Kelly Hoare (Charlton, Australian Labor Party) Share this | Hansard source

I rise to speak on the Human Services (Enhanced Service Delivery) Bill 2007 and the proposed access card. This bill proposes to introduce a new chip based card, called the access card, which will replace numerous concession and entitlement cards, including Medicare cards, Centrelink cards and veterans’ cards; to establish a new electronic register and specify the information to be held on this register; to specify information that will appear on the surface and chip of the access card; to introduce the registration process for the access card and create offences around unauthorised demand to produce, and use of, the card; and to generally provide the first part of a regulatory framework for the collection, use and disclosure of information on the new register and card.

This legislation purports to improve the use and storage of personal, medical and social security information. Labor support innovations aimed at improved service; however, we have justifiable reservations on the scheme proposed by the government. Labor will support this legislation only if significant amendments are accepted by the government. Labor will not support this proposal in its present form. We make clear that we reserve the right to move further amendments in the Senate, in particular any amendments to come out of the Senate inquiry to ensure that the proposed access card is secure and fully protects the Australian public.

I have been contacted by many constituents who are very concerned about privacy safeguards surrounding the access card. There has been no public or non-government organisation consultation about this smartcard, which raises concerns about the government’s intentions for privacy protection for individuals and communities. Other aspects of the proposed scheme need to be addressed. The wild claims made by the government that the card will be effective in emergency situations, that it will be of assistance in the reduction of terrorist threats and that the use of biometric photography will render the card fail-safe, and the potential perils of function creep, are issues that deserve closer scrutiny.

Labor is concerned that the government has done nowhere near enough to address the issues of security, privacy and quality of data or to provide confidence to the general public that the information stored will not be used across government agencies and departments. The government panders to the public’s scepticism by labelling this card an access card. It is imperative the Australian public recognises that this is stealth by semantics. The new card is in fact a national ID card, and the government should be condemned for the lack of transparency surrounding this initiative.

The concept of a national identification scheme has been shadowing the government for some time. During 2004-06 the government endeavoured to initiate national identification schemes via the Medicare smartcard and the national identification scheme project. Both initiatives were dismal failures. The Australian public has repeatedly and vehemently rejected the concept of a national identification scheme. In spite of this, the access card proposal was approved by cabinet on 26 April 2006.

The Australian public must be made aware that the access card is more invasive than any previously touted identification scheme. Every time a card is placed in a card reader, the reader will provide data to the central register. All such transactions will be logged. This scheme will create a database of names, photos, dates of birth, ID numbers and addresses of every adult, along with the corresponding listing of their dependants, and the access card will contain extra information that will replace all concession cards and create a database containing biometric photographs of every person.

It is estimated that between 16 million and 20 million cards will be issued. Personal data will be displayed on the surface of the card, including the name, photo and signature of the cardholder. The card will be a smartcard, which means that it will contain a computer chip. There will be a considerable amount of personal data stored in the chip. All information on the surface and in the chip of the card will be held in a database called the access card register. The New South Wales Council for Civil Liberties note:

The “Access Card” will create an unprecedented identity database in Australia.

They also state:

While such grand invasions of privacy have come to be tolerated over time in some European and totalitarian nations, the Australian democratic tradition has been strongly and continuously opposed to such Orwellian proposals.

It remains unclear as to who will have access to the data. Mention has been made of the Privacy Act protections, but these have been hugely devalued since the act was passed in 1988 because so many agencies have won exemptions and exceptions.

The Australian Privacy Foundation states that the security working party supporting the project contains representatives of many intelligence agencies. It is reasonable to expect that primary users of the register will be intelligence, law enforcement and social control agencies. They will not require additional authority to access the data, as national security and law enforcement agencies already have sufficient authority. It is likely that all Department of Human Services agencies and the DHS itself, which does not actually provide services, will also have access.

We must appreciate that some individuals within our society require more robust protection of their identity. The inability of the government to guarantee the security of information concentrated on this smartcard could jeopardise many ordinary Australians. The possibility of information being secured inappropriately to the detriment of abused women, whistleblowers, and police informants, for example, cannot be dismissed and forms an incontrovertible reason to view this bill with caution.

Labor supports a reduction of identity fraud. It is reported that identity fraud is a growing problem within Australia and may cost our community in excess of $1.1 billion every year. We must recognise, however, that the proposed access card will be a treasure chest of information. The scheme gathers personal data, concentrates it in a card and a register and makes the data on the card accessible to card readers. These card readers are to be installed throughout the country in various government offices, in every hospital, in every doctor’s surgery, in every pharmacy and in every one of the many other kinds of locations that provide health care and other human services. This will enable thousands of people to access data.

In spite of this, the government repeatedly refers to the card’s facility to reduce the risk of identity theft. The government cannot guarantee that the Australian public will be at a reduced risk of identity theft via the introduction of this card. Tens of thousands of Australians are likely to lose their card or have it stolen and, until the individual becomes aware of the loss, identity fraud is a huge concern. The card chip can be read by ordinary card readers and these card readers can, apparently, be purchased over the internet.

Information stored on the register could potentially be accessed and used by unscrupulous people. In particular, the scanned copies of original documents stored on the database could present the opportunity for identity theft and privacy breaches by public servants. Last night, the Liberal member for Moncrieff told parliament that the new access card will undoubtedly be forged. In the last 24 hours other government backbenchers have also expressed their concern.

The government misleadingly market the card as being of benefit to the Australian public. They claim it will replace up to 17 cards and streamline access to Human Services. The truth is that no-one has 17 cards. Most people have only one card—a Medicare or a DVA card—that will be replaced. Many people have two or three. Most people will not experience any such benefit.

