[53] On 3 September 2021, Ms Barbuto determined the appropriate sanction was to terminate the Applicant’s employment. In addition to the matters detailed in the notice of intent to sanction, Ms Barbuto had regard to his response noting:

(a) APS code of conduct matters are distinct from any criminal enquiry;

(b) the Applicant’s argument that he belonged to generation Y was discounted. As an APS employee the Applicant was required to use Commonwealth ICT resources appropriately and in accordance with policies and procedures. In addition, the Applicant had been provided two separate Dreams tokens that allowed him to login from home;

(c) the issue was not whether the Applicant was entitled to access and hold/store the information but the method of handling this documentation from a security perspective;

(d) the Applicant’s submission that the taking of screenshots on a personal device was common practice was discounted as there was no evidence to substantiate this practice;

(e) whether documents may be requested under FOI is not a relevant consideration;

(f) there was no evidence to substantiate his claims that he was not afforded procedural fairness.

(g) the Applicant failed to take accountability for his actions or acknowledge that his behaviour was unacceptable and not in accordance with the processes and procedures that exist. Management also expressed ongoing concerns about his ability to continue to hold and manage highly sensitive and personnel information in the trusted role that he held. Due to lack of remorse or comprehension of his actions, it was considered that these risks remained.

Additional evidence about the taking and storing of the 39 Images

[54] During the hearing, further and more detailed evidence was given regarding the taking and storage of the 39 images, including evidence that was not before either Ms Patterson or Ms Barbuto in the investigation process. This includes:

Images B1-B13 pre-dated the Applicant’s APS Employment

[55] The Applicant pointed out that the identification tags in each of the 39 images set out in the table provided to him by Ms Patterson during the investigation, identified the date the image was taken. 68 In short, as described in paragraph [34] above, each tag enables the date the image was taken to be identified. This reveals that the 39 images were taken over a more than 3 year period between 4 May 2017 and 16 September 2020.

[56] This analysis also reveals that images B1-B13 were each taken before the Applicant was an APS employee and bound by the Code of Conduct. This analysis was not disputed by the Respondent however it was neither identified nor taken into account by Ms Patterson in considering whether the Applicant had breached the Code of Conduct. The Applicant was found to have breached the Code in respect of the taking of all 39 images.

[57] In cross-examination Ms Patterson said that she was not aware that these images were taken prior to the Applicant’s APS employment, and that she would have to review the material to find whether the Applicant breached the Code in relation to the taking of images. 69 However, she stated that it was still a breach of the Code because “the material was stored on his personal devices during his time as a public servant.”70

[58] Further, Ms Patterson agreed that she had worked off the assumption that all the images were taken of the DRN, 71 she was not familiar with ForceNet,72and said that she would have to review the images in question to assess whether they were part of the DRN,73 and acknowledged that having an image of the Dreams token object didn’t of itself breach security.74

Image B19 – Payslip of Mr Quinn

[59] As noted above in paragraph [41] Ms Patterson had discounted the Applicant’s claim that he had been provided the payslip by Mr Quinn because there was no evidence that Mr Quinn consented to the Applicant taking a photograph of it and storing it outside the DRN. Ms Barbuto at paragraph [49] found the capturing of another employee’s payslip particularly concerning.

[60] Mr Quinn who, at the relevant time, was the Applicant’s supervisor, gave evidence at the hearing that he had given the Applicant one of his payslips. He had done so as he was considering taking a voluntary redundancy and had discussed this with the Applicant and sought his advice as he was an accountant. He did not regard his privacy to be invaded in any way. 75 This evidence was not before Ms Patterson when she determined there had been a breach of the Code of Conduct. Mr Quinn had been contacted during the investigation and told the investigator that he could not definitively say if he gave the Applicant a copy of his payslip.76 He also, in cross examination, was asked whether the Applicant’s assistance was given as a colleague and friend or as part of his job and he said that it was both.77

[61] Ms Patterson’s evidence was that she determined there was a breach of privacy because of where the image of the payslip was stored. She acknowledged that she had assumed that it was stored originally on the DRN as that’s where all payslips are stored, but that her conclusion wouldn’t have changed even if it was an image from a hard copy. Her evidence was a little unclear as she also said that “if the image wasn’t a photo of the computer screen it may not have been a breach in the way that I found it.” 78 Ms Barbuto’s evidence was also that it was a breach of privacy, irrespective of whether Mr Quinn had consented for the Applicant to have the payslip, because it was stored on the Applicant’s personal device.79

Image B33 – Image of Dreams token

[62] The Applicant had been issued two Dreams tokens, one as a Reservist and one as an APS employee. It appears that the Applicant was provided a Dreams token in his capacity as a Reservist in January 2018, and as an APS employee on 25 September 2018. 80

[63] During the investigation, he responded (paragraph [52] above) that he had two Dreams tokens and could not recall why he had this image but that “it may have been due to sorting out tokens that were not working with ITS and I had to save the number.”

[64] At the hearing he gave further evidence that he had it to give to Defence IT to determine why the two tokens weren’t syncing properly, and “must have imaged it to spit out for an aide memoir or to have the number to provide to Defence IT.”  81

Problems with the DRN

[65] The Applicant gave two main reasons for taking images of information from the DRN (either directly or via his personal email) rather than using his Dreams token to access information on the DRN remotely: problems with the DRN, and to access information when out in the field.

[66] The Applicant’s evidence was that he had not been aware that the ICT Manual banned the use and transfer of information to personal laptops. His evidence was that it was common practice if you had “personal – like a letter of recommendation or personal information – you would just send that to your personal email address.” 82

[67] The Applicant’s evidence was that some images (B36, B37) were taken as an aide memoir, so the information (in this case, a course work program) could be accessed on his mobile, and that this was necessary because you couldn’t access the information quickly through the DRN. Otherwise, it would take 5 to 10 minutes to get the information after logging in and accessing the DRN. 83

[68] The Applicant’s evidence was that the DRN was unreliable, slow and frequently crashed. His evidence was that problems with the DRN were notorious in his work area and it was not uncommon to be unable to access the DRN for a half day, whole day or multiple days. In order to undertake work, everyone in his work area had to work on documents on personal laptops off the DRN, and that there was approval or tacit acknowledgement of this by management. 84

[69] In cross-examination he was asked whether it was not inconsistent for Defence on the one hand to give people Dreams tokens to access the DRN from home and on the other hand to condone people sending material to themselves through their personal emails. The Applicant agreed that on paper Defence would not condone this but in practice it was a different story. 85 He acknowledged that it was not good practice but that it was a practice he had adopted on more occasions than those evidenced by the 39 images. (Noting that the 39 images were taken over a 3 year period.)

[70] Mr Quinn, the Applicant’s previous manager, gave evidence that corroborates the Applicant’s account of the difficulties with the DRN. He said that although copying information from the DRN to personal laptops was not an approved procedure, it was a common occurrence to get work done given the unreliability of the network systems. His evidence is that it was a well-known issue, that everyone talked about the unreliability of the DRN and that it was a common practice. 86 In cross-examination Mr Quinn said that he was aware from training he had received that this was not approved procedure, but nonetheless it was a practice that was prevalent in the organisation because of the unreliability of the system. He said that there was awareness that people were working around the system, and it seemed to him that the organisation knew this was happening.87

[71] For his part, Mr Stanyer acknowledges that there were persistent problems with the DRN, Objective and Dreams systems being down and that he attended meetings involving complaints about the DRN. 88 However, he says that he was not aware of any staff member other than the Applicant, emailing work to their home address.89 Further, he says that there were plenty of manual tasks that could be worked on if the system was down.90 This manual work included filing, putting thought into strategic plans, getting together as a group to talk through their goals and objectives for the year, having career conversations, talking to people across the organisation to learn more about the business etc.91 He doesn’t believe he personally told every member of staff not to use their personal laptops, and does not believe he told the Applicant this. However, if he had been aware that he was doing it, he would have directed him to stop.92 At the same time, Mr Stanyer acknowledged that on at least some occasions employees work from hard copies of documents that have been printed off from the DRN to work through when the DRN is down.93

Training in Information Security

[72] All Defence personnel are required to undertake mandatory training including annual security awareness training, which Mr Gao undertook in 2018, 2019 and 2020. The Applicant had also undertaken Cyber Security Awareness Training in 2017 and Assessing and Protecting Official Information Training in August 2020. 94 The detail of these programs was not in evidence. Mr Stanyer, who was the Applicant’s first or second level supervisor between July 2018 until his dismissal, was not able to identify any specific training course that prohibited the taking or storage of images from the DRN. He said, “There is a lot of security-related training, information sessions, briefings that occur on an annual basis, including an extended month-long security awareness program within Defence at the end of (indistinct) Defence Security Principles Framework, which covered a lot of material.”95

[73] In addition, each time a Defence employee logs on to the Defence ICT Network they are required to click ‘agree’ to comply with the DPSF policies and the ICT Manual in the following terms:

“IMPORTANT NOTICE

USE OF DEFENCE ICT NETWORKS

Your use of this system is being monitored.

