Digital Rights Watch calls for independent inquiry into Census fail


news Online advocacy organisation Digital Rights Watch (DRW) has called for an independent inquiry into the 2016 Census following the failure of the Census website on 9 August and concerns over the way the national population survey has been managed.

The inquiry is needed to “restore faith in the Australian Bureau of Statistics [ABS] and Government’s ability to handle online privacy”, the group said.

The Government’s handling of the online Census demonstrates “both a total disrespect for personal privacy rights and lack of digital literacy,” according to Digital Rights Watch board member Amy Gray.

“We need an independent investigation of the whole process, including a forensic report of the cause of the website crash, the handling of privacy concerns and the outsourcing of key services to private companies,” she said.

Describing the Census as a “vital social and government planning tool”, Gray said the handling of privacy concerns and an education campaign by the ABS has been “a debacle from start to finish”.

“Now they are botching the explanation of what happened to cause the website to crash and making people even more distrustful of providing their information,” she added.

The ABS has said that heavy web traffic on Census night, coinciding with a distributed denial of service (DDoS) attack and a hardware failure, caused the online Census system to be taken offline as a “precaution”. The site had previously weathered three other DDoS attacks earlier the same day, it said.

“To deal with this mess, the ABS should act immediately to address people’s main privacy concerns, including at a bare minimum informing the public that they will not be fined if they choose to leave name and address data blank,” Gray said. “In the longer term, the retention of name and address data should always be at the discretion of the citizen.”

Previously, Census data was kept for 18 months before being deleted. In 2016, the ABS had opted to store the data for up to four years, raising privacy concerns over the fact that Australians were being asked to provide their names and addresses along with other data.

The ABS has stated that Census data will be held “securely”, keeping names and addresses separate from other personal and household information.

While the Census is “too important to boycott”, she said, people should not be blamed for not wanting to put their personal details on the Census forms “after all that has happened”.

“The ABS should start again with a proper consultation process that includes civil society and privacy advocates, and not just an internal assessment,” Gray concluded.


  1. Just thought I’d do a media release… :) Just in case anybody thought they didn’t tell anyone :)

    ABS to conduct a Privacy Impact Assessment
    11 November 2015 | CO/81

    The Australian Bureau of Statistics (ABS) today announced it will conduct a Privacy Impact Assessment on the retention of names and addresses from responses to the 2016 Census of Population and Housing.

    The ABS is considering the retention of names and addresses as a key enabler for improved household surveys and high quality statistics.

    The retention of names and addresses would support the integration of Census data with other high value survey and administrative data to provide a richer and dynamic statistical picture of Australia.

    Historically, the ABS has destroyed all name and address information after statistical processing of the Census has been completed.

    In considering this change, the ABS remains committed to maintaining high levels of community trust. No information will be released in a way that would enable users of Census data to identify any particular individual or household. Names and addresses will be separated from other household and personal data collected in the Census. Addresses and anonymous versions of names will only be used for approved projects.

    To inform both our decision and approach, the ABS will undertake a Privacy Impact Assessment (PIA) and is seeking feedback on this proposal.

    Further information is contained in the ABS Statement of Intent. To provide feedback on the proposal, please write to by 2 December 2015.
    The ABS Privacy Policy outlines how the ABS will handle any personal information that you provide to us.

    Have a nice day. :)

  2. Did DRW open their mouths BEFORE the night, or are they just another mob of trolls scavenging on the debris?

  3. Please put the blame squarely on Turdbull trashing the public sector with all that outsourcing.

    The tenders happen with bribes.

    300k for load testing IBM should have been doing themselves. IBM provided the single load balancer that fell over without replacing it or providing multiple ones ?

    They also provided the gold plated java server software that can’t scale at all. Nginx would have done a better job.

    • “Please put the blame squarely on Turdbull …”

      Absolutely. Then lets hammer the LibNat Cabinet. Not to mention the rest of what passes for a parliament. Who, exactly, failed to adequately fund the ABS in its IT journey? And where was the aleegedly wonderful Australian Signals Directorate in all of this? Not to mention the Digital Transformation Office?

  4. These idiots don’t know how to design things properly. The javascript code was not scrambled, they had done the same mistake as the i-vote system and remotely loaded a jquery file. And most of all it was accessible to everyone including bots.

    They should be using blockchain for something like this also.

    They kept changing how the data was encrypted also so I doubt it’s encrypted at all. It would be tamper proof if they used blockchain.

Comments are closed.