Huge myki Data Breach

 
Topic moved from News by bevans on 15 Aug 2019 16:06
  Carnot Minister for Railways

Good grief:

https://www.railpage.com.au/news/s/public-transport-victoria-in-breach-of-privacy-act-after-reidentifiable-data-on-over-15m-myki-cards-released

  • Victoria's Information Commissioner finds Public Transport Victoria breached privacy laws
  • The breach happened when data about the travel of more than 15 million myki cards was released for a data science competition
  • The Commissioner says the Department does not accept the release breached myki users' privacy


And how much do we pay for this?

Sponsored advertisement

  Dangersdan707 Chief Commissioner

Location: On a Thing with Internet
More proof that we should of retained a traditional ticket system along with the card system. How unsurprising, was bound to happen eventually.
  bevans Site Admin

Location: Melbourne, Australia
More proof that we should of retained a traditional ticket system along with the card system. How unsurprising, was bound to happen eventually.
Dangersdan707

I think what it does say is the government really cannot be trusted with our data.  I for one have never registered my Myki and never will as I am aware of how easy it is for other areas of the government to gain access.

I would also imagine this data includes some V/Line routes.
  Fatty Deputy Commissioner

Location: Melbourne
Very misleading thread title. It wasn't a data breach - it was a privacy breach. The data was provided willingly.
  Rossco T Chief Train Controller

Location: Camberwell, Victoria
Very misleading thread title. It wasn't a data breach - it was a privacy breach. The data was provided willingly.
Fatty
I'm still struggling to see what the issue is here.

Isn't the only reason that the data could be used to identify a particular person is because that person tweeted that they caught a particular train?

If PTV/DOT remove all personal details from the individual Myki transactions then what is the problem.  All the person interrogating the data knows is that there is some random person who regularly travels from Point A to Point B.  I am inclined to agree with DOT on this one and think that it is a media beat up.  Or am I missing something here?

Ross
  historian Deputy Commissioner

Very misleading thread title. It wasn't a data breach - it was a privacy breach. The data was provided willingly.
I'm still struggling to see what the issue is here.

Isn't the only reason that the data could be used to identify a particular person is because that person tweeted that they caught a particular train?

If PTV/DOT remove all personal details from the individual Myki transactions then what is the problem.  All the person interrogating the data knows is that there is some random person who regularly travels from Point A to Point B.  I am inclined to agree with DOT on this one and think that it is a media beat up.  Or am I missing something here?
Rossco T

Because it only takes a small amount of effort to pull out the travel of any specific individual from the released data set.

All you need is one or two known data points - times and places the person touched on or off. Let's say you know that your subject of interest touched on at Prahan around 10.30 today. There might be 20 Myki touch-ons at Prahan around that time. You also know that they went to North Richmond. Only one of those touch-ons touched off at North Richmond. Bingo, you've found your person. Or you know that yesterday, they touched on at Prahan at 9.30. Another 20 Myki touch-ons, but it's almost certain that only one of the Myki cards will appear in both sets. Again bingo.

Once you know *one* Myki travel record, you have the Myki card number. You can then extract all the travel records of that person. That would tell you a lot - where do they usually travel, and what time. Roughly where do they live or work.

You might argue that no-one would bother with doing this. Stalkers would. Controlling ex partners would.

Any set of timecoded geographic data points is very difficult to deidentify because an individual's movement over time is unique. This is a well known problem with similar data sets - the log of the cells your mobile phone is registered in; fitness trackers that log your run, etc.
  historian Deputy Commissioner

More proof that we should of retained a traditional ticket system along with the card system. How unsurprising, was bound to happen eventually.

I think what it does say is the government really cannot be trusted with our data.  I for one have never registered my Myki and never will as I am aware of how easy it is for other areas of the government to gain access.
bevans

The released data did not include the registration information - they weren't that silly.

Whether or not you register your card, it is trivial for anyone with access to the database and a small amount of existing knowledge to pull out the details of your travel.

You can guarantee that this would include any of the investigative branches of government.

I also note that it's almost certain that you carry a mobile phone - almost every Australian does. The mobile phone system continually records the cell you are currently located in. This information can be easily obtained by government if they are interested in you. This record is much more fine-grained and accurate than myki touch on/off records.

For these reasons, I would not be particularly concerned about registering your myki.
  kitchgp Chief Commissioner

For police, etc, matching up a CCTV footage timestamp with that of the myki reader would be another way.

For each leg of a journey, the truly paranoid would touch-on with a separate unregistered myki, try to avoid any enroute ticket check, not touch-off and then dispose of the card, preferably by burning it to destroy fingerprints and DNA.

Obviously, if you use a credit card to buy or top-up your unregistered myki, game over.

Sponsored advertisement

Subscribers: bevans

Display from:   

Quick Reply

We've disabled Quick Reply for this thread as it was last updated more than six months ago.