Your authorised logon allows you to use this system primarily for official Defence business with limited and reasonable personal use in accordance with the Information and Communications Technology Manual (ICTMAN) Chapter 3 Use of Defence Information and Communication Technology Resources. Inappropriate use of Defence ICT networks, including unauthorised disclosure of Defence information, may lead to serious sanctions under the Public Service Act 1999, the Defence Force Discipline Act 1982, the criminal law, or in accordance with the terms of your

contract.

Paragraph 7(2) (aaa) of the Telecommunications Interception and Access Act 1979 allows authorised staff within Defence to intercept communications on all Defence ICT networks for the purposes of conducting network protection duties in relation to the network. All interactions within this system, including any associated data process, stored or communicated by the system may be recorded and accessed. This may include encrypted or stored personal data.

As an authorised user, you agree to comply with all policies relating to the use of this system, including ICTMAN Chapter 3, Defence Instruction‐Administrative Policy (Annex J, PPL 7 – Required behaviours in Defence), the Defence Security Principles Framework, Defence Privacy Policy and this system’s security standards operating procedures.

This is a reminder that by logging into the network, you acknowledge that you have read these polices and you agree to comply with them.”  96

[74] The Applicant’s evidence was that prior to the investigation, he did not have intimate knowledge of the ICT Manual and was not aware that he was not permitted to use and transfer information from the DRN to personal laptops. 97 His attention had not been drawn to the DSPF and he doesn’t recall ever being shown it or instructed to read it.98 He doesn’t recall any training (set out by Mr Stanyer’s statement) where he was directed to any specific provision in the ICT Manual.99 However, he was well aware of the need to protect classified information and never breached this obligation.100 He maintained security over his personal laptop and phone including passwords.101

[75] The Applicant’s evidence is that he was never specifically told in training not to take images of the DRN, and as a matter of practice, he and his colleagues regularly transferred data from the DRN to their personal laptops at home. 102 The evidence from both the Applicant and Mr Stanyer was that it was not a breach of security to print off documents from the DRN and take the hard copy home to work on.103

Applicant’s submissions

[76] Mr Colleary submitted that:

•  The crux of the matter is whether photographic capture of images that originated from the DRN was a matter of sufficient concern to warrant the Applicant’s dismissal. 104

•  An objective review of the images reveals that nearly all were not sensitive, were not photographed from the DRN, and could not reasonably be asserted as having resulted in the compromise of the security of the information. Overwhelmingly, the images were either Unclassified or Official. 105

•  Of the 39 images: 106

(a) 37 were of material that related to the Applicant, including letters of recommendation, performance reviews and training timetables that did not bear marks that the images were classified or sensitive and may have been capable of access by the Applicant or the public through a FOI request;

(b) 7 of the images were individual pages of 2 documents only;

(c) 2 of the images were held by the Applicant in his personal capacity; and

(d) Only 2 of the images contained sensitive information that did not directly relate to the Applicant (B12-13).

•  There is no suggestion that the Applicant disclosed the images. 107

•  There is no evidence the Applicant was specifically taken to any of DSPF Controls. 108

•  The evidence is that the DRN was dysfunctional, and that some of the images reflect the Applicant’s desire to keep his own personal records. 109

•  In considering proportionality, a full forensic enquiry of all his personal devices seized in the search warrant has thrown up, at worst, these 39 images. 110

•  The Applicant, whilst very experienced as a military officer, began working in an environment at CSAG with a slack work environment in security terms and started to accept the culture there. 111

•  Ms Patterson’s finding is flawed, there is no basis for finding the Applicant lacked integrity. She failed to assess the objective seriousness of the Applicant’s conduct and instead concerned herself with the taking of images and didn’t concede there was no breach of privacy even though Mr Quinn had given his payslip to the Applicant. 112

•  Ms Patterson hadn’t reviewed the dates the images were taken and identified that many were taken before he was an APS employee.

•  Ms Patterson essentially just identified whether a breach had occurred, not whether it was serious or not.

•  The Applicant acknowledges that while work-related, the personal information about the 2 officers contained in Images B12 and B13 should not have been stored by him. 113

•  The Respondent conflated his defensiveness with arrogance and a lack of insight into what he had done. 114 Investigators conflated his assertions that there was no serious breach of security with lack of remorse. He wasn’t directly asked whether he accepted that he had not complied with specific provisions.

•  The investigation was mechanistic – there were no face-to-face interviews, and inadequate investigation of the plausibility of his responses. In effect, there was a blanket decision to treat all the images stored as sensitive and a potential serious threat to security, and that is wrong. 115

•  There was disproportionate weight placed on the Applicant’s failure to show remorse and there is insufficient evidence to justify the alleged complete lack of trust.

•  There was an inadequate weighing up of alternative sanctions to termination. 116

•  A claim that there has been a loss of trust and confidence needs to be soundly and rationally based. 117

•  The Applicant has a longstanding work history with the Army and Department of Defence.

•  The Applicant had an otherwise unblemished work record and had received a commendation from Vice Chief of the Reserve Army (Image B17) and is keen to continue serving his country. 118

•  The Applicant has suffered significantly as a result of the disciplinary proceedings and if reinstated to his role, or another role, is willing to undergo training in relation to IT systems use. He is prepared to undertake training in respect of his conduct. 119

•  Not all failures to comply with policies and procedures are a valid reason for dismissal. Whilst the Respondent had policies in place regarding the use of information and IT systems, the form and content is voluminous and there is no evidence the Respondent has made concerted efforts to make employees aware of its policies and warn employees that breaches would lead to dismissal. If breaches of policy present as a spectrum of seriousness, the actions carried out by the Applicant fall within the lower range of the spectrum. 120

•  Alternative disciplinary sanctions would have been more reasonable in the circumstances. 121

Respondent’s submissions

[77] The Respondent submitted that the Applicant’s dismissal was not harsh, unjust or unreasonable. The Respondent’s primary submission was that the Applicant’s lack of remorse and recognition of his responsibilities meant that his non-compliance with the policies justified dismissal because Ms Barbuto could not be satisfied that he would not repeat the conduct if he remained employed. The Applicant’s misconduct went beyond a loss of trust to perform his role and poses a risk to Defence’s ability to protect its digital information and intelligence. 122

[78] It submitted that there was a valid reason for the dismissal, namely that the Applicant did not comply with lawful and reasonable directions to comply with Control 17.1 and the ICT Manual and that he failed to act with care and diligence in connection with APS employment contrary to his obligation under s.13(2) of the PS Act. 123

[79] The Applicant was in breach of Defence ICT policies over the course of some years. Leaving aside the ForceNet images and the Dreams token, the Applicant conceded at least 60 breaches of Control 30.1 by storing 35 images on his personal device, forwarding 25 to his private email address and then taking an image of them, and an unspecified number of additional occasions. In relation to the ICT Manual, the Applicant conceded breaches by storing the 39 images.

[80] In relation to the images whilst a Reservist, but prior to his APS employment, the Respondent submits that this was still a breach of the ICT Manual even though the Applicant was not bound by the APS Code of Conduct at that time. Mr Davidson conceded, appropriately, that the Applicant had not breached the APS Code of Conduct in respect of the taking of images B1 to B13; however, he submitted that storage of all 39 was a breach of the ICT Manual. Leaving aside these concessions, the Respondent submitted there remained ample material to justify a finding against the Applicant. The Applicant admitted that five images were taken directly from the DRN (B15, B16, B22, B36 and B37) which was a sufficient basis to find there was a valid reason for dismissal.

