Michael Hatton (Blaxland, Australian Labor Party) Share this | Hansard source

What is this access card? It is a social security card. It is not the Australia Card that members of this government were so against in 1986. At the time, the now Prime Minister railed at the dreadful nature of the Australia Card that was proposed by the Hawke government.

I have to tell you: I was not afraid of the Australia Card then, and I am not afraid of an access card now or of the social security cards that governments worldwide have brought in in order to better organise the manner in which individual citizens access government services across a range of departments. Whether the proposed access card will replace one card, say, a Medicare card, or a deck of cards—17 cards could be replaced—is not the problem. I also do not think the nature of the card itself is the fundamental problem. The basis of the problem is the fact that your individual identity could somehow be easily pinched or nicked.

The problem in 1986 was that there was a massive scare campaign. In primitive societies—and we would not like to think of our society as being primitive—the taking of a picture of someone is akin to stealing their soul. In 1986, the argument about the Australia Card was very much like that: that people’s souls might be taken from them—their very being captured. I know a place where that happened, where the command over information and the use of advanced technical processes to work through available information led to death camps and the gas chamber. The IBM Corporation did the work. The corporation analysed data not just in the United States but in Nazi Germany, where they had a major operation, throughout the war.

If you read the book by Edwin Black that looks at how IBM, as a worldwide organisation, conned and gulled not only the US government but allied governments worldwide when they worked hand in glove with the Nazis, you will understand the real concerns people have about information being gathered together that could allow a government with evil intent not just to know who you are but, if they wanted to do so, to obliterate you from the face of the earth. The Gypsies, the disabled, homosexuals and six million Jews—four million of them from Poland as well as those from France, Belgium, Holland et cetera—were tracked down using machines. IBM manufactured these machines and in America they produced specialised punch cards to go into the system. Throughout the war, these cards were taken from America and provided to the Nazis in continental Europe. They were the death cards. They were access cards to the gas chamber for the people who were on the end of them.

Fundamental questions arise. The collocation of information about a person means that you are able to hold their very souls in your hands. The key question is this: how will that information be used? That is why the initial response to the access card was the same as the response to the 1986 Australia Card: if you can know everything about me then I might be in more peril. That is why the member for Mackellar said that it did not pass the ‘anti-Nazi’ test. IBM did not pass the ‘anti-Nazi’ test with what Dehomag and the other constituent parts of their company did during World War II. IBM rose to become the world’s greatest information technology company, on the back of profits made at the expense of all those people who died and suffered. In respect of how information is used, you should always keep that in the back of your mind and understand that there are fundamental problems with this.

Labor has a series of amendments. I will go a bit broader and look at some technical problems associated with the proposal. I do not have my wallet on me, so I cannot pull out my magnetic strip Medicare card, but the same technology that was around in 1986 is around now in those magnetic strips. We know that, if you scratch it, belt it, knock it around or run it through a series of different types of modems, sometimes it will work and sometimes it will not. There is a cost in terms of card replacement. What we also know is that when we hand a Bankcard, MasterCard, Visa card, Amex card, Medicare card or whatever over to someone it can potentially be misused. Given that it can potentially be misused, it is always best to keep it in sight. Scamsters want to access that information. This has happened time and time again worldwide: the scamsters take the card out into the back room and simply copy the magnetic information that is on it. What is available now can be used by people in nefarious ways.

Part of the problem with going to the next level—which we will with the access card—is that you will have a biometric photo and an electronic signature. We are in a digital age, not an analog one. It is possible that we could be putting far more information into the hands of criminals with this card than with what is available now. If a person has a mug shot and a signature, they have more to work with. This happened in the past when people first used biometric photos on bankcards and MasterCards. Some companies put those out. As a serious test in Great Britain, somebody rolled up and said, ‘I want to take money out of the account.’ They presented the card, and they were able to access the account. They got the money out and they walked away but on the card was a picture of a dog, not a picture of the person. So human error is another problem; it is not just about the information that is on the card. It is possible that the system will not be as tight as people otherwise might think.

But there are a further series of problems here. Just about everybody in this place has a passport. We all know that passport photos are not the most flattering of photos. We know that we have a digital photograph integrated in our passport. We also have a digital signature. What will be on the access card is in our passport, so the proposal is not new in that regard.

In passing I will also note that one of the arguments with regard to the biometric photos is that, if you put on weight—or, as in the case of the member for Bruce, if you lose significant amounts of weight, from all the exercise that you are doing—then your face changes, the biometrics change and it is not so easy to match people up; there is a particular problem in terms of getting that match. But anyone with a passport knows, as Al Gore said quite tellingly, that the only thing that can make you look like your passport photo is airline travel—it is never the best representation of us! Since they will not allow you to smile when you are getting your local licence, maybe that has the same sort of problem—the match-up is not what we have in our heads.

But there is a further problem. Professor Fels was asked to look at this area. His advice to the government was that the photo information and the digital signature should not be shown on the card—they should not be up-front because there would be a greater likelihood that, although the card could be accessed, that vital information would be more protected. That information would be available if you let it out. That is looking at the face of the card.

Let us look at the very nature of moving to smartcard technology. Instead of having a ribbon at the back, you actually embed a chip within the card. That chip can contain a great deal of information. In the provisions of this bill you have the fact that the chip would include your fundamental Medicare information, your name, your address—and, if you wished, your date of birth, allergies and other useful information could be appended to that. So it could be as useful as you wished and you could add information to it. But there is also a series of problems in simply choosing to have a smartcard. That chip could have a great deal more information on it. People could copy it and access it if they could break into it. I think we need to think about that pretty clearly. The question with respect to the information going to government, and the information that might go to people who want to criminally defraud the government, banks or other institutions, goes to how much you can give them in one job lot.

