Friday 15th of November 2024

Identity Cards

The generalisation 'ID Cards' is code for the broader concept of Identity Management (IM). Sorry about the sliding acronyms, but I will stick with IM for now, it feels better. IM, in the contexts of immigration and massive crime, is running white-hot in the North. Both
the UK and the US are finding out, on the trot, just how complex and horribly expensive the next IM platform is going to be. Not to mention intrusive. And there are warnings in fluorescent orange, all over the landscape from IT experts, that a small error or loophole can lead to a huge debacle, if not provide an open door for ruthless exploitation.

In the House of Reps, May 26, the Opposition was again badgering John Anderson about the role of the Inspector of Transport Security.

QUESTIONS WITHOUT NOTICE: Inspector of Transport Security > Beazley, Kim, MP; Anderson, John, MP; SPEAKER, The; King, Catherine, MP > 14:34:00

John Anderson: If the Labor Party do not understand the difference between smuggling and criminal activity and terrorism then pity help us.

Terrorists and organized crime join forces by Rollie Lal.

Terrorists and criminals have long been considered separate and distinct threats, with terrorists motivated by ideology and criminals by greed. But recent attacks suggest that criminal networks and terrorist groups are teaming up with growing regularity for their
mutual benefit.

Technology Problems Limit Border Screening

US-VISIT director James L. Williams defended the program's strategy, saying officials plan to phase in new technology over the next decade while taking steps in the next several years to maintain security with current technology. He said people should understand that US-VISIT is in its infancy.

"We're not even close to having a full biometric entry-exit system," he said. "It's an archaic system of technology."
Williams said he is relying heavily on Accenture because the government cannot undertake the complex technological assignment without the expertise of private industry.

Loopholes Seen in U.S. Efforts to Secure Ports by ERIC LIPTON

WASHINGTON, May 24 - The Department of Homeland Security's effort to extend its antiterrorism campaign overseas by enlisting help from importers and foreign ports has been so flawed that the program may have made it easier at times to smuggle unconventional weapons into the United States, Congressional officials say.

UK ID scheme rides again, as biggest ID fraud of them all

At The Register, and very good analysis.

ID card cost soars

It also revealed that the biometric technology due to underpin the system was far from failsafe, with even the best form of identification - iris scans - only scoring a 96% success rate.

FBI outlines new IT system

The FBI has learnt a costly lesson from its disastrous attempt to upgrade its IT systems in the wake of the 9/11 attacks.

The Palmer Inquiry into the circumstances of DIMIA's mistreatment of citizens will have already found that the greatest problem they face is imperfect identification.

The corrective steps, announced on May 26 by Senator Vanstone, are all in the right direction. But, some overarching body must pull together all the needs and demands for IM, across all departments and jurisdictions.

Senator Stott Despoja's letter in The Australian of May 25 hints at the depth of study needed, before we can get agreement on the way to move ahead.

The revelation that US intelligence reports may include the names of individual Australians, together with details of their phone calls and emails ("Privacy fears as US eavesdrops on calls and emails", 23/5), is disturbing but hardly surprising. Indeed, this is the just latest indication that the privacy of Australians is rapidly disappearing.

Just last week, a Senate Committee inquiring into the impact of new technologies on privacy was told of the profound impact that genetic testing, biometric identification and smartcard technology are set to have on the privacy of all Australians.

Meanwhile, the Committee heard that most Australians remain unaware of their privacy rights or what they can do if those rights are violated, and that current privacy laws are riddled with inconsistencies and exemptions - including a dubious exemption for politicians.

Despite these concerns, the Government's recent Budget ignored calls for a significant increase in funding to the Federal Privacy Commissioner. However, it had no hesitation allocating substantial funding to a range of privacy-intrusive projects such as the proposed HealthConnect card, new biometric passports and pilot data-matching programs.

Senator Natasha Stott Despoja
Australian Democrats' Spokesperson on Privacy

The Human Genetics Advisory Committee was announced in this Budget.

Genetic data must play some role in an adequate IM scheme. How long will it take? Don't ask Mick Palmer.

still crazy & unchecked .....

from the Washington Post 

The FBI is embarking on a $1 billion effort to build the world's largest computer database of peoples' physical characteristics, a project that would give the government unprecedented abilities to identify individuals in the United States and abroad.  

Digital images of faces, fingerprints and palm patterns are already flowing into FBI systems in a climate-controlled, secure basement here.

Next month, the FBI intends to award a 10-year contract that would significantly expand the amount and kinds of biometric information it receives.  

And in the coming years, law enforcement authorities around the world will be able to rely on iris patterns, face-shape data, scars and perhaps even the unique ways people walk and talk, to solve crimes and identify criminals and terrorists.

The FBI will also retain, upon request by employers, the fingerprints of employees who have undergone criminal background checks so the employers can be notified if employees have brushes with the law.  "Bigger. Faster. Better.

That's the bottom line," said Thomas E. Bush III, assistant director of the FBI's Criminal Justice Information Services Division, which operates the database from its headquarters in the Appalachian foothills.  

The increasing use of biometrics for identification is raising questions about the ability of Americans to avoid unwanted scrutiny.

It is drawing criticism from those who worry that people's bodies will become de facto national identification cards. Critics say that such government initiatives should not proceed without proof that the technology really can pick a criminal out of a crowd.  

The use of biometric data is increasing throughout the government. For the past two years, the Defense Department has been storing in a database images of fingerprints, irises and faces of more than 1.5 million Iraqi and Afghan detainees, Iraqi citizens and foreigners who need access to U.S. military bases.

The Pentagon also collects DNA samples from some Iraqi detainees, which are stored separately.  

