Cyber Security Weekly Podcast
Episode 139 - Probable not Provable Privacy for Census Data vulnerable to attack - Chief Scientist Optus Macquarie University Cyber Security Hub
Interview with Professor Dali Kaafar, Chief Scientist at Optus Macquarie University Cyber Security Hub and Professor at the Faculty of Science and Engineering at Macquarie University. Professor Kaafar and Macquarie University Lecturer Hassan Jameel Asghar, released a paper mid February, titled, ‘Averaging Attacks on Bounded Perturbation Algorithms’ that identifies and demonstrates a vulnerability of the Perturbation Algorithm used by the Australian Bureau of Statistics for its online tool, TableBuilder, that enables querying the Australian Census Data.
Dali Kaafar has disclosed “In a nutshell, the algorithm named TBE, perturbing answers to the queries by adding noise distributed within a bounded range is faulty and puts the highly sensitive original census data at major risk of being revealed. We demonstrated how an attacker, who may not know the perturbation parameters, can not only find any hidden parameters of the algorithm but also remove the noise to obtain the original answer to any query of choice. None of the attacks we presented depend on any background information. Implications of go beyond re-identification risks. The attack reveals values intended to be hidden by the TBE algorithm and hence reconstructs the original census data. While the attack is applicable to the actual Australian census data available through TableBuilder, for ethical considerations we only show the success of the attack on synthetic data. We note however, that the perturbation method used in ABS TableBuilder tool is proven vulnerable to this attack.
In response to the research, an ABS spokesperson stated, “The ABS is strongly committed to privacy. With emerging data analytics techniques, the ABS needs to be on the front foot of any emerging risks to the data we hold. We have been working, and will continue to work, with leading experts to ensure we are using the best approaches possible to protect individuals’ data.
There is no evidence of anyone’s privacy being compromised with the use of Table Builder.”
The discussion includes consideration to the Differential Privacy framework and the application of provable privacy versus probable privacy for the 2020 USA Census.
Interview recorded in Sydney on 26 February 2019.
Original release on the Australian Cyber Security Magazine website is available here