Pilgrim: Census shutdown was a ‘pro-privacy’ move


Privacy commissioner Timothy Pilgrim has concluded Australian statistician David Kalisch took a “pro-privacy precaution” when he decided to take down the online Census form on Tuesday night.

Pilgrim (pictured) finished a rapid investigation into the privacy implications of the disaster just as the Census website began to show signs of life, with a patchy service returning after more than 30 hours offline.

He accepts the Australian Signals Directorate’s assurance that “personal information was not inappropriately accessed, lost or mishandled” and that while a denial of service attack occurred, there was no data breach. Pilgrim said in a Thursday afternoon statement:

Timothy Pilgrim
Timothy Pilgrim

“The ABS’ decision to shut down the website — to avoid any prospect that the DoS attack could include or otherwise facilitate a data breach — was, in the circumstances, a pro-privacy precaution.”

Prime Minister Malcolm Turnbull and his cybersecurity adviser Alastair MacGibbon have both said Kalisch’s final decision to take the site down was taken as a precaution after some activity that had nothing to do with malicious actors in the end.

MacGibbon said “there was information inside the system that the ABS and IBM took very cautiously” and “not knowing what that information was”, Kalisch decided the safest course of action was to shut it down.

Turnbull described this as “traffic … that appeared to be anomalous” at first but “actually it was quite innocent, it turned out” after the site was taken down.

Treasurer Scott Morrison reiterated this afternoon that the government was “extremely disappointed, as the Australian people are, about the disruption and inconvenience” since Tuesday night.

He also responded to questions about ABS funding cuts, arguing that the agencies involved as well as contracted service providers were adequately resourced to do the job.

One of those service providers, Revolution IT, has defended its role in load testing and explained that any defences to a DDoS or any other kind of attack were outside its remit. IBM, the core delivery partner, issued a statement later on Thursday afternoon.

The ABS chose to move to an e-census back in 2011 under the previous government, Morrison said, and appropriations for the capital and recurrent funding needed were made in the 2013-14 budget. $270 million in additional funding had been provided since then, he added.

The unforgiving Treasurer said an “extensive series of processes” under both governments had been undertaken to “ensure they were ready for this day”.

“All of those processes that were followed and the stress-testing that was conducted was intended to provide assurance to the government” that it would all go well, said Morrison.

“The results the other night were … completely unsatisfactory and make us, frankly, pretty angry.”

About the author
Premium

The essential resource for effective public sector leaders

Can you afford to miss the next briefing from Mandarin Premium? Sign up today.

Get Premium Today