Monday, November 13, 2006

Identity Management – The References.

It occurs to me, following a couple of e-mails from some of those interested, it might be worth providing a few pointers to where some useful further information can be found for further research and reading.

The topics and URLs are as follows:

1. Australian Office of the Access Card

http://www.accesscard.gov.au/

This is a new site and has the work of Professor Fels and his taskforce as a sub area at the following URL

http://www.accesscard.gov.au/consumer_privacy_task_force.html

The full press release is worth a careful read as is the Government’s response which is also available at the site.

Media Release

Access Card Consumer and Privacy Taskforce Recommends Safeguards

08 November 2006

Safeguards to protect personal privacy and security and to maximise consumer convenience have been recommended by the Access Card Consumer and Privacy Taskforce.

“Comprehensive legislation to define and regulate the role of the card and associated databases is needed. This will build public trust and confidence, and establish safeguards regarding current and any new future government uses of the card”, Professor Allan Fels AO, Chairman of the Taskforce and Dean of the Australia and New Zealand School of Government said.

“The card is a health and social services access card. It should not be allowed to develop into a national identity card by virtue of “function creep”. Legislation should ensure the card is not a national identity card nor an electronic health record nor have any link with tax records nor be required to be carried by individuals.

The legislation should also prohibit anyone requiring individuals to produce the card (except when they are accessing defined Commonwealth benefits and services).

“The legislation needs to define what the card will and won’t be”, Professor Fels said. More details of the recommended legislation are in the report of the Taskforce.

“Function creep” can be minimised by requiring any new future government uses only being permissible by legislation. Function creep can also be reduced by limiting the ultimate capacity of the card.

Australians should own the card. This will give individuals better control and limit the scope for government and others to determine future uses. There should, however, be some limitations on inappropriate usage of the card e.g. tampering with it, or altering prescribed information on the card.

Card holders should not be required to have their legal name on the face of the card if they have a preferred name they commonly use. There are legitimate reasons why consumers would want to have a name displayed on the card which differs from their legal name such as those who use Australianised names, middle names, changes of name in indigenous communities and maiden names. Their legal name, however, would be stored on the chip and on the register.

The Taskforce accepts that there needs to be a photo on the face of the card (as well as in the chip and stored in the secure customer registration system). This will minimise fraud, increase convenience for card users and government agencies and improve its capability for proof of identity (where consumers choose to use it for that purpose).

“Regarding the storage of the photo on a national photographic database, there is merit in considering the storage in the form of a template rather than in the form of real photos. This would reduce possibilities of fraud and misuse”, he said.

“However, this must be weighed up against cardholder and government convenience. If a card is lost, as frequently happens, the cardholder would have to be rephotographed if the photo was not stored in real form”, he said.

“If there is to be a real photographic database, it is critical that there be maximum security precautions. This should be held separately, within the register, from other cardholder data and there should be stringent special controls to prevent unauthorised access and improper usage”, he said.

The Taskforce is sceptical for the need for a digitised signature to appear on the card. The signature seems to be of limited use and it increases the dangers of identity theft and fraud. Again, whatever the outcome, digitised signatures should be subject to rigorous controls to prevent unauthorised access and improper usage.

The Taskforce accepts that there needs to be a number associated with each card, even though this means that each cardholder then has a unique number assigned to them.

“The taskforce considers that the number should not appear on the reverse of the card”, he said. If the card number is not displayed it reduces the risks of the card slowly developing into a “unique personal identifier” number for the Australian population (that is, each Australian eventually has a unique number assigned to them). Also, if the card number is displayed it increases the risk of fraud. This risk outweighs some advantages for government administration and user convenience. In the alternative the government should give consideration to making the inclusion of a unique number on the reverse of the card a matter of genuine choice for the card holder.

When consumers register for their card they will bring documentation to verify their identity. Should copies be taken of these documents and retained on file in accordance with existing practice?

The argument for the copying and retention of proof of identity (POI) documentation relates to measures taken to detect and control fraud.Such records are accessed by relevant Departments where there is some suspicion of illegal behaviour or identity fraud, or in cases where original documents are subsequently lost or destroyed. Such a procedure may, in some instances, also be required under statute.

The Taskforce supports capturing proof of identity documentation for the purposes of establishing identity and verifying their authenticity but has recommended that they should not be scanned, copied or kept on file after they have been verified.

The Taskforce notes statements by the Government that the card is only to be used for access to health and welfare services. The Taskforce notes that the Government is also in the process of considering the adoption of a National Identity Security Strategy which aims to require a very high (“Gold Standard”) proof of identity.

