27 August 2010

Confidentiality Failures: An ACT Government Story

| Skidbladnir
Join the conversation

On 24 August, TaMS originally released its report into the GDE Bridge collapse.
You can review the finalised and fully redacted version of the report here.

Normally, there is a process with releasing government documentation, by which the information which isn’t necessary (mostly personal information like names, phone numbers, etc) or the sensitive parts (like the names of everybody who was onsite and involved with the concrete pour, the order of contacts in an emergency, or the name, qualification, and association of the engineer who signed off on the formwork) is removed before the public ever get to see it.

When the process works correctly, nobody really cares.

However, leaking personal and sensitive information is kind of a big deal, and in this case, one that was overlooked by everyone involved at TaMS.

In this case the redaction method used on the original version of the GDE Report was a spectacular failure, in that TaMS unknowingly released a document which effectively named names, gave away phone numbers, included statements revealing who signed off on the bridge.

When this uncomfortable fact was brought to their attention a day later, TaMS re-released a sanitised version.

I have no idea how many of your read the original during the original 24 hours that it was available, downloaded copies, or distributed links to it to other interested parties.

However, the only way the people responsible learn their lessons is when things get unexpected public attention.

As such, most of the unredacted pages are now available over on MediaFire, under a temporary account.

The actual hosting of it is administered by Mediafire under a temporary use account, when people stop downloading the files within that, the temporary mediafire account will expire.

Download and distribute how you see fit.

But just as eggs can’t be reassembled, the damage to privacy is done.

I did a relatively honest thing, and told those in authority about the breach of confidentiality when I found out about it.

This unintended (but consequential) release of Government information was brought to the attention of the Chief Minister more than 24 hours after it originally occurred, and in the same email as requesting a response as an enrolled voter, was mentioned as a potential story item for publication by RiotACT.

It received the below reply.

Interestingly, it involves time travel.

Dear [Skidbladnir]

Thank you for your letter of 2:56PM yesterday afternoon regarding the method used to blank out personal details included in the SMEC report on the collapse of bridge formwork.

The Government takes its responsibilities to protect the privacy of individuals very seriously and this is why it was careful to ensure details were not published online as a part of the report.

It is unfortunate that the manner adopted to do this was not more robust.

The matter was addressed immediately after it was brought to the attention of Government with more secure documents posted to the server at 2:50 which became live shortly after.

INTACT, the Government’s IT unit, has subsequently been asked to provide advice to agencies on the procedure for undertaking such deletions in more robust manner.

With regards

Shane Breynard
Senior Advisor
Office of Jon Stanhope MLA

Caroline Le Couteur, Greens Spokesperson for TaMS (and also IT) response is below:

Hi [Skidbladnir]

Thank you for your email. By now you have received an email from Mr Stanhope’s senior advisor Mr Shane Breynard about how the government has fixed the issue. I think they acted appropriately once you alerted them to the problem. However I am also the Greens’ IT spokesperson so this is of double interest to me. I will see assurances that it will not happen again.

Caroline Le Couteur MLA
ACT Greens Member for Molonglo
ACT Greens Spokesperson for Planning, Territory and Municipal Services, Business and Economic
Development, Indigenous Affairs, Arts and Heritage

Alistair Coe, Shadow Minister for Transport and Urban Services, was also informed, and responded within half an hour of the email to ask how it was done.

It really was astoundingly simple, whichever work experience candidate was at TaMS that day performed the original ‘redaction’ by putting white boxes over the parts they didn’t want you to see, and the current version of Adobe Acrobat 9 reveals these layers as big red rectangles.

This is the equivalent of putting a yellow post-it note on a sheet of paper, with “Please, don’t look under this” written on it.

With a bit of effort, you can either delete the big rectangles, or if that is too hard, just copy a page and paste it into any document editing software (such as Microsoft Word).

Others have been caught out by such computer voodoo before.
Law.com special article, “Sloppy Redaction: To Err Is Automated”
“…Associated Press was able to uncover some of the confidential details of the settlement between Facebook and ConnectU…”
PDF Redacting Failure by the US Government

Both of the emails quoted above came with the footer “This email, and any attachments, may be confidential and also privileged. If you are not the intended recipient, please notify the sender and delete all copies of this transmission along with any attachments immediately. You should not copy or use it for any purpose, nor disclose its contents to any other person”, but I suggest the same legal footing for that statement relies on similar legal grounds as the various statement’s relating to TaMS’ Privacy Policies.

