What you need to know
- Experts in privacy, security and technology came together at the GovInnovate forum last week to talk about the status of data sharing and de-identification in Australia.
- In his opening remarks, Australian Information and Privacy Commissioner Timothy Pilgrim recognised that public information is a national asset and that a successful data-driven economy needs a strong foundation in privacy.
- The Commissioner compared the road to open data to the "space race" in that it is simple to understand, complex to execute and failure to get it right will be both explosive and public.
- The Commissioner said that the solution lies in getting de-identification right so that government agencies can make data sets available to the public to aid research and innovation.
- De-identified data sharing is not without risk but, as community expectations increase, government agencies face the unenviable task of balancing data availability and risk.
- Panellists at the forum agreed that "data infrastructure" is needed to support Government agencies to increase the speed and frequency of data release.
What is de-identification?
The Privacy Act 1988 (Cth) (Privacy Act) provides that personal information is "de-identified" if the information is no longer about an individual or an individual who is reasonably identifiable. By de-identifying personal information in public data sets, government agencies can make data available for public use without directly disclosing personal information. For simple data sets, data can be manually de-identified. For large and complex data sets, software can be used to automate the de-identification process.
What is re-identification?
The Privacy Amendment (Re-identification Offence) Bill 2016 (Re-identification Offence Bill) provides that personal information is "re-identified" if it is no longer de-identified.
Depending on the method used to de-identify, de-identified data may be vulnerable to re-identification. A person or entity may be motivated to re-identify data for malicious reasons, or to exploit a commercial opportunity. Whatever the motivation, that person or entity could seek to re-identify data by reverse engineering software, or by matching data with other publicly available data sets to draw conclusions about identity.
Expectations
Governments and the community are increasingly recognising the enormous potential of government data in advancing social and corporate enterprise.
In its recent draft report on "Data Availability and Use" the Productivity Commission explained that increased access to data can facilitate the development of ground-breaking new products and services. The draft report indicated that there is community support for data sharing, quoting a survey by Research Australia which revealed that 90% of Australians are willing to share their de-identified health data to advance medical research and improve patient care (Productivity Commission, 2016).
As community attitudes and expectations about the availability of public data change, government agencies are under increasing pressure to consider how they can contribute.
Key risks and barriers
Panellists at the GovInnovate forum acknowledged that, in the absence of clear standards and protocols to manage de-identification and to measure re-identification risk, it is practically difficult, and potentially risky, for agencies to increase the speed and frequency with which they de-identify and release data.
The panellists reflected on the key barriers that they believe are holding agencies back from releasing public data. They include:
- low levels of awareness about de-identification and risk management;
- a lack of common protocols and practices for data de-identification;
- a lack of common standards, guidelines and thresholds to measure re-identification risk; and
- a lack of "best practice" criteria against which to design and defend agency practices.
"Data Infrastructure"
Similar to the recommendations of the Productivity Commission, panellists supported the implementation of structural reform. The panellists suggested that effective "data infrastructure" would have the following features:
- common language and definitions;
- de-identification standards;
- protocols for the use of de-identification software;
- metrics for measuring re-identification risk;
- thresholds for determining go or no-go decisions based on re-identification risk;
- clear procedures to enable members of the public to access unpublished data (including accreditation processes and trusted access models where appropriate);
- training; and
- where necessary, regulation.
Other measures
The Australian Government is seeking to tackle the issue of re-identification risk through the Re-identification Offence Bill currently before the parliament . If passed, the Bill will establish a "re-identification offence", which will occur when a person or entity takes de-identified data published by a government agency, re-identifies and discloses the information.
Next steps
The proposed amendments suggest that the Australian Government is preparing the legislative landscape for a new era of data sharing. Government agencies should keep an eye on developments and start thinking about the data that it holds, and how it may implement changes to support effective de-identification practices and increase the flow of government data to the public.
Authors: Amanda Ludlow, Partner; Georgina Adams, Consultant; Tess Hemming, Lawyer
