The Access Card Barbara Flett Assistant Secretary, Office of Access Card Department of Human Services Roger Clarke Chair, Australian Privacy Foundation also Xamax Consultancy Pty Ltd and Visiting Professor, ANU, UNSW, HKU U3A, 17 July 2007, Hughes ACT 1
The Howard Government’s Proposed National ID Scheme Roger Clarke, Chair, APF Xamax Consultancy Pty Ltd Visiting Professor, ANU, UNSW, HKU http://www.privacy.org.au/Papers/AccessCard-070717.ppt U3A, 17 July 2007, Hughes ACT 1
The Need for Social Control Government Services and Welfare Programs must be conceived and managed in order to: achieve their economic and social aims control waste control abuse Each service necessarily involves personal data A limited amount of inter-organisational data comparison is needed to achieve the aims
The Need(s) for Privacy Philosophical Psychological Sociological Economic Political
The Need(s) for Privacy The Dimensions of Privacy Philosophical Psychological Sociological Economic Political Privacy ... of the Person of Personal Behaviour of Personal Communications of Personal Data
The Scope of an Identification Scheme Specific-Purpose for individual organisations or programmes cf. Medicare, AusStudy, AbStudy
The Scope of an Identification Scheme Specific-Purpose for individual organisations or programmes cf. Medicare, AusStudy, AbStudy Bounded Multi-Purpose e.g. European Inhabitant Registration schemes limited to tax, social welfare and health insurance (cf. the TFN – but can Australian politicians be trusted?)
The Scope of an Identification Scheme Specific-Purpose for individual organisations or programmes cf. Medicare, AusStudy, AbStudy Bounded Multi-Purpose e.g. European Inhabitant Registration schemes limited to tax, social welfare and health insurance (cf. the TFN – but can Australian politicians be trusted?) General-Purpose National Identification Schemes e.g. USSR, ZA under Apartheid, Malaysia, Singapore, Denmark, Finland
National Identification Schemes – Features 1. A Database centralised or hub ('virtually centralised') merged or new 2. A Unique Signifier for Every Individual A 'Unique Identifier' Or A Biometric Entifier 3. An (Id)entification Token such as an ID Card, whether 'smart' or not http://www.anu.edu.au/Roger.Clarke/DV/NatIDSchemeElms.html
National Identification Schemes – Features 4. QA Mechanisms for: (Id)entity Authentication (Id)entification 5. Obligations Imposed on: Every Individual Many Organisations 6. Widespread: Data Flows including the (Id)entifier Use of the (Id)entifier Use of the Database 7. Sanctions for Non-Compliance http://www.anu.edu.au/Roger.Clarke/DV/NatIDSchemeElms.html
The Benefits Are Illusory Genuinely Bad Guys (Terrorists, Money-Launderers, SIM-Providers to Terrorists, Organised Criminals, Illegal Immigrants, ...) Mere assertions of benefits, no explanation: ‘it’s obvious’, ‘it’s intuitive’, ‘of course it will work’, and other simplistic notions like ‘Zero-Tolerance’ and ‘we'll sacrifice absolutely anything that might help us wage the war on terrorism’ Analyses undermine the assertions Proponents avoid discussing the analyses Easily avoided or subverted by serious opponents The Benefits Are Illusory
Leahy in The Brisbane Courier-Mail, 19 July 2005
Miscreants (Benefits Cheats, Fine-Avoiders, Visa-Overstayers. ...) Lack of detail on systems design Continual drift in features Double-counting of benefits from many programs Analyses undermine the assertions Proponents avoid discussing the analyses Social complexity and constructive 'looseness' are demanded, hence persistent cheats to prosper Benefits May Arise, But Are Seriously Exaggerated
Origins of the 'Access Card' Lobbying of the Howard Government by a Small Coterie of Businessmen Support for a National ID Scheme Project from national security and law enforcement Failed Medicare Card Replacement Project Opportunity provided by Qld Premier Beattie Hockey's Ambitions Ruddock dropped the overt National ID scheme in favour of Hockey's covert 'Access Card'
A National ID Scheme The ‘Access Card’ 1. A Database centralised or hub ('virtually centralised') merged or new 2. A Unique Signifier for Every Individual A 'Unique Identifier' Or A Biometric Entifier 3. An (Id)entification Token such as an ID Card, whether 'smart' or not 1. A Register: a lot of data several identifiers id auth. documents 2. Unique Signifiers a 'Unique Number' & an 'official name' & a biometric 3. A Single Card a 'smartcard' one data-storage zone visible data
A National ID Scheme The ‘Access Card’ 4. QA Mechanisms for: (Id)entity Authentication (Id)entification 5. Obligations Imposed on: Every Individual Many Organisations 6. Widespread: Data Flows including the (Id)entifier Use of the (Id)entifier Use of the Database 7. Sanctions for Non-Compliance 4. Registration, Onerous and Costly, with all power in the Government's Hands 5. Obligations To Provide the Card To Demand the Card 6. Many Agencies with: Access to the Data Use of the Card Use of the Identifier 7. Denial of Services
The ‘Access Card’ is a National ID Scheme A National Identification Scheme is a general-purpose scheme, designed to achieve consistent and reliable identification of humans, throughout a country, particularly in their dealings with governments and government agencies, but also with private sector organisations Its purpose is to entrench the power of the State over individuals http://www.privacy.org.au/Campaigns/ID_cards/HSAC-FAQ9.html
