0
A team of researchers from the University of Melbourne has called the government’s proposed data-sharing legislation a “significant misalignment”, concerned that by not acknowledging and protecting the fundamental right to privacy of individuals, there will be little chance of establishing trust in the use of public data.
The remarks come via a submission [PDF] to the Issues Paper discussing the Australian government’s Data Sharing and Release Legislation, which opened for consultation in July.
They said currently the purposes laid out under the “Purpose Test” for data-sharing are prioritising the perceived greater good instead of respecting minimal rights of the individual.
“‘Consent’ does not make one appearance in the proposal, while being a central tenet to privacy best practice, is indicative of significant misalignment,” they wrote.
The submission was penned by Dr Chris Culnane, acting Professor Benjamin Rubinstein, and Dr Vanessa Teague — the same research team that re-identified the Medicare Benefits Schedule and Pharmaceutical Benefits Scheme data in September 2016 and reported in December further information such as medical billing records of approximately 2.9 million Australians were potentially re-identifiable in the same dataset.
Their submission explains that neither data releases nor legislation exist in isolation, and suggests the government consider improving privacy legislation by adopting provisions from the GDPR, as one example.
See also: How Europe’s GDPR will affect Australian organisations
“Anything else is likely to be counterproductive by weakening already inadequate protections and rights of citizens and consumers,” the submission says.
The researchers are concerned that the focus of the government in shaping its legislation is on the entity that collected the data, suggesting instead the concern should be the type and nature of the data that is collected.
“Any entity that collects sensitive personal data, for example, medical data, should be excluded from the default sharing and release arrangements,” they continued. “Such data should only be shared when those for whom the data relates have provided consent. Such consent should be revocable at any time, for example, by adopting a dynamic consent approach.”
The federal government is hoping to reform the Australian data system, in May announcing it would be investing AU$65 million on initiatives such as the country’s new Consumer Data Right (CDR), which will allow individuals to “own” their data by granting them open access to their banking, energy, phone, and internet transactions, as well as the right to control who can have it and who can use it.
In order to implement the changes, it needs to overhaul its legislation, at the time labelling existing public service data use arrangements as complex and hindering the use of data.
The Issues Paper asked firstly if the considerations it was giving were sufficient to shape the legislation. The team of researchers from the university said no, noting that not all factors for guiding important legislative development have been taken into account in the proposal.
Related Topics:
Australia
Security TV
Data Management
CXO
Data Centers
0