Data61's expertise in data science necessitates a close understanding of issues around privacy - the protection of information about individuals or groups to which access must be restricted or carefully controlled. Our work in this area goes beyond simple awareness of issues - we are conducting research and creating products that works to improve the protection of sensitive information for Australian citizens, protect valuable IP for businesses, and enable vital research and analysis for governments.

Key areas

Confidential Computing

We have developed a suite of technologies - under the banner of 'Confidential Computing' - that applies encryption or secret sharing, distributed machine learning, and private record linkage to enable the generation of insights from sensitive data held by multiple sources that do not wish to disclose that data to any third party, or each other.

Instead of data being centralised before processing, the Confidential Computing platform uses secure computation protocols that leave the data encrypted at its source and decrypts only the results of analysis. Data providers, analysts consuming the outputs, and the platform itself all learn nothing about each other's data, dissolving trust issues and ensuring confidentiality for all parties, meaning users can mobilize data that would otherwise remain inaccessible.

Making sensitive data more available, safely

As part of the National Innovation and Science Agenda 'Platforms for Open Data', Data61 has developed solutions that aim to increase the number and availability of high-value datasets shared between government agencies, and to the public.

These include a data query API with authorisation and obfuscation, known as Protari, as well as a workflow tool - SenDA - to facilitate request and delivery into a secure environment of sensitive data for research.

Privacy preserving transformation of data

Front cover of The Deidentification Decision-Making Framework

The De-Identification Decision-Making Framework

Data61's privacy experts have demonstrated the use of a privacy preserving algorithms on a number of sensitive datasets. Individual data is mathematically obscured, but the 'shape' remains the same. Our team uses mathematical proofs to ensure that the privacy of individuals is protected through a transformation process that cannot be reversed - enabling analysis of broad trends whilst protecting the privacy of individuals.

The De-Identification Decision-Making Framework:

De-identification

We've developed a practical guide to de-identification for government agencies and businesses including not-for-profit and private sector organisations. Our framework can help data custodians to identify and address the key factors relevant to their particular data sharing or release situation, including privacy risk analysis and control, stakeholder engagement, and impact management.

In addition to this work, we have developed a toolkit to assist in assessing the risk of re-identification in both original and de-identified datasets. This is the 'Reidentification Risk Ready Reckoner' project.

Research, expertise and other products

We engaged in research to develop guidelines to allow publication of the results of analysis on personally private or commercially sensitive data, while protecting privacy and confidentiality.

  • Gait authentication - we developed new technology which uses the way a person walks, their gait, to power wearable devices. The technology also has the potential to be used as a new authentication method, which could replace passwords, pins or fingerprints.
  • VPN privacy- we released a study that examined privacy issues around VPN apps, finding that many were lacking.
  • Privmetrics - We are developing PrivMetrics framework that enables users to make informed decisions about the use of these third party apps by providing them with an analysis on their privacy leakages and wherever possible recommending alternative apps with the same functionality as the apps they are considering which better protect their overall privacy.
  • PRADA - stands for Privacy Risk Assessment and Defense Apparatus. It is a research and development project at the Networks Group of Data61. Its main goal is to build a production quality privacy management dashboard to oversee data disclosure. The user will be able to analyse and modify their datasets using some built-in privacy risk assessment tools and privacy-preserving algorithms.

Find even more Privacy and Network Security projects

Contact Data61

Your contact details

First name must be filled in

We'll need to know what you want to contact us about so we can give you an answer.