Case Study

PERSONAL INFORMATION FACTOR: A tool to tell if and how to share your datasets

PROJECT SNAPSHOT

The Personal Information Factor (PIF) Tool measures the risk associated with releasing a dataset, proposing recommendations for sharing data that pivot around privacy considerations. When risks are high, the AI-enabled tool analyses attack vectors and automatically transforms the data, making it suitable for publication. The tool is geared for sharing data across sectors like healthcare, transport, financial services and smart cities, at scale.

 

WHO’S INVOLVED

This project is a collaboration between the Cyber Security CRC, CSIRO’s Data61, the Australian Computer Society (ACS) and the NSW and WA Governments.

 

WHAT’S THE ISSUE?

Data sharing offers huge potential for innovation in service delivery and economic efficiency, but personal privacy concerns remain a hindrance to effective data sharing. Simple data de-identification has proven ineffective in protecting data privacy, as shown by high profile data re-identification attacks. To increase the confidence of data custodians when sharing data, users should be aware of the re-identification risks and more effective ways to mitigate these.

 

PROJECT OBJECTIVES?

  • Analyse privacy risks involved with sharing data;
  • Suggest recommendations for protecting sensitive data;
  • Raising awareness of the risks associated with data release to allow for better informed decision making

 

TECHNOLOGY DESCRIPTION

Unlike many existing solutions, Smart Shield learns not only from email and web pages themselves, but also via feature correlation with alternative trusted entities. These evaluate email sender reputation, goal and consistency, using advanced techniques like graph neural networks and natural language processing to extract and classify multi-dimensional features. These can detect more sophisticated unseen phishing attacks. Smart Shield scans incoming emails and provides traffic light banners on top of each email indicating the warning level- red, yellow, or green. The banner also provides information on what aspects of the email triggered the warning.

 

APPLICATION

Healthcare:

PIF has already been used by the NSW Government to publish Covid data.

Transport:

PIF can access the risk associated with publishing Opal Card data, hence protecting the privacy of individuals.

Domestic violence:

NSW Government is using the PIF tool to share domestic violence data.

Smart Cities:

PIF can be used to share energy usage of individuals without disclosing behavioural patterns.

Click here to download a PDF version of this case study.