The Department of Homeland Security has been using iris scans at some airports to verify the identity of travelers who have passed background checks and who want to move through lines quickly. The department is also looking to apply iris- and face-recognition techniques to other programs.

The DHS already has a database of millions of sets of fingerprints, which includes records collected from U.S. and foreign travelers stopped at borders for criminal violations, from U.S. citizens adopting children overseas, and from visa applicants abroad.

There could be multiple records of one person's prints.  "It's going to be an essential component of tracking," said Barry Steinhardt, director of the Technology and Liberty Project of the American Civil Liberties Union. "It's enabling the Always On Surveillance Society."  

If successful, the system planned by the FBI, called Next Generation Identification, will collect a wide variety of biometric information in one place for identification and forensic purposes.  

In an underground facility the size of two football fields, a request reaches an FBI server every second from somewhere in the United States or Canada, comparing a set of digital fingerprints against the FBI's database of 55 million sets of electronic fingerprints. A possible match is made -- or ruled out--as many as 100,000 times a day.  Soon, the server at CJIS headquarters will also compare palm prints and, eventually, iris images and face-shape data such as the shape of an earlobe.

If all goes as planned, a police officer making a traffic stop or a border agent at an airport could run a 10-fingerprint check on a suspect and within seconds know if the person is on a database of the most wanted criminals and terrorists. An analyst could take palm prints lifted from a crime scene and run them against the expanded database. Intelligence agents could exchange biometric information worldwide.  

More than 55 percent of the search requests now are made for background checks on civilians in sensitive positions in the federal government, and jobs that involve children and the elderly, Bush said. Currently those prints are destroyed or returned when the checks are completed.

But the FBI is planning a "rap-back" service, under which employers could ask the FBI to keep employees' fingerprints in the database, subject to state privacy laws, so that if that employees are ever arrested or charged with a crime, the employers would be notified.  

Advocates say bringing together information from a wide variety of sources and making it available to multiple agencies increases the chances to catch criminals. The Pentagon has already matched several Iraqi suspects against the FBI's criminal fingerprint database.

The FBI intends to make both criminal and civilian data available to authorized users, officials said. There are 900,000 federal, state and local law enforcement officers who can query the fingerprint database today The FBI's biometric database, which includes criminal history records, communicates with the Terrorist Screening Center's database of suspects and the National Crime Information Center database, which is the FBI's master criminal database of felons, fugitives and terrorism suspects.  

The FBI is building its system according to standards shared by Britain, Canada, Australia and New Zealand.  At the West Virginia University Center for Identification Technology Research (CITeR), 45 minutes north of the FBI's biometric facility in Clarksburg, researchers are working on capturing images of people's irises at distances of up to 15 feet, and of faces from as far away as 200 yards. Soon, those researchers will do biometric research for the FBI.  

Covert iris- and face-image capture is several years away, but it is of great interest to government agencies.  Think of a Navy ship approaching a foreign vessel, said Bojan Cukic, CITeR's co-director. "It would help to know before you go on board whether the people on that ship that you can image from a distance, whether they are foreign warfighters, and run them against a database of known or suspected terrorists," he said.  

Skeptics say that such projects are proceeding before there is evidence that they reliably match suspects against a huge database.  In the world's first large-scale, scientific study on how well face recognition works in a crowd, the German government this year found that the technology, while promising, was not yet effective enough to allow its use by police.

The study was conducted from October 2006 through January at a train station in Mainz, Germany, which draws 23,000 passengers daily.

The study found that the technology was able to match travelers' faces against a database of volunteers more than 60 percent of the time during the day, when the lighting was best. But the rate fell to 10 to 20 percent at night.  

To achieve those rates, the German police agency said it would tolerate a false positive rate of 0.1 percent, or the erroneous identification of 23 people a day. In real life, those 23 people would be subjected to further screening measures, the report said.  Accuracy improves as techniques are combined, said Kimberly Del Greco, the FBI's biometric services section chief.

The Next Generation database is intended to "fuse" fingerprint, face, iris and palm matching capabilities by 2013, she said.  

To safeguard privacy, audit trails are kept on everyone who has access to a record in the fingerprint database, Del Greco said. People may request copies of their records, and the FBI audits all agencies that have access to the database every three years, she said.  "We have very stringent laws that control who can go in there and to secure the data," Bush said.  

Marc Rotenberg, executive director of the Electronic Privacy Information Center, said the ability to share data across systems is problematic. "You're giving the federal government access to an extraordinary amount of information linked to biometric identifiers that is becoming increasingly inaccurate," he said.  

In 2004, the Electronic Privacy Information Center objected to the FBI's exemption of the National Crime Information Center database from the Privacy Act requirement that records be accurate. The group noted that the Bureau of Justice Statistics in 2001 found that information in the system was "not fully reliable" and that files "may be incomplete or inaccurate."

FBI officials justified that exemption by claiming that in law enforcement data collection, "it is impossible to determine in advance what information is accurate, relevant, timely and complete."  

Privacy advocates worry about the ability of people to correct false information. "Unlike say, a credit card number, biometric data is forever," said Paul Saffo, a Silicon Valley technology forecaster. He said he feared that the FBI, whose computer technology record has been marred by expensive failures, could not guarantee the data's security. "If someone steals and spoofs your iris image, you can't just get a new eyeball," Saffo said.  In the future, said CITeR director Lawrence A. Hornak, devices will be able to "recognize us and adapt to us."  

"The long-term goal," Hornak said, is "ubiquitous use" of biometrics. A traveller may walk down an airport corridor and allow his face and iris images to be captured without ever stepping up to a kiosk and looking into a camera, he said.  "That's the key," he said.

