Special Counsel

Natalie Butler

Natalie has significant government sector experience. She’s advised government and quasi-government clients on a broad range of public law and regulatory matters.

With nineteen years experience as a privacy practitioner, she’s particularly knowledgeable about data privacy compliance, privacy risk management and data governance. She’s most recently applied her information law expertise to digital transformation projects, helping clients to maximise the value of data assets in ways that are legally and ethically sound.

Natalie champions a privacy-by-design ethos to policy design, customer experience, service strategies and technical solutions. She’s also an advocate for embracing a genuine multi-disciplinary approach to legal advising, risk management and compliance to enhance the longevity, and value, of legal risk strategies and solutions.

Natalie has worked closely with a number of government clients, especially those from the social services and health portfolios.


Natalie’s expertise includes:

  • Privacy Impact Assessments (PIAs) and privacy threshold assessments (PTAs)
  • Privacy, administrative law and data governance analysis for risk assessments conducted in parallel with PIAs e.g. algorithm impact and data ethics assessments
  • Information law advice, advocacy and submissions on:
    • privacy; freedom of information; archives; data accessibility and transparency legislation; and
    • statutory secrecy/ confidentiality regimes
  • Data sharing arrangements and data supply chain mapping
  • Alignment of automated/ augmented decision-making solutions with administrative law principles and privacy requirements
  • Merits and judicial review
  • Legislative schemes, development and implementation
  • Complaints management, including investigation and resolution
  • Legal risk management in a ScaledAgile project management environment. Supporting projects to deliver minimum viable products (MVPs) and modifying risk management strategies as solutions are scaled.

Recent Projects

  • Strategic management and critique of PIAs for:
    • large scale digital transformation projects e.g. streamlined social security payments and reporting for tertiary students
    • shared ICT service solutions e.g. data lake environments.
  • Integrating legal compliance and privacy risk management strategies with data lake governance framework and on-boarding procedures.
  • Data supply chain analysis and benchmarking data flows against customer/ user experience; user journeys; service strategies and technical solutions to guide the development of MVPs.
  • Life event mapping (birth of a child) from a legal and privacy perspective, to inform solution design and service strategies
  • Advice about the development/ deployment of predictive analytics solutions to statutory decision making frameworks, customer management and service strategies.
  • Designated data privacy subject matter expert for various transformation projects, beta trials and proof of concepts (PoCs).  Actively engaged in all project stages from discovery, design, alpha/beta, delivery and implementation.

Professional Memberships / Accreditation & Activities

  • Recognised Lawyer, Government Practice, The Best Lawyers Australia
  • SAFe Agilist (Leading SAFe), Scaled Agile Inc





Scott Moloney