Vanessa Teague reported on a dataset of Medicare and PBS payments that was supposed to be anonymous but wasn’t

This article is more than 6 months old

This article is more than 6 months old

A prominent university professor has quit after the health department pressured her university to stop her speaking out about the Medicare and PBS history of over 2.5 million Australians being re-identifiable online due to a government bungle.

In 2016, Vanessa Teague, a cryptographer from the University of Melbourne, and two of her colleagues reported on a dataset, published on an open government data website by the federal government, of 2.5 million Australians’ Medicare and PBS payment history dating back to 1984 that had supposedly been de-identified so people were anonymous.

Teague and her colleagues reported that the dataset had several samples where people were able to be identified.

Australian government officials accused of 'cavalier disregard' for unauthorised metadata access Read more

In the research, they came up with seven examples where they were able to determine who the data was about based on publicly available but relatively unique information about that person – such as their birthday, dates of birth of their children, and other personal information.

Once they had that, the researchers had a trove of their entire medical history, including medication purchases and tests conducted.

Teague informed the government about it and the data was removed, but it was downloaded around 1,500 times in the six weeks it was online. Additionally, the dataset is still found easily online and the government appears to have taken no steps to have it removed.

The breach so shocked the government, the then attorney general, George Brandis, quickly announced plans to criminalise the act of re-identifying previously de-identified data, although ultimately the legislation never passed before the 2019 election.

In September 2018, Teague went back to the department and alerted them to a TV journalist’s data she had found in the dataset, and asked the department to notify them, or she would inform that journalist in 30 days.

Teague also asked the department to inform all 2.5 million Australians in the dataset that their personal information was potentially compromised.

Instead, the health department secretary, Glenys Beauchamp, wrote to University of Melbourne vice-chancellor Glyn Davis to complain about Teague’s demands, stating there were significant “practical and legal barriers” preventing the department from identifying people in the dataset and then notifying them.

Beauchamp also requested Teague cease her work on the dataset.

“We trust the university … continues to place great importance in respecting the privacy of the individuals included in the MBS/PBS dataset and request the university cease the work currently being done to attempt to re-identify individuals and destroy all copies of the dataset,” Beauchamp said.

“We also request the researchers not publish the names of individuals the researchers assert have been re-identified, the de-anonymisation methodology or other information that would potentially assist in the ease of re-identification.”

The letter also raised concerns about a conference presentation on the methodology Teague ultimately ended up giving after the letter was sent. But 18 months on Teague has now left University of Melbourne, pointing to this letter as the beginning of the end.

Internet privacy: the apps that protect you from your apps Read more

“The letter hints strongly at negative consequences for the university as a whole, particularly if I notified the affected journalist. The university did pass on that pressure, quite unambiguously, but I can’t really blame them.”

Teague has now published the letter after filing a freedom of information request on the website Right To Know.

“I did what I thought was the good citizen thing … the result was the very aggressive letter you have now seen,” Teague told Guardian Australia.

“I was really astounded at the magnitude of the reaction. I didn’t understand why the VC needed to get involved at all, I don’t understand why they didn’t get back to me if they had a problem. It didn’t seem like a big deal.”

Teague said the reaction was centred around discouraging notifying people in the dataset.

“My strong feeling is all of the 2.5 million people should know. It can’t be rolled back now that it’s out on the internet. There are still decisions they can make that can be informed about the data that is out there.”

She said although she quit, the university was pressured by the department over her research.

“The uni has to make some kind of decision about trading off the obvious necessity of staying on the right side of the federal government with its funding and its health datasets, versus standing up for [academic freedom],” she said.

“They were really stuck in a hard place, which they shouldn’t have been put in, I feel. I think that’s all I want to say.”

A spokesman for the health department said the letter was sent because of the health department’s concerns about Teague re-identifying people in the dataset, and claimed the department did not have a responsibility to notify the 2.5 million people in the dataset.

“The dataset does not contain the personal information of patients. The Office of the Australian Information Commissioner found that the department did not breach Australian Privacy Principle 6 of the Privacy Act 1988 with respect to the personal information of patients,” the spokesman said.

The OAIC argued that the risk of re-identifying people in the set was low.

Teague said it doesn’t bode well for the debate on whether the intimate and personal data governments hold on every person is the property of those people, or if it is the government’s data and up to the government to decide how to use.

A spokeswoman for the University of Melbourne said the university could not comment on staffing matters but said researchers were supported by the university’s academic freedom of expression policy.

“A core value of the University of Melbourne is to preserve, defend and promote the traditional principles of academic freedom in the conduct of its affairs, so that all scholars at the university are free to engage in critical enquiry, scholarly endeavour and public discourse without fear or favour,” she said.