"You've chosen it. You have chosen to say, 'Yeah, I want this place to recognize me.' "

People-sniffing

An update on the UK ID card proposals, from Fortress Blair - PM bets on biometric ring of steel to 'fix' immigration in The Register:

... So how did they get in anyway? Um, we gave them a visa - in fact, in many cases we were really, really keen to give them a visa. In addition to being extremely keen to (albeit not particularly constructively) get a lid on illegal immigration, we're absolutely mustard-keen for the UK to be a prime location for overseas students. Every year we grant hundreds of thousands of educational visas, salivate over the fees and preen ourselves over the wonderful hearts and minds job we're doing on the world's best and brightest. A thriving cottage industry of dodgy language schools exists, to the point where there are schools where you don't have to show up for classes, even schools that are frankly puzzled when students who didn't grasp the point ask them when the classes start. Classes? You want classes? Haven't you got a cleaning job to do? ...

The Freedom Chip

Ah, good one! 

From a contribution at Slashdot, on the topic of

Former Health Secretary Pushes for VeriChip Implants

 

UK ID Card Bill

While the UK Government admits overselling ID cards "it has pledged to push on with the idea, saying it will still "help" in situations where fraud and identity abuse are factors."

But, for EU partner Norway - Majority favours new ID cards
A majority in the Norwegian Parliament (Storting) favours the introduction of new ID cards which would make it easier to expose terrorism. The cards could contain information on DNA and fingerprints. The cards could become an important contribution towards the fight against terrorism, says head of the Justice Committee, Trond Helleland (Cons.) to Aftenposten. Theadvanced ID cards could contain a lot of biometric information. They would also become important in uncovering the misuse of social security benefits and illegal residence. Some EU member nations have already voted to make such cards mandatory for their citizens.


The UK National Identity database will have to contain results of DNA analysis, as well as less invasive biometrics, if only to be technologically consistent with the National DNA Database (NDNAB).

From Wikipedia entry for British national identity card :
Currently, the closest parallel to the National Identity Register is the requirement for convicted offenders to register on the Violent and Sex Offender Register. However, the UK National DNA Database, with around 3 million profiles, is a larger database, and expected to grow at a much faster rate. All suspects arrested for an arrestable offence must give DNA samples that are permanently stored, and under the Serious Organised Crime and Police Act 2005, all offences (including, eg speeding) are arrestable.


In Australia, the convergence of DNA identification and a more general national ID scheme, is being promoted through highly publicised gaps in the missing persons registers, and advances in identification of victims of disaster.

From National database 'missing in action'
CrimTrac initially focused on national DNA and fingerprint systems in planning for the 2000 Olympics and, later, in responding to the September 11, 2001 terror attacks on the US. The technology proved very effective in the aftermath of the Bali bombings and the Indian Ocean tsunami. But as a consequence of looking at crime and terrorism, the issue of missing persons went AWOL. The Cornelia Rau affair revealed that even a major department such as immigration, which deals with identity matters every day, did not realise that if a person is reported missing to one state or territory police agency they are not reported to all police agencies through a seamless national system. Mr Palmer found in his report there was an urgent need for a national missing persons database.


In the UK, the government is moving ahead on several fronts. The Home Office was quick to produce a response to the London School of Economics 'ID Cards Costs Estimates and Alternative Blueprint' -  Home Office Response to LSE Alternative Blueprint ( File size 627kb)

The management of the UK's Forensic Science Service has important lessons for the Australian public. The UK government went down a path, determined to outsource FS services, under a Public Private Partnership (PPP) model. The protracted negotiations are summarised in

Forensic Science on Trial  29 March 2005 HC 96-I  (PDF version )
and
Government Response to Forensic Science on Trial   25 July 2005  HC 427 (PDF version )

This battle for the public interest resulted in Home Office commits to public sector future for forensic science on 12 January 2005.
Prospect, the union for the UK's scientists, has welcomed the Home Office announcement that the Forensic Science Service (FSS) is to remain in the public sector as a government-owned company (GovCo).
Prospect general secretary, Paul Noon, said the decision marked the end of the immediate threat of government plans to privatise a highly effective public service.


We need to keep a watchful eye on the Attorney-General's Department, in the case of our national identification databases. It is highly likely that soul-less wonks and bureaucrats will try to create kudos and bonuses for themselves, by pushing the government to divest itself of the mammoth costs of setting up and maintaining complex information infrastructure. The public needs to be told, over and over, that it will always cost them less to make the government accept its responsibilities.

Forensic technology

The basis of some of the sense of urgency about these new anti-terrorism laws may be visible in a recent Senate Estimates session. I say "may" because this is personal opinion only, from someone who doesn't have a clue. Senator Joe Ludwig led the questioning of CrimTrac staff, and he appeared to have been extremely well briefed. None of the following conjecture is meant to reflect on performance of CrimTrac staff. My interest is only that, if the federal government is relying on hard evidence to collar people who are planning acts of terrorism, then this is the place to look for confidence in existing methods for foolproof identification.

Discussion: CrimTrac: LEGAL AND CONSTITUTIONAL LEGISLATION COMMITTEE

The senators refer to the annual report. I assume that's for 2004-5, but the 2003-4 report is available online as a 1.4Mb pdf file.

It looks like these are the main programmes and projects - National Automated Fingerprint Identification System (NAFIS), National Criminal Investigation DNA Database (NCIDD), CrimTrac Police Reference System (CPRS), National Criminal History Record Checking (NCHRC), Minimum Nationwide Person Profile (MNPP), and National Child Offender Register (ANCOR).

The frustration arising out of cross-jurisdictional snags is sensed in the proceedings, but the delays must be causing a lot of delay in pulling the strands together. For example:
Mr Burns - There are three jurisdictions presently not using ANCOR - they are, the Australian Capital Territory, Tasmania and South Australia.
Senator LUDWIG - Whatis the hiccup there?
Mr Burns - It is just a question of them finishing their legislation.

