Comments From the Public about the ID Card
As of 19 June 2006
About priorities:
“…I heard an interesting comment yesterday… the government wants to do the frivolous things instead of the important ones…
“the elderly may be frail but they are not stupid.” – Marghanita da Cruz, Sydney
=======
About assertion versus lack of information:
“I agree that the rational and informed debate is what is needed. But the “informed” bit is hard to get when there’s a lack of information around. I’ll ask more directly than in my last post: what analysis exists which classifies benefit fraud by type?
“This stands at the core of advocacy for the card: “X million dollars worth of fraud each year” and similar statements. Fine; but if we aren’t told how much of the X million falls within the reach of the smart card, then we don’t have enough information for an informed debate.
An ounce of information is better than a ton of assertion!” – Richard Chirgwin
========
About fraud reduction claims:
[assertion from someone else] There are lots of public examples of fraud of both Citizens and Doctors.
” these are data points, not quantification of classes of fraud. At the minimum, how much of that $300 million is fraud by citizens, and how much of that $300 million is fraud by doctors … and how much of that $300 million is fraud by non-entitled persons (eg. non-citizens) … and how much of that $300 million is by doctors and patients in cahoots?
” So, question: will this new card stop “doctor shopping” fraud. Is this $31 million part of the $300 million?” – Eric Scheid
=======
About false trust in smartcards as secure:
“But: ubiquity is the problem.
“There are only two keys to the office in which I work; therefore a breach of security could easily be traced. Make it 20 million smartcards (more or less); make it just 50,000 people with “deep” access to the card and to the federal government data storage. On the whole, those 50,000 aren’t going to be *that* much better than the population as a whole. Now go looking for the 100 or 1,000 that can be subverted
“Now: it’s true that all forms of ID can be subverted; but the government is putting forward the assumption that it won’t be true of the smart card. It’s foolish of citizens to trust what they can’t see.” – Richard Chirgwin
=======
About emergency alert options:
“If all this was on a card instead I wouldn’t care, but I am more likely to be found without my wallet than without my arm. (Actually, it is sort of available on a card – Medic Alert provide one to back up the bracelet, but ambulance officers are far more likely to see the bracelet because they look for it.)
“None of this should be taken as me being in favour of the proposed ID-but-not-ID card. I’m making my information available voluntarily and I doubt that just anyone can ring Medic Alert and find out anything at all about me. I can see some value in a limited aggregation of health data with tight restrictions on access, but the card as proposed looks like a very expensive nightmare for everyone. If it is secure enough it will be useless and if it isn’t secure it will be abused.” – Peter Bowditch
=======
About ICT promises:
“Various studies show that ICT promises are rarely fulfilled – with failure rates as high as 97% being quoted for particular types of projects. This figure is of course sensational. The issue is not how many projects or ideas succeed or fail – but the cost and benefits derived from the effort.”
from http://www.ramin.com.au/itgovernance/ Marghanita da Cruz, Chair of the ACS Governance of ICT committee and/or Principal Consultant Ramin Communications
======
About failure in card reader malfunction and error:
“What happens when the chip reader doesn’t function? At the moment, with the machine readable passports, the plan is to have the operator manually type the number into the system. For that to happen, there has to be a number visibly displayed.
“For an example of actual implementation (and associated problems), this is what happens at the supermarket when an item doesn’t scan. Somewhat different, in that there are limited number of repeated items (eg cans of Campbells Pea and Ham Soup), rather than a large number of unique items (eg Australian citizens).” – Jonathan O’Donnell
========
About citizen acceptance and legislative protection:
” Three things are needed to enable citizens to decide if they want this new system:
– an analysis showing 1:1 what properties of the new system will combat which specific problems in the existing system. This doesn’t have to be hyper-technical, but it does have to exist. If it doesn’t exist, then our regulators are making a leap in the dark too!
– a reasonable cost estimate. Sorry, but the most cursory inspection of the registration costs alone suggests an initial cost FAR higher than that suggested, and ongoing costs ditto. Right now I seriously think that the fraud is cheaper than the proposed “solution”!
