Responsible use of ABS microdata

Important points to remember when accessing and using ABS microdata: 

• keep passwords for ABS systems secure
• use microdata only for statistical or research purposes
• do not attempt to identify individuals or organisations to which the information relates
• do not try to avoid, override or otherwise circumvent the mode of access controls in place by the ABS
• do not attempt to match unit record data with any other list, database or repository of persons or organisations
• do not provide microdata to anyone without the approval of the ABS
• your sessions can be audited in any system
• your entire session is recorded in DataLab
• you must cooperate with any ABS audit directions relating to DataLab usage, code and output
• do not capture on-screen information in any way during your DataLab session
• all DataLab outputs must be cleared by an ABS officer
• where access to ABS microdata is provided remotely, you must:
  a. access the microdata in a work or private location
  b. protect the screen from oversight by other people, and
  c. use a secure internet connection
• talk to the ABS if you any questions or concerns about your responsibilities, the microdata or the systems

For a complete list of your obligations when accessing microdata, see:

• this guide (Responsible Use of ABS Microdata User Guide)
• the Responsible Officer Undertaking
• the Individual Undertaking and Declaration of Compliance
• the Conditions of use you agree to when registering in the Registration Centre
• any other directions in relation to microdata provided to you by the ABS

Basic microdata in MicrodataDownload may only be accessed by Australian organisations and users. International organisations wanting to access specific basic microdata files will be considered on a case by case basis. Contact microdata.access@abs.gov.au if you would like to discuss your project.

If your international organisation is granted access to basic microdata:

• the head of the organisation (or their delegate) must sign a Responsible Officer undertaking
• Contact Officers must manage the distribution to approved users and secure storage of the basic microdata within the organisation, and may provide access to users who have signed an Individual undertaking and been approved by the ABS
• each user must apply for access, sign an Individual undertaking and be approved by ABS before basic microdata may be shared with that user

The DataLab is primarily designed for access by Australian organisations and users. Access by international organisations will be considered on a case by case basis. Contact microdata.access@abs.gov.au if you would like to discuss your project.

If you belong to multiple organisations you need to apply to access microdata in each organisation. Separate approval must be sought from the ABS for microdata product access under each organisation, as access is granted at an organisational level as well as an individual level.

Once you leave an organisation, you must not access previously approved microdata under that organisation. You must let your Contact Officer or the ABS know you when you are no longer a member of your organisation so that your access to microdata can be removed. You also need to delete, destroy or return to your Contact Officer any microdata in your possession.

Intellectual Property rights in microdata, including copyright, are owned by the Commonwealth of Australia represented by the ABS. Copyright notices appearing on microdata products or on information displayed or printed by the microdata product must not be removed.

Microdata and its output are subject to full Copyright terms. Organisations using microdata are granted a non-exclusive, non-transferable licence by the ABS that allows authorised users to use microdata for statistical or research purposes in accordance with the Undertaking signed by the Responsible Officer of the organisation.

TableBuilder output is licensed under Creative Commons, allowing users to share and transform the material for any purpose.

Publication of data and analysis using ABS microdata or TableBuilder products must attribute ABS as the source of the data. See How to cite ABS sources for advice.

While the ABS has taken great care to ensure that microdata is as correct and accurate as possible, the ABS does not guarantee, or accept any legal liability arising from, or connected to, the use of any material contained within, or derived from microdata. Except to the extent that liability may not be lawfully excluded, the ABS:

1. makes no warranty as to the suitability or fitness of the microdata for a particular purpose, quality, accuracy or merchantability, and
2. accepts no liability arising from the use of the microdata.

Further information is provided in the ABS Disclaimer notice.

ABS legislation requires that microdata is used for statistical or research purposes. You must not use microdata for compliance or regulatory purposes. Examples of statistical or research purposes include: 

• estimation of population characteristics to provide indicators of financial literacy of Australian households
• statistical modelling of predictors and correlates of employment and work performance among those with carer responsibilities compared to persons without these responsibilities
• use of data as input to mathematical models to enable analysis of impacts of potential policy changes in the area of health insurance
• study the relationship between disability and labour market outcomes to target future employment programs
• provision of statistical training to staff or students

We may ask you for additional information about your statistical or research purposes for the use of microdata.