Ludwig put his finger right on a another matter that contributes to low morale and disenchantment in technical departments of the public service.

Mr Oliver - To add to that, I think Sagem are recognised as world leaders in terms of automated fingerprint technology. It is an upgrade. The $4.9 million is for a full package of both equipment and software. It is a build on what we currently have and what is considered extraordinarily successful from a world perspective. It was for those reasons that it was considered practical and cost efficient to continue using Sagem for this platform.
Senator LUDWIG - That is probably closer to the answer I might like to hear. Who owns the copyright in terms of the software - Sagem or CrimTrac?
Ms McLay - The IP is owned by Sagem, and we have purchased licences to utilise that software from them.


It's pretty clear that NAFIS is a work in progress. That is, the software providers rely on the technical experts at CrimTrac to develop their computer systems. But Sagem will walk away with the IP. Version 2 of their product will then be sold on to the next government, without a cent of reward for the sweat and tears invested in it by CrimTrac people. In addition to the hurdles imposed by bureaucratic fumbling, the risks are high that the very people who are skilled to apply their techniques and knowledge will perceive themselves being bypassed. High-grade technical skill is valuable commercial property, and some of these people will be headhunted by private corporations. As a consequence, the critical mass of public servants in this refined area may drop below the sustainable level, and this service may have to be outsourced, as is happening to forensic services in the UK.

We were all concerned about the gaps in information transfer that led to Cornelia Rau's suffering. The governments must sort out their differences, and get these centralised databases up to full operational speed, and under proper accountability and contract management.

Senator LUDWIG - So you are locked in with Sagem for eternity, by the sounds of this.

Electronic Identity

From Subscriber Identity Module at Wikipedia:
... In July 2005, the Finnish government announced that a Citizen Certificate - a government-guaranteed 'electronic identity' included in a SIM card - will be made available to every individual resident in Finland before the end of 2005, allowing mobile phone users to access e-services on the move. The Citizen Certificate has been described as "basically an e-ID card that will be compatible with several hardware devices, such as mobile phones, PDAs, personal computers, Digital TV sets, and public web kiosks". The first SIM cards with embedded Citizen Certificates have already been made available in selected localities. ...

See also the smartcard entry.

From Wireless: Smarter SIM card puts whole world in your hand:
... "We use many smart cards in our daily life, and this is a way to unify them all into one SIM card that is always with you because you always have your phone," Castelli said. "The number of possibilities with something like this is unimaginable because it can be used for anything where you want to identify the person. And since it is all right on the SIM, it can be used on GSM networks across the world."  ...

Function creep

From In Kentucky Hills, a Homeland Security Bonanza:

... Instead, the road to delivering this critical antiterrorism tool has taken detours to locations, companies and groups often linked to Representative Harold Rogers, a Kentucky Republican who is the powerful chairman of the House subcommittee that controls the Homeland Security budget.

It is a route that has benefited Mr. Rogers, creating jobs in his home district and profits for companies that are donors to his political causes. The congressman has also taken 11 trips — including six to Hawaii — on the tab of an organization that until this week was to profit from a no-bid contract Mr. Rogers helped arrange. Work has even been set aside for a tiny start-up company in Kentucky that employs John Rogers, the congressman's son. ...

 
See Australian Access card project.


 

Smartcard Framework

At Kable: The Department for Constitutional Affairs (UK) is seeking views on plans for an online electoral register
Ministers have issued proposals for an online electoral register, which could cover the whole of the UK, in a consultation document published on 14 December 2005. ...

... Constitutional affairs minister Harriet Harman said the electoral register represents the "keystone" of democracy. ...

Here's the link to the Coordinated Online Record of Electors (CORE) consultation paper.

And deeper analysis at The Register - Government moots ID card links for new UK voter database:
... The plans for a single national CORE keeper would effectively institute an embryonic national voter verification system, and therefore it's no great surprise that verification figures in the "Future possibilities" section of the consultation paper. Nor, indeed, that the approach taken to databases seems awfully familiar: "Accurate and effective data-matching across different datasets requires some form of personal identifier [quelle surprise...) held in common. An immediate obstacle is that no such common personal identifier currently exists within electoral registers, other than the name itself. This is of very little use unless combined with other - more unique - personal identifiers." ...
... So shall we just summarise all that? We started with an 'old fashioned' electoral system that worked, but noting with some anxiety that people seemed less and less inclined to vote,* we started to make it less trouble for them to do so. We haven't been able to make it as easy as 'press red button on remote' yet, but we'll get there. Unfortunately, the hardships associated with old fashioned voting turn out (as the wonks running policy would have known if they'd ever done any actual work in a real-life election campaign) to have had a series of helpful safeguards against abuse built in. In addition to now having a pressing need to deal with the problems we've just created, we also need to figure out how to verify cable TV voting, and text messages that go 'press reply to vote New Labour'. The less trouble we make it to vote though, the more pressing the issue of verification becomes, so we conclude that we can't leave this in the hands of local authorities - we decide we have to handle it centrally, and use data matching with multiple other national databases as part of the verification process. ...


In a remarkable feat of synergy, our Special Minister of State has released, through AGIMO, the draft Australian Government Smartcard Framework.

Improved systems for voters, discharging their obligations at the ballot box, are close to Senator Abetz' heart. I'm pretty sure he has at hand a swag of voters who will testify that they want to be able to vote, on a whim, if necessary, from the ease of their lounge chair, or through the iPod while taking the air at Cronulla beach.