– a guarantee *in the enabling legislation* that this is not an ID card. For example, that a request to present this card for other than the specific provision of a specific government benefit to which the claimant believes him or herself to be entitled, should be a criminal offense. That the presentation by a cardholder of the card for any purpose other than to claim a government benefit should also be an offense. And that the recording of any data from the card by automatic or any other means, if not directly connected to the provision of a government benefit, should also be an offense. If this card isn’t an ID card, then such clauses should be no problem, right?” – Karl Auer
========
About a range of impacts: centralisation, costs, selling points, function creep without analysis:
” You keep saying that the new system will collect and process “no more and no less” than the present system(s), only better.
“We are (or perhaps just I am) not concerned about the volume, I am concerned about the centralisation, the linkedness, the comprehensiveness of the new system, because those things increase both the possibility of harm and the extent of harm should it occur.
“I’m also concerned that the costs, both startup and ongoing, have been *massively* underestimated and that the costs will to a large extent be dumped on individual Australians. The idea that this will cost only $15 per Australian is just silly.
“It concerns and irritates me that this is being sold as “just a more efficient” system, when it is in fact a qualitatively *different* system.
“It worries me a LOT that the system has the potential to be easily extended once in place, and to be pressed into the service of functions that I fear and detest, but that I know are dear to the hearts of our present regulators.
“You have now been asked, several times, to show a breakdown of the types of fraud that this new system will allegedly combat. We have yet to see any such breakdown, from you or anyone. Is there such an analysis? Without one, no rational assessment of the new system’s objectives can be made. Nor can any judgement be made about the costs relative to the benefits. It’s not a big ask. Have *you* seen such an analysis?” – K Auer
========
About using it as an ID card and broken government promises:
” If this card *can* be used as ID, it *will* be used as ID. depend upon it.
“Absolutely. The same way that you are no longer asked to produce “Proof of identity”, but you are asked to produce “you driver’s licence”.
“I guess it will come down to “An identity card” will not be mandatory to carry or produce on request, but you will be inconvenienced if you are unable or choose not to produce “It”. OTOH, “The Identity Card” will be mandatory to carry and produce on demand and you will probably be taken into custody if you are unable or decline to produce “It”.
“Ppl have become so disillusioned and cynical about the motives and behaviour of governments of all persuasions that they are now at a point where they, quite correctly IMO, question anything that any government proposes. I fear that a lot of this is in fact caused by the actions of the US government since 9/11 and the willingness for AU and UK to meekly fall in line.” – Howard Loundes
========
About user acceptance and government coercion:
“The extent and passion of this debate reminds me of another angle. “User attitude” is a very important success factor in big IT projects. If a significant chunk of the population is anti, it’s a risk factor for the project – and this is true even where the objections are not rational.
“Within the government, there may well be a feeling that attitude doesn’t matter. After all, the government has the power to enforce compliance even if the punters don’t like/want the smart card. My response is twofold:
– Coercion by government is repugnant and should be avoided wherever possible; and
– Even the assumption that government can enforce compliance doesn’t stand up to the test of reality.
“So there really is a very great need for the government to demonstrate all of the reasons why this is good for the citizens. “It’s good for the budget” is not sufficient; it’s too abstract, it’s demonstrated not by fact but by assertion, and rightly or wrongly it smells like spin.” – Richard Chirgwin
=========
About the threats to and difficulty of providing security:
“You see, some people out here actually *know* about security. Perhaps you do too, I don’t know, but at the moment it doesn’t seem so. Leaving that aside, however: There are classes of fraud that the smartcard could, if implemented correctly, stop or mitigate. There are whole other classes of fraud that the smartcard could *enable*. Exactly what these various classes are depends on the exact nature of the card; whether data is stored on it, or whether it simply provides access to a central database, and whether that access is read-only or also write. And there are other classes of fraud that the smartcard will have no impact on whatsoever.
“Rule number one in security – any kind of security – is “first know your threats”. Rule number two is “spend the most money on the highest risk”. An unwritten rule in any endeavour is “know what it will cost you”.
