[LINK] Access your areas
Roger.Clarke at xamax.com.au
Fri Mar 9 16:14:18 AEDT 2007
[My comments on the article, as sent to Mark Metherell, are below]
>Access your areas
>March 9, 2007
There's lots of great stuff in your article, and it's good to have
some in-depth coverage at long last.
But there are some problematical aspects, which I've commented on below.
Regards ... Roger
> ... Its most controversial feature is a photograph of the
>cardholder that will appear on the card, and be stored both in an
>electronic chip on the card and on a central databank.
Not correct. The problems are legion, and the photo is just one of
them, and far from the most serious one.
Mason is attempting to deflect the debate onto one minor problem, so
that he can magically solve that (by writing a report recommending
that the photo be taken off the card), which he hopes will then
enable the Government to spirit the Bill through the Senate.
Mason's fellow Committee-members need to force him to consider the
rest of the legion of problems that have been drawn to attention.
Sorry I was on the move yesterday, and couldn't get info about
photo-matching to you in time. The idea of identifying people based
on their photos is a total myth. Facial recognition is a
very-low-quality authentication mechanism; but it is an *impossibly*
low-quality *identification* mechanism. (Just because senior
bureaucrats and politicians are unable to understand the explanations
that they are given doesn't make the explanations wrong). The
Cornelia Rau scenario is a complete furphy. The photo is a minor
issue in the scheme.
>Biometric technology will enable the photograph to be instantly matched
>with the image stored on the smart card's national database. The
>biometric photograph would "dramatically improve" the ability of
>authorities to respond to cases like Rau's, says Patricia Scott, the
>secretary of the Department of Human Services, which is responsible for
>the $1.1 billion access card scheme to be implemented next year.
>"We are confident that if Cornelia had been registered and had a card,
>we would have been able to find her in our system," Scott says.
Scott is talking utter rubbish. It's embarrassing that a very senior
government executive could declare such twaddle, least of all to a
If people in Australia with expertise in the area are for some reason
regarded as being untrustworthy, please contact overseas experts like
Bruce Schneier, and ask *them* to provide their reaction to Scott's
>She told a Senate estimates committee hearing last month that such uses
>of the access card would be in life-or-death situations, consistent with
>a central aim to protect privacy.
Scott is again talking rubbish.
1. The Privacy Act contains multiple bases for disclosure of
personal data, and emergencies is just one of them.
2. There are vast numbers of legally authorities for disclosure
external to the Privacy Act, including demand powers and
extra-judicial (i.e. agency-created) warrants.
Scott might be displaying embarrassing ignorance in relation to the
relevance of a photo-database to the Rau affair. But if the way
you've reported her statement is accurate, then she is simply
misleading the Senate, and should be called to account for it.
>Mason's views can be expected to carry added weight among his
>colleagues. A former barrister and criminologist, he wrote a book on the
>subject: Privacy Without Principle - the Use and Abuse of Privacy in
>Australian Law and Public Policy. It concludes: "In the politics of our
>age 'security' eclipses 'privacy'. The personal is political privacy
Do you understand what Mason means by that? I don't.
Is he saying that the APF as an advocacy organisation is
participating in politics? Fair enough.
(Although I thought he would have regarded that as an honourable
occupation. But perhaps he means that only people who get themselves
pre-selection in a safe slot on a ticket have the right to
participate in the political process?).
Alternatively, is he saying that rational analysis of the privacy
impact of government proposals is an impossibility?
Is he saying that the legal and systems analyses of people like Anna
Johnston, Graham Greenleaf and Roger Clarke are inevitably partisan,
and should therefore be ignored?
And/or that political judgements by people like him are appropriate,
but judgements by people outside Parliament, even if based on careful
analysis of the available information, are irrelevant to the
>Photographs of 16.5 million adult Australians expected to sign up for
>the card will enable use of ultra-sensitive facial biometric technology.
>This measures and analyses physical characteristics - such as the exact
>distance between the eyes - so minutely that even the subtle facial
>differences between identical twins can be detected.
The statement that so-called 'facial recognition' technology
"measures and analyses physical characteristics" is very probably
false. All that the technology actually does is apply some
statistical methods to an image of the person's face.
The statement about the distance between the eyes being part of
'analysis' is also very probably false. That distance is only used
as part of what's called the 'registration' and 'normalisation'
processes. These ensure that the face is oriented the same way each
time, and that the image occupies about the same percentage of the
image each time a photo is taken and the statistical procedures are
run. That distance plays no part in the statistical mashing itself.
(I would like to say "certainly false", but the Government refuses to
publish information about the technology and the application, and the
suppliers of the technology also do not publish any reliable
information about the mechanics. So it's necessary to interpolate
from available information).
Put briefly, so-called 'facial recognition' technology does not
Moreover, its quality is appalling. Contrary to what someone unknown
has told you (my statements are *on* the record, unlike the
presumably unattributable source you're drawing on), the technology
would almost certainly fail to reliably distinguish between identical
twins. (In the masquerade perpetrated by IATA committee-members
against the Smartgate system, it became clear that the Australian
scheme can't even tell the difference between two unrelated Japanese
Whoever provided you with the information in that paragraph is either
a charlatan, or was provided with the information by a charlatan.
(Perhaps I should moderate my language slightly, and refer to a
'vacuum-cleaner salesman' rather than a 'charlatan').
Once again, if local people who know about biometrics are regarded as
partisan because they keep saying things that upset Ministers and
their minders, please ask some experts somewhere else.
>The Government has been at pains to counter suggestions the card will
>inevitably become a national identity card, saying there would be heavy
>fines and even imprisonment imposed on companies or individuals
>demanding the card for identification purposes against the wishes of the
>cardholder. Cardholders would not be required to carry it at all times
>and it would be "voluntary" - provided that citizens were prepared to
>forgo government payments, such as pensions and Medicare benefits.
The submissions of the APF and other organisations have explained
that the Bill does *not* provide the protections that the Government
pretends are in there.
>The Government supports its case with a KPMG report that says the new
>card might prevent fraud of up to $3 billion over 10 years, "a very
It's become clear that KPMG did *not* undertake a study of the
benefits. KPMG merely quoted a statement made to them *by the
Government*, to the effect that the *potential* existed for such
amounts to be saved, i.e. fraud of something like those levels
appears to take place.
The Government has steadfastly refused to publish the document. They
clearly have something to hide. The most likely thing they are
hiding is that there is no explanation as to how the 'potential'
would be realised - just a pious hope that technology would somehow
make a difference.
>The Fels taskforce has acknowledged the photograph would be a "major
>factor" in preventing fraudulent health and social service activities.
The Fels taskforce has been discredited. Despite the evidence
provided to it, it made the gentlest possible recommendations, and
some of *them* were rejected by the Minister (Hockey, two Ministers
The previous Task Force comprised honourable people who resigned when
their recommendations were ignored. Fels and his colleagues failed
to take the honourable course and resign. They have thereby become
part of the problem - a shield to protect the Minister - rather than
part of the solution.
>Campbell suggested privacy safeguards satisfied public concern: "The
>classic answer in the vox pops I have read is, 'If you have got nothing
>to hide what have you got to be afraid of?' Most Aussies want to do the
For the response to that piece of simplistic nonsense, see:
Frequently Asked Question No. 10
If I've got nothing to hide, why should I be afraid of a National
>BOTH SIDES OF THE CARD
>* It streamlines claims for benefits from Medicare, Centrelink, Veterans
>Affairs and 14 other agencies, all using separate cards, making it
>faster and simpler for claimants.
The Government's '17 cards' argument is mythical. See:
Frequently Asked Question No. 3
How many of your cards will be replaced?
>* Biometric photograph on the surface, in the card chip and on a central
>register makes fraud, at present costing $1.4 billion to $2 billion a
>year, much harder.
The Government has failed to publish any evidence to support that assertion.
>* Cardholders have option of including medical emergency details, organ
>donor status and contact details, which can be accessed by hospitals, on
>the card chip.
This is an extraordinarily difficult undertaking, has been considered
in many countries many times over the last 10-20 years, but has not
been successfully implemented anywhere.
And, if a design can be produced that will work, then it's worth
doing *separately* from a national identification scheme.
>* The card could be used to check eligibility for other concessions,
>such as public transport and cinema discounts.
The present arrangements are simple, because existing cards are
designed to be easy to recognise. But the new card is *not* designed
to display concession-rights.
>* Biometric photograph held on register will make it potentially easier
>to identify and trace people in danger, or who have gone missing.
Utter rubbish, because so-called 'facial recognition' technology is
of far too low quality to support one-to-many identification
Roger Clarke http://www.anu.edu.au/people/Roger.Clarke/
Xamax Consultancy Pty Ltd 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au http://www.xamax.com.au/
Visiting Professor in Info Science & Eng Australian National University
Visiting Professor in the eCommerce Program University of Hong Kong
Visiting Professor in the Cyberspace Law & Policy Centre Uni of NSW
More information about the Link