The debate over the proposed national ID card has all the hallmarks of a solution looking for a problem. For proponents of the card, a number of benefits against domestic terrorism are touted: efficiencies in government services; elimination of the black economy; and avoidance of those embarrassing immigration department errors.
In addition, the new ID card isn’t reheated spam, unlike the Australia Card, which was so unpopular it had to become the tax file number system. It’s futuristic, with biometric data to be collected and held in a central database. By going down this road, it is argued, the system will be totally fool-proof, and pesky problems of who’s who will be solved forever.
The centralisation of biometric data means that each government transaction we have - getting welfare, being arrested, buying a dog permit, getting your licence, or lodging your building application - can be identified by the authoritative record of your unique identity. This is validation. More powerfully, these unique identifiers can be employed across government to bind all the diverse bureaucratic information systems together. It’s likely that key private sector organisations, such as banks, will require this information also. This is interoperability.
The anti-terrorism argument says this allows people who are planning crimes to be detected either through the recognition of suspicious patterns of activities or the ability to track known persons of interest. To make your life easier, the system will eliminate tedious processes of providing each government agency with the same information and allow staff in one government department to have a much better understanding of you and your needs when they refer you to other services.
While some critics have warned against this approach because of the threat of "hackers", technical and security concerns are far more basic and should give any government pause for thought. At the first instance, the approach proposed calls for the integration of government data through an overarching validation system. Thus, rather than bring all government information together into a massive single repository, existing systems will be linked. As any good programmer will tell you, the incidence of programming flaws and points for exploitation is most prevalent at the interface between different systems.
Any secure system is only as strong as its weakest point. Thus, we should ask: how strong are the systems that are likely for integration?
If the Victorian Police database (LEAP) (pdf file 597KB) is anything to go on, the ID card is in for a rocky road. In its March 2005 report on misuse of the system by a small number of police, the Director of Police Integrity concluded that the system was very old, lacked appropriate policy and technical limitations on unauthorised access of data, and should be replaced. It’s worth noting that the LEAP contains information of a very personal nature, not just about criminals, but also witnesses and victims of crime.
Faced with a damming report on the system, the Police Minister Tim Holding’s response was, essentially, to reject the core recommendation. The antiquated system would remain. With this being one of the foundations of the new national ID system, we have to ask how comfortable we feel about this.
Bringing together diverse database systems in a secure manner is a technical nightmare. In the UK, the Blair Government attempted to introduce a welfare payments smartcard in the late 1990s. While they attempted to link two agencies (social security and the postal service), the project was plagued by technical problems and cost overruns, and was eventually cancelled but only after the government had payed £1 billion. In IT terms, this was a simple project compared with what will be required for the new Australia card.
But you don’t have to doubt the technical capacity of government to undertake this project to have concerns. Privacy is not some inalienable right that is absolute. It is something very personal and precious to us all. The notion of privacy that we hold today sits along a continuum that should be the subject of public discussion and debate. But citizens have the right to be concerned when it is government that asks for this setting to be renegotiated.
Australia’s federation was founded on a concern that the smaller colonies would be overwhelmed by the national government and large states. In addition, the division of powers between different branches of government and between different levels of government was seen by the designers of federalism as a check on the totalising power of the state to dominate personal affairs.
Technology can undermine this essential political design but only if we lose sight of why we have the political structure that we do. The irony is that those with the liberal philosophical bent proposed this design, while it may be a Liberal government that undoes this essential safeguard.
The sad truth of the matter is that the ID card is somewhat of a furphy. As Amanda Vanstone has made clear, the card becomes nothing more than a meaningless piece of plastic in our already over-stuffed wallets if there is no biometric database sitting behind the system. What Vanstone does not elucidate, however, is that with a biometric database the card is redundant.
Why carry a card when you can use facial recognition or fingerprints to provide identity without the plastic? The power of the system is not in a card that can be lost, stolen, or duplicated. It’s in the network that sits behind government firewalls. The Commonwealth recognises that it is easier to suggest this debate is about giving us all another card than saying that they’d like to sample everyone’s DNA. While governments like to be personable, most Australians might find that a little too intimate.
Postscript: Following the publication of this article, the Minister for Police in Victoria, Tim Holding, announced that the LEAP database would be replaced. This decision follows the public reporting of successive losses of paper records out of the LEAP system.