Released 6:00am, 6 May 1998
This document is at http://www.privacy.org.au/Media/MR980506.html
The privacy interests of Australians are at grave risk from the failure of the Office of Government Information Technology (OGIT) to consult adequately in developing its new framework for delivering government services online.
The Australian Privacy Foundation today responded to the launch of OGIT's Project Gatekeeper report by the Minister for Finance, John Fahey. The report outlines how OGIT believes a government public key infrastructure (GPKI) should operate.
OGIT had refused to provide a copy of the final report to privacy advocates prior to today,s launch.
The public key infrastructure is intended to support the identification and authentication of individuals dealing with government agencies.
"This project has an enormous impact on the Australian public, and OGIT has failed to understand its privacy risks." said the Foundation's technology spokeperson Roger Clarke.
"OGIT should have addressed the public policy implications from the very outset of the project," he said. "Instead, OGIT invited privacy advocates to discuss a late draft of the report just a few weeks before it was finalised. They should have entered into meaningful consultation with consumer advocates at a much earlier stage in their projects."
"Applying quick band-aid solutions to privacy issues is a high-risk strategy", said Foundation Director Tim Dixon. "It is particularly disturbing that the Gatekeeper proposal was developed by technocrats without open public consultation. This could result in privacy-threatening features being embedded in the design, including:
"We'll be examining the report very carefully, to check OGIT's assurances that they have reflected advocates' concerns in the final version".
The Foundation also expressed concern that the poor handling of this project might undermine public confidence in electronic commerce and electronic services delivery.
For further information, contact:
Roger Clarke, Technology Spokesperson, Australian Privacy Foundation
Tel: (02) 6288 1472
Email: Roger.Clarke@anu.edu.au
Tim Dixon, Director, Australian Privacy Foundation
Tel: (02) 9262 4504
Mobile: 0411 114 411
Email: tdixon@magna.com.au (Tim Dixon)
For background information, see:
http://www.anu.edu.au/people/Roger.Clarke/II/CryptoSecy.html
For a personal position statement on public key infrastructure, see:
http://www.anu.edu.au/people/Roger.Clarke/DV/PKIPosn.html
Go to the APF Home Page.
Created: 4 May 1998
Last Amended: 20 December 1998
APF thanks its site-sponsor: