The gravity of this scenario cannot be overstated. These are some of the most secret documents that the Australian government creates, usually locked up for 20 years before being released to the public due to their sensitively and to put a bit of time between the actors and their actions, yet here they were, up for sale in suburban Canberra.
Scores of questions will be asked about how the cabinet in question came to make its way out of the governmental depths into the light of day, and deservedly so. It is worth keeping in mind that it comes at a time when Canberra is going through yet another round of national security legislation, where the latest thought bubble is to criminalise the holding of secret documents.
If this sounds familiar, it is. The government has form in wanting to criminalise the exposition of its stupidity, and it takes the shape of an amendment to the Privacy Act that would forbid the re-identification of de-identified datasets that are collected and published by the Commonwealth.
Going further, the proposed Privacy Act amendments also toy with the fundamental approach of the legal system, and move the onus of proof from the prosecution to the defendant, such that the defendant must prove that one of the exemptions in the legislation that allow re-identification work -- such as being contracted by the Commonwealth for such work, or being employed by a university or other state government body -- apply to them.
Somewhere in Canberra, some poor sod reckons that if they criminalise something, it doesn't happen, and it comes during a period when the government is generating and keeping more data on citizens than ever.
Within that data are few opportunities to shrink your exposure to government ineptitude, but one is coming up in the very near future: The window for Australians to opt out of an automatic digital health record being created for them in mid-2018.
Despite the purported benefits of such a scheme, the simple fact is that is that Australian governments and computers do not mix. When they do, various shambles appear.
Quite simply, if the government cannot handle its own secret information properly in a paper data format it has used for over a century, why should it be trusted to handle any personal information involving systems it has repeatedly shown it cannot competently operate?
If you think the idea of a cabinet full of medical data being found is outlandish, we need only return to the story of Pound Road Medical Centre (PRMC).
As the Office of the Australian Information Commissioner details: "[PRMC] stored medical records of approximately 960 patients in a locked garden shed at premises no longer operated or staffed by them."
The shed was subsequently broken into in November 2013.
Thanks to the documents from Cabinet handed on to the ABC, we also know the Australian Federal Police (AFP) lost almost 400 files from the National Security Committee over five years.
That's the same AFP that confessed it was unable to respect the one caveat in the metadata scheme when it admitted it had accessed a journalist's call records "mistakenly".
If this were a private enterprise, the government would ban itself from handling its own data citing repeated infractions.
Given the government cannot handle its own secrets securely, citizens should trust it even less to handle theirs. We need to keep data away from these butterfingers.