Quoted from various places on the TaMS website:
Use of personal information collected
“Any personal information you choose to provide will only be used for the purpose for which it was provided and will not be disclosed to other persons or organisations without your prior consent or if required by law.”
Source: TaMS Privacy Statement
“The ACT Government recognises the importance of personal privacy and has implemented measures to ensure personal details are not disclosed to other parties. Please familiarise yourself with our privacy statement if you have any concerns.”
Also, the ACT Government’s Full Privacy Statement is over here.
And according to the Federal Privacy Commission, the ACT Government is bound by the Federal Privacy Act.

If you are in fact, one of the persons named within the documentation, I would suggest that:
1) You find out more about your rights, and what the ACT Government has done.
2) Contact the Privacy Commissioner and file a complaint if you feel you have been wronged.

(For reference, Adobe actually put together a How-to Guide for situations like this, which goes through how to do it correctly step-by-step.)

Join the conversation

All Comments
  • All Comments
  • Website Comments

Anyone who describes their actions as ‘relatively’ honest knows where they stand already.

Reports that are tabled in Parliament and the like, or publicly available court documents into major events like this, will have contact details in it. If you trawled through publicly available court judgements etc you’d probably come up with more revealing info.

If there was home addresses that may be different, but I reckon they would have been just as safe sticking this out without redactions.

Skidbladnir, what exact parts of the privacy act do you think have been breached?

Pommy bastard12:44 pm 28 Aug 10

Skidbladnir is, in reality, Julian Assange, I spotted it first!Do I get a prize?

screaming banshee11:01 am 28 Aug 10

Be honest now, how many people chastising Skidbladnir downloaded the docs to see who signed off on the formwork…..

H1NG0 said :

I would suggest removing this link or face the consequences

Sounds like something Id expect to hear from US or Russian government agencies, not TAMS.

*Highlighting in my pervious post

…and in before “information wants to be free” and “Streisand effect” justification for actions.

Unfortunately you lost that kudos being a douchebag and rehosting the document for the purpose of sensationalism

or highlighted some serious breaches in ACT PS procedures.

Hilighting the issues and rehosting the documents are completely different issues. There is proof they have acknowledged the error and have taken steps to mitigate the impact, what value does the OP rehosting the documents add? all it does is further disrespect the privacy (unnecessarily) of those involved.

The fact that the OP rehosted the documents using an anonymous service such as Mediafire shows he realises the potential implications, unfortunately for him (as mentioned above) the departments involved likely have his full name from the emails he sent.

Golden-Alpine8:15 am 28 Aug 10

I have to agree, it was good pointing this out to the Government but republishing the originals is unnecessary and irresponsible. You lost karma points doing that. To be fair to those involved I would suggest removing the documents.

Woody Mann-Caruso9:27 pm 27 Aug 10

Everybody look at Skidbladnir! Isn’t he awesome?

(That’s what you wanted, right?)

I would suggest removing this link or face the consequences

So you complain about an accidental breach of privacy by intentionally publishing private information and encouraging others to access it.

Sorry but your actions belie your words.

And it would appear that you were dumb enough to use your real name in contacting various officials and then tie it directly to your actions by posting here.

Seems like TAMS also needs to be audited in regards to privacy policy and handling of sensitive data, such as individual’s name and their contact details.

It would be in our right to demand that TAMS show that they have rectified their procedures and are now compliant.

If not then it would also be in our right to withhold sensitive data from them until they do.

Kudos for finding this and raising it with them.

Unfortunately you lost that kudos being a douchebag and rehosting the document for the purpose of sensationalism.

However, the only way the people responsible learn their lessons is when things get unexpected public attention.
As such, most of the unredacted pages are now available over on MediaFire, under a temporary account.

Sorry but publishing the unredacted pages containing the personal information does not equate to unexpected public attention.

Yes, TAMS stuffed up but they addressed the issue as soon as it was brought to their attention. The fact that personal information was accessible is the issue that needed the public attention, not the information itself.

I did a relatively honest thing, and told those in authority about the breach of confidentiality when I found out about it.

But then you did the dishonest thing of further publishing the information. By publishing this information you have done nothing to improve the situation. In fact I would argue that you acted in bad faith – how does further breaching the privacy of the individuals who are not involved with the actual issue (that of ensuring the protection of private information) help the situation.

Daily Digest

Want the best Canberra news delivered daily? Every day we package the most popular Riotact stories and send them straight to your inbox. Sign-up now for trusted local news that will never be behind a paywall.

By submitting your email address you are agreeing to Region Group's terms and conditions and privacy policy.