A core question here is how much information is concentrated into a single place. One of the problems is not the fact that so much information about people will be in this place but the fact that it could be accessed and used inappropriately. If someone wants to take your identity—and this is an increasing worldwide problem—and then use it fraudulently, digitisation of most of the things we are doing makes that easier. One of the key problems with the card is that it can make it a hell of a lot easier because you can get all the information in one go—there is a photo, but you also get a signature, date of birth and the rest of the information. The problems with the biometric recognition system has been argued by other members.

One of the things this card does not have, which I think would proof it against other people pinching the information and would make sure the biometrics work, is a DNA strand. If you had a single piece of DNA, which is unique to an individual, incorporated into a card then you would not have the failings of the rest of the biometrics. I think that one day that sort of thing will be incorporated into this or into other cards if we want absolute certainty. Against all the arguments about the fact that you cannot be really sure about what is going on here is the fact that you could be certain because you could make it particular to a single individual by doing that. That raises a whole series of other questions in relation to what might be done with it, but it would be a potent way of going beyond fingerprints, beyond photographs and beyond other bits and pieces of information and would say: ‘This individual is so singular that this is not only their universal mark but their unique mark, the one that no other person in the history of the world has. This is that person.’

But let us go a bit broader. Compared with the relatively primitive amounts of information that can be provided to people to say who I am—whether it is on a licence or something else with these card readers, where you just use the strip on the back—there is much richer information available in a smartcard. To consider the speed with which technology has changed, look at what has been only a 21-year period from 1986 to the transition to a smartcard. Really we should go back to the mid-1990s, so you are looking at something that is 10 years old. Throw forward. This would really be far more potent in terms of identification. An access card has that as its basis: getting information together to say (1) this is a person, (2) this is the person they say they are and (3) this person has a certain entitlements to a Medicare card, a pension benefit, a veterans’ entitlement or other social security benefit. Whatever the range, the panoply, of things that are involved, how might we do this in the future at less cost and with a greater certainty that the dangers of this information leaking out or being otherwise used will be less?

I suggest that the world is becoming increasingly web based. If we had had a government over the past 10 years with the wit to pursue adequate broadband coverage of Australia we would have a minimum of eight megabits a second broadband covering all of Australia—up to about, say, 25 megabits a second, which is possible with ADSL2 services—which, as you would know, Madam Deputy Speaker Bishop, is available now and has been for a couple of years in country New South Wales and in country Australia, because that is where these very fast services have been initially set up. Telstra has just come to the party and joined the latest technology. Mobile phones and mobile PDA access will provide a very fast service. Optus and other companies will have a fast 3G service on a mobile basis throughout Australia. But linked to that every school, every office, every Medicare office in the country could have a super-fast broadband service. If Labor is elected, that is what they will get. You could then have not a card based system but a web based system in the same way that our services in Parliament House for senators and members are called ‘One Office’, where the idea is that wherever you are in the world you prove who you are not only by the access privileges you have and by remembering a PIN but also by having a small token that randomly changes the access numbers so that only you can get at your information. So there is a double process to it. You can have encrypted information that is not available on the access card.

One of the things Professor Fels said was that this should not be up-front. I think they should be encrypting the photo and certainly encrypting the digital signature. That would provide not only greater privacy but also greater surety against this thing being nicked and being used against people. Instead of having a card where, if you pinch it, you have everything I have got, we said that there might be a smarter way to do it. Instead of a single card based approach, we could have a web based approach with universal broadband access Australia-wide to a central server like we have in Parliament House for members and senators. Our information is held here on the Parliament House servers.

Medicare, Veterans’ Affairs and the other government departments could likewise run central services from Canberra, Sydney or anywhere else in Australia where you had an encrypted service between the user accessing it in Gulargambone or Bankstown and the central area where the information is held. You would have a series of protocols to ensure that only the person who should access that information is allowed to do so. You could build in a series of protections in terms of which people in institutions or departments could gain access to that. That is a smarter way of doing it than a portable card which not only can be lost—losing access to cards and information is legion—but also is legion in fraud. Westpac did a study—it is noted in the background paper—and 13 per cent of cards are fraudulent.

Gaining access to one of the access cards will involve providing information and original documents in long interviews and at a high cost. We know the same sort of process has been in place to get a passport ever since the Hope inquiry. It is right and proper that we have those secure controls in place, but it comes at a high cost. A richer, deeper, more flexible, more certain and more controllable system would be to adopt the very latest internet or Internet 2 approach to this. The world has moved on. It is not still a 1990 situation with 1990 smartcards. You just need access to an information store and you are able to protect the information much more readily by having government servers run by government personnel with protocols to ensure that the hackers cannot get into them. If you protected the whole thing with firewalls and a series of protocols to ensure that departmental employees did not aggregate what is available to them, that would be a much better process than that which we have here.

Labor is not against smartcard technology. As we pointed out, we have a series of arguments as to why the current proposal is full of holes. I had very little fear of the Australia Card in 1986 and I have very little fear of this access card—the social security card—in terms of aggregation of information, but it is how you protect the information that is critical. We would be a lot better off with a faster, smoother and more web based approach, but in order to be able to do it you need a government willing to commit to fast broadband for the whole of Australia with a minimum eight megabits per second up to 25 megabits—truly fast broadband. The Labor Party is the party of the future and the only one that will make that commitment and bring it into practice to have better access for all Australians. (Time expired)

See this speech in context