The government has spruiked that a national identification card will help stop terrorism. Evidence from other countries exposes this as propaganda. The Spaniards have had a card for more than 40 years. It was introduced by the Franco dictatorship. Sadly, in the Madrid bombing, it was used to identify the victims. It did not stop the terrorists exploding their bombs.

The government has further suggested that the access card will assist in providing emergency payments to people who have suffered as a result of disastrous situations, such as cyclones or floods. This is a ludicrous suggestion. In disaster areas, often there is no electricity to drive card readers or cash dispensers. Catastrophic weather conditions occur frequently in areas where access to cash dispensers is not an option.

In short, categorically this scheme is not designed for the benefit of cardholders. The access card has been created to benefit service providers. Why is this so? The government has been reluctant to provide any meaningful information about the scheme’s benefits. We can assume that participating government agencies—Medicare, Centrelink, the Child Support Agency, the Department of Veterans’ Affairs et cetera—will be forced to adapt their systems and business processes in order to use a standardised central scheme instead of one designed for their own purposes. When the disruption eventually settles down, they might see some internal cost savings, but much more money will be spent centrally by the government—hence, by taxpayers—than will be saved by participating agencies.

State government and private sector service providers in health care and other aspects of Human Services will also face considerable increased costs and dislocation. The government have repeatedly asserted that the scheme will give rise to fraud savings. What the government have not outlined is how these savings will be made. They have refused to release the taxpayer funded cost-benefit analysis and refused to consider that they will recover only a fraction of the vast sums of money expended on creating it.

It is also possible that funding for the card will be drawn from other areas of the Centrelink and Medicare budgets. The repercussion of this is possible cuts to existing services at a time when the welfare sector is openly struggling to manage the impact of current government policy. The real benefit of the scheme for the government and the Public Service executives is the enhancement of social control. They want to be able to exercise more power over the public.

The potential for cost blow-outs in the access card budget is unquestionable. Over 16½ million Australians will need to be interviewed for registration. As the access card will not be issued without an interview, and the supply of it will require documentation, the government estimate of a five-minute interview per person may be a gross underestimation due to the fact that many people will forget or will not bring the relevant documents and will have to return for a second interview. Families with no original copies of certificates could suffer financial hardship—for example, it would cost a typical family of four as much as $400 to provide the necessary documentation for the smartcard.

Labor and the welfare sector have real concerns as to why the government has refused to release a cost-benefit analysis case for the card. The government argues that the card will save money by reducing Medicare and social security fraud, but this scenario could in fact be blown apart by the final cost of the card. This cost might be paid for out of Medicare and Centrelink budgets and result in cuts to existing services.

We are also concerned about the proposed use of biometric photography to identify cardholders. Biometric photography is a method of electronically reading photographs by translating the measurements of the human face into unique mathematical formulae. It is notoriously unreliable. In tests at airports, biometric readers confuse similar looking people. The government itself complains that biometric readings are only 90 per cent accurate. Biometric technologies incite fears of constant supervision, profiling and control, leading to a loss of individuality, privacy and freedom. People may feel uneasy being scanned and are alarmed about having their bodily data digitally stored in large databases along with sensitive personal information. Can we trust the accuracy of biometric technology? Many questions arise.

Another issue has to do with the fact that biometric data is digitally stored. Digital information is easily copied, transmitted, altered and searched. Biometric databases can be merged or cross-referenced with other biometric or non-biometric databases to gain even more information about individuals. Biometric data is particularly useful for data-mining and cross-referencing of databases since they represent a unique identifier that does not change over time.

While names, addresses, membership numbers and user handles can change, biometric data stays fixed, making it an extremely reliable and thus valuable commodity. If a government agency takes a digital photograph of an individual and stores it digitally alongside other personal information, the individual loses control over the data. Even if the individual in question initially consented to the collection of the data, what does this mean in terms of duration of the storage? Who is allowed to access the data and how is it protected against unauthorised access? To whom is it communicated and for what purpose? These and other questions remain in many cases unanswered.

Further controversy is caused by the automation of identification processes. Biometrics makes it possible to discard the human factor and let scanners and computers take over the task of identification and, with it, ultimately the task of granting or denying certain rights. While the whole point of using biometrics is avoiding human error and even corruption, the questions remain: what happens if the technology fails? Who programs and watches the machines? Who is accountable? The more authorities and private entities transfer important decisions over to the computer systems, the more damage is done when the systems fail.

In a study undertaken by the University of Ottawa, it was determined that, while biometrics has the potential to provide public and private entities with additional means to identify individuals and therefore make it harder for criminals to gain access to personal information, no system is infallible. ID theft occurs in a number of different ways as a result of a number of different leak points, including theft by those with access to the data and hacking into computer databases. Even the strongest biometric system of authentication cannot close all of the gaps which make ID theft possible.

The New South Wales Council of Civil Liberties has stated that the system is being designed specifically to facilitate function creep—that is, it will evolve or morph over time to serve quite different purposes and usage from the originally stated purpose. It is incumbent on us all to remember the history of the UK ID card. From its issue during World War II to the time of its abolition in 1952, the functions of the card went up from three to 39. The government cannot guarantee there will be no function creep, because it cannot restrain the powers of future governments. Any legislation it might pass in relation to the imposition of penalties could be repealed. Function creep is a real threat to the future privacy of the Australian public.

Another concern was raised by a government backbencher, the member for Moncrieff again, when he admitted that there is enormous business interest in the access card. The Australian public must be made aware that the government has not committed to legislation that would limit the functions of the new card. The access card is poised to become a high-quality identifier in addition to its function as a means of obtaining entitlements and concessions.

I urge the government to recognise the very serious concerns expressed about the proposal to introduce an access card in its current form. I urge the government to support Labor’s amendment to the bill and to acknowledge the peril of establishing a national identification scheme by proxy.

See this speech in context