Access to microdata can only be granted by the ABS. Microdata must not be shared with other individuals as this is a breach of the Undertaking signed by you or your organisation. Any person who needs access to microdata or uncleared DataLab output must apply and be approved by the ABS before accessing the data. This includes members of your research project team who will see, discuss or use microdata or uncleared DataLab output. Sanctions may be brought against organisations and individuals found to be sharing access to microdata with unapproved individuals or organisations.

Where researchers from different organisations are collaborating on a project, the ABS may provide permission to share specific microdata and uncleared DataLab output. See Collaborating on microdata research.

• cleared DataLab output: all DataLab output that has been cleared by the ABS may be shared or published
• basic microdata output: tables or other aggregated output (for example, averages and model parameters) may be disclosed, published or disseminated by the user

Examples of basic microdata aggregate data that do not reveal microdata and are not required to remain in a secure environment include:

• tabulations containing cells with 3 or more unweighted contributing sample units
• details of fitted models, such as regression parameters
• summary and test statistics from estimates
• linear and non-linear regression coefficients

When disseminating aggregated output or reports, you must ensure that you correctly attribute ABS microdata as the source. See Microdata user obligations for Licence provisions, copyright and attribution.

• unit record data (microdata) must not be disclosed or disseminated with anyone, and must be securely stored
• all data and output from the DataLab that has not been cleared by the ABS
• unit record data from basic microdata

Microdata collaboration can occur when multiple organisations are working together on a research product or when consultants conduct work on behalf of an organisation.

Collaborating researchers need to be approved to access microdata:

• if you are working directly with microdata you must have approval from the ABS to access the specific microdata product
• if you are involved in discussing uncleared DataLab data or output you must be approved to access the microdata in that project

Contact microdata.access@abs.gov.au to ensure the correct approval has been granted for all individuals in your project.

Collaborating researchers can work on a project without seeking further approval if you will only be viewing or discussion DataLab output that has been cleared by an ABS officer. For example, if a consultant provides a report with conclusions drawn from analysis of the microdata to another organisation, then that organisation is not required to have approved access to the microdata.

• Researchers may work together on a project within the DataLab. In this case, the ABS may provide a shared workspace only accessible by the project researchers.
• People approved to participate in the project may share their uncleared DataLab research and results within the DataLab workspace, whether it is microdata or aggregate data. This is because all the researchers have been approved to access that microdata and access is within the secure DataLab environment.

• produced by grouping information into categories and combining values within these categories
• for example, a count of the number of people of a particular age (obtained from the question ‘In what year were you born?’).
• tables, means, medians, ranges and regressions are aggregate data

• a dataset of unit records where each record contains information about a person, organisation or other record
• can include individual responses to questions on surveys or administrative forms, which are characteristics of that record

You may merge microdata files where:

• identifiers have been provided for this purpose and
• the data has been released as a multi-level or linked file and
• you have been approved to do so as part of your project if you are using the microdata in the DataLab

You must not match microdata files where identifiers have not been provided for that purpose.

Different microdata releases may include information about the same record. For example a person may be selected in one survey and also be included in an administrative microdata file about people. In this case, identifiers will not be provided to facilitate matching that record across the two microdata files. You must not attempt to match that record based on their characteristics on the two files. This includes matching two ABS microdata files or matching ABS microdata with microdata from any other source.

An example of multi-level microdata file is person data in one file and household data relating to those persons in another file. In this case, each record on the person file will include a person and household identifier. This enables you to group persons into households, and to undertake research about those people as a household group. Merging microdata files is only permitted where identifiers have been provided as part of the release.

ABS releases microdata files from many sources including surveys, censuses and administrative data provided by other organisations. In some cases the ABS may undertake a project to match or link records based on their characteristics. You must not attempt to match or link microdata records yourself. When the ABS links records to create a linked microdata file, it is assessed to ensure that the confidentiality of the records is protected before being released. Where the linked data is provided in multiple files, they may only be used together if record identifiers have been provided for that purpose and you have been approved to do so as part of your project.

Researchers may want to concatenate or pool two microdata files. This is where the records from two microdata files are stacked so that all of the records are in a single microdata file. While it is generally safe to do this, you must seek approval as part of your DataLab project. Different versions of the same file, such as basic and detailed microdata from the same survey and reference period, must never be concatenated or used together.

