Image: iStock"Digital Identity is having the ability for the government to trust that you are who you say you are," is the explanation the Federal Government's Digital Transformation Office (DTO) gives for the establishment of a singular digital profile that will allow you to access various government services.
But trust has to go both ways, and the Australian Privacy Foundation (APF) has expressed "serious concern" about federated identity, stating the process has been "seriously deficient" and conducted "in a context of increasing distrust of government" (Census, anyone?).
The DTO says the global trend of services moving online, and the economic benefits that produces, necessitates an online identity verification process — particularly in cases of sensitive data.
"Currently users have to identify themselves again and again when they interact with different government departments, and we want to find a solution that fixes this problem," the DTO states.
The DTO uses the example of a Facebook identity as a form of digital identity, but is quick to say it's not suggesting the government wants to start linking to your social media profiles, giving the reason that "some online identities are trusted more than others".
The DTO is building both a verification model and a method for logins.
"Our project also involves developing a Trusted Digital Identity Framework (TDIF)," the DTO revealed at the commencement of the project, stating there would be consultation with "a wide range" of public and private sector stakeholders.
The APF's concerns surround the fact that the Digital Identity project has now been running for over a year, has reached the beta stage, and statements are being made about deployment.
"Yet civil society has yet to be engaged," APF says. "A single meeting has now been held, but materials were withheld until the last moment, and the very few advocates present had limited opportunity to gain clarifications, and virtually none to provide feedback".
The APF says that by its nature the project "harbours enormous threats to individuals, and to society as a whole", warning the whole thing has "a very high" risk of failure.
"This is the latest of many proposals that have come and gone over the last 30 years relating to citizen identifiers, accounts, authenticators and credentials," the APF says.
"Apart from express 'national identification schemes', most notably the Australia Card, Medicare Card expansion and Access Card proposals, there has been a series of PKI-based schemes, commencing in 1998, and re-surfacing in varying forms form time to time. These proposals have often been associated with entry-point schemes, most recently MyGov".
The APF goes on to say that the nature of the various proposals, and the processes adopted to developing them, have varied from authoritarian (Australia Card, AML-CTF, Access Card, the DVS expansion) to modestly but unsatisfactorily consultative (GPKA, NTIF).
During the last few years, public trust in corporations and government agencies has been seriously harmed.
Examples given by the APF include the substantial downgrading of the Privacy Act in 2012 in order to advantage the interests of corporations, and the eHealth record — nominally "personally-controlled" and "my" — but in fact designed to advantage public health, public servants and researchers, and "not at all oriented towards the needs of individuals."
An obvious recent example is the poor communication regarding the Census 2016 website failure, which was originally announced as a hack.
"Some projects have sought to ride roughshod over the interests of individuals and society as a whole," it says, "whereas others have at least acknowledged the impacts on privacy, and on freedoms more generally."
The APF says overall, there is a "lack of clarity" surrounding the scheme.
"Apart from a brief remark to the effect that the scheme could be implemented administratively, i.e. without parliamentary approval or even oversight, no information has been provided about applicable laws, and the impact of laws in such areas as data retention, data breach notification, cybersecurity, disestablishment of the OAIC, and a privacy right of action".
Comments
Isn't the 'AFP' the Australian Federal Police? might want to fix your article....
It's fixed. Any thoughts on the content of the article itself? Pretty troubling stuff, don't you think?
It is very troubling. Seems our government is on a very troublesome and worrying path. "Trust Us" :/
Keep up the good work @raejohnston
Pretty sure all instances of AFP should be APF
AFP would be the Australian Federal Police.
Last edited 26/08/16 12:10 pmYep! Fixed. What did you think of the article?
It was fine. Difficult to read, maybe because only a single paragraph consisted of more than one sentence.
I was referring to the content itself.
It was fine.
I'm obviously not being clear haha - I'm not asking for critique of my article. I was wanting to have a conversation about the content in it. But nevermind :P
Yeah, and I think its fine.
The Australian Privacy Foundation expressing concern about the federated identity which has been seriously deficient and is conducted in a context of increasing distrust of government is....fine?
Honestly, yeah, it is.
The horse is dead, for Dog's sake stop flogging it.
