New amendments to the Privacy Act announced yesterday by the Attorney-General George Brandis to protect the security of anonymised data could have the perverse effect of making it harder to uncover flaws in anonymisation and encryption techniques.

Brandis yesterday announced that the government would be amending the Privacy Act to "create a new criminal offence of re-identifying de-identified government data. It will also be an offence to counsel, procure, facilitate, or encourage anyone to do this, and to publish or communicate any re-identified dataset."

Re-identification is the process of using anonymised data that has been released by public authorities to match it up to individuals within the group -- either through exploiting the linkage key used to structure the data or using other data to narrow down the likelihood of a single data point belonging to an identified individual.