If you have been approved for more than one DataLab project, you must not use microdata files approved for one project in a different project.

You may want to add aggregate data characteristics to a microdata file. This may be appropriate, provided it is not undertaken in a way that assists identification of the record. For example, if median salary by sex and age was added to a person microdata file, this would not represent the actual income for each record but may benefit the research.

You may want to add aggregate data characteristics to a microdata file. This may be appropriate, provided it is not undertaken in a way that assists identification of the record. For example, if median salary by sex and age was added to a person microdata file, this would not represent the actual income for each record but may benefit the research.

You are bound by your microdata undertaking, whether it is signed by your organisation’s Responsible Officer on your behalf or you sign it yourself, so it is important that you read and understand it.

Undertakings are not required for access to TableBuilder.

The Responsible Officer is usually the CEO or equivalent for the organisation.

• For Universities: a Vice-Chancellor, Deputy Vice-Chancellor, Pro Vice-Chancellor or University Registrar.
• For Government Departments: Statutory Head, Secretary of Department, Head of Agency or equivalent, as agreed with the ABS.
• For all other organisations: a person who has the same legal responsibility for the actions of the entity as a Departmental Secretary does for a Government Department. This will usually be someone with the status of CEO, Company Secretary or Managing Director.

Alternatively, the Responsible Officer may be another person in your organisation with a suitable delegation. Should an organisation wish to delegate the role of Responsible Officer to an alternative level this delegation must be provided to the ABS in writing. The delegation must come from an appropriate level, as outlined above.

For example, if a government department would like to delegate the role of responsible officer to its' Chief Data Officer, it would be appropriate for the Secretary of the Department to write to the ABS to outline their delegation (email is sufficient).

The ABS withholds the right to refuse a delegation to a lower level of an organisation. A Responsible Officer who has had the role delegated to them will be subject to the same rules, regulations and consequences of breach as any other Responsible Officer.

ABS legislation requires that the Responsible Officer for an organisation must submit a microdata undertaking before microdata access can be granted by ABS. The Responsible Officer is legally accountable for use of microdata by their organisation.

Organisations also need to nominate Contact Officers to liaise with the ABS about microdata matters.

Responsible Officers sign an Undertaking on behalf of the users within their organisation in order to access microdata. Users may also be required to sign an Individual Undertaking. As a microdata user, you must comply with the requirements for accessing microdata as outlined in the Responsible Officer Undertaking and Individual Undertaking for microdata access.

Where a person is suspected to have breached a microdata undertaking the ABS will investigate and may: 

• immediately suspend their access to all microdata
• inform the organisation's Contact and Responsible Officers that an investigation is underway
• require that they surrender all microdata in their possession to their organisation's Contact Officer or to the ABS

Following the investigation and depending on the nature of the breach, the ABS may require the development and implementation of strategies to:

• restrict or overcome the consequences of the breach
• ensure no repetition of the breach

Depending on the success of these strategies and the severity of the breach, the ABS may:

• reactivate the suspended access
• extend suspension temporarily or permanently
• suspend or terminate access for the organisation as a whole

The ABS may also invoke Subsection 19 (3) of the Census and Statistics Act 1905 which provides that a person who fails to comply with an undertaking given by that person in respect of microdata is guilty of an indictable offence, punishable on conviction by a fine of 120 penalty units ($37,560 as at 1 July 2023) or imprisonment for two years, or both.

While ABS must treat breaches of the microdata undertakings very seriously we would much rather help you and your organisation avoid the possibility of a breach. If at any time, you are unsure about your or your organisation's compliance with a microdata undertaking contact data.services@abs.gov.au so we can discuss the circumstances.

As a Contact Officer, you are appointed by your organisation to manage your organisation's members and their use of microdata within your organisation, and to liaise with the ABS on microdata related matters.

The responsibilities of a Contact Officer include: 

• being the primary point of contact with ABS when arranging ABS microdata subscriptions
• arranging payment for organisational access to microdata
• being the primary point of contact with ABS on microdata access matters
• distributing individual basic microdata files that have been provided to registered and approved users within their organisation (see below)
• coordinating the completion of the microdata Responsible Officer Undertaking
• assisting with the coordination of Individual Undertakings and other documentation if required
• coordinating ABS audits of compliance if required
• reviewing and updating microdata access and users within their organisation

It is recommended that organisations have at least two Contact Officers. To add or remove a Contact Officer, contact microdata.access@abs.gov.au.

When users leave your organisation, Contact Officers must ensure that those users no longer have access to any TableBuilder, basic microdata, or any other ABS microdata. Log into Registration Centre and remove users from your organisation. Alternatively, contact microdata.access@abs.gov.au with a list of names and the ABS will remove these users from your organisation.

For Australian organisations, basic microdata is usually provided through MicrodataDownload, where users can securely download any of the files in a choice of file formats.

For access to basic microdata, an organisation must subscribe to MicrodataDownload. All organisation members may then download any of the files in MicrodataDownload directly to their secure environment. Alternatively, Contact Officers may download and distribute basic microdata files to members who are registered in the Registration Centre and joined to the Contact Officers' organisation. Log into Registration Centre to check which users are members of your organisation. By registering and joining your organisation, members are automatically approved to access basic microdata held by your organisation.

Basic microdata may be stored within your organisation's secure network, as long as access is limited to users who are registered in the Registration Centre and joined to your organisation. For further information, see Secure storage of microdata.

If an organisation is provided with an individual basic microdata file, you may, as a Contact Officer, provide access to users who have been approved by the ABS. When providing basic microdata to users (whether from MicrodataDownload or another secure transfer process) you must check that users are registered and joined to your organisation in Registration Centre.

If an international organisation is granted access to specific basic microdata files, Contact Officers must manage the distribution and secure storage of basic microdata within the organisation. Contact Officers may provide access to users who have signed an Individual undertaking and been approved by the ABS.

Microdata (unit record data) must be stored in a manner that ensures unauthorised access does not occur. You must securely store the following microdata and outputs, whether in electronic form or hard copy: 

• basic microdata files
• working files and output from basic microdata that include unit record data
• tabulations containing less than 3 unweighted contributing sample unit records
• details of unusual unit records that require special analysis in modelling

• Any computer on which microdata is stored must have password protection and/or be kept in a locked room to prevent access by others.
• Any information or results stored on a computer network must be kept in a directory with suitably restricted access.
• Any printouts or physical media containing microdata must be kept in a locked room or secured in a locked cabinet when the researcher is not present.
• You must keep track of datasets and printouts that reveal microdata, so that they can be destroyed when they are no longer needed.
• You must immediately report any security incidents relating to microdata to the ABS.
• You must comply with any instructions from the ABS relating to the storage of microdata.
• Your organisation must provide a secure means to delete computer files so microdata cannot be recovered by an unauthorised person.

Aggregate outputs from your basic microdata research may be shared or published. Examples of outputs that do not reveal microdata and are not required to remain in a secure environment include:

• tabulations containing cells with 3 or more unweighted contributing sample units
• details of fitted models, such as regression parameters
• summary and test statistics from estimates
• linear and non-linear regression coefficients

DataLab output and working files that are within the DataLab system must not be removed or shared with any other person. This includes not capturing any on-screen information or discussing uncleared DataLab output with users who have not been approved for that microdata or project.

To use or share DataLab output outside the DataLab system, you must request clearance of any DataLab output by an ABS officer. DataLab output that has been cleared by the ABS may be shared or published and does not need to be securely stored.

DataLab projects may involve collaboration with other researchers in your organisation or in other organisations. See Collaborating on microdata research for further information about how you can work safely with DataLab collaborations and project workspaces.

The following conditions are applicable to everyone who registers in the Registration Centre.

By registering for the Registration Centre, I agree:

1. to provide true and correct information about my identity and contact details when registering, and if these details change, to provide the updated details to the ABS.
2. to keep my log in credentials for ABS systems secure.
3. not to share my log in credentials with any other person or organisation.
4. to inform the ABS or my Contact Officer if I leave my organisation or no longer require access to ABS data or systems.
5. the ABS may discuss my registration and access with my organisation's Contact Officer, who has the authority to remove my access.
6. to allow the ABS to share my information, such as name, organisation, project and dataset access with other organisations and users. This information will only be shared at the discretion of the ABS for the purposes of administering access to data, such as seeking approvals on your behalf with the data custodians responsible for the data, system logging and disclosing user details to other users for the purpose of enabling collaboration.
7. to allow the ABS to share with other organisations, confidentialised information about my organisation's system and data usage, for the purposes of usage reporting, auditing, feedback or performance. Any personal information collected will be held in accordance with the Privacy Act 1988. See ABS privacy policy for further information.
8. that the ABS may contact me to provide me with information about data, systems or products related to the Registration Centre, such as upcoming releases, system changes or to seek my feedback.
9. to comply with the ABS conditions of sale.

If, by registering I am also granted access to other ABS data and systems, including TableBuilder, Confidentialised Unit Record Files, and MicrodataDownload, I will:

1. not attempt to identify a particular person, household, organisation or record to which the data relates.
2. immediately report to the ABS any possible identification or disclosure that may have occurred.
3. use outputs from the systems in accordance with the terms of the Creative Commons Attribution and Copyright licences they carry. This includes attributing the work in the manner specified by the ABS but not in any way that suggests that the ABS endorses me or my use of the work. User requirements are detailed in ABS copyright.
4. only use microdata (unit record data) for statistical and research purposes.
5. keep any microdata secure and not disclose any microdata to any other person or organisation, other than:
   1. members of my organisation who have been approved by the ABS to have access to microdata, or
   2. other individuals or organisation as authorised by the ABS.
6. where applicable, adhere to all ABS directions and system constraints, including those provided in the Undertaking by the Responsible Officer of an Organisation, Undertaking by an Individual, Declaration of Compliance, Responsible Use of ABS Microdata User Guide and other directions provided to me or on the ABS website.
7. delete, destroy or return to my Contact Officer or to the ABS all microdata I have in my possession if my authorised access is revoked or if I leave my organisation.

I acknowledge that:

1. my use of ABS systems may be audited.
2. the ABS may partially or fully remove, suspend or deactivate my access to ABS systems, data, files or tables. This may be for ABS operational reasons, such as implementing changes to data or systems, or for a breach of these conditions of use.
3. a breach of these conditions of use may result in sanctions which may include, but are not limited to, ABS removing access to these systems for me and/or my organisation permanently or for a set period of time.
4. removal of access does not entitle a user or organisation to a refund of any subscription charges and the ABS is not liable for any damages this removal of access may have for a user or organisation.
5. where systems allow, it is my responsibility to download my files, data, tables and custom groups for future use. The ABS accepts no liability if these are not compatible with later versions of systems or datasets.
6. no reliance should be placed on data cells of small value in tables.
7. while the ABS has taken great care to ensure that the information provided within ABS systems is as correct and accurate as possible, the ABS does not guarantee, or accept any legal liability arising from, or connected to, the use of any material contained within, or derived from these systems. See ABS disclaimer for further information.

By using TableBuilder, I agree:

1. to provide true and correct information about my identity and contact details to the ABS in the Registration Centre, and if these details change, to provide the updated details to the ABS
2. to keep my log in credentials for ABS systems secure
3. not to share my log in credentials with any other person or organisation
4. to inform the ABS or my Contact Officer if I leave my organisation or no longer require access to ABS data or systems
5. the ABS may discuss my registration and access with my organisation's Contact Officer, who has the authority to remove my access
6. to allow the ABS to facilitate collaboration in the use of the data by sharing my information, such as name, organisation and dataset access with other users of the same data. This information will only be shared at the discretion of the ABS where it is known that a potential working relationship exists.
7. to allow the ABS to share with other organisations, confidentialised information about my organisation's system and data usage, for the purposes of usage reporting, auditing, feedback or performance. Any personal information collected will be held in accordance with the Privacy Act 1988 and will not be shared with a third party. See ABS privacy policy for further information.
8. that the ABS may contact me to provide me with information about data, systems or products related to the Registration Centre, such as upcoming releases, system changes or to seek my feedback
9. to comply with the ABS conditions of sale.

As a TableBuilder user, I will:

1. not attempt to identify a particular person, household, organisation or record to which the data relates
2. immediately report to the ABS any possible identification or disclosure that may have occurred
3. use outputs from the systems in accordance with the terms of the Creative Commons Attribution and Copyright licences they carry. This includes attributing the work in the manner specified by the ABS but not in any way that suggests that the ABS endorses me or my use of the work. User requirements are detailed in ABS copyright.
4. where applicable, adhere to all ABS directions and system constraints, including directions provided to me or on the ABS website.

