Dr Chris Culnane is a research fellow in information security, with a particular interest in the implementation and deployment of large scale secure protocols. His research interests include privacy, cyber security and applied cryptography, specialising in cryptographic protocols for electronic voting. He was the lead developer on the Victorian Electoral Commission’s vVote project, the first end-to-end verifiable voting system to run at a state level anywhere in the world.
More recently he, Dr Vanessa Teague, & Dr Ben Rubinstein, were the team that in September 2016 recovered supplier IDs in the 10% MBS/PBS longitudinal dataset, released by the federal Department of Health. Our results, responsibly disclosed to the relevant Department, immediately preceded the announcement by Government of the re-identification bill amending the Privacy Act 1988 to criminalise re-identification.
The fallacy of de-identification and its impact on Open Data
As more data is released under Open Data initiatives we are seeing an increasing reliance on de-identification as a way to protect the privacy of the data subjects. In this talk we discuss why we believe de-identification to be a fallacy, with reference to recent examples of where it has failed, including the MBS/PBS dataset.
We will also look at the impact Open Data and de-identification is having on access to high value research data. As researchers are increasingly pushed towards Open Data releases instead of controlled access to high value datasets, the trade-off between privacy and utility, inherent in de-identification, presents a very real problem.