Most Read Contributor in Australia, September 2016
Last week saw privacy experts and consumer groups express
concern at the proposal by the Australian Bureau of Statistics
(ABS) to retain certain information from the
Census to be held on 9 August this year. In previous
censuses information was used but not retained.
The proposal now is that both address data and name data be
retained and used. The ABS said that it wants to be able to
combine the Census data with other data sets, such as health and
education statistics, to get a richer and more dynamic statistical
picture of Australia.
The concern of privacy experts and consumer groups is not aimed
primarily at the ABS and its proposed uses but at the possibility
of "function creep" and that other government
departments, such as the Tax Office and ASIO, may be able to access
the data and use it for other purposes. The risk, expressed
by a number of parties is that "the ABS becomes the unwitting
tool of a government intent on mass population
The information about its intentions was released by the ABS on
7 April 2016 following a lengthy process of research into the
benefits and potential risks of retaining name and address
In November 2015 the ABS announced its intention to undertake a
public review into potential privacy risks and also to undertake a
Privacy Impact Assessment (PIA) in relation to
those risks and steps to mitigate them. The ABS PIA was
completed in December 2015 and has been published on the ABS
The ABS PIA considers the risks of the retention of data and
references, very importantly, a number of safeguards that are built
into the framework of the ABS. Those include the protections
under the Census and Statistics Act 1905 (Cth), the
Privacy Act 1988 (Cth) and the fact that the ABS has been
accredited as an integrated authority under the Commonwealth
statistical data integration interim arrangements.
The ABS PIA outlines in detail the risks perceived to the
retention of data and the various functional separation,
organisational separation and data security measures in place by
the ABS. It is difficult to disagree that the ABS has in
place a range of safeguards that appear to mitigate the identified
However, the biggest concern and the biggest risk, at item 4.5
of the ABS PIA, is the risk of function creep and unintentional
expanded future use of retained name and address information.
While the ABS PIA indicates that there are various procedures for
the management of risk, including their own internal approval
processes and governance structures, the concept of the data
falling outside the control of the ABS is not contemplated.
A reasonable risk raised by privacy experts and consumer groups
is that other government departments will force access in a way
that may be intrusive, condoned by government and not able to be
prevented by the ABS, giving rise to privacy risks to
individuals. This is something we will wait to see play out,
but is significant in the context of government department
information sharing and information obtained for one purpose being
used for another purpose.
This publication does not deal with every important topic or
change in law and is not intended to be relied upon as a substitute
for legal or other advice that may be relevant to the reader's
specific circumstances. If you have found this publication of
interest and would like to know more or wish to obtain legal advice
relevant to your circumstances please contact one of the named
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Privacy issues require a considered strategy where sets of big data come with ever-increasing regulatory obligations.
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).