[81] Mr Davidson submitted that taking information out of the Defence system and onto a personal device that the Department has no effective control over, without the individuals concerned having been consulted, is a breach of privacy. In particular, it is not consistent with Australian Privacy Principle 11.

[82] Specifically in relation to Image B19, Mr Quinn’s payslip, it was submitted that Ms Patterson was correct in identifying that a breach of the Privacy Act 1988 can arise from circumstances in which information is stored, irrespective of whether there was consent to have the document. Mr Davidson pointed out that the evidence in relation to this image was complicated given Mr Quinn’s evidence that he gave the Applicant the payslip both as a colleague and in a work capacity but that to the extent that the document was provided in a work capacity, the release onto another device of information being used for a work capacity is not consistent with APP 11. 124

[83] A further valid reason is said to be the Applicant’s lack of insight and lack of contrition at the time the investigation was undertaken. The Applicant sought to downplay the inappropriateness of his conduct by saying that the documents were not that sensitive. The Respondent submitted that that proposition misses the point – it is not for the individual employee to make an assessment of the sensitiveness of information and decide whether they’re going to comply with policies with respect to their handling. The rules exist to create a structure to keep information safe. Classifications are set by the author and not by the reader. The Department set a policy expectation of how it expects its employees to deal with Defence information and is entitled to set that expectation to which all employees should comply. That applies to all Official information, not just information classified as Sensitive or any other level.

[84] The Respondent noted that the Applicant had never said that he had taken the photos without realising there was a policy against it, and that he was very sorry for doing so. Instead, he sought to deny and/or justify his actions. His claim is essentially that his actions were justified because he had a work-related purpose for the information, that the DRN was unreliable, that he needed mobile access to it, and that other people were doing it. The issue is not whether he needed access to the information – the issue is that he was not using and storing the information consistent with ICT policy requirements. In any event, the evidence is not clear that “everyone was doing it”.

[85] The Applicant never claimed during the investigation that he didn’t know this was a breach of the rules, but in any event, he should have checked.

[86] The Respondent submits that the Applicant’s lack of remorse and recognition of his responsibilities are factors which meant that his non-compliance with the policies justified dismissal, because the delegate could not be satisfied that the Applicant would not repeat the conduct if he remained employed. In particular, his justification that the information was not sensitive or classified demonstrated a continuing belief that this was a matter for his personal assessment, not departmental judgment. Similarly, his expressed entitlement to use his private device to store information if convenient suggests a belief that this is acceptable. 125

[87] Further, the Respondent relied on the evidence of Mr Stanyer, his supervisor, that the Applicant has lost the trust and confidence of his supervisors. His behaviour poses a risk to Defence’s ability to protect its digital information and intelligence, and the Applicant has continually failed, even in the statement filed in these proceedings, to demonstrate any comprehension of the importance of Defence’s ability to securely store digital information. 126

[88] Mr Davidson referred to the decision in Jarmain v Linfox Armaguard Pty Ltd 127, to support his submission that the dismissal was a proportionate response to the Applicant’s conduct given the frequency of the conduct, his failure to take responsibility for it and in particular, the context in which it occurred, namely Defence. In that case involving the cash transit industry, Commissioner Cambridge in finding there was a valid reason for dismissal of an employee, observed:

“In most employment circumstances conduct such as that exhibited by the Applicant during the complaint A and B events might attract formal warning and reprimand and be unlikely to represent serious misconduct. However, there are special considerations that apply in the CIT Industry. The stringency that must apply in employment circumstances that involve individuals who are equipped with loaded firearms cannot be overstated.” 128

[89] Mr Davidson further submitted that there is not a sound basis to find the Applicant has been treated inconsistently. Whilst there is some evidence of the existence of a practice of sending documents from the DRN to personal email addresses, it is not clear given Mr Stanyer’s evidence, and there is a question about what the Commission can reliably draw from the evidence. Other employees may have had permission to do so or may have been sanctioned, in any event, this case is about the Applicant’s conduct.

Pattern of behaviour of making own assessments instead of following the rules

[90] Mr Davidson submitted that the evidence established a pattern of behaviour whereby the Applicant did not follow rules but made his own assessment. He asked the Applicant whether his taking photographs of the DRN was because he had formed his own assessment as to whether his phone was an appropriate place to store those documents. The Applicant rejected that and responded that he wasn’t aware at the time that this was a breach, and subsequently is aware and so would haven’t done that. 129

[91] Other instances were said to demonstrate this attitude, including embarking upon a helicopter without authorisation, being spoken to about his “dress standard, general behaviour, wearing headphones while sitting at desk in an open environment”, seeking out opportunities to do photographs without, on occasion, approval of his chain of command, and not following a rule or position to only take one choice of protein at mealtimes. 130

[92] The Applicant acknowledged the truth of some incidents, for example that he was not authorised to be on the helicopter referred to in Image B4. 131 However, in relation to an incident where he was said to have taken more than one choice of protein at mealtimes, his evidence was that this was not a clear direction and occurred in the context of an officer who was not supportive of his promotion to captain.132 No disciplinary action was taken against the Applicant in relation to any of these incidents and he was subsequently promoted to captain.133

[93] I am not satisfied that any such pattern of behaviour is established by the evidence in this case.

Consideration

Preliminary matters

[94] There is no dispute that the Applicant was dismissed by the Respondent. 134 Before considering the merits, I am required to consider certain matters.135 There is no dispute and I find that Mr Gao made his application within time,136 and is a person protected from unfair dismissal.137 As the Respondent is not a small business employer, the Small Business Fair Dismissal Code has no application, and his dismissal was not a case of genuine redundancy.

Section 387 of the Act

[95] In considering whether a dismissal was harsh, unjust or unreasonable, the Commission must take into account each of the matters set out in section 387(a) to (h) of the Act. A finding that a dismissal is or is not harsh, or is or is not unjust, or is or is not unreasonable, must in each case be founded on a consideration of all the matters set out in section 387(a) to (h). The Commission must consider and weigh up all the factors and no one factor alone will necessarily be determinative. While in some cases, not all the matters in section 387 will be relevant, it is nonetheless necessary to make a finding in relation to each of them, even if only to set out the basis for the finding of relevance. Generally, the matters in section 387 should be considered in order and findings made as to each of the matters before weighing them. 138

[96] In Byrne v Australian Airlines, the High Court considered the meaning of an award provision that termination of employment would not be “harsh, unjust or unreasonable”. In their joint judgement McHugh and Gummow JJ said:

“It may be that the termination is harsh but not unjust or unreasonable, unjust but not harsh or unreasonable, or unreasonable but not harsh or unjust. In many cases the concepts will overlap. Thus, the one termination of employment may be unjust because the employee was not guilty of the misconduct on which the employer acted, may be unreasonable because it was decided upon inferences which could not reasonably have been drawn from the material before the employer, and may be harsh and its consequences for the personal and economic situation of the employee or because it is disproportionate to the gravity of the misconduct in respect of which the employer acted…. 139

[97] A dismissal may be:

Harsh – because of its consequences for the personal and economic situation of the employee, or because it is disproportionate to the gravity of the misconduct;

Unjust – because the employee was not guilty of the misconduct on which the employer acted; and/or

Unreasonable – because it was decided on inferences that could not reasonably have been drawn from the material before the employer. 140

Section 387(a) Valid Reason – General Principles

[98] The principles relevant to the consideration required under s.387(a) were set out by the Full Bench in Sydney Trains v Hilder: 141

(a) A valid reason is one which is sound, defensible and well-founded, and not capricious, fanciful, spiteful or prejudiced.

(b) When the reason for termination is based on the misconduct of the employee the Commission must, if it is an issue in the proceedings, determine whether the conduct occurred and what it involved.

(c) A reason would be valid because the conduct occurred and it justified termination.

(d) There would not be a valid reason for termination because the conduct did not occur or it did occur but did not justify termination (because, for example, it involved a trivial misdemeanour).

(e) For the purposes of section 387(a) it is not necessary to demonstrate misconduct sufficiently serious to justify summary dismissal on the part of the employee in order to demonstrate that there was a valid reason for the employee’s dismissal (although established misconduct of this nature would undoubtedly be sufficient to constitute a valid reason).

