Victoria’s public transport authority has been found to have breached privacy laws after releasing a dataset containing 15 million partially redacted public transport passenger details online.
In a government run hackathon in 2018 the then Public Transport Victoria provided what they believed to be a de-identified dataset of Myki use.
An investigation by the Office of the Victorian Information Commission (OVIC) has found the data contained detailed information, which breaches the state’s own privacy laws.
In addition to being available through the annual competition the data was provided to academics at Melbourne University whom were able to identify themselves and others from the dataset.
Whilst the Department of Transport (formerly Public Transport Victoria) deny any wrong-doings and choose to not accept the finding presented by OVIC they have agreed to implement new procedures when de-identifying data in the future.
Source: Botched myki data release breached privacy laws – Security – iTnews