Access Card / National ID Card
Last Updated: 10 Feb 2008
"Any government that wants to issue a unique identification number to most of the population and then to compile and link information about them using increasingly powerful technology bears a heavy onus to justify its case. ...
'Nothing to hide, nothing to fear', directed at each member of the public, should be turned around and directed at government as: 'No legitimate reason to know, no legitimate reason to ask'."
On 26 April 2006, the Prime Minister announced that the "Australian Government has decided to proceed in principle with a new access card for health and welfare services". However, the so-called Access Card system is, in effect, a national identity card system and should be opposed as such.
The Access Card project was subsequently abandoned by the newly elected Labor Government in December 2007.
Contents
Overview
EFA is deeply concerned by the planned rollout of a so-called Access Card smart card, with a unique personal identification number, linked to a centralised database containing an unprecedented amount of personal identification, and other, information about almost every adult Australian and Australian residents.
While Government representatives have been at pains to argue that the so-called Access Card is not an ID card, our analysis of the Department of Human Services ("DHS") 2006 Budget documents and the (government censored) KPMG Access Card Business Case document reveals that the planned card/system is almost identical to the Australia Card rejected by the Australian public.
The so-called Access Card/system is even more dangerous to individuals' security and privacy than was the Australia Card due, in part, to the planned use of a multi-purpose smart card electronically linked to a centralised national identity database. EFA has grave concerns about privacy and security in relation to such proposals and considers the roll out of smart cards by government has an extremely high potential to result in the equivalent of an Australia Card, whether or not that is the government's intention at the outset. This potential arises from a combination of factors including the ease with which smart cards can be used for two-way communication with a centralised database and that smart card technology is designed to facilitate function creep. See "Smart Card technology and the potential for use to establish a national identification regime" in Section 4.3 of EFA's submission to the Inquiry into the Privacy Act 1988 conducted by the Senate Legal & Constitutional References Committee, 24 February 2005.
Whether or not one considers the so-called Access Card system to be a national identity card system, the Access Card system poses the same risk of increased fraud, including identity fraud and identity theft, because it involves centralising all personal information on one database and issuing a single form of identification to replace the existing health services card (Medicare) and the existing welfare and social service cards (Centrelink and Department of Veterans' Affairs). An unprecedented amount of personal information about some 18 million Australians will be placed in one centralised database and people will be issued with a single form of identification required to be used to prove identity in order to obtain Federal and State/Territory Government benefits and services and that may also be voluntarily used to prove identity to businesses.
Such a plan is fundamentally flawed because it produces a "honeypot effect" - a highly attractive and richly rewarding target for criminals. Instead of needing to gain entry to a number of databases containing identity information and produce fake copies of a number of identity documents, there is a single target. That such centralisation is likely to increase identity theft and fraud was pointed out last year by the Federal Attorney General:
"There have been recent suggestions in the media that the Government is going to introduce a national identity card.
I can assure you that this is not the case.
We do not support the approach where all personal information is centralised on one database, and a single form of identification is issued.
This could increase the risk of fraud because only one document would need to be counterfeited to establish identity.
Instead, we support the use of a range of acceptable documents, with the ability to verify those documents quickly and simply.
This approach strengthens our proof of identity process and mitigates the risk of identity fraud." (Philip Ruddock, Attorney-General, Opening Keynote Address to Australian Smart Cards Summit 2005, 29 June 2005)
EFA is also highly concerned by the government's failure to provide adequate, and clear, information about the card and associated system to enable informed public consideration and debate. Although the KPMG 'business case' document was eventually made publicly available, it is of great concern that it has been heavily censored by the government, resulting in a document that asserts, but does not demonstrate, that a business case exists. It is of further concern that information concerning the technological architecture of the planned system has also been deleted. Such information is critical to the question of whether the public will be able to trust the system to secure and protect their personal information. Furthermore, the government's refusal to make available the Privacy Impact Assessment, that was based on the same model as the KPMG document, suggests that it would have revealed that the proposed system entails a high level of risk to individuals' security and privacy.
EFA is not opposed, in principle, to the issue of smartcards by government agencies. Our position on use of smartcards depends on the particular model, after taking into consideration a range of matters including whether or not the model is appropriately adapted to serve a legitimate and justified purpose. The currently planned Access Card system does not pass this test.
EFA recommends that Australians reject the so-called Access Card and related centralised database for substantially the same reasons as the Australia Card was rejected. For more information, refer to the resources listed below.
EFA Documents
EFA Submissions
- EFA submission to the Department of Human Services in relation to the Exposure Draft of the Human Services (Enhanced Service Delivery) Bill 2007 released for public comment by the then Minister for Human Services, 21 Aug 2007.
- EFA submission to the DHS Access Card Consumer and Privacy Taskforce in response to the Discussion Paper No. 3: Registration, 16 Apr 2007.
- EFA submission to the DHS Access Card Consumer and Privacy Taskforce in response to Discussion Paper Number 2: Voluntary Medical and Emergency Information, 16 Mar 2007.
- EFA's submission to the Inquiry into into the Access Card / Human Services (Enhanced Service Delivery) Bill 2007, conducted by the Senate Finance and Public Administration Standing Committee, 28 Feb 2007.
The first Access Card Bill contains many flaws and loopholes. Further, in the absence of the other two proposed tranches of Access Card legislation, and absence of publicly available detail concerning the architecture and operational aspects of the chip and system, it is impossible to know with any certainty the effect and potential ramifications of numerous provisions of the Bill. No Access Card legislation should be enacted until the government has publicly disclosed all details of the proposed system and the other two tranches of proposed legislation and there has been a significantly more appropriate length of time for public and Parliamentary scrutiny of such proposals than has been the case to date. - EFA's submission to the Department of Human Services re the Exposure Draft Bill on the Access Card, 12 Jan 2007.
The draft Bill on the Access Card has exacerbated EFA's opposition to the system. The broad powers to be granted to the Minister and DHS officers facilitates function creep, negates implied