About Primary Purpose Advisory
The organisations that protect people most effectively are rarely the ones with the longest policy documents. They're the ones where the strategy, the accountability systems, the culture, and the capability of the people leading them are all genuinely aligned. They’re the ones where each component understands its role in a larger system, and where the system learns and improves over time.
That sounds straightforward. In practice, it's rare. Most organisations working in high-stakes environments have developed their frameworks in response to incidents, regulatory pressure, or external scrutiny rather than by design. The result is a set of components that may each be individually adequate but don't function as a coherent whole. The policies say the right things and the training gets delivered. The complaints process exists and procedures are drafted. But the feedback loops that would allow the system to improve are absent, and the culture that would make any of it real hasn't been built.
About Toby Dagg
Toby Dagg has spent more than two decades working at the point where public safety, child protection, and digital regulation meet — the kind of territory where decisions carry real consequences and the stakes are rarely abstract.
He began his career with the NSW Police Force, working as a Detective on major crime investigations. From there, he moved into child protection reform in New South Wales, helping to establish a bail-support and accommodation service under the Keep Them Safe reforms — practical work focused on keeping vulnerable young people out of remand by finding safe placements quickly. It was an early expression of an approach that has remained consistent ever since: find what actually works, and build something that lasts.
In 2013, Toby joined the Australian Communications and Media Authority, where he led frontline efforts to disrupt the online distribution of child sexual abuse material and extremist content. Working alongside Australian and international law enforcement agencies, NGOs, and global hotline networks, he helped shape some of Australia's earliest and most effective cross-border responses to online child exploitation.
When the eSafety Commissioner was established in 2015, Toby was there at the beginning and stayed for a decade. Over that time, he expanded the agency's regulatory reach well beyond its original mandate, addressing cyberbullying, image-based abuse, sexual extortion, terrorist content, and a widening range of emerging digital harms. He founded eSafety's Investigations Branch as its inaugural Executive Manager, later served as Chief Operating Officer, and ultimately led the Regulatory Operations Division as a General Manager at SES Band 2 level.
Across those roles, he built large, multidisciplinary teams; designed regulatory operating models; oversaw major investigations and enforcement actions; and led implementation of landmark reforms including the Online Safety Act 2021. He has exercised statutory decision-making authority, appeared before Parliamentary committees, advised Ministers, and represented Australia in high-stakes domestic and international forums.
“Find what actually works. Build something that lasts.”
He also led significant internal reform work during his time at eSafety, including the design of regulatory operating models intended to create genuine feedback loops between enforcement activity, industry supervision, codes development, and strategic communications. This was work that reflected a consistent preoccupation with whether regulatory systems were functioning as coherent wholes rather than collections of independent functions.
Internationally, Toby has served as Vice President of the International Association of Internet Hotlines (INHOPE), providing strategic leadership across governance, finance, and global policy. He has advised the private sector, including through appointment to Westpac's Safer Children, Safer Communities expert roundtable, and has represented the Australian Government through bodies including WeProtect Global Alliance, INTERPOL, the European Commission, and the OECD.
Toby holds degrees in law, international security studies, and politics. He is known for combining deep operational credibility with clear strategic judgement, and for translating complex regulatory, investigative, and policy challenges into practical, defensible outcomes that serve the public interest.
Through Primary Purpose Advisory, Toby now works with organisations, including NGOs, corporations, and expert bodies, to help them understand, articulate, and genuinely live up to their own standards. That work spans all four of PPA's practice areas — Regulatory Strategy and Governance, Safeguarding and Digital Risk, Integrity Systems, and Executive Capability and Preparedness — and is grounded in a consistent conviction: that the gap between what organisations say they do to protect vulnerable people and what they actually do is almost always a systems problem.
That gap can be closed.
Working with Primary Purpose Advisory
Engagements vary considerably. Some organisations come to PPA with a specific and bounded problem. Some have a policy framework that needs reviewing, a training program that needs designing, a leadership team that needs preparing for a high-stakes accountability environment. Others come with a more open question: we know something isn't working, but we haven't been able to articulate exactly what, or where to start.
Both are legitimate starting points. PPA's approach in either case is the same: begin with honest assessment, work from genuine understanding of the specific context rather than generic frameworks, and focus consistently on what will actually make a difference rather than what will generate a deliverable.
If that sounds like the kind of engagement you're looking for, the best first step is a conversation.
Contact us
Interested in working together? Fill out some info and we will be in touch shortly.