In contrast, a file which is only accessed through a secure environment with certified users can contain very sensitive information: the non-statistical controls allow the data to be 'unsafe'.
One academic likened the process to a graphic equalizer,[4] where bass and treble can be combined independently to produce a sound the listener likes.
The EDRU ('evidence-based, default-open, risk-managed, user-centred') attitudinal model[7] is sometimes used to give a normative context From 2003 the Five Safes was also represented in a simpler form as a 'Data Access Spectrum'[8].The non-data controls (project, people, setting, outputs) tend to work together, in that organisations often see these as a complementary set of restrictions on access.
The Five Safes was devised in the winter of 2002/2003 by Felix Ritchie at the UK Office for National Statistics (ONS) to describe its secure remote-access Virtual Microdata Laboratory (VML).
[13] In 2012 the framework as was still being referred to as the 'VML security model',[14] but its increasing use among non-UK organisations led to the adoption of the more general and informative phrase 'Five Safes'.
However, the use of both these terms can cause presentational problems: less control in a particular dimension could be seen to imply 'unsafe users' or 'insecure settings', for example, which distracts from the main message.
The Australian version[18] was required to include references to the Five Safes, and presented it as an alternative without comment.
The first significant use of the framework, other than internal administrative use, was to structure researcher training courses at the UK Office for National Statistics from 2003.
An early use[25] was to help identify areas where ONS' still had 'irreducible risks' in its provision of secure remote access.
[3][7] In 2017 the Australian Productivity Commission recommended[30] adopting a version of the framework to support cross-government data sharing and re-use.
Since 2020 the Five Safes has been the overriding framework for the design of new secure facilities and data sharing arrangements in the UK for public health and social sciences.
[35] In the 2020 paper, "Not fit for Purpose: A critical analysis of the ‘Five Safes’", [36] the authors argue that Five Safes is fundamentally flawed due to its disconnection from existing legal protections, its appropriation of safety notions without strong technical measures, and its static view of disclosure risk.