Brandis' boffin-busting de-anonymisation crime legislation has landed
Will Australian privacy researchers still be at risk of hard time?
Privacy and data researchers will, later today, get to see what's in the Australian government's proposed bill banning re-identification of anonymised data.
The Privacy Amendment (Reidentification Offence) Bill 2016 will be presented to the Senate by attorney-general George Brandis during today's Senate session (PDF) sometime after 2:30pm.
Brandis proposed the bill late in September, pretty much without warning.
At the time, Brandis issued a press release saying: “The amendment to the Privacy Act will create a new criminal offence of re-identifying de-identified government data. It will also be an offence to counsel, procure, facilitate, or encourage anyone to do this, and to publish or communicate any re-identified dataset.”
The proposal came hard on the heels of research by Dr Chris Culnane, Dr Benjamin Rubinstein and Dr Vanessa Teague, who demonstrated flaws in a de-identified data set published at the Federal government's “open data” site, Data.gov.au.
That data was a sample of 10 per cent of the country's Medicare providers, which the group found could be identified back to individual doctors or clinics with a trivial amount of work.
Dr Teague told The Register at the time that Brandis' bill put research at risk, since it's important for groups like hers to uncover flaws in anonymised data. ®
Sponsored: Becoming a Pragmatic Security Leader