Australians Want ID Cards - But How?

February 1st, 2006: A Newspoll survey, commissioned by The Australian

newspaper reveals that a majority of the Australian public is in favour of a national identity card. Wither HealthConnect?

In a week when the trumpeted Federal HealthConnect smart card has once again hit hard times, 53% of the Australian public - as polled by Newspoll - say that they are either 'strongly in favour' (27%) or 'somewhat in favour' (26%) of a similar 'all eggs in one basket' system.

It is also being widely reported that the brand new Dutch biometric passport system can and has been cracked so that personal information is available to unofficial sources within two hours.

This poll brings up several issues of interest to IDM readers, not the least of which is how exactly such a centralised scheme - which must by necessity use as many ID-checking information vectors as possible to ensure authenticity - be implemented?

Bear in mind the much-vaunted HealthConnect scheme, which according to Health Minister, Tony Abbot in May 2004 would have been used: "…to integrate patient records from hospitals, doctors' surgeries, nursing homes, medical laboratories and pharmacies", has currently eaten up an estimated $120-million and has only been sparsely trialled. HealthConnect-like data would only represent one ID vector in any truly authentic ID card scheme.

A full scale National Identity Card begs many questions from the logistical point of view: what legislation (and consequent compliance issues) will need to change in order to accommodate data matching (and mining)? How will the various ID vectors be data matched from systems as disparate as social services, social security, the penal system, the legal system, the various State and Territory transport, education and, of course, health authorities? How will the cards be read? When read, how will that information be displayed? Will all the information be stored and accessed centrally? How will it be transported? What encryption will be used? What will the lifespan of the information be? At what point and how will it be destroyed? The knowledge management, ICT and document management issues are astounding.

A poll is simply that, however. As Attorney General, Philip Ruddock, pointed out during a Sky Television interview: "I note that there was a time before where there was very strong support for a national ID card, and as debate proceeded, support waned."

For example, in 2004 a keen supporter of the system such as Peter Solomon of smart card maker, Intercard Wireless (which went into voluntary administration in that same year) was very much in favour. Speaking to the Bulletin magazine - apparently on behalf of the government, Solomon pointed out: "Because of the important element of national security, the government - sadly - has come to the view that a multifunction smart card has become a necessity from both national security and efficiency points of view."

A year later in June 2005, however, Attorney General, Philip Ruddock spoke at a Sydney Smartcard conference where he said: "There have been recent suggestions in the media that the government is going to introduce a national identity card. I can assure you that this is not the case. We do not support the approach where all personal information is centralized on one database, and a single form of identification is issued."

He continued at the same conference: "Such an approach could actually increase the risk of identity fraud because only one document would need to be counterfeited to establish an identity."

However, during the Sky Television interview, the Attorney General commented: "…having a national identification system doesn't mean that your privacy ought to be compromised. The exchange of information with relevant sections of government occurs now, but under legislation that authorises it. There's specific legislation that authorises what is called data matching, and that wouldn't necessarily change. It would only change if you made a decision that there was a public interest in broadening information that is available. But it doesn't have to follow that introduction of a national ID card would have any impact upon privacy at all."

A hazy phrase like "won't necessarily change" when applied to legislation by the chief legislator in the country is enough to make any compliance officer in any organisation turn to the various privacy acts and amendments that already litter the statute books - and panic.

The next step for the government is to outline the terms of reference for any kind of an ID system. When speaking to the Attorney General's office, IDM was told: "It's still very early days. It has not even been decided what format the card would be - a physical card or something else."

The format of the card will be one of the major concerns for any enquiry into the scheme. As yet no terms of reference have been laid down for such an enquiry, although Ruddock stated, or rather alluded: "I'll make an announcement soon, and that could be this week, it may not be."

The format of the card will dictate the read and write technologies, the database interconnectivity, the data matching techniques but not the privacy laws that will also need to be changed to accommodate a centralised system. So, we await the terms of reference for the enquiry that will be announced this week… or: "…may not be".

Tell us your professional opinion on the issue of smart cards.

Related Article:
Passports are key to our future security