First class

As predicted (ahem!) - First-Class Fast Lanes Return

The Registered Traveler program, which allows handpicked frequent fliers to register a fingerprint and iris scan at some airports in exchange for a pass to the front of the line, has been stalled at the agency for more than a year. Airports, airlines and the TSA have been unable to agree on a way to expand the program. Airline and airport executives said they have been able to set up the new lines, in some cases, by working with airports and the federal government to expand security checkpoints. In Los Angeles, for example, American Airlines spent $1 million to reconfigure the terminal it leases so that the Transportation Security Administration could add a few more security lanes. The extra lanes afforded the airline some extra space for its new line for first-class travelers. American's first-class line begins with its own escalator on the opposite side of the other security line.

Oz Govt response

Nick Ferrett posted ID cards - nothing to hide and nothing to fear? at On Line Opinion.

I'm commenting to myself here, because a comment at OLO requires another username and password.

John Howard's strategy on the ID card question stems from his pragmatism. He knows the divisions in attitudes exist in his Cabinet, so he wants to do two things, quickly. First, he wants it all out on the table, so all the ministers can see the same stuff. He also wants them to know how much an ID card will cost. But, before that, they all need to know how much the scoping study will cost. That would have to go through the Law Reform Commission.

Second, he wants to be able to plan how to put any irreconcilable division in Cabinet to his own political advantage.

If it turns into real beast with a life of its own, he will not want to leave it in the hands of Joe Hockey. An ID card would be a major political exercise. Big enough to make the next leader, or cruel enough to park a promising career in a backwater.

I wish him well, because it is a milestone issue. But here's a tip. The current model, the HealthConnect Smartcard, is being trialled in a couple of places. If the proponents can find a way to make tribal folks, in the vicinity of Katherine, carry their cards with them, and can show that general health measures are improved as a result, the card will sell itself.

please swipe your card & press delete .....

My response below to Jack Smit’s Webdiary piece Please Swipe Your Card & Press Delete

 

A national identity card: what a great idea!!

 

Forget about terrorism as a justification.

 

Any self-respecting terrorist requiring an ‘identity card’ (not yet clear what for) will be able to come up with one, just like any self-respecting teenager can already source a phoney driver’s licence with little difficulty.

 

Besides, as the London bombings demonstrated, if our would-be terrorists are ‘home-grown’, they won’t even need one: unless, of course, we will legally be obliged to carry it at all times & present it to any government or private plod who asks for it?

 

Even if the London gang had identity cards as they set-out to perpetrate their horrible crime: so what? I guess they might have had to show it to the non-existent barrier staff, having bought their tickets from machines?

 

And why do we need another card?

 

Well Medicare Cards are obviously no good (no photo); not everyone has a genuine or fake Driver’s Licence & not everyone has a Passport: besides they’re a bit cumbersome. No, we need something new.

 

This project should be managed by the Productivity Commission, so we can get a bit of vision going.

 

Imagine: the day you’re born, you are issued with your very own unique 10 digit identifier, just like the Americans get a social security number. The piece of plastic keeps you company from cradle to the grade: renewable every year as you progress from omnipotent youngster to grumpy old whatever.

 

This bit of plastic could be your Tax File number, your Passport, your Driver’s Licence. The same number could be used commonly by utilities, supermarket check-outs, voting, banks, mafia membership, Telstra, local government, Libraries, tollways, Universities, public toilets, frequent flier clubs, Ticketek, Lotto, Insurance companies, Internet access, the RTA: the possibilities are limitless. A single billing system – wow - a single data-base to keep us safe & no more DIMIA screw-ups!!

 

Think of the fortune society would save if we could travel through life with a single number; a single piece of plastic – renewable each year to keep up with our aging / changing biology & also just to keep an ‘annual eye’ on us – that does everything. Implanted with a memory chip, our Licence could be cancelled automatically if we didn’t pay fines or ran out of points & we’d be caught & punished automatically if we weren’t authorised to engage in insider-trading transactions.

 

But then, there are always problems: people lose cards; they get stolen, bent, de-magnetised etc, so it’s still not the most convenient way.

 

Got it!! Why not implant the chip at birth – maybe in the wrist or, as some other earlier individual with insight suggested, on the forehead, so we’d all be able to instantly recognize each other.

 

Gawd, if we could just do away with money, EVERYTHING could be driven by our own personal barcode: think of the possibilities!!! They could even be ‘personalised’.

 

And if we were really smart, we could pre-program the cards with the man of steel’s ‘core’ values, thus ensuring a compliant & loyal populace from the cradle to the grave.

 

Orwell & Huxley would love our democracy.

Don't we do that to cats?

Sorry cat lovers but the blithers are a scourge in a country where the original fauna is fragile... Cats kill.... "No, no, not my little Fluffy here, look at HIM, he's so cute, cuddly and hardly moves all day..." ... That's the problem. Even with all door closed, cats sneak out at night (or during the day when you're not looking) and kill. No, they don't kill rats or mice, they kill birds and other local fauna. It's easier. Then they come back home through their secret pathways and lie on the mat as if nothing happened while you were asleep or watching the box. They even might do the kill during a short "supervised" pee break around the block. Thus in many councils, cats must be tagged with a chip under the skin that record its "ownership" if one can talk of that with felines... Dogs yes. We all know that dogs have masters/owners while cats have servants... But the chip does not stop the kill. It only detect if the cat is a stray or not when caught on the prowl. Maybe I should have a few sensors around my patch that, as soon as a cat-chip is detected, would ring a cat-alarm that'd scare the blither out of the area. Something that only cats can hear... Or maybe I only can hear, giving me time to load my shotgun and aim... But then I'd be awake all night... Just kidding. But isn't it this the same silly flow-on some bureaucrat or politician — with plenty of time to scratch to justify an existence — is trying to push on us all this big brother (1984) contraptions?... Imagine the possibilities of rort! For example we could have a clone of ourselves wearing the chip while we go frolicking... What was that movie again? "duplicity"? The very sad part is that the process implies we are distrusting everyone for the sake of a very few to distrust. It would be an implanted official rot to beat those few who rort the system... and they would still do it nonetheless. If you want to suicide bomb yourself with an identity card or not, the result is still a big mess... Hey why don't you hit my foot with a hammer till it bleeds... I can feel that pain but when you stop it's bliss... And the Fatwa by the Muslim leaders has not kicked in yet since there are morons on the loose trying to blow us again in London, and morons in government who are trying to blame us for it for not doing as they say: Bend over for your little chip...

Read Phil's mail

An incisive commentary on the latest moves for UK's ID card plans. The Attorney-General will have read this.

Clarke's ID card cost laundry starts to break surface

LSE models UK ID scheme

[from Kable]

The London School of Economics has issued its alternative model for a "trusted identity structure" that would meet the aims of the government's ID card bill. The model, which is outlined in the LSE's Identity Project Report published on 27 June 2005, accepts that no system can be totally secure and allows for individual control of personal data. Along with the model, the LSE also presents a "median figure" of £14.5bn for the government's proposed scheme. Security is a major feature of the LSE's alternative proposal. The aim is to ensure that a "master identifier" does not become universally deployed. Academics behind the proposals are concerned that the government's scheme could actually pose a security risk.

To download the executive summary, see http://is.lse.ac.uk/idcard/identitysummary.pdf

To download the full report (approx 300 pages), see http://is.lse.ac.uk/idcard/identityreport.pdf

Ruddock rules out ID card

Two reports on the Attorney-General's decision, not to make a commitment to the ID card concept, at this stage.


Ruddock rules out national ID card
Ruddock repudiates Australia Card, central database


This announcement, no doubt factored into the government's strategies for the next two years, leaves open other 'ID card' options. I reckon there will be market pressure for the government to act as a licensing service for those providers who want to give their paying customers convenience and privilege of streamlined access to products. For example, a 'total health care' provider, an amalgam of health insurer and health manager, may be able to sell on the basis of the efficiency of an in-house electronic health record. Now that all players have agreed an EHR is necessary, for better quality and safety, it looks like the States will have to pay for it themselves, if they want it for public hospitals, now that the A-G is not going to take lead role. Smart decision. What are those GST revenues for, after all?


I think we will have a ranking of citizens, based on ability to pay for speed and frills, into at least three classes. In First Class, elites will pay for the privilege of swooping to the head of the queue, by passing through an iris or facial scanner. Second Class will require the enhanced biometric passport, already on the way, and will take in the average Bali-touring citizen, ie, people with enough free cash to afford an overseas trip. Most people will learn to avoid delays, by carrying the passport. At the bottom of the pile will be those registered for social welfare, ie, no passport. The Centrelink access card will be a de-tuned version of the biometric passport - quick to exclude the ineligible (and all those falsely declared so by second-rate, poorly maintained equipment supervised by lackadaisical staff) and slow to say Yes. An ID-less population of miscreants and opt-outs will float around, at risk of being rounded up as potential terrorists, and acting as a convenient lesson about non-compliance.

Chilled to the bone

The following exchange, between Senator Mason and Mary Murnane, is an extract from the Senate Legal and Constitutional References Committee Inquiry into Privacy Act 1988

The three hearings (20/4, 19/5, 20/5) have had lot of discussion centred on HealthConnect's SmartCard. The ability of General Practice software to filter off patients' data has come under scrutiny, too. All very important.

In this passage, the Committee is trying to get the departmental people to disclose what they know, in language that means something. It is hard work, but at least the Senators have a go. They will pay for their impertinence. Ms Halton's factotums are not to be challenged, or questioned, or to give account to the public. Heaven forbid!

Friday, 20 May 2005 Senate—References L&C 31
LEGAL AND CONSTITUTIONAL
[11.00 am]
LYONS, Ms Margaret, First Assistant Secretary, Health Services Improvement Branch, Department of Health and Ageing
McGRATH, Mr Mike, Legal Adviser, Department of Health and Ageing
MURNANE, Ms Mary, Deputy Secretary, Department of Health and Ageing
RICHARDS, Dr Brian, National Director, e-Health Implementation Group, Department of Health and Ageing

Senator MASON—Do you believe that the federal Privacy Commissioner has sufficient powers to enforce the Privacy Act currently?

Ms Murnane—My beliefs are not really all that relevant but at the moment we have an inquiry into the Privacy Act. There has recently been tabled a review of the Privacy Act as it relates to the private sector, and that review was conducted by the Law Reform Commission and AHEC.There is always room for improvement. But I believe that the Privacy Act and the implementation of the privacy principles in the Australian government and comparable acts of state governments have engendered a culture of privacy both within the public service and within the community generally, and the application of the privacy principles to the private sector has strengthened a policy culture there.

Senator MASON—Let me explain why your belief is important. If the executive is seeking to promote these e-health initiatives and, therefore, rely perhaps increasingly on the Privacy Commissioner, if they are not currently doing a good job or if they need further powers, your belief is important, isn’t it? You are in a very senior position in the department. If you think that the Privacy Commissioner is not adequately protecting privacy, that would be relevant to a Senate committee, wouldn’t it, about whether the Privacy Commissioner should be given more powers or the executive is promoting further initiatives? Of course it is relevant.

Ms Murnane—But I did not say that; you are imputing that. I have a bit of difficulty going on. I am not saying—I did not say and I would not say it — that I am of the belief that the Privacy Commissioner is not adequately protecting privacy. I am simply saying that it is a practice now, and a good practice, that all legislation and the relevance and effectiveness of legislation are reviewed at frequent intervals, particularly in areas like this, where community attitudes are changing and both new IT discoveries and, from our point of view, medical discovery and capability impinge on the external environment. There is a constant need to ensure relevance.