You don't think it's a good idea knowing what the Govt has planned? Whether you agree or disagree this is a decent article and it raises valid points. I for one am sick of the Govt deciding to implement changes without consultant or proper studies.
If it's such a good idea then it should stand the test of public consultation. That's the simple truth.
Seriously? You think they should waste even more money than they do keeping you informed of every decision that's made and every plan that is put up for evaluation? Nothing the APF says here is backed by any facts, it is all unfounded assertion. From what I've read here, the government are just trying to make it easier for citizens to access government departments and the method seems perfectly reasonable. The NSW government does it already, through their myRTA website. Where previously you needed two or three separate accounts with separate log-ins to renew your rego or pay a fine or book a driving test, all those things can now be done through a single log-in. That's all this is - an effort to make it easy for you and I to access our government. Only an idiot would think that was a bad thing.
Governments in general and particularly Liberal Governments don't care about you, they only care about the money.
Sorry nodeity, that's just ridiculous. The Liberals are about less government and more freedom, Labor is about more government and less freedom. I'll always take the former over the latter but there has never been a government that cared about me and I am fine with that because I don't see myself as the centre of the universe.
The thing is, though, that none of this is coming from our elected representatives, this is coming from the Public Service.
Speaking of ridiculous statements, this has to rank right up there. This may be true in some cases, but it's certainly not a reliable rule of thumb. Labor has quite a few current policies that are about removing existing restrictions on people's freedom.
If you want a better rule of thumb to describe the current major parties:
The Liberal Party believes that citizens are needed to serve the economy.
The Labor Party believes that the economy is needed to serve the citizens.
As for the particular subject of this article, I think we need to get a lot more information about what they're actually proposing before we break out the pitchforks. It sounds like a digital version of a passport, or an equivalent to a Tax File Number. It could be perfectly innocent, although it could also be abused in the wrong hands.
The LNP IDEA of FREEDOM is ensuring the richest and most powerful people are FREE to exploit the rest of us and the environment in as many ways as possible. Less Government doesn’t equal more Freedom it equals more control by private enterprise. You only need to look at the USA healthcare system and see how well that works out, it’s 3 times more expensive.
Everything this government does is for the benefit of the people who donate to their party not for the good of all Australians, it’s why they are out of step with us on everything.
"I am fine with that because I don't see myself as the centre of the universe."
Yet all your posts seem to dismiss anything if you dont like it
If a product doesnt suit your situation, you claim anyone who does use it is a moron.
Literally all your posts are Me, me, me, me everyone else are morons.
Remove your head from your anoos mate.
"Like" never enters into it, unless that's the word I use. What I am dismissive of is stupidity, things that don't align with the facts or common sense. In this case, the stupidity is the claim by the APF that 'by its nature the project “harbours enormous threats to individuals, and to society as a whole”' without even an attempt to justify the statement. It's scaremongering, nothing more.
The really stupid thing, though, is that I can guarantee you that I have far more to lose if the APF's predictions came to pass than anyone else here. You have absolutely no idea how much my life relies on the left hand of Government having no idea what the right hand is doing. If everything got gathered up and cross-checked, I'd probably end up in gaol or homeless. So I am not some disinterested observer but neither am I a paranoid nut-job. (To be clear, I pay my taxes and I receive no benefits of any kind from the government. I'm not ripping them or anyone else off, my lifestyle just relies on letting certain things slide and not getting called out on it.)
You really need to stop using insults in your replies. You're assuming that I believe that the idea is bad and then implying that I'm an idiot based on your guesswork.
My stance is that I want to see something that has a potential impact reviewed independently and transparently before it reaches implementation. It doesn't necessarily need to be reviewed by Joe Average but interest groups should be consulted well in advance so that problems and concerns can be raised and addressed.
Based on the article it looks like that is not happening and it'll be steamrolled out on the public - just like the census changes and a number of other contentious Govt programs over the last decade or so.
No skrybe, you need to stop thinking that you are the centre of the universe. If I wanted to call you an idiot, I would come straight out and call you an idiot.
The thing is, what impact do you think this could possibly have, other than making your life a little bit simpler? The US is the "Land of the Free" and they use their social security number as a universal access to government services but we have a tax file no., a Medicare no., a passport no., a driver's license, a shooter's license, a fishing license - it's a complete bloody mess and the duplication of effort must be considerable. Who wouldn't want all that simplified?
As for "interest groups", fuck 'em! They are responsible for most of the bad shit that gets done. Look at Harold Scruby, for example. There is a man who should be last on the list when consulting about road safety, yet he is the first person they go to.
AFAIK, the Census changes have not been abandoned. Have they?
You have a real lack of ability to interact and converse normally with other people. You can make your points without throwing insults around and without the air of condescending superiority.
Thats because his head is so far up his own arse. He is Gizmodo's resident D'Head
Last edited 26/08/16 10:35 pmYou're kidding right? You reply to my comment and the final line of it is "Only an idiot would think that was a bad thing." and you wonder why I assume the comment is aimed at me.
I innately want to disagree with you about having a single id simply because you're so rude about it. The truth however, in case you hadn't gleaned it from the previous reply, is I don't think it's a terrible idea. It does however need to be reviewed by more knowledgeable people *OUTSIDE* the Govt to ensure that the idea isn't flawed.
On top of that there needs to be full disclosure of what it will affect, what information it pertains to, our rights to access our own information, what access other parties (both Govt and 3d party) have and so on.
Slapdash and kneejerk decisions by the govt are terrible and they happen all the damned time. While I don't like rule by committee there are times when it should be used. Determine a group of experts and get feedback before implementing something potentially problematic.
As for "bad" consultants, I agree with you there. I've seen them in a number of areas messing up the good work that other people are doing. That said, I'd rather have one bad consultant in the mix if it meant we had a bunch of good ones to counterbalance them. This is why direct appointment of consultants by Govt is sometimes a bad thing - nepotism, corruption or sometimes just because it's the person who yells loudest.
Census changes not being abandoned would support my point. ie: they steamroll us with changes that are not welcome and in fact have opposition from knowledgeable people (like the former head of the ABS).
It's a conversation - one person has his say and someone else gets their turn. What might start as a response on something you said doesn't have to remain as such. That comment certainly didn't. Unless, of course, you really do think it is a bad idea to try and make it easier for citizens to interact with their Government. I had assumed you would see the value in that as a concept, am I wrong?
Hmm, maybe (though I don't think so) Dork means that the government should give up on flogging the dead horse of trying to create a single digital identity for citizens...
Glad to read an article about this though - only way things like this get attention and have even a REMOTE chance of being slowed / altered / improved is if people actually know about it before it's "announced" on a Friday before a big public holiday *cough* ABS *cough*
First I've heard of it actually going ahead, why haven't we been kept in the loop? This is already a fait accompli, much as I hate the idea, sooner or later we will be living in George Orwell's world.
1984 will never exist at least in that context.
If you recognize you are enslaved and controlled that defeats the purpose in the first place.
The logical and more sophisticated idea is what we having evolving in western cultures at present...
1- keep a section of the world at war or in hunger, so that your society/slaves can feel empowered and better off.
2- enable your populace to own, to have to express---label this as freedom.
3- counteract expressions of true freedom with satire and media saturation until it is swept under the carpet and dismissed by ridicule.
4- maintain a class system to reinforce that western culture is free if you work hard and reinforce ownership of 'things'
No matter how pretty the cage you live in at the end of the day it is still a cage...for your protection of course.
It strikes me that this is the digital equivalent version of the now-dead and totally unlamented Australia Card that those over 30 might remember.
Is the Prime Monster's DTO trying to find a reason to exist?
Spoken like a true pinko. I'd trust private enterprise over government any day. My employers over the years have certainly looked after me a lot better than any government. The idea of workers v management is about 100 years out of date. The vast majority of employers understand that happy employees are more productive. i.e .That looking after your workers is looking after your business.
As for Government being beholden to those who donate, what planet have you been living on? It's the noisy special interest groups who get all the Government interest, whether they are contributors or not. Can you name even one policy the Government took to the last election that was about its contributors? The assertion is absurd.
You are a tiny, inconsequential cog in a vast machine. Like everyone else, you have no power. Get over it. Just look at Malcolm Turnbull - he's the Prime Minister of the country and he can't do a damned thing that he wants to. What chance do the rest of us have?
Join the discussion!
Comment Voting
Up Votes
Down Votes
Only logged in users may vote for comments!
Please log in or register to gain access to this feature.
Get Permalink