I acknowledge that:

1. my use of ABS systems may be audited
2. the ABS may partially or fully remove, suspend or deactivate my access to ABS systems, data, files or tables. This may be for ABS operational reasons, such as implementing changes to data or systems, or for a breach of these conditions of use.
3. a breach of these conditions of use may result in sanctions which may include, but are not limited to, ABS removing access to these systems for me and/or my organisation permanently or for a set period of time
4. removal of access does not entitle a user or organisation to a refund of any subscription charges and the ABS is not liable for any damages this removal of access may have for a user or organisation
5. where systems allow, it is my responsibility to download my files, data, tables and custom groups for future use. The ABS accepts no liability if these are not compatible with later versions of systems or datasets.
6. no reliance should be placed on data cells of small value in tables
7. while the ABS has taken great care to ensure that the information provided within ABS systems is as correct and accurate as possible, the ABS does not guarantee, or accept any legal liability arising from, or connected to, the use of any material contained within, or derived from these systems. See ABS disclaimer for further information.

By using MicrodataDownload, I agree:

1. to provide true and correct information about my identity and contact details when registering, and if these details change, to provide the updated details to the ABS
2. to keep my log in credentials for ABS systems secure
3. not to share my log in credentials with any other person or organisation
4. to inform the ABS or my Contact Officer if I leave my organisation or no longer require access to ABS data or systems
5. the ABS may discuss my registration and access with my organisation's Contact Officer, who has the authority to remove my access
6. to allow the ABS to facilitate collaboration in the use of the data by sharing my information, such as name, organisation and dataset access with other users of the same data. This information will only be shared at the discretion of the ABS where it is known that a potential working relationship exists.
7. to allow the ABS to share with other organisations, confidentialised information about my organisation's system and data usage, for the purposes of usage reporting, auditing, feedback or performance. Any personal information collected will be held in accordance with the Privacy Act 1988 and will not be shared with a third party. See ABS privacy policy for further information.
8. that the ABS may contact me to provide me with information about data, systems or products related to the Registration Centre, such as upcoming releases, system changes or to seek my feedback
9. to comply with the ABS conditions of sale.

As a MicrodataDownload user, I will:

1. not attempt to identify a particular person, household, organisation or record to which the data relates
2. immediately report to the ABS any possible identification or disclosure that may have occurred
3. use outputs from the systems in accordance with the terms of the Creative Commons Attribution and Copyright licences they carry. This includes attributing the work in the manner specified by the ABS but not in any way that suggests that the ABS endorses me or my use of the work. User requirements are detailed in ABS copyright.
4. only use microdata (unit record data) for statistical and research purposes.
5. keep any microdata secure and not disclose any microdata to any other person or organisation, other than:
   1. members of my organisation who have been approved by the ABS to have access to microdata, or
   2. other individuals or organisation as authorised by the ABS
6. where applicable, adhere to all ABS directions and system constraints, including those provided in the Undertaking by the Responsible Officer of an Organisation, Undertaking by an Individual, Declaration of Compliance, Responsible Use of ABS Microdata User Guide and other directions provided to me or on the ABS website
7. delete, destroy or return to my Contact Officer or to the ABS all microdata I have in my possession if my authorised access is revoked or if I leave my organisation.

I acknowledge that:

1. my use of ABS systems may be audited
2. the ABS may partially or fully remove, suspend or deactivate my access to ABS systems, data, files or tables. This may be for ABS operational reasons, such as implementing changes to data or systems, or for a breach of these conditions of use.
3. a breach of these conditions of use may result in sanctions which may include, but are not limited to, ABS removing access to these systems for me and/or my organisation permanently or for a set period of time
4. removal of access does not entitle a user or organisation to a refund of any subscription charges and the ABS is not liable for any damages this removal of access may have for a user or organisation
5. where systems allow, it is my responsibility to download my files, data, tables and custom groups for future use. The ABS accepts no liability if these are not compatible with later versions of systems or datasets
6. no reliance should be placed on data cells of small value in tables
7. while the ABS has taken great care to ensure that the information provided within ABS systems is as correct and accurate as possible, the ABS does not guarantee, or accept any legal liability arising from, or connected to, the use of any material contained within, or derived from these systems. See ABS disclaimer for further information.