Australian Census 2016 and Privacy Impact Assessment (PIA)

Similar documents
Re: Review of Market and Social Research Privacy Code

Castan Centre for Human Rights Law Faculty of Law, Monash University. Submission to Senate Standing Committee on Economics

About the Office of the Australian Information Commissioner

It follows previous APF feedback about the Draft Concept of Operations [1] and the addendum [2].

This policy sets out how Legacy Foresight and its Associates will seek to ensure compliance with the legislation.

The Australian Privacy Foundation (APF) is the country's leading privacy advocacy organisation. A brief backgrounder is attached.

Should privacy impact assessments be mandatory? David Wright Trilateral Research & Consulting 17 Sept 2009

The Information Commissioner s response to the Draft AI Ethics Guidelines of the High-Level Expert Group on Artificial Intelligence

Lewis-Clark State College No Date 2/87 Rev. Policy and Procedures Manual Page 1 of 7

24 May Committee Secretariat Justice Committee Parliament Buildings Wellington. Dear Justice Select Committee member,

The Canadian Navigable Waters Act

Protection of Privacy Policy

Violent Intent Modeling System

Report to Congress regarding the Terrorism Information Awareness Program

2016 Census of Population and Housing: Submission Form for Content or Procedures, 2016

CONSENT IN THE TIME OF BIG DATA. Richard Austin February 1, 2017

Staffordshire Police

CCTV Policy. Policy reviewed by Academy Transformation Trust on June This policy links to: Safeguarding Policy Data Protection Policy

2

DISPOSITION POLICY. This Policy was approved by the Board of Trustees on March 14, 2017.

ITAC RESPONSE: Modernizing Consent and Privacy in PIPEDA

SPONSORSHIP AND DONATION ACCEPTANCE POLICY

IAASB Main Agenda (March, 2015) Auditing Disclosures Issues and Task Force Recommendations

Seminar on Consultation on. Review of the Personal Data (Privacy) Ordinance. Why the review is being conducted and what this means to you

What does the revision of the OECD Privacy Guidelines mean for businesses?

2018 Census Independent Privacy Impact Assessment 7 July Trust An independent assessment. Privacy

Data Protection and Information Security. Photography and Filming - Guidelines for the use of Personal Data

Consultation on Amendments to Industry Canada s Antenna Tower Siting Procedures

ONR Strategy 2015 to 2020

2018 / Photography & Video Bell Lane Primary School & Children s Centre

ARTICLE 29 Data Protection Working Party

28 TH INTERNATIONAL CONFERENCE OF DATA PROTECTION

2018 Federal Scientists Survey FAQ

Robert Bond Partner, Commercial/IP/IT

NCRIS Capability 5.7: Population Health and Clinical Data Linkage

Herts Valleys Clinical Commissioning Group. Review of NHS Herts Valleys CCG Constitution

CCTV Policy. Policy reviewed by Academy Transformation Trust on June This policy links to: T:Drive. Safeguarding Policy Data Protection Policy

Submission to the Productivity Commission inquiry into Intellectual Property Arrangements

Scotian Basin Exploration Drilling Project: Timeline

Freedom of Information Act 2000 (FOIA) Decision notice

Responsible Data Use Policy Framework

Privacy Impact Assessments

19 and 20 November 2018 RC-4/DG.4 15 November 2018 Original: ENGLISH NOTE BY THE DIRECTOR-GENERAL

California State University, Northridge Policy Statement on Inventions and Patents

How Explainability is Driving the Future of Artificial Intelligence. A Kyndi White Paper

BUREAU OF LAND MANAGEMENT INFORMATION QUALITY GUIDELINES

Privacy Impact Assessment on use of CCTV

Consultation on the licensing of spectrum in the 800 MHz and 900 MHz bands

Fiscal 2007 Environmental Technology Verification Pilot Program Implementation Guidelines

Global Standards Symposium. Security, privacy and trust in standardisation. ICDPPC Chair John Edwards. 24 October 2016

POLICY ON INVENTIONS AND SOFTWARE

Photography and Videos at School Policy

Building DIGITAL TRUST People s Plan for Digital: A discussion paper

Parliamentary Information and Research Service. Legislative Summary BILL S-18: AN ACT TO AMEND THE STATISTICS ACT

