Recently, Attorney-General George Brandis announced that he intends to introduce to Parliament amendments to the Privacy Act 1988 (Cth) that would make it a criminal offence to re-identify Commonwealth Government data that has been stripped of identifying markers. Under the proposed amendments, it would also be an offence to counsel, procure, facilitate, or encourage anyone to re-identify Commonwealth Government data, and to publish or communicate any re-identified dataset. It is understood that researchers will be exempt from prosecution under the proposed new regime.
This raises the important questions of why such attention is being placed to this issue and how supposedly de-identified information is able to be re-identified in the first place.
The release of data has obvious benefits from a public policy perspective. The Attorney-General’s media release provides that, ‘our ability to deliver better policies and to solve many of the great challenges of our time rests on the effective sharing and analysis of data’. It is for this reason that governments around the world are tending implement policies that favor data transparency. In accordance with the Australian Government Public Data Policy Statement, the Commonwealth Government frequently publishes non-sensitive and anonymised data on data.gov.au.
It almost goes without saying that information that is properly de-identified is no longer subject to applicable privacy laws by virtue of the fact that is no longer falls within the definition of ‘personal information’. As Timothy Pilgrim, Acting Australian Information Commissioner, recently pointed out in a speech to CeBIT, ‘infamous and widely publicised examples of ‘re-identification’ by white hat hackers and journalists… are, almost exclusively, examples of so called ‘de-identifications’ that were not conducted to any known industry standards’. Some may therefore argue that the proposed amendments to the Privacy Act 1988 (Cth) criminalise behaviours that would not be possible had the relevant data been properly de-identified in the first place.
As the Attorney-General points out, recent advances to technology mean that methods that were, at time data is published, sufficient to de-identify data may become susceptible to re-identification at a later date.
One potential example of this was the recent removal by the Department of Health of a research dataset based on Medicare and PBS claims from its open data portal after it was discovered that practitioner details could be decrypted.
It may therefore be said that the proposed amendments seek to provide important additional protections to individuals whose identity may be revealed by re-identified data and to continue to allow the benefits of the Commonwealth Government’s ‘open data’ policy to be realised.
*Whilst there is, in a technical sense, an obvious distinction between the meanings of the terms ‘anonymised data’ and ‘de-identified data’, given the use of these terms in the source materials for this blog post, the two terms have been used interchangeably in this blog post.