Caslon Analytics elephant logo title for Australia Card profile
home | about | site use | resources | publications | timeline   spacer graphic   Ketupa

overview

identifiers

precursors

1980s

surrogates

2006

claims

costs

models

private

plastic

register

UHI

TFN/ABN

police

attitudes

futures

FAQs

studies

landmarks
















related pages icon
related
Guides:

Privacy

Security

Consumers

Networks

Identity




related pages icon
related
Profiles:

Australian
privacy
regimes

Official
Registers

Human
Rights

Australian
Constitution
& Cyberspace

100 Points
Scheme

Forgery &
fakes

Biometrics

section heading icon     Access Card FAQs

This page considers some questions that we have received from journalists, businesses and civil society advocates regarding the new Australian government services Access Card.

It covers -

  • the anti-identity card?
  • a national identity card?
  • the road to 1984?
  • my life on a chip?
  • one file to bind them, one file to rule them all?
  • forgery
  • privacy and displacement
  • operation
  • End Times
  • alternatives and opportunities
  • moving targets
  • inconsistency
  • what's missing from the debate

     the anti-Identity Card?

Q: You highlighted a Minister's comment that the Access Card is the "anti-Identity Card". Is it a stealth version of the Australia Card?

A: The notion of an anti-Identity Card (implying some sort of anonymity?) is not very useful. Such quips are one reason why Ministers aren't let out without minders.

It is clear from the proposed legislation that the Access Card will be used by a range of government agencies to identify an individual in relation to delivery of services and receipt of entitlements. Identification is the key function of the Card: the basis for the government's plan to spend over a billion dollars and thereby save a large amount of money through reduced fraud.

Graham Greenleaf suggested that if it waddles like a duck and quacks like a duck it's the Australia Card Mark II - same rationale, same functionality, just different feathers (arguably what you'd expect given the evolution of data processing and networking over the past 20 years). The Access Card is essentially the Australia Card Lite - a national identifier scheme covering most of the population, used by a range of government agencies and coopted by private sector interests.

We have suggested that a crucial concern is the privacy regime wrapped around the Card and the Register - covering use by the public and private sectors - rather than whether the Card exists.

     a national identity card?

Q: Why does the government keep saying that the Access Card is not and never will be a national identity card?

A: Put simply - political prudence and disagreement about terminology.

Characterising the card as a services access card rather than a national identity card lulls some anxieties about "an Orwellian future" and underpins marketing that promotes the image of a government concerned to provide entitlements to voters while restricting abuses by the "underserving" or "criminal".

People disagree about what constitutes a national identity card. The Access Card is not a national identity card in the sense of an official identity document that must be carried by all adults and must be displayed on request by a range of officials (and private sector agents of government). You won't have to carry it. There are restrictions on requirements for its display. In principle if you do not interact with government - because for example you have chosen to forgo access to services - you can avoid having/using the card. That is analogous to the feasibility of operating without a Tax File Number and other identifiers.

In practice, of course, it is going to serve as the de facto national proof of identity document in the private sector and will be a one of a bundle of identifiers used by the national government.

     the road to 1984

Q: Aren't identity cards and access cards only found in totalitarian states? Are we on the road to 1984?

A: Soundbites about 1984 are useful in polemic but less valuable for understanding.

It is clear that several liberal democratic nations (including states such as The Netherlands that are considered by some to be more "progressive" or "liberal" than Australia) require residents to identify themselves through official proof of identity cards and use cards for accessing government services. We have suggested that cards as such are of less concern than ensuring that abuses do not take place and that there is timely, effective redress if abuses occur.

It is also important to recognise that notions of 'identity' and verification are somewhat fluid.

Many Australians currently have medicare cards, credit cards, drivers licenses and tax file numbers. Several million people, correctly or otherwise, have become accustomed to use drivers licences as a primary form of proof of identity in private sector transactions - the photo licence is the de facto national identity document, albeit one that offers a fuzzy identifier and that generally is not systematically captured in data networks

    my life on a chip

Q: Is all the information on the card? Won't that assist identity thieves?

A: There is recurrent angst - and some scaremongering - based on perceptions that an individual's life history (including financial and medical information) will appear on the card in a form that can be readily copied and read by anyone with access to the bit of plastic. Such perceptions have been fed by government kite-flying (including suggestions that the card will include an electronic wallet for private purchases) and by media speculation.

As of early 2007 the Card appears to be an identifier - in essence metadata linked to information held in separate databases - rather than an independent and comprehensive repository of information that can easily extracted. The 'smartness' in the "smartcard" relates to the digital signature and biometric photo, along with the scope for linking to external repositories, not in any major knowledge found on the chip (eg a copy of the individual's tax file or criminal record).

As noted below, forgery of the Card will occur and will be undetected in some private transactions, in the same way that abuses occur with what purport to be legitimate drivers licences and other identity documents.

     one file to bind them, one file to rule them all

Q: Why won't there be a central database, holding all the information about everyone?

A: There are a number of reasons: technological, political and institutional. It is not necessary to keep all data (and all data processing) on one box.