(f) Whether an employee’s conduct amounted to misconduct serious enough to give rise to the right to summary dismissal under the terms of the employee’s contract of employment is not relevant to the determination of whether there was a valid reason for dismissal pursuant to section 387(a).

(g) The existence of a valid reason to dismiss is not assessed by reference to a legal right to terminate a contract of employment.

(h) The criterion for a valid reason is not whether serious misconduct as defined in reg 1.07 has occurred, since reg 1.07 has no application to section 387(a).

(i) An assessment of the degree of seriousness of misconduct which is found to constitute a valid reason for dismissal for the purposes of section 387(a) will be a relevant matter under section 380 7(h). In that context the issue is whether dismissal was a proportionate response to the conduct in question.

(j) Matters raised in mitigation of misconduct which has been found to have occurred are not to be brought into account in relation to the specific consideration of valid reason under section 387(a) but rather under section 387(h) as part of the overall consideration of whether the dismissal is harsh, unjust or unreasonable.

[99] Where a dismissal relates to an employee’s conduct, the Commission must be satisfied that the conduct occurred and justified termination:

“The question of whether the alleged conduct took place and what it involved is to be determined by the Commission on the basis of the evidence in the proceedings before it. The test is not whether the employer believed, on reasonable grounds after sufficient enquiry, that the employee was guilty of the conduct which resulted in termination.” 142

[100] It is clear that a substantial and wilful breach of a policy will often, if not usually, constitute a “valid reason” for dismissal. A valid reason is assessed from the perspective of the employer. 143 At the same time:

“Any notion that a clear and knowing breach of policy will always provide a valid reason for a dismissal that will not be harsh, unjust or unreasonable, no matter the employee’s length of service and other circumstances, is inconsistent with basic principle. Every case must be assessed by reference to its particular circumstances.” 144

387(a) Valid reason – Consideration

[101] I must first determine whether the conduct that the Applicant was found to have engaged in and was dismissed for, occurred, what it involved, and whether it justified termination.

[102] The conduct he was found to have engaged in by Ms Patterson was:

(a) Taking 39 images of the DRN using his personal device contrary to Control 17.1 and/or

(b) Storing the personal information of Defence employees on his personal devices without a work-related reason or consent from the individuals to do so, contrary to paragraphs 3.2.3d and g of the ICT Manual, in respect of images B12, 13, 14 and 19.

[103] He was also found to have breached the obligation in paragraph 33 of Control 17.1 by failing to report as a security incident, that sensitive information had been captured on a personal device.

[104] His conduct was found to also breach s.13(5) and s.13(2) of the PS Act.

[105] There is no dispute that the Applicant had the 39 images on his personal devices and was required to comply with the ICT Manual, Control 17.1, and 30.1. Each of the images is Official information. However, the evidence does not establish that the Applicant took photographs of the 39 images of the DRN contrary to Control 17.1. As far as the taking of 13 of the 39 images is concerned (B1-B13), the evidence establishes, and the Respondent concedes, no breach of the Code of Conduct occurred because the images were taken before the Applicant was an employee and bound by the Code. The taking of these images cannot constitute or contribute to a valid reason.

[106] The Applicant did not dispute that the remaining 26 images were of Defence information or physical resources, some of which originated in the DRN that he had emailed to his personal address. Although the allegations put to him did not identify a breach of Control 30.1, which explicitly proscribes the storage of Official information on private devices, he acknowledged that these should not have been stored on his personal devices. These included images B18 and B33 which were marked “Sensitive” and B29 marked “Protected”. The remaining images were photographs of hard copy documents or resources. Further, the Applicant admitted that five images were taken directly from the DRN (B15, B16, B22, B36 and B37) and the Respondent submitted that this is a sufficient enough basis to find there was a valid reason for dismissal.

[107] I am satisfied that compliance with Control 17.1, Control 30.1 and the ICT Manual are each lawful and reasonable directions and consider that the Applicant, contrary to his obligations, emailed documents from the DRN to his personal email address and then took photos of them, took 5 images directly from the DRN and stored the 39 images on his personal devices. There is also no evidence that he reported the capture of any of the information as a data spill, contrary to paragraph 33 of Control 17.1.

[108] In relation to the storing of information contrary to the ICT Manual, I find that images B12, 13, 14 and 19 all contain personal information and were stored on the Applicant’s personal devices. I accept the Respondent’s submission that whilst the taking of images B12 and 13 cannot constitute breaches of the Code, the continued storing of them after the Applicant commenced employment technically, was contrary to the ICT Manual. I am also satisfied that there is no evidence that the Applicant sought and obtained the consent of the individuals concerned to store any of their personal information on his personal device.

Did the Applicant’s conduct warrant dismissal?

[109] I turn now to the question of whether the Applicant’s conduct justified termination of his employment, in order to assess whether the Respondent had a valid reason. My consideration starts with an assessment of the seriousness of the Applicant’s actions.

[110] The extent of the Applicant’s breaches of policy is numerically large, with 39 images stored on his personal devices. However, this presents a somewhat exaggerated impression as a number of them were separate pages of single documents. For example, B8-10 and B23-28 were, in effect, 2 documents not 9. And as found above, 13 (or 30%) of the images were taken before the Applicant commenced employment with the Respondent.

[111] Whilst the Applicant, technically, breached the prohibition on storing certain information on personal devices, in the unusual circumstances where as a result of his Reservist role, the Applicant already had Defence information on his devices, compliance would have required him to immediately upon becoming an APS employee, forensically search across all his devices over the then approximately 7 years of his Reservist career to identify and remove any such documents. Whilst I accept that the Applicant was also bound by the ICT Manual as a Reservist, and likely breached the ICT Manual and/or Control 30.1 by having the material on his device, that is not a consideration in his dismissal by the Respondent. Whilst a breach of the ICT Manual and Control 30.1, I consider this to be at the lower end of the spectrum.

[112] While not excusing the breaches, it is also relevant to my consideration that the Applicant had valid reasons for having the 39 images, that many were addressed to him and were personal records, and that there is no suggestion that any information was compromised or disclosed.

The Applicant’s justification for having the images and storing them

[113] I also accept the Applicant’s evidence as to why he had the 39 images. Most of them were documents specifically relating to him, including the performance reports, documents addressed to him, and documents he had created.

[114] I accept the evidence of both the Applicant and Mr Quinn that the DRN was frequently unreliable, slow and frequently crashed. As a result, I find that whilst not an approved procedure, it was a common practice in the Applicant’s work area to copy information from the DRN to personal devices and that the Respondent was aware this was happening. I accept that Mr Stanyer did not know that the Applicant was doing this, and that if he had, he would have directed him to stop. However, Mr Stanyer did not tell his staff, including the Applicant, not to use their personal laptops. I find his belief set out at paragraph [71] that he expected staff to undertake manual tasks when the system was down, such as having career conversations and putting thought into strategic plans, to be somewhat unrealistic. That is not to conclude that the Applicant’s conduct was excusable, however it is relevant to a consideration of the seriousness of it.

[115] Similarly, I accept the Applicant’s explanation for having B38-39 on his mobile device, namely, to access information in the field. The images in question contain information about courses he was participating in, and I accept that accessing these through the DRN was impractical or at least very slow.

[116] I have also considered the breaches in the context of the purpose of Control 17.1. Control 17.1 is directed at not having cameras in the workplace, primarily so that there is no accidental imaging of the DRN, internal layout of premises etc. In other words, the policy is directed to ensure there is no collateral damage caused by the imaging from a DRN screen at work. 145 Ms Patterson acknowledged that doing so from home, for example, is a lesser compromise of that security concern.146 Several of the images were taken at the Applicant’s home, evidenced for example, by the reflected image of trees.147

The content of the images

[117] In relation to the content of the 39 images, whilst most were unclassified, B18 and B32 were marked “Sensitive” and B29 marked “Protected”.

[118] To my mind the seriousness of the breaches is impacted by the content and classification of the information.

[119] B18 is a photographed extract of a hard copy report complimenting the Applicant’s work ethic, intelligence and maturity stating that he was very well-suited to challenging analytical roles in the intelligence community. Whilst it contained the signature and PMKeyS number of its author, the Applicant had a work-related purpose for having it. Image B32 was an email to the Applicant from his then supervisor, requesting his assistance with a restructure. B29 had the highest security classification marking of the 39 images, however the basis of this is not clear from its content. Ms Barbuto was not concerned about the content but was concerned given its classification. The document was an email from Mr Stanyer to the Applicant confirming his support for attendance at a training course, again a clear work-related purpose for the Applicant having the document. Whilst I agree that the classification system must be observed and it is not up to anyone other than the author to determine the appropriate classification, the content of each of these images is not especially compromising.

[120] Ms Barbuto assessed the content of other images as being of concern from the perspective of the potential compromise of their content. While I accept the importance for information to be secured appropriately, particularly in the context of Defence, assessing the seriousness of the Applicant’s conduct and whether it warranted the sanction of dismissal, it is relevant that the information was publicly available (B7); distributed widely to civilians and others (B23-28); that the information about Defence exercises in B18-10 was very limited; and that the personal information in B22 and B30 was also very limited. Ms Barbuto also singled out Image B33 as of concern because the Applicant had no plausible explanation for having an image of a Dreams token. However, I accept the Applicant’s evidence in relation to this set out at paragraph [64]. Her concerns about the inclusion of personal information in B12, B13, and B19 are discussed below.

[121] Whilst the majority of the images were unclassified or carried a low classification, I accept the Respondent’s submission that that is no excuse. The Department is entitled to expect its employees to comply with the standards and rules it sets for information security and it is not open to an individual employee to form their own assessment. However, it is in my view, relevant to the seriousness of the breach and consideration of the appropriate sanction.

[122] This point is illustrated in part by the evidence that the Department sent the 39 images to the Applicant’s Hotmail email address. I accept Ms Patterson’s evidence that there was no issue or compromise of the information contained in the images by the action of Ms Parkin sending the 39 images to the Applicant by ordinary email to his personal address because she did not take photos of the DRN to do so, 148 and Ms Barbuto’s evidence that the transmission of documents other than ‘Protected’ was able to be transmitted for the purpose of disciplinary processes, such as the investigation.149 However, Ms Patterson did concede in cross-examination that she should have given thought to redacting some of the documents or not sending them out via Hotmail.150 Whilst I agree that there is a big difference between an employee taking documents off the DRN without authorisation and what was done in the course of the investigation, it is difficult to imagine that the Department would have been so comfortable doing so if the content of the images was particularly sensitive or highly classified.

[123] As Ms Patterson confirmed, Control 17.1 is directed at not having cameras in the workplace, primarily so that there is no accidental imaging of the DRN, internal layout of premises etc. In other words, the policy is directed to ensure there is no collateral damage caused by the imaging from a DRN screen at work. 151 She acknowledged that viewing unclassified information from the DRN at home was a lesser compromise of that security concern.152 Other than the 5 images taken directly from the DRN, the images of information from the DRN emailed to the Applicant’s personal email address present an infringement of the Control involving a lesser security concern which was not considered in the investigation.

[124] Images B5, B11 and B31 were from ForceNet, accessible to anyone with a Defence email, including family members and were respectively, a job advertisement, guidelines about accepting hospitality, and unclassified advice of transition to a stage in the Pandemic plan. They do not constitute serious breaches.

[125] In relation to the breaches of the ICT Manual, the Manual itself contemplates instances of non-compliance. As set out in paragraph [19] above, Defence personnel are required to comply with its provisions unless the particular circumstances warrant departure. Personnel considering departing from a manual are required to consult their supervisor “wherever practicable” to ensure a properly informed decision. 153

[126] Whilst the Applicant did not seek to consult with his supervisor before departing from the provisions in the ICT Manual, viewed in this context, its obligations are not absolute and do not establish a framework of strict obligations that will be severely punished if breached. Indeed, it provides that only departures from provisions involving serious errors of judgment would attract disciplinary action at all. 154 Whilst the Applicant made errors of judgment by his actions, I do not consider that they were serious errors of judgment having regard to all the evidence in the case, including that the information in the images was mostly unclassified, included no information above “Protected” (and Ms Barbuto was not concerned about the content of the single image marked “Protected”).

[127] The 4 images that contained personal information identified by Ms Patterson that were stored contrary to the ICT Manual were B12, B13, B14, and B19. B12 and B13 were information on two Lieutenant Colonels, including their name, PMKeyS number, position number, title, rank, gender and date of birth. The Applicant received this information as part of his work and was interested in it for his own aspirations to be deployed. Whilst I accept the Applicant’s evidence that he knew these two officers and that they had encouraged him to apply for deployment in a joint taskforce in the UAE, that they had told him all the personal information in the documents other than their date of birth and that he sought to emulate their career paths, this does not excuse his using and storing information obtained as part of his work for an alternative purpose, contrary to the Manual and privacy obligations. 155 It was an error of judgment, however this context is relevant in considering the seriousness of the conduct.

[128] Image B14 is a photograph of a printed document calling for nominations regarding a bilateral adventure training activity. The offending personal information contained is the PMKeyS number of 5 other personnel. Again, whilst this does not excuse his contravention, the offending information is not extensive nor especially compromising of security. It is also relevant that the document outlined a training activity that the Applicant was selected to support, and thus directly related to him and was addressed to him (along with others).

[129] Image B19 is the payslip of Mr Quinn. I accept the evidence that Mr Quinn gave his payslip to the Applicant as he sought his advice about whether to take a voluntary redundancy. Whilst Mr Quinn’s evidence was that he gave it to the Applicant as both a colleague and for work purposes, no purpose relating to the Applicant’s work duties was identified. I consider it was provided more as a colleague. In any event, there is no doubt that the Applicant had his consent to have it in his possession. Whilst he did not expressly provide consent to store an image of it on the Applicant’s personal device and may still constitute a breach of privacy, it is not in my view, a serious breach.

[130] Overall, in my assessment, the breaches in relation to the personal information in the images do not constitute serious errors of judgment under the ICT Manual, leading to disciplinary action by its non-adherence, and do not warrant the ultimate disciplinary action of dismissal.

[131] Finally, Ms Patterson’s finding that the Applicant contravened ss.13(5) and 13(2) of the PS Act was not soundly based.

Applicant’s acknowledgement of wrongdoing and remorse or lack thereof

[132] The Respondent places a great deal of emphasis, indeed its primary submission, is that the Applicant’s lack of remorse and recognition of his responsibilities meant that his non-compliance with the policies justified dismissal. It submitted that because the delegate could not be satisfied that the Applicant would not repeat the conduct if he remained employed, his behaviour poses a risk to Defence’s ability to protect its digital information and intelligence. 156 That may have been largely the case during the investigation, however that is not the state of the evidence before me.

[133] The Applicant repeatedly expressed remorse and contrition for his actions. During the investigation he accepted that he should not have captured DRN material to his personal device, however he said that the criticism levelled at him was selective and unfair given this was a widespread practice. 157

[134] In evidence presented in the case, the Applicant acknowledged his error in judgment in transferring DRN information to his personal email. He was asked to respond to the claim that he has shown no remorse, defended his actions and remained a risk to the security of Defence information. His response was that at the time he was not aware that he was in breach of the ICT Manual, and that “If I knew that the things that I did was against the manual, I wouldn’t have done it. It was only because it was common practice; everyone did it and it was for work expediency purposes as an aide memoir.” 158

[135] His evidence was that but for the AFP search, he might have approached matters more objectively and calmly, and that “In retrospect I fully accept that I breached the requirements and I am remorseful and I tender my unreserved apology that I did those things and I disagree with various assertions by [Mr Davidson] that I couldn’t be trusted to reoffend. I would never do what I did again, lest I be raided again by the AFP.” 159

[136] Whilst self-serving, I do not consider that this evidence was anything other than sincere and truthful. I found the Applicant to be a genuine, credible, and honest witness. He was mildly defensive and emotional at times, which in light of what had happened to him, was not unreasonable. After serving his country for a decade as a Reservist, his home was searched, he and his wife were strip-searched, he was told he was facing life imprisonment and he spent months without knowing the outcome. This, along with other personal tragedies and stresses that he gave evidence about, affected him in a very deep way. At the time he felt betrayed, disappointed and angry as he knew he wasn’t a Chinese spy, and these feelings influenced his initial response to the allegations against him.

[137] The Applicant’s initial defensive and limited responses to the allegations also occurred in the context of the Code of Conduct Policy Guidance which provide that termination of employment is the sanction for the most serious misconduct. I accept his evidence that he didn’t realise he was facing termination until he received the notice of intent to sanction from Ms Barbuto, and I do not consider that his response is evidence of his failure to appreciate the significance of his actions.

[138] I am satisfied that the Applicant fully understands and acknowledges that he has not complied with Defence security policies and that he is truly remorseful for his actions.

[139] I have also taken into account that there is limited evidence about the specific training that the Applicant undertook. There is no doubt that Defence places an extremely and appropriately high focus on the security of its information. However, I was not taken to any part of the Department’s security training that explicitly provides that taking a photograph of the DRN is not permitted. The two obligations in Control 17.1 that the Applicant was found to have contravened are set out in 2 paragraphs in a 19-page document that is largely directed at the security requirements for various ICT equipment. Relatively few provisions are directed to individual system users and they are not expressed in especially clear or explicit terms, as set out in paragraph [15] above. Control 17.1 is also only one of a suite of information security policies that comprise the DSPF.

[140] Having said that, it is true that every time he logged onto the DRN, the Applicant agreed to comply with the DSPF and the ICT Manual. This is an important consideration as this is a common and potentially useful way to remind employees of their obligations. I note however that in clicking ‘agree’, each employee is acknowledging that they have read all the policies relating to the use of the system, including the Defence Security Principles Framework and four other named policies. It seems to me highly unlikely that any employee has actually read all these policies. As Mr Davidson pointed out, the DSPF alone comprises hundreds and perhaps more than a thousand pages of material. 160

[141] Although the Applicant’s evidence was that he had not been aware that it was not permissible to email documents from the DRN to his personal address or take images of the DRN, he was very aware through his military career, of his obligation to protect classified information and never breached this obligation. There is no evidence that outside the breaches of Control 17.1, 30.1, and the ICT Manual, he otherwise compromised the security of any Defence information. For example, there is no suggestion that the Applicant disclosed the images that were stored on his personal devices which were themselves secured by password and biometrics.

[142] Having considered all the material, I find that the Applicant did engage in some, but not all the conduct for which he was dismissed. I find that the conduct he did engage in did not, in all the circumstances, justify termination of his employment. The Respondent’s primary submission justifying the dismissal was the Applicant’s lack of acknowledgement and remorse, however, I am satisfied that the Applicant has done both.

[143] On balance, I do not consider that the evidence supports a finding that the Applicant’s failure to follow the lawful and reasonable directions to comply with Control 17.1, 30.1 and the ICT Manual was either substantial or wilful; it was neither intentional nor deliberate.

[144] Accordingly, I find that there was no valid reason related to the Applicant’s conduct. However, if I am wrong in that conclusion, I would nonetheless find that the dismissal was harsh in light of the considerations set out relating to s.387(h) below.

387(b) Whether the person was notified of the reason for dismissal

[145] The Applicant does not dispute that he was notified of the reasons for dismissal, and I find that he was notified.

387(c) Whether the person was given an opportunity to respond

[146] The Applicant acknowledges that he was given an opportunity to respond to the intention to dismiss him, however he contends that his response was not given sufficient consideration. I am satisfied that he was given a sufficient opportunity to respond.

387(d) Any unreasonable refusal to allow the person to have a support person present

[147] The Applicant acknowledges that he did not request, and was not refused, a support person.

387(e) If the dismissal related to unsatisfactory performance, whether the Applicant was warned about that unsatisfactory performance before the dismissal

[148] The Applicant was not dismissed for unsatisfactory performance, and this consideration is therefore not relevant.

387(f) The degree to which the size of the employer’s enterprise would be likely to impact on the procedures followed in effecting the dismissal

[149] The Respondent submits that it complied with its Code of Conduct procedures, and the Applicant did not disagree.

387(g) The degree to which the absence of dedicated human resource management specialists or expertise in the enterprise would be likely to impact on the procedures followed in effecting the dismissal

[150] No considerations relating to this factor were raised, and I do not consider it weighs for or against a finding that the Applicant was unfairly dismissed.

387(h) Any other matters that the FWC considers relevant

[151] A number of other factors are relevant to my overall assessment as to whether the dismissal was harsh, unjust or unreasonable.

[152] The matters set out in relation to s.387(a) above in paragraphs [109]-[144] are also relevant to my consideration of matters under s.387(h).

[153] In addition to those matters, I have also taken into account that the Applicant had an otherwise unblemished employment record with the Respondent. 161 He had not been the subject of any other disciplinary proceedings in relation to either his employment or as a Reservist. He had been promoted to Captain in the Reserves. No charges or cautions against the Applicant were made following the AFP investigation and search of his home.

[154] Also relevant is that the 39 images were the only material found to be of potential concern after a very thorough examination by the Department of all information on the Applicant’s personal devices seized by the AFP search of his home. Every piece of information on the devices– both personal and work-related – was presumably examined carefully. It is a reasonable assumption that if the Applicant had in his possession any highly classified or secret documents (and there was evidence that the Applicant had access to the Defence Security Network) or anything more than the 39 images taken over a 3 year period, these would have been discovered. 162 Accordingly, the conduct that was investigated is likely to be the entirety of any contravening conduct.

[155] There is no suggestion that the Applicant disclosed any of the images stored on his personal devices.

Personal impact of the dismissal

[156] I have also taken into account the devastating personal impact on the Applicant of the dismissal.

[157] He has experienced a profound sense of dislocation from his dismissal. He came to Australia at the age of 16 months with his parents from Mainland China. His parents worked hard to re-establish themselves in Australia. The Applicant was successful at school and university and was more than happy to be Australian. Because of his difference from mainstream ‘white’ Australians, he was keen to assert himself as Australian. He grew up to share Australian ideals and expressed an early interest in serving in the Australian Defence Force. Over years of service in the Reserves, he received commendations and promotions. He misses the feeling of identity and pride that his employment with the Respondent provided and the honour of being part of a discrete and very special community. The circumstances in which he was dismissed combined with his heavy sense of loss and the suspension of his security clearance has made it very difficult for him to apply for new roles in the industry. He has tried to mitigate his financial loss by working in casual positions in the hospitality industry, because his treating therapists had assessed him at that time as not ready to re-enter the workforce in a professional role. 163

[158] At the time of his dismissal, he was the sole income earner (as his wife was on parental leave), with a substantial mortgage and a new baby.

Impact on the Applicant’s career in the Army Reserves

[159] An unusual feature of this case is the Applicant’s parallel career in the Army Reserves. In addition to his suspension from his Defence duties he was suspended from his duties as a Reservist. The Applicant submitted that the outcome of his unfair dismissal application will have a profound effect on whether he is able to keep his military role. 164

[160] In a practical sense, the Applicant has paid a double price for his actions. He has not only lost his APS employment but also jeopardised his decade-long military career. The Respondent submitted that the potential impact on his Reservist career should be put to one side. However, I consider it relevant and have taken it into account.

Conclusion

[161] Having considered all the matters in section 387(a) to (h) I find that the dismissal of the Applicant was unfair. There was no valid reason, as the conduct I have found the Applicant engaged in did not justify termination of his employment. In the event that I am wrong, and there was a valid reason for his dismissal, I find that his dismissal was nonetheless harsh, taking into account the considerations in relation to section 387(h).

Remedy

[162] Having found that the Applicant has been unfairly dismissed, I now turn to the issue of an appropriate remedy.

[163] The Applicant seeks to be reinstated. Reinstatement is the primary remedy under the Act. The Respondent submitted that reinstatement is not an appropriate remedy, given the nature of the conduct the Applicant has engaged in, and that his failure to follow reasonable directions given by the Respondent compounded by his failure to comprehend that his conduct poses a risk to the security of Defence’s digital information, has irreparably damaged the relationship.

[164] The question of a loss of trust and confidence in the context of ordering reinstatement has been considered in several cases. In Perkins v Grace Worldwide (Aust) Pty Ltd 165 the Full Court of the Industrial Court said:

“Trust and confidence is a necessary ingredient in any employment relationship. ... So we accept that the question whether there has been a loss of trust and confidence is a relevant consideration in determining whether reinstatement is impracticable, provided that such loss of trust and confidence is soundly and rationally based.

At the same time, it must be recognised that, where an employer, or a senior officer of an employer, accuses an employee of wrongdoing justifying the summary termination of the employee’s employment, the accuser will often be reluctant to shift from the view that such wrongdoing has occurred, irrespective of the Court’s finding on that question in the resolution of an application under Div 3 of Pt VIA of the Act.

If the Court were to adopt a general attitude that such a reluctance destroyed the relationship of trust and confidence between employer and employee, and so made reinstatement impracticable, an employee who was terminated after an accusation of wrongdoing but later succeeded in an application under the Division would be denied access to the primary remedy provided by the legislation. Compensation, which is subject to a statutory limit, would be the only available remedy. Consequently, it is important that the Court carefully scrutinise any claim by an employer that reinstatement is impracticable because of a loss of confidence in the employee

.... It is rare for any human being to have total trust in another. What is important in the employment relationship is that there be sufficient trust to make the relationship viable and productive. Whether that standard is reached in any particular case must depend upon the circumstances of the particular case. And in assessing that question, it is appropriate to consider the rationality of any attitude taken by a party.

It may be difficult or embarrassing for an employer to be required to re-employ a person the employer believed to have been guilty of wrongdoing. The requirement may cause inconvenience to the employer. But if there is such a requirement, it will be because the employee’s employment was earlier terminated without a valid reason or without extending procedural fairness to the employee. The problems will be of the employer’s own making. If the employer is of even average fair-mindedness, they are likely to prove short-lived. Problems such as this do not necessarily indicate such a loss of confidence as to make the restoration of the employment relationship impracticable.” 166

[165] In Nguyen v Vietnamese Community in Australia t/a Vietnamese Community Ethnic School South Australia Chapter 167 a Full Bench of the Commission conveniently summarised this issue:

“The following propositions concerning the impact of a loss of trust and confidence on the question of whether reinstatement is appropriate may be distilled from the decided cases:

•  Whether there has been a loss of trust and confidence is a relevant consideration in determining whether reinstatement is appropriate but while it will often be an important consideration it is not the sole criterion or even a necessary one in determining whether or not to order reinstatement.

•  Each case must be decided on its own facts, including the nature of the employment concerned. There may be a limited number of circumstances in which any ripple on the surface of the employment relationship will destroy its viability but in most cases the employment relationship is capable of withstanding some friction and doubts.

•  An allegation that there has been a loss of trust and confidence must be soundly and rationally based and it is important to carefully scrutinise a claim that reinstatement is inappropriate because of a loss of confidence in the employee. The onus of establishing a loss of trust and confidence rests on the party making the assertion.

•  The reluctance of an employer to shift from a view, despite a tribunal’s assessment that the employee was not guilty of serious wrongdoing or misconduct, does not provide a sound basis to conclude that the relationship of trust and confidence is irreparably damaged or destroyed.

•  The fact that it may be difficult or embarrassing for an employer to be required to reemploy an employee whom the employer believed to have been guilty of serious wrongdoing or misconduct are not necessarily indicative of a loss of trust and confidence so as to make restoring the employment relationship inappropriate. Ultimately, the question is whether there can be a sufficient level of trust and confidence restored to make the relationship viable and productive. In making this assessment, it is appropriate to consider the rationality of any attitude taken by a party.” 168

[166] The Respondent was, understandably, greatly concerned that the Applicant failed to be remorseful and recognise his responsibilities to comply with its policies, and that this meant the behaviour posed an ongoing risk to Defence. However, the Applicant has acknowledged his responsibilities and I accept his evidence that he is deeply contrite and consider that his remorse is genuine and sincere. While the Applicant exhibited poor judgment by his actions, I am satisfied it is highly unlikely to be repeated. After the devastating impact the AFP investigation and search had on him, he is highly motivated to do whatever it takes to avoid jeopardising his career both in the APS and as a Reservist. He is willing to undertake relevant training.

[167] Mr Stanyer’s evidence is that the Applicant had not demonstrated any awareness that breaching Defence security policies is wrong, and that his failure to appreciate the risks posed by compromising Defence information security renders him unsuitable for redeployment in any part of the Defence organisation. However, I am satisfied that the Applicant has demonstrated such an awareness and does appreciate the risks and I do not find that there is a sound and rational basis for the asserted loss of trust and confidence.

[168] Mr Davidson submitted that the relationship had broken down irretrievably, and that it would be difficult to re-establish given the Applicant’s sense of betrayal. 169

[169] I do not accept that the requisite level of trust and confidence has been irreparably damaged or destroyed and could not be re-established with the Applicant. Other than the conduct that led to his dismissal, the Applicant had an unblemished record and there was no suggestion of any other concerns about his performance.

[170] The Respondent is a very large and varied organisation and the Applicant has skills that could be utilised in different parts of the organisation. The Applicant has also demonstrated a willingness to undergo training.

[171] I note that Mr Colleary submitted that the Applicant not be reinstated to the Land Domain.

[172] Accordingly, I order that the Respondent reinstate the Applicant to either his previous role, or at its election, to another equivalent and appropriate EL2 role in Defence, noting his skills and experience. The parties are at liberty to apply if there are any disputes concerning the implementation of these orders.

[173] I consider it appropriate to make an order that the Applicant maintains his continuity of employment and an order that he be paid for the period from the date of termination to the date of his reinstatement, less any money earnt by the Applicant in the intervening period.

[174] In consideration of the Applicant’s conduct which did contravene Defence policies, I consider that an appropriate sanction would have been a reprimand and a fine of 2% of his annual salary of $117,305 (amounting to $2,346.10).

[175] The payment to the Applicant will be reduced by this amount.

[176] Orders to these effects will be separately issued.

COMMISSIONER

Printed by authority of the Commonwealth Government Printer

<PR739169>

Appearances:

B Collaery for the Applicant.

J Davidson of Counsel for the Respondent.

Hearing details:

2022.

Melbourne (by video):

February 2, 3, 7.

 1   s.399 Fair Work Act 2009 (Cth) (the Act).

 2   Transcript PN263 (2 February 2022).

 3   Transcript PN1123-1130 (3 February 2022).

 4   Transcript PN1131-1135 (3 February 2022).

 5   Exhibit A2 Witness Statement of Phillip Gao at [9]; Transcript PN903-4 (2 February 2022).

 6   Exhibit PG8 to Witness Statement of Phillip Gao; Transcript PN905 (2 February 2022).

 7   Respondent’s outline of submissions at [8]–[9].

 8   Exhibit R3 Witness Statement of Vicky Barbuto at [17].

 9   Transcript PN824 (2 February 2022).

 10   Exhibit R2 Witness Statement of Caitlin Patterson at [6]-[8]. No evidence was produced that explained under what authority the AFP provided the seized material to Defence.

 11   Transcript PN1692-1696 (3 February 2022).

 12   Transcript PN194-195 (2 February 2022).

 13   Exhibit R2 Witness Statement of Caitlin Patterson at [12].

 14   Transcript PN74 (2 February 2022).

 15   Transcript PN80 (2 February 2022).

 16   Transcript PN557-560 (2 February 2022).

 17   Exhibit R2 Witness Statement of Caitlin Patterson at [30].

 18   Transcript PN1848-1856 (3 February 2022).

 19   Transcript PN1837 (3 February 2022); PN2301-2302 (7 February 2022).

 20   Exhibit R2 Witness Statement of Caitlin Patterson at [10].

 21   Transcript PN172 (2 February 2022).

 22   Exhibit CP3 to Witness Statement of Caitlin Patterson.

 23   Transcript PN1746-1747 (3 February 2022).

 24   Exhibit CP4 to Witness Statement of Caitlin Patterson.

 25   Transcript PN222-235 (2 February 2022).

 26   Exhibit CP5 to Witness Statement of Caitlin Patterson; Digital Hearing Book (DHB) pp.387-397.

 27   Ibid p.393.

 28   Ibid pp.395-396.

 29   Exhibit R2 Witness Statement of Caitlin Patterson at [7]; Respondent’s outline of submissions at [10].

 30   Transcript PN1698 (3 February 2022).

 31   Transcript PN1758-1767 (3 February 2022).

 32   Respondent’s outline of submissions at [10].

 33   Exhibit R2 Witness Statement of Caitlin Patterson at [17].

 34   Ibid [14]-[15].

 35   Exhibit CP5 to Witness Statement of Caitlin Patterson; DHB p.337.

 36   Exhibit CP6 to Witness Statement of Caitlin Patterson; DHB p.400.

 37   Exhibit CP2 to Witness Statement of Caitlin Patterson.

 38   Identified in column labelled “Image Reference” in Exhibit CP2 to Witness Statement of Caitlin Patterson.

 39   Exhibit CP6 to Witness Statement of Caitlin Patterson; DHB pp.402-403.

 40   Exhibit CP7 to Witness Statement of Caitlin Patterson.

 41   Exhibit R2 Witness Statement of Caitlin Patterson at [23].

 42   Ibid [24]-[28].

 43   Ibid [29]-[32].

 44   Ibid [29].

 45   Ibid [31].

 46   Ibid [32].

 47   Ibid [33].

 48   Exhibit JS3 to Witness Statement of John Stanyer.

 49   Exhibit R1 Witness Statement of John Stanyer at [13].

 50   Exhibit JS3 to Witness Statement of John Stanyer.

 51   Exhibit R1 Witness Statement of John Stanyer at [16]-[19].

 52   Transcript PN1361 (3 February 2022).

 53   Transcript PN1415-1417 (3 February 2022).

 54   Transcript PN1423-1430, 1436 (3 February 2022).

 55   Transcript PN1366 (3 February 2022).

 56   Transcript PN1969 (3 February 2022).

 57   Transcript PN1885-1889 (3 February 2022).

 58   Transcript PN1979-PN1996 (3 February 2022).

 59   Transcript PN2125-2133 (7 February 2022).

 60   Transcript PN1946 (3 February 2022).

 61   Transcript PN2244-2247 (7 February 2022).

 62   Exhibit R3 Witness Statement of Vicky Barbuto at [7].

 63   Exhibit VB1 to Witness Statement of Vicky Barbuto.

 64   Exhibit R3 Witness Statement of Vicky Barbuto at [9]-[11].

 65   Exhibit VB1 to Witness Statement of Vicky Barbuto.

 66   Exhibit VB2 to Witness Statement of Vicky Barbuto; DHB p.428.

 67   Ibid pp.434-448.

 68   Exhibit CP2 to Witness Statement of Caitlin Patterson; Transcript PN83-95 (2 February 2022).

 69   Transcript PN1626 (3 February 2022).

 70   Transcript PN1609 (3 February 2022).

 71   Transcript PN1630 (3 February 2022).

 72   Transcript PN1632 (3 February 2022).

 73   Transcript PN1643 (3 February 2022).

 74   Transcript PN1651 (3 February 2022).

 75   Transcript PN941-942, 949 (2 February 2022).

 76   Exhibit R4.

 77   Transcript PN966 (2 February 2022).

 78   Transcript PN1576 (3 February 2022).

 79   Transcript PN1530-1574 (3 February 2022).

 80   Transcript PN431- 441 (2 February 2022).

 81   Transcript PN170 (2 February 2022).

 82   Transcript PN203 (2 February 2022).

 83   Transcript PN212-215 (2 February 2022).

 84   Transcript PN186-191 (2 February 2022).

 85   Transcript PN443 (2 February 2022).

 86   Transcript PN943-948 (2 February 2022).

 87   Transcript PN989-996 (2 February 2022).

 88   Transcript PN1045, 1048-1049 (3 February 2022).

 89   Transcript PN1038 (3 February 2022).

 90   Transcript PN1053(3 February 2022).

 91   Transcript PN1314 (3 February 2022).

 92   Transcript PN1053-1055 (3 February 2022).

 93   Transcript PN1318-1320 (3 February 2022).

 94   Exhibit R3 Witness Statement of John Stanyer at [20]-[21].

 95   Transcript PN1149-1151 (3 February 2022).

 96   Exhibit R3 Witness Statement of John Stanyer at [24]-[25]; Exhibit JS5.

 97   Transcript PN203, PN296 (2 February 2022).

 98   Transcript PN277-280 (2 February 2022).

 99   Transcript PN299 (2 February 2022).

 100   Transcript PN287-288 (2 February 2022).

 101   Transcript PN276 (2 February 2022).

 102   Transcript PN894-895 (2 February 2022).

 103   Transcript PN894-901 (2 February 2022), PN1305-1321 (3 February 2022).

 104   Transcript PN2405 (7 February 2022).

 105   Applicant’s outline of submissions at [18].

 106   Ibid [19].

 107   Ibid [33].

 108   Transcript PN2413 (7 February 2022).

 109   Transcript PN2412 (7 February 2022).

 110   Transcript PN2419 (7 February 2022).

 111   Transcript PN2430 (7 February 2022).

 112   Transcript PN2438 (7 February 2022).

 113   Transcript PN2464 (7 February 2022).

 114   Transcript PN2490 (7 February 2022).

 115   Transcript PN2495-2497 (7 February 2022).

 116   Transcript PN2506-2507 (7 February 2022).

 117   Transcript PN2512-2517 (7 February 2022).

 118   Transcript PN2505 (7 February 2022).

 119   Applicant’s outline of submissions at [40].

 120   Ibid [35].

 121   Ibid [39].

 122   Respondent’s outline of submissions at [37].

 123   Ibid [38]-[60].

 124   Transcript PN2614-2625 (7 February 2022).

 125   Respondent’s outline of submissions at [73]-[81].

 126   Ibid [75]-[77].

 127   [2018] FWC 3255.

 128   Ibid [57].

 129   Transcript PN737-738 (2 February 2022).

 130   Transcript PN741-775 (2 February 2022).

 131   Transcript PN753 (2 February 2022).

 132   Transcript PN775 (2 February 2022).

 133   Transcript PN847-849 (2 February 2022).

 134   s.386 of the Act.

 135   Ibid s.396.

 136   Ibid s.394(2).

 137   Ibid s.382.

 138   Metcash Trading Limited v Michael Hudson [2022] FWCFB 2 at [70]-[73].

 139   (1995) 185 CLR 410.

 140   Ibid 465-468.

 141   Sydney Trains v Gary Hilder [2020] FWCFB 1373 at [26].

 142  King v Freshmore (Vic) Pty Ltd Print S4213 at [23]-[24].

 143   B, C and D v Australian Postal Corporation [2013] FWCFB 6191 at [35]-[36].

 144   Ibid [51].

 145   Transcript PN1746-1747 (3 February 2022).

 146   Transcript PN1751 (3 February 2022).

 147   Transcript PN668 (2 February 2022).

 148   Transcript PN1710-1728 (3 February 2022).

 149   Transcript PN2158-2162 (7 February 2022).

 150   Transcript PN1725-1728 (3 February 2022).

 151   Transcript PN1746-1747 (3 February 2022).

 152   Transcript PN1751 (3 February 2022).

 153   Exhibit CP4 to Witness Statement of Caitlin Patterson at para.1.6.

 154   Ibid para 1.8

 155   Transcript PN116-123 (2 February 2022).

 156   Respondent’s outline of submissions at [37], [73]-[77].

 157   Exhibit VB2 to Witness Statement of Vicky Barbuto at [7], DHB p.434.

 158   Transcript PN271-273, 325 (2 February 2022).

 159   Transcript PN319 (2 February 2022).

 160   Transcript PN1262 (3 February 2022).

 161   Exhibit A2 Witness Statement of Phillip Gao at [4].

 162   Transcript PN825 (2 February 2022).

 163   Exhibit A2 Witness Statement of Phillip Gao at [31]-[32].

 164   Ibid [10]; Exhibit PG2.

 165   (1997) 72 IR 186 (referred to in Burkhardt & Ors v Qube Ports Pty Ltd [2022] FWC 281 at [166]).

 166   Ibid 191-192.

 167   [2014] FWCFB 7198 (referred to in Burkhardt & Ors v Qube Ports Pty Ltd [2022] FWC 281 at [167].

 168   Ibid [27]-[28].

 169   Transcript PN2680 (7 February 2022).