However, the Taskforce does not believe that the ‘Gold Standard’ being considered for a National Identity Security Strategy is necessarily appropriate for use by to facilitate delivery of health and social services benefits. The most disadvantaged and marginalised members of the community who may be unable to provide sufficient documentation to establish their identity should not be unnecessarily burdened by this process.

The Taskforce has recommended an extensive public information campaign explaining the nature of the card.

The Taskforce makes a number of recommendations to the Government for the ongoing design and implementation of elements of the card. Fundamental to further consideration of these elements by Government is the continued process of consultation that needs to occur between the Taskforce, the Government’s Lead Advisor and Chief Technology Architect.

The Taskforce is committed to ensuring that the views of all Australians feed into the design of the access card system.

The Taskforce is currently working on the second discussion paper, which will consider the Registration process and will seek to ensure that there is continued consultation with consumer and interested groups. This paper is expected to be released for discussion in November 2006.

The Consumer and Privacy Taskforce

The Consumer and Privacy Taskforce, was established in May 2006 to report on consumer and privacy issues arising from the Government’s announced plans to introduce a new health and social services access card.

The Taskforce released an initial discussion paper released on 16 June 2006. The Taskforce has met with 120 representative groups and received over 100 written submissions.

The Taskforce’s believes that all decisions about the design of the card should be made in as transparent a fashion as possible and be informed by public consultation.
The Report makes 26 recommendations.

A copy of the report can be found at www.australia.gov.au/accesscard. The report is titled Issues and Recommendations in Relation to Architecture Questions of the Access Card.

The Government response is found here:

http://www.accesscard.gov.au/publications.html

2. Report from the UK House of Commons: Identity Card Technologies: Scientific Advice, Risk and Evidence

This can be found at the following URL.

www.publications.parliament.uk/pa/cm200506/cmselect/cmsctech/1032/1032.pdf

3. A Blog on Identity by Kim Cameron.

Kim Cameron is Architect of Identity and Access in the Connected Systems Division at Microsoft, where he drives evolution of Active Directory, Federation Services, Identity Integration Services, CardSpace and Microsoft’s other Identity Metasystem products.

See http://www.identityblog.com/

Of particular interest are the Laws of Identity found here.

http://www.identityblog.com/?page_id=354

In very brief high level summary these seven laws are.

1. User Control and Consent:
Digital identity systems must only reveal information identifying a user with the user’s consent.

2. Limited Disclosure for Limited Use
The solution which discloses the least identifying information and best limits its use is the most stable, long-term solution.

3. The Law of Fewest Parties
Digital identity systems must limit disclosure of identifying information to parties having a necessary and justifiable place in a given identity relationship.

4. Directed Identity
A universal identity metasystem must support both “omnidirectional” identifiers for use by public entities and “unidirectional” identifiers for private entities, thus facilitating discovery while preventing unnecessary release of correlation handles.

5. Pluralism of Operators and Technologies:
A universal identity metasystem must channel and enable the interworking of multiple identity technologies run by multiple identity providers.

6. Human Integration:
A unifying identity metasystem must define the human user as a component integrated through protected and unambiguous human-machine communications.

7. Consistent Experience Across Contexts:
A unifying identity metasystem must provide a simple consistent experience while enabling separation of contexts through multiple operators and technologies.

4. The Australian Attorney General’s release on Identity Theft of May 2006 which refers to the still unpublished National Identity Security Strategy (NISS).

http://www.ag.gov.au/agd/WWW/ncphome.nsf/Page/Identity_Theft

5. The Information Commissioner’s Office of the UK Government.

Has a broad range of material on privacy, ID fraud, identity cards and surveillance including the very recent and terrifying report revealing there is now one CCTV camera for every 14 UK citizens.

http://www.ico.gov.uk/

6. The Office of the Australian Privacy Commissioner.

This is a vital site which in the last year or two under Karen Curtis is really producing some excellent work in my view

http://www.privacy.gov.au/

7. The Australian Privacy Foundation.

Putting the case that the Access Card is just a stealth ID card. It is unclear at this point of Minister Hockey or Ms Anna Johnston are winning the debate. Probably the peak Australian privacy lobby group.

http://www.privacy.org.au/


8. Roger Clarke’s Dataveillance and Information Privacy Home-Page.

A well thought out set of Australian resources from an academic who has been thinking about this area for many years.

http://www.anu.edu.au/people/Roger.Clarke/DV/

I hope these are useful.

David.

No comments:

Post a Comment