In practice it is easier to maintain a range of databases under the auspices of several government agencies, with information being exchanged by those agencies and datamining conducted by/for those agencies.

Politically that is attractive, offsetting community anxieties about 'Big Brother's Database'.

Institutionally it is attractive because separate bureaucratic empires in Canberra - competing for status, funds, continuity - do not have to surrender control.

     forgery

Q: You say that the card will be forged. Is this for real?

A: Any system of identification, particularly large-scale systems involving financial transactions among individuals without personal relationships, can be subverted. One government rationale for the Access Card is that existing cards are being misused. Public and private sector reports indicate that key proof of identity documents such as drivers licences are forged or obtained illicitly.

We should expect some forgery of cards; creating a plausible fake is not a difficult task and for some people the potential rewards will outweigh potential penalties. Detecting fakes will be easy if they are used for interaction with government and its agents (eg through online realtime verification) but difficult if the card is used merely as the primary form of photo ID in private sector transactions.

Questions are thus how much misuse and with what consequences?

     privacy and displacement

Q: In an article for Privacy Law Bulletin you were scathing about the Access Card privacy report. What's happening?

A: 1980s debate about the Australia Card was significant as a catalyst for development of federal privacy law in Australia. Unfortunately, about the

     operation

Q: How is the Card going to work? Are the cost savings credible?

A: Given the nature of some transactions and the resources at the government's disposal the Card clearly will work. We would rephrase the question as whether it will work well, whether there are better mechanisms for reducing fraud or achieving other goals?

The answers to those questions are challenging. That is because there is disagreement about the prevalence and significance of fraud against the Commonwealth. Details of the Access Card system architecture have not been published. That architecture will morph over time because of legislative changes, different corporate objectives and the need to fix past failures.

It is clear from recurrent reports by the Australian National Audit Office and Senate committees that large scale information technology projects within government are particularly challenging. A range of major projects - in aggregate several billion dollars - have failed to achieve initial objectives and have been so extensively redefined as to be unrecognisable.

Activity in the health services sector has been particularly troubled, with recurrent rebadging on initiatives and abandonment of trials. That is consistent with major problems in e-Health and welfare services in the UK and Canada.

     End Times

Q: You've been dismissive of 'End Times' warnings about RFIDs. What about the Access Card?

A: We are critical of claims that RFID technologies represent the 'Mark of the Beast' (a theological position that is, of course, not accepted by all faiths), as proponents of such claims typically evade consideration of broader privacy concerns.

Shouldn't people, for example, be just as concerned about government mechanisms such as the TFN and about large scale data mining by commercial interests. (One reader of this page naughtily commented that the Prince of Darkness presumably takes advice from McKinsey & Co and outsources some data collection work to the private sector).

     alternatives

Q: Are there alternatives to a national Access Card?

A: A disappointing aspect of debate about the Access Card is that there has been little community consideration of different mechanisms for achievement of goals, or indeed of identification of those goals.

There may well have been comprehensive, fully informed and deeply reasoned analysis within government of alternatives to the Access Card. Unfortunately that analysis is not clear. The history of the Australia Card appears to indicate that policy was made on the run, much analysis was ad hoc and that the development process was driven by the ambitions of particular agencies. Conflicting statements about the Access Card suggest that little has changed.

Arguably it would be possible to reduce fraud through existing mechanisms (or, more radically, to accept claims that there has not been an explosive growth in fraud or that a certain level of abuse is acceptable when offset against the cost of new mechanisms).

Will the Card fundamentally reduce identity theft that does not involve fraudulent access to government services? The answer appears to be no.

     Moving targets

Q: How much will the Access Card scheme cost?

A: No one really knows, although it will almost certainly cost more than the figures announced in 2006 and early 2007.

One reason is that there's disagreement about identifying costs (eg only initial hardware costs for government?). Proponents typically exclude costs to the private sector of enrolment in the Register. Government is wary about publishing details of architectures that allow meaningful analysis by independent observers. As noted above, the track record of forecasting by insiders is poor.

Another reason is that few analysts provide whole of lifecycle costs - spending on ongoing rectification and major fixes is often buried in 'maintenance costs' and improvements. With a collaborative project such as the Access Card some costs will be attributed to activity within individual participating agencies; it is unlikely that we will see a comprehensive ongoing dissection of costs.

A third reason is that costs for such projects have typically blown out (and systems have underperformed), both through poor specification and project management and through the project creep that bedevils big government information technology projects that have to accommodate the evolution of legislation and ongoing administrative restructuring.

     inconsistency

Q: In an interview you described development of the Card as like nailing jelly to a wall. Why does it seem so wobbly and why the politicians talking out of both sides of their mouths?

A: As with the Australia Card, it is common to see claims that inconsistencies are deliberate and even attributable to some sort of conspiracy. There is nothing like chatter about national identity cards to entice the alfoil beanie demographic to go emo.

We tend to attribute inconsistency to opportunism on the part of some ministers, ineptitude and disagreement about what the Card is meant to do and how it is to be implemented. Lack of transparency inhibits effective analysis within government as well as by outsiders.



icon for link to next page   next page (studies) 


this site
the web

Google

version of February 2007
© Caslon Analytics