PRIVACY ANALYTICS WHITE PAPER

Submission by Free TV Limited

PRIVACY IMPACT ASSESSMENT

Selecting, Developing and Designing the Visual Content for the Polymer Series

Privacy. New technologies, same responsibilities. Carole Fleeman Office of the Victorian Privacy Commissioner

FEE Comments on EFRAG Draft Comment Letter on ESMA Consultation Paper Considerations of materiality in financial reporting

Session 1, Part 2: Emerging issues in e-commerce Australian experiences of privacy and consumer protection regulation

THE UNIVERSITY OF AUCKLAND INTELLECTUAL PROPERTY CREATED BY STAFF AND STUDENTS POLICY Organisation & Governance

Developing the Arts in Ireland. Arts Council Strategic Overview

COMMUNICATIONS POLICY

CENTER FOR DEVICES AND RADIOLOGICAL HEALTH. Notice to Industry Letters

The 45 Adopted Recommendations under the WIPO Development Agenda

Methodology Statement: 2011 Australian Census Demographic Variables

EFRAG s Draft letter to the European Commission regarding endorsement of Definition of Material (Amendments to IAS 1 and IAS 8)

Over the 10-year span of this strategy, priorities will be identified under each area of focus through successive annual planning cycles.

Legal Issues Related to Accountable-eHealth Systems in Australia

ART COLLECTION POLICY

PRIVACY IMPACT ASSESSMENT CONDUCTING A PRIVACY IMPACT ASSESSMENT ON SURVEILLANCE CAMERA SYSTEMS (CCTV)

GDPR Implications for ediscovery from a legal and technical point of view

Loyola University Maryland Provisional Policies and Procedures for Intellectual Property, Copyrights, and Patents

8th Floor, 125 London Wall, London EC2Y 5AS Tel: +44 (0) Fax: +44 (0)

Disposing of objects you may not own

Establishment of Electrical Safety Regulations Governing Generation, Transmission and Distribution of Electricity in Ontario

Making It Your Own A PUBLIC ART POLICY AND PLANNING TEMPLATE. Arts North West Creative Opportunities 2012

Transparency in Negotiations Involving Norms for Knowledge Goods. What Should USTR Do? 21 Specific Recommendations

Diana Gordick, Ph.D. 150 E Ponce de Leon, Suite 350 Decatur, GA Health Insurance Portability and Accountability Act (HIPAA)

Biometric Data, Deidentification. E. Kindt Cost1206 Training school 2017

Submission to the Governance and Administration Committee on the Births, Deaths, Marriages, and Relationships Bill

EXPLANATORY STATEMENT. Issued by the Australian Communications and Media Authority. Australian Radiofrequency Spectrum Plan 2017

Ministry of Justice: Call for Evidence on EU Data Protection Proposals

Intellectual Property

Personal Data Protection Competency Framework for School Students. Intended to help Educators

INTERMODAL PLANNING COMMITTEE TERMS OF REFERENCE

Response: ABS s comments on Estimating Indigenous life expectancy: pitfalls with consequences

Given FELA s specific expertise, FELA s submissions are largely focussed on policy and law issues related to inshore fisheries.

Strategies for the 2010 Population Census of Japan

Pan-Canadian Trust Framework Overview

RTÉ. Key Actions and Changes. A Re-structured Current Affairs, New Journalism Guidelines, Editorial Standards and Training

Standing Committee on the Law of Patents

[Definitions of terms that are underlined are found at the end of this document.]

Bats and the Law An overview for planning, building and maintenance works

FIPPs Fair Information Practice Principles

2020 Census Local Update of Census Addresses Operation (LUCA)

Towards a Modern Approach to Privacy-Aware Government Data Releases

Office for Nuclear Regulation Strategy

CBD Request to WIPO on the Interrelation of Access to Genetic Resources and Disclosure Requirements

Transcription:

