John Murphy (Lowe, Australian Labor Party, Shadow Parliamentary Secretary to the Leader of the Opposition) Share this | Hansard source

It is a disgrace. He has endorsed that. The full public disclosure of the KPMG report would certainly help us to get to the bottom of this matter, but the government has chosen to keep it locked behind closed doors. Nonetheless, the government insists that there are current fraud risks that are unacceptable. The minister in his second reading speech also accepts that there is currently a ‘cumbersome and time consuming system for delivering health and social services benefits’. What neither the government nor the minister has addressed is why the current bureaucratic processes are not working.

Why has the government allowed fraud to become the problem it says it is? Why has the government allowed the system of delivering health and social security benefits to become as cumbersome as it is? The Howard government is trying to snatch a victory from the jaws of defeat. It is attempting to divert attention away from its own failure to clamp down better on rampant fraud, assuming this fraud even exists. It is attempting to divert attention away from its own failure to deliver essential services efficiently. That is what I call projection. What better way to divert attention away from its own failures than by a promise of a panacea in the form of an access card?

Rather than debating the government’s failures, we are now debating the pros and cons of an all-new access card that will apparently make those failures a thing of the past. However, those past failures will still be relevant. No government can rid itself of system failures by turning everybody into a number and issuing them a card. No government can rid itself of problems within a bureaucracy by blindly putting in a new layer of bureaucracy. To date, the government has done nowhere near enough to address the issues of security of data, privacy of data and quality of data. Changes in this bill and the implementation of an access card will do nothing to rectify these problems. Will a huge national database of identity details make Australian details less or more secure? Will such a database make Australians less or more vulnerable to counterfeiting, hacking or illicit sales of their details?

When commenting on Britain’s proposed smartcard, Frank Abagnale, the real con man on whom the film Catch Me If You Can is based, said:

I give it six months before someone replicates it perfectly ... Everything you need to clone an identity is in one place.

In an article entitled ‘Smartcard not so clever: fraudster’, published in the Sydney Morning Herald on 16 May 2006, a British ex-government expert suggested that there are inherent risks with the access card being proposed in this bill. Mr Heath said:

It is an extremely courageous step to put all your identification, all the different departments, on to one identifier.

The Howard government cannot shake off its past. The access card is not a panacea for fraud. The issue of identity fraud does not simply disappear with the introduction of a new card, no matter how sophisticated it may be.

The compilation of a national database of the whole population has serious implications in relation to potential fraud and misuse. The government’s past failures in fraud prevention are made more relevant—not irrelevant—by this bill before the House tonight. It is more important than ever before for the government to show extreme diligence in data security—diligence it has not always shown in the past. Despite an overwhelming majority of public servants performing their duties ethically and responsibly, we have heard numerous cases of staff mishandling information at Centrelink, the Australian Taxation Office, the Child Support Agency and Medicare.

I am not entirely convinced that the government has discharged its obligation to demonstrate the broader public interest in eroding individuals’ rights and privacy. Citizens should not have to prove a right to privacy or a right to be left alone; rather, the government must fulfil its obligations to prove it has a legitimate reason to put everyone’s personal details on one database. Proposing a so-called panacea for problems of fraud and service delivery to mask the government’s highly relevant past failures does not amount to a discharge of this obligation. For this reason I firmly believe that the Senate inquiry into this bill should be given much more time to take submissions and more time to report.

Nonetheless, I will support the bill with the amendments proposed by those of us sitting on this side of the chamber. I make particular reference to those amendments that would give effect to all recommendations made by Professor Allan Fels’s consumer and privacy task force.

The access card will facilitate the collection, retention and handling of personal information on a scale never seen before in Australia. The slightest breach of data security will have amplified effects on the privacy of individuals. An effective way to minimise interference with privacy is to adopt the underlying principles of privacy law and practice: only collecting information if there is a specific, necessary and lawful reason for doing so. No robust reasons have been advanced for including a cardholder’s signature on each register, card chip and card surface. Rather than providing any forensic value in detecting fraudulent uses of a card, the presence of a signature will only increase the potential risks of identity fraud should systems be inappropriately accessed or cards stolen.

The government has ignored the advice of experts in the Office of the Privacy Commissioner and its own task force on the access card. Indeed, in its response to the Access Card Consumer and Privacy Taskforce the government has advanced the nebulous argument that a signature will ‘provide greater utility and security for the cardholder,’ without advancing a skerrick of evidence in its favour. As I have mentioned before, the risk of identity theft and fraud features prominently in the government’s case for the access card, yet a specific task force that was given carriage over these matters unequivocally states that the presence of a digitised signature on the card increases the risk of identity theft and fraud. What does the government do with the advice it has commissioned?

See this speech in context