“All three of these rules appear to be being broken.
“Now, you can *tell* us anything. We don’t want to be *told*. We want to be *shown*. *Show* us the evidence that the threats have been enumerated and ranked. *Show* us how the smartcard will address some or any of those threats. *Show* us how the design and implementation will prevent abuse. And *show* us that the smartcard will in fact cost the paltry sum that has been bandied about, and not the many more millions that even a cursory inspection of the numbers would indicate.” – K Auer
==========
About refusal to produce in the future:
“That must be what the $200 million detention centre on Christmas Island is all about. It’s not going to be used for detainees because they’re all going to be on Nauru. It’s going to be used to house people who refuse to produce their Australia Card on request. And probably also people who microwave their Card.
“I look forward to finally putting some faces to the names of many list members (sic) as we take a holiday together in the Christmas Island Australia Card Resort.” – Richard Archer
“The Identity Card” will be mandatory to carry and produce on demand and you will probably be taken into custody if you are unable or decline to produce “It”. – Anonymous
========
About unprotected potential as an ID card:
“The Germans have a great word, “Verharmlosung“, meaning “making harmless”. They apply it to unexploded mines, but also to the practice of talking something down, saying it’s “only” this or “just” that.
“If something *can* be used as an ID card, it *will* be used as an ID card. The greater its perceived authority and the more widespread its availability, the more it will be used as an ID card. The proposed card will be more authoritative and more widespread than any such card in Australia’s history. Do you – does anyone – seriously believe that such a card will not become *the* defacto identity card?” – K Auer
=========
About cards having a number printed on them that can be typed in if the card is defective:
“If there is data on the card, this is a classic example of falling back to a less secure access method. All I need to do to fake being someone is to know their number, put it on a card and front up with the “defective” card. If working access to the data in the card is essential for the card to be useful, then defective cards are a show-stopper; on the other hand they are “more secure” in one limited sense.” – K Auer
========
On circumventing the system:
“Reminds me of a nice story re the Daintree Ferry…
A few years ago, Douglas Shire Council issued locals who live across the Daintree River with their annual ferry travel passes but with a new barcode to be read by the readers held by the Ferry drivers..
“It seems one of the locals (actually a Scot) managed to replace his barcode with one from a Coke bottle (so the story goes) – took a wee while for the authorities to cotton on.. and then one the barcode readers managed to go overboard There were no more barcoded passes issued after that…” – L Rouse
========
About the expansion of the card technology in the name of efficiency:
“Just about everyone gets some kind of government benefit. It will be very easy to add benefits to the system, once it is in place. It’s a very short step to linking this system to the tax system; that too would reduce by one the number of numbers a citizen has.
“Then the card will grow an RFID chip, perhaps, or expanded storage; store “just a few more simple items, needed for this, essential for that…”. Each step will of course be in the interest of greater “efficiency”. And so by quiet, simple steps, we sell ourselves.” – K Auer
=========
About Doctor shopping avoidance:
“the only way to stop it would be to update a central database *in real time* whenever a prescription is dispensed, and to check that database before dispensing.”
“some immediately obvious issues with that:
1. that could be done without an ID card – it could be done with just the current medicare card.
2. it still doesn’t prevent it when someone has one or more bogus identity cards. in fact, relying on the magic technology of “smart” ID cards will just make it easier to hide when it happens.
3. even if it worked, it would cause problems for people who genuinely lost their prescriptions (or left them at home while travelling or any one of dozens of other legitimate reasons for getting another prescription). IMO, it is far better to accept the risk of a small amount of over-prescription than to deny sick people the medication they need.” – C Sanders
=========
About Raising the Bar justification:
“unfortunately, an ID card lowers the bar, it doesn’t raise it. it gives criminals and identity thieves a single target to attack.” – C Sanders
“Anyway, by not raising the bar, you leave yourself open to abuse, as the pace of technology becomes more pervasive and cheaper: (read accessible by criminals)” – Anonymous