http://www.privacy.org.au Secretary@privacy.org.au http://www.privacy.org.au/about/contacts.html 12 February 2016 Mr David Kalisch Australian Statistician Australian Bureau of Statistics Locked Bag 10, Belconnen ACT 2616 Dear Mr Kalisch, Australian Census 2016 and Privacy Impact Assessment (PIA) The Australian Privacy Foundation (APF) is the country's leading privacy advocacy organisation. A brief backgrounder is attached. Australian Bureau of Statistics (ABS) consulted with APF in relation to the 2006 Census. We note the ABS Media Release issued on 18 December 2015, and its release of a PIA Report. This was brought to our attention by a member of the public only a few days ago. Despite APF s prior involvement with ABS, we were not aware of the consultation process the report refers to, and were not notified of the process, Media Release or Report. We are writing to express our deep concerns about the matter. As a first step, we seek further and better information from your office. Our current concerns relate to, first, the decision to fundamentally alter the nature of the census, and second, the PIA exercise undertaken by ABS at the end of 2015. In expressing these concerns, we note that APF fully supports the Bureau s mission of using census data for the purpose of improving the health, education, employment and well-being of the Australian community, provided always that the privacy rights of Australians are satisfactorily protected. The PIA Process Regarding the PIA undertaken late last year, we have serious concerns with apparent short-cuts taken by ABS: 1. Contrary to best practice, the PIA was conducted in-house, not by an independent third party. 1 1 OAIC s Guide to Undertaking PIAs, referred to in the PIA, notes Some projects will have substantially more privacy impact than others. A robust and independent PIA conducted by external assessors may be preferable in those instances. This independent assessment may also help the organisation to develop community trust in the PIA findings and the project s intent. The APF Australia s leading public interest voice in the privacy arena since 1987

2. While the ABS claims that it directly notified key stakeholders of the PIA process, to our knowledge, no NGOs, human rights or civil society organisations were notified or consulted. Given the strong historical interest of the APF and others in civil society in the Australian census, this can only be regarded as an oversight. 3. Apart from any inadequate direct notification of the PIA, it seems to have been publicised solely by means of a Statement of Intent on the ABS web-site and a media release that received minimal coverage: a mention in unashamedly pro-ps PS News and one other niche title. 4. The inadequacy of efforts to publicise the PIA process seem to be confirmed by the limited public feedback received, which evidently included just three responses from private citizens. In the light of a process that can only be described as flawed, we request that you provide details on the following: Which stakeholders did the ABS directly notify of the PIA process? Why were obvious stakeholders that are concerned with the privacy rights of Australians, including the APF and other civil liberties bodies, not on the list of stakeholders that were directly notified? Why did the ABS conduct such a significant PIA as an in-house exercise rather than engage an independent third party? Given the significant changes to the census, the long lead time, and the potentially complex nature of issues raised, why was the period allocated for public comment on the PIA so short? Why was the announcement of the decision to proceed with the changes to the census made in the period immediately before Christmas, which would seem to provide limited opportunities for coverage of the decision, as well as for critical comment? Retention of personal names and addresses APF considers that the decision to indefinitely retain personal names and addresses fundamentally changes the nature of the Australian census, with potentially serious implications for the privacy rights of Australians. We are especially concerned with both the possibility that this additional source of data may act as a honey pot for activities such as identity theft; and with the possibility of function creep, which would result in the expanded use of this data for unintended and possibly unwelcome purposes. The analysis offered in the PIA does not appear sufficient to conclude that privacy risks arising from this fundamental change in the census design are widely understood and low. Accordingly, we seek your support in providing the following information. The PIA states that name and address information would not be disclosed, published or disseminated in a manner which is likely to enable the identification of a particular person, household or organisation. If any name or address information is to be disclosed, which this statement implies, in what form or manner will it be disclosed? What de-identification methods are proposed, if any? Given the rapid development of re-identification capabilities, and the global proliferation of access to other data sets which can assist re-identification, what is the basis for the ABS suggestion that the disclosure or publication of some form of name and address data will not result in the identification of individuals? How far into the future does this prediction hold?

Why does the PIA not simply state that name and address information will never be disclosed or published? What efforts, if any, will be made to audit and identify actual re-identification by third parties? How far into the future will any such efforts continue? Will these efforts cover reidentification only in Australia, or everywhere? What response or sanction, if any, will be made if re-identification does occur? Who, if anyone, will be held responsible? Will any instance of re-identification be notified publicly as it is discovered (for example, will it be required to do so by data breach notification obligations)? In relation to the functional separation process identified in the PIA: What is the basis for the claim that this complies with international best practice? Has this claim been submitted to scrutiny by an independent third party? Where is the evidence that the process is analogous to that applied in the UK, NZ or Canada? Have the functional separation processes in any of those jurisdictions been subject to independent analysis? Are there any significant differences between the processes proposed by the ABS and those utilised in comparable jurisdictions? If so, what? To what extent did the ABS engage in its own analysis on the literature relating to the functional separation de-identification process before deciding on the model described in the PIA? Did this include recent expert concerns about emerging vulnerabilities in deidentification methods in the new data environment? The context Concerns about census information are greater in 2016 due to reports of more explicit threats of the use of legal compulsion against citizens who may be less certain about participation as a result of the changes in the census (an anonymous, specific-purpose, temporary and relatively safe one-off snapshot appears to have been changed into a less-safe, personally identified, lifetime longitudinal dossier, with potentially fewer protections). The threat of legal compulsion to accept a potentially hazardous change, the removal of the reasonable excuse defence, and a prohibition on expressing views about how to respond, come with the highest obligations of transparency and accountability. Concerns are also heightened because Australians remain exposed, without effective protection if anything goes wrong: there are still no laws in place for mandatory data breach notification, no requirement for subject-accessible auditing or mandatory tracing of downstream re-use or abuse of re-identified data, nor any enforceable legal right against serious invasions of privacy; and the regulator, the Privacy Commissioner, is now short-term, part-time, over-loaded and under sustained institutional attack. In summary, neither the APF, nor, we believe, the general public, can accept that the evidence presented in the PIA is sufficient to substantiate the strong claims made to the effect that the perpetual retention of census name and address information poses only minimal privacy risks. We seek your assistance to clarify this. If the APF had been directly notified at an early stage of the process, we would have been more than happy to engage with the ABS to ensure that potential problems could be more satisfactorily addressed. As things stand, it is essential that the ABS urgently now engage in a meaningful manner with these serious issues. We look forward to hearing from you at your earliest convenience.

Thank you for your consideration. Yours sincerely Kat Lane, Vice-Chair 0447 620 694 Kat.Lane@privacy.org.au (Dr) David Lindsay, Vice-Chair (03) 9905 5547 David.Lindsay@privacy.org.au David Vaile, Vice-Chair 0414 731 249 David.Vaile@privacy.org.au

Australian Privacy Foundation Background Information The Australian Privacy Foundation (APF) is the primary national association dedicated to protecting the privacy rights of Australians. The Foundation aims to focus public attention on emerging issues that pose a threat to the freedom and privacy of Australians. The Foundation has led the fight to defend the right of individuals to control their personal information and to be free of excessive intrusions. The APF s primary activity is analysis of the privacy impact of systems and proposals for new systems. It makes frequent submissions to parliamentary committees and government agencies. It publishes information on privacy laws and privacy issues. It provides continual background briefings to the media on privacy-related matters. Where possible, the APF cooperates with and supports privacy oversight agencies, but it is entirely independent of the agencies that administer privacy legislation, and regrettably often finds it necessary to be critical of their performance. When necessary, the APF conducts campaigns for or against specific proposals. It works with civil liberties councils, consumer organisations, professional associations and other community groups as appropriate to the circumstances. The Privacy Foundation is also an active participant in Privacy International, the world-wide privacy protection network. The APF is open to membership by individuals and organisations who support the APF's Objects. Funding that is provided by members and donors is used to run the Foundation and to support its activities including research, campaigns and awards events. The APF does not claim any right to formally represent the public as a whole, nor to formally represent any particular population segment, and it accordingly makes no public declarations about its membership-base. The APF's contributions to policy are based on the expertise of the members of its Board, SubCommittees and Reference Groups, and its impact reflects the quality of the evidence, analysis and arguments that its contributions contain. The APF s Board, SubCommittees and Reference Groups comprise professionals who bring to their work deep experience in privacy, information technology and the law. The Board is supported by Patrons The Hon Michael Kirby and Elizabeth Evatt, and an Advisory Panel of eminent citizens, including former judges, former Ministers of the Crown, and a former Prime Minister. The following pages provide access to information about the APF: Policies http://www.privacy.org.au/papers/ Resources http://www.privacy.org.au/resources/ Media http://www.privacy.org.au/media/ Current Board Members http://www.privacy.org.au/about/contacts.html Patron and Advisory Panel http://www.privacy.org.au/about/advisorypanel.html The following pages provide outlines of several campaigns the APF has conducted: The Australia Card (1985-87) http://www.privacy.org.au/about/formation.html Credit Reporting (1988-90) http://www.privacy.org.au/campaigns/creditrpting/ The Access Card (2006-07) http://www.privacy.org.au/campaigns/id_cards/hsac.html The Media (2007-) http://www.privacy.org.au/campaigns/media/

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback