The disclosure of G20 world leaders’ data by Australia is a “huge embarrassment”, shadow immigration minister Richard Marles said on Tuesday, as he called on the government to explain why leaders were not notified of the breach at the time.
The Guardian revealed on Monday that the passport and visa details of G20 leaders attending the summit in Brisbane were accidentally disclosed by the Australian immigration department after an employee mistakenly sent an email to a member of the organising committee of football’s Asian Cup.
But the immigration department chose not to disclose the breach to the world leaders attending the summit, according to documents obtained under freedom of information laws.
Marles said: “Revelations that the personal details of world leaders including US president Barack Obama and Chinese president Xi Jinping were leaked by the immigration department is a huge embarrassment for the Abbott government.”
Australia’s immigration minister Peter Dutton has remained silent throughout the revelation, and has not responded to repeated requests for comment.
Marles called on the minister to explain why the blunder occurred, and said he must explain “why it appears he – nor anyone in the government – chose to not notify any of the world leaders involved at the time of the breach”.
“Common sense would dictate that inadvertently releasing the passport numbers of Mr Obama, German chancellor Angela Merkel and Chinese president Xi Jinping by email might be an issue worth raising with our international counterparts,” he said.
The White House confirmed overnight it was examining the data breach.
Greens senator Sarah Hanson-Young also said the government needed to explain how the breach occurred.
“It was only last week the government was calling on the Australian people to trust them with their data, and now we find out they have disclosed the details of world leaders,” she said.
“This just proves that this government cannot be trusted to manage people’s personal information properly.”
The data breach occurred when an email was accidentally sent because of the autocomplete function on the Microsoft Outlook email program.
It is understood that the department has now removed the autocomplete function – but only after it learned that the Guardian was aware of the data breach, and not when it initially occurred in November.
The department said that its new policy was initiated “after the department reviewed its email protocols”, but did not outline why this occurred only after it became aware of Guardian Australia’s freedom of information request about the breach.
An immigration spokesman said: “The department has reviewed and strengthened its email protocols to limit and contain future breaches.
“The policy was implemented after the department reviewed its email protocols in relation to this incident. It was not implemented as a result of the FOI request to the OAIC [Office of the Australian Information Commissioner].”