Senator MASON—So do you have any concerns about the Privacy Commissioner’s protection of medical records?

Ms Murnane—No.

Senator MASON—The promotion of these new e-health initiatives and further responsibilities for the Privacy Commissioner, whether they are under a separate act or the same one, do not concern you?

Ms Murnane—That is a very broad statement. I would really want to know precisely what I was saying did not concern me. These are things that we give a lot of attention to. I am not willing or able to just give simple answers to —

Senator MASON—Let me make this clear: if you had said that currently you believed that the Privacy Commissioner was not doing an adequate job to protect medical records, the committee would be concerned to give further powers to the Privacy Commissioner if there were further e-health initiatives. All right? In other words, if they were not protecting medical records currently—if that is what you had said—the committee would be very concerned about giving the Privacy Commissioner more powers if you were seeking further initiatives. Okay? Do you follow that?

Ms Murnane—I did not say that.

Senator MASON—I know, but that is why I asked the question.

Ms Murnane—Okay; fine.

Senator MASON—Do you understand?

Ms Murnane—Yes.

CHAIR—Do you know how many complaints the Privacy Commissioner gets in the health area annually?

Ms Murnane—I do not know the answer to that.

CHAIR—I just wonder how you have come to the conclusion that there is no concern.

Ms Murnane—I think Mr McGrath knows.

CHAIR—You have made the assessment that you are not concerned about the Privacy Commissioner’s workload in this area but you do not know what it is.

Ms Murnane—I do not know exactly what it is. Mike, can you—

CHAIR—Then how do you, Ms Murnane, come to that conclusion—not how Mr McGrath may come to a conclusion? Would you like to reassess your answer and look at some of the facts?

Ms Murnane—I will have a look at the exact number, but what I do know is that there is not a vast number of privacy complaints or breaches of privacy that come to our attention that cause a significant concern with the fabric of the system to protect privacy.

CHAIR—The Privacy Commissioner reports that she gets 330 complaints. You would not know how they have been handled, if they had been completed, or whatever, I would presume, if you do not know how many complaints there are.

Ms Murnane—I did not think we were here to be questioned on our views on the administration of the Privacy Act and the thoroughness and ability of the Privacy Commissioner and the Office of the Privacy Commissioner to carry that out. We see through a very small window into the work of the Privacy Commissioner.

Senator MASON—That is all we want to know about—your little window.

CHAIR—To a lot of people it is a very big window and a very critical area, and the way it has been administered by your department in terms of your information bases and also by the Privacy Commissioner in their capacity both legislative and resource wise to protect people’s privacy is a critical part of this inquiry.

Ms Murnane—I am not sure what you are getting at. The Privacy Commissioner takes positions on what we do and put to her. We try to work with the utmost respect for the Privacy Commissioner’s responsibilities and all that they are charged with. We would not say as a department that we have found deficiencies in the way the Privacy Commissioner carries out their task.

CHAIR—Sure, but that is a critical judgment and, when you say that, we on this side of the table draw conclusions from it. I asked you what you base that judgment on, and you were not able to tell us the most basic information about the number of complaints and how they are handled. So for me that is probably a premature assessment that you made.

Senator STOTT DESPOJA—I want to make the point that this broad inquiry is looking at the adequacy or otherwise of the Privacy Act in relation to its current operations as well as contemplating the impact of new and future technologies. The department of health is in charge of arguably the biggest single technological device or change that will have an impact on the privacy rights of Australians, such as we have never seen before. The Australia card is nothing compared to what your department is in charge of. Looking at the potential consequences of this technology chills me to the bone. That is why today we need to work out whether current privacy laws are equipped to deal with this particular new technology and what steps the department and the government are taking to protect the privacy and security of Australians as a consequence of the development of this new technology. This is not airy-fairy stuff; this is happening in places around Australia, or at least being contemplated. We need to know who is involved in the process of determining these protections — so what public sector groups, what organisations, what industries have been consulted, if any. We have heard complaints about levels of consultation, particularly from the AMA. Beyond that, my concern is whether or not this is going to be limited to the information obtained by departments or health professionals in relation to the HealthConnect card or whether there is a proposal to share information with other government agencies, a la the comments of Minister Hockey on 28 April this year that it potentially could be used in dealing with Centrelink, another government agency. To me, this opens up a Pandora’s box of security implications and privacy implications, so forgive me if I am a bit startled by the notion that the department is not here to comment not necessarily on specific inquiries of the Privacy Commissioner but on the adequacy of the Privacy Commissioner’s role and responsibilities now, including the act. I would like to put some questions on notice based on comments by the productivity commissioner that relate to whether or not the benefits of this technology outweigh some of the concerns that people have. Ms Murnane, you certainly have the right to respond to my comments.

Ms Murnane—I did say earlier that there is a continuous need to review legislation, especially legislation like this that is dealing with things that are important to people and that is at an interface with massive technological change and also change in medical biological discovery. The need to reconcile those is important. I am not in a position to say where exactly I think the Privacy Act should be changed. I think that is something that you are inquiring into. At the moment, we have been concerned that everything we have been doing is fully consistent with the Privacy Act, and we have been working very closely with the Privacy Commissioner and her office on that.

Senator STOTT DESPOJA—The department and obviously the minister have had the opportunity to examine the ALRC’s comprehensive report into genetic privacy, Essentially yours. Can you advise us of what discussions, meetings or debates have taken place around that report? I am wondering if there is a time line for a response to that report. I am sure the minister is responsible for any specific dates or information, but I am just wondering what work the department has done on that comprehensive report.

Ms Murnane—The whole-of-government response is being developed. I cannot give you any more specific information than that, but we will look at that on notice.

Senator STOTT DESPOJA—I notice that in response to questions of mine in the parliament last week, Minister Ellison talked about specific aspects of that report being referred to the Standing Committee of Attorneys-General. I am just wondering if there is a comparable committee within the health department that may have been examining the report.

Ms Murnane—Not to my knowledge, but I will check on that.

CHAIR—Thank you very much, Ms Murnane and staff.


Mary Murnane is deputy to Jane Halton - Executive.

National Smartcard, 15 June 2005

QUESTIONS WITHOUT NOTICE: National Smartcard > Fawcett, David, MP; Hockey, Joe, MP; Howard, John, MP > 15:24:00

 

Mr FAWCETT (3.24 p.m.)—My question is addressed to the Minister for Human Services. Would the minister advise the House of initiatives to improve service delivery infrastructure for Australians?

Answer

Mr HOCKEY—I thank the member for Wakefield for his question—and isn’t it great to have a Liberal representing Elizabeth in South Australia? It is great news for the people of Elizabeth and South Australia. This government is determined to improve service delivery to all Australians. Australian families are generally fed up with having to fill in government forms, particularly when they claim Medicare, and also going into Centrelink offices in order to claim the benefits that they are entitled to. The financial services industry moved away from banking passbooks and limited trading hours in the 1980s, but the government still pursues a process of asking people to fill out forms and go into offices.

I can advise the House that the government is now developing a detailed proposal for the introduction of a national smartcard and that technology is going to provide easy access to welfare as well as health services. Current legislation ensures vigorous privacy and security standards are part of a citizen’s private information protection. The microchip in a smartcard will add additional security to the protection of individuals’ information. We are going to work closely with the Privacy Commissioner to ensure that any improvement in service delivery using new technology will safeguard every Australian’s legitimate right to privacy.

We are developing this proposal as a whole-of-government proposal. I can advise the House that the Prime Minister raised this with the premiers at COAG two weeks ago and the premiers are right on board and have embraced the Australian government’s approach to have a single standard and single protocol for the development of smartcard technology in Australia. I know that the Queensland government is developing a $300 million smartcard for public transport in Queensland. However, there is a danger to all of us that we are going to end up with different ‘rail gauge’ technology across Australia during the introduction of the smartcard. We are going to avert that, because we are going to deliver, in partnership with the states and in partnership with the private sector, common standards and common protocols that ensure that Australians are going to receive the sorts of services that they should get in the 21st century with 21st century technology.

The Poms are ahead of us

The Poms have been working on their identity cards for yonks and the latest was a request by the US that the ID would be compatible with their computer system.

One won't be able to fart to more than 40 decibels in Swatziland without a red light lighting up in Washington.

It's a World Wide CONspiracy by the con artists in power to kill our individuality by framing all and sundries in data banks ... and don't forget to take your pills.

CrimTrac

As addendum to ID Cards, CrimTrac is the agency set up in 2000 to be the central point for collecting all data on offenders, like fingerprints and DNA profiles. It seems reasonable to suppose that whatever criteria DIMIA uses for identification, the scheme will be compatible with CrimTrac's, and all other agencies that have to get identity correct.

Hansard for May 12 2005 shows the Attorney-General replied in writing to a question from Rob McClelland about the "operating deficit of $10.5 million for his department in 3003-04". The figures supplied show CrimTrac underspent by $6.3m, the reason given that "the Minimum Nationwide Person Profile had been expected to be completed in 2003-04 but is now expected to be completed in July 2005".

From CrimTrac's timeline:

"1998 The Australian Federal Government commits $50m to establish CrimTrac, with a national DNA database as a central element."

From CrimTrac Annual Report 2003-4:

CrimTrac’s National Criminal Investigation DNA Database (NCIDD) contains profiles from samples collected from unsolved crime scenes, serious crime offenders, suspects, volunteers, missing persons, and unknown deceased persons.

NCIDD operated 39 per cent under budget due to lower than expected use of NCIDD/SQL*Lims.

Records on NCIDD as at 30 June 2004
Category and Number of Records in NCIDD
Crime Scene 6231
Offenders/Serious Offenders 18 101
Suspects 23 758
Volunteers (unlimited purpose) 2898
Total 50 988

CrimTrac had estimated for the 2003–04 year that more than 100 000 DNA records would be uploaded onto the system during the year, this figure fell short due to legislative complexities and delays. The estimated figure for uploaded DNA records in the 2004–05 year is expected to be over 200,000.

ID View from england

The Independent 27 May 2005
US wants to be able to access Britons' ID cards
By Kim Sengupta

The United States wants Britain's proposed identity cards to have the same microchip and technology as the ones used on American documents.

The aim of getting the same microchip is to ensure compatability in screening terrorist suspects. But it will also mean that information contained in the British cards can be accessed across the Atlantic.

Michael Chertoff, the newly appointed US Secretary for Homeland Security, has already had talks with the Home Secretary, Charles Clarke, and the Transport Secretary, Alistair Darling, to discuss the matter.

ps...

PS Gus.

Luv the 'sweeping lady'.

Cheers.

on bad guys

Hi Gus. Orwell would be proud of this initiative & sooner or later (I'll bet sooner) the word will come through to Washington's branch office down under wanting the same thing (if it hasn't already been agreed to).

Governments the world over have shown themselves to be immensely capable of spending billions on controlling & prying into the lives of the law-abiding majority, whilst the 'bad guys' just cheat, manipulate or buy their way past any controls.

Did anyone see the SBS program the other night on the resurgence of the Camorra in Sicily? Seems like Berlusconi's efforts to weaken the Italian judiciary, in order to escape investigations into his corrupt activities, has helped the bad guys re-establish themselves.

As to the US, who'd want to go there these days anyway?

Cheers.