Reasons for Opposing the National ID Scheme Privacy-Invasiveness Onerousness Intentional Lack of Protections A 'Honey-Pot' Inviting Abuse High Costs Low Benefits Vast Extension of the Power of the State through a Single, Consolidated ID
How can I help prevent the introduction of a national identification scheme? Inform Yourself Inform Others Contribute to the Work of Appropriate Organisations Influence Change Conduct Research Conduct Research and Advocacy with the A.P.F. http://www.privacy.org.au/Campaigns/ID_cards/HSAC-FAQ14.html http://www.privacy.org.au/WhatToDo.html
The Howard Government’s Proposed National ID Scheme Roger Clarke, Chair, APF Xamax Consultancy Pty Ltd Visiting Professor, ANU, UNSW, HKU http://www.privacy.org.au/Papers/AccessCard-070717.ppt U3A, 17 July 2007, Hughes ACT 1
The Access Card Barbara Flett Assistant Secretary, Office of Access Card Department of Human Services Roger Clarke Chair, Australian Privacy Foundation also Xamax Consultancy Pty Ltd and Visiting Professor, ANU, UNSW, HKU U3A, 17 July 2007, Hughes ACT 1
The '17 Cards' Medicare (6 cards in 4 programs): 1. Medicare card 2. Organ Donor Registration Card 3. Reciprocal Health Care Agmt Card 4. PBS Safety Net Entitlement Card 5. PBS Concession Card (no info) 6. Cleft Lip and Palate Card Dept of Veterans' Affairs (4 cards, 3 programs): 1. DVA Gold Repat Health Card 2. DVA White Repat Health Card 3. DVA Pharm. Benefits Card (The Orange Card) 4. War Widow's Tpt Concession Card Centrelink (6 cards, several programs): 1. Pensioner Concession Card 2. Health Care Card 3. Foster Child Care Card 4. Low Income Healthcare Card 5. Commonwealth Seniors Card 6. Electronic Benefit Transfer (single-use) Australian Hearing Services (single-use voucher)
The '17 Cards' Myth The 17 Cards are mostly mutually-exclusive Few people have more than one or two of them So very little 'wallet-bulge' / 'purse-clutter' will be saved Few of the 17 Cards have to be produced very often at all The primary circumstances appear to be: a new relationship with a health care professional or organisation when seeking a concession using the card as evidence, esp. for public transport, in council offices and in theatres and cinemas But many concessions will cease to be visually obvious And every organisation has to install a card-reader And every organisatio has to handle and machine-read every card The Access Card will seriously harm pensioners' interests
'Access Card' Politics Refusal to publish the Cost-Benefit Analysis, subsequent partial release, currently denied under FoI Sleight of hand used in talking about financial benefits Refusal to publish the original PIA Resignation of the original Task Force Heads because their Recommendations were ignored Hockey's "pilots are for aircraft" Use of the Fels 'Privacy Task Force' as a shield, avoiding any form of engagement with the public, yet with the Minister declining its Recommendations DHS Secretary blunders before the Senate C'tee Senate C'tee, incl. Govt members, rubbishes the Project Replacement of the DHS Secretary Failure to reflect submissions (or even read them?) Attempt to let tenders without Parliamentary approval
Moir, The Sydney Morning Herald, on 28 April 2006
Privacy Impact Assessment (PIA) A Process whereby the potential impacts and implications of proposals that involve potential privacy-invasiveness are surfaced and examined Involves identifying stakeholders, publishing information, seeking comment, and reflecting that comment Starts early, and continues throughout the project Ensures aims can be achieved, benefits realised, and negative aspects avoided or ameliorated Ensures public confidence Ensures public acceptance and adoption Pre-empts negative coverage by the media Avoids unnecessary intervention by legislatures 2
'Access Card' Project Management Vast Scale ("largest IT project in the world") Arbitrary and Ridiculously Tight Deadlines Untested Technologies Unclear Req uirements Rapidly Changing Requirements Hockey's "pilots are for aircraft" Huge Media Scepticism Huge Risk of Public Rejection Total Failure to Engage with the Public Interest Seriously Annoyed Tenderers, left in limbo Low Staff Morale, Staff Turnover, Loss of Corporate Memory In Summary: The Archetypal IT Project Disaster http://www.privacy.org.au/Campaigns/ID_cards/HSAC-Media-07.html
Reasons for Opposing the National ID Scheme Extraordinarily privacy-invasive and onerous Registration Requirements The Bill's Safeguards are (designed to be) full of holes, and fall far below basic OECD norms of the 1970s Creates a 'honey-pot' of ID data Costs greatly outweigh savings Impacts on the Disadvantaged defeat the nominal aim of improved access to health and social service benefits Details of the design have not been disclosed (or even specified?) The Cost-Benefit Analysis has been suppressed from the outset Parliament should never be forced to consider a Bill without project details The haste to implement the scheme is unjustified because more effective alternatives have not been explored The Proposal consolidates the many identities each person has with many different agencies into a single Government-approved identity. If a person transgresses, then: their benefits can be denied access to services can be denied external travel can be denied internal travel can be denied their identity can be denied Internal passports were used in South Africa under apartheid, and in Soviet Russia. They are feared in Singapore and Malaysia. Similar measures have been emergent in the US and Australia for some time, e.g. air travel, toll-roads, passports, now the Access Card.
Organisations Expressing Serious Concern Australian Privacy Foundation Councils for Civil Liberties Public Interest Advocacy Centre (PIAC) 'Access Card No Way' Campaign UNSW Cyberspace Law & Policy Centre (CLPC) Electronic Frontiers Australia (EFA) Melbourne Indymedia ... Australian Democrats The Greens Labor Party Consumers' Health Forum of Australia (CHF) Australian Medical Association (AMA) ... Privacy Commissioner (Cth) Privacy Commissioner (Vic) Information Commissioner (NT) The ACT Government National Party Senators Liberal Party backbenchers
Does the Public Support the Proposal? 20 July 2005: 62% agreed / 6% undecided / 32 % opposed "introduction of a national ID card with a photograph"? Gary Morgan: "Australians are clearly in favour ... This is driven by the fear of terrorist attacks and illegal immigration ... many people would like to see the identification card replace other forms of identification, but there are still some concerns regarding privacy and the effectiveness of the card in combating terrorism" 30 April 2006: Yes - 32% No - 68% After terrorism was withdrawn as a justification "Should Australia introduce a compulsory ID card? 28 Feb 2007: Yes - 28% No - 72% 2,385 people voted in a poll in 'The Age' As the details become known, the low levels of support will plummet further In July 1985, 68% in favour, 7% undecided, 25% opposed In July 1987, there was massive opposition and the Australia Card collapsed
Does the APF Have Something Positive To Say? The APF supports specific, balanced proposals to meet important objectives re welfare benefits administration and, separately, health benefits administration The APF supports the appropriate use of smartcard technology to achieve those objectives Features of an appropriate scheme are: No multi-purpose identifier; Retain multiple single-purpose identifiers for each agency and program 1 card with 17 zones; Each zone, identity and data-set to be securely separated from the others No bureaucratically-imposed 'official name' No Central Register of personal data
'If I’ve got nothing to hide, why should I be afraid of a National Identification Scheme?' 'Everybody has something to hide' your bank balance and your bank account PIN the reason for your last visit to the doctor whether you have ever seen a psychiatrist how you and yours voted at the last election the contents of the files that spam put on your computer Some people have lots to hide, incl. criminals, but also 'persons at risk' ... domestic violence, protected witnesses A Single Controlled Identity is a Weapon of Political Power You're not just trusting this Government; You're forcing your descendants to trust every Government ever http://www.privacy.org.au/Campaigns/ID_cards/HSAC-FAQ10.html
Alternatives to 'Everybody has something to hide' • People need to 'be less visible' • People need to 'be harder to find' • People need to protect some 'personal space' around themselves • People need to be able to sustain 'social distance' from other people, especially from large, impersonal institutions • People need a front door that they can close and lock • People need to be able to 'draw the curtains', around their lives as well as their living room • People need to be able to avoid going forth naked into the world • People need to avoid having to deal on an unequal basis with organisations that have a lot of information about them • People need to sustain their ability to make their own decisions and determine their own lives, rather than have powerful institutions do it for them
Glib Retorts to 'If you've got nothing to hide, you've got nothing to fear' If I'm not doing anything wrong, you have no cause to watch me The government gets to define what's wrong, and they keep changing the definition You might do something wrong with my information Quis custodiet custodes ipsos? (Who watches the watchers?) Absolute power corrupts absolutely The Jews in the Polish ghettoes had nothing to hide. The Jews in The Netherlands didn't either. Nor the educated people in Cambodia. And they all died in their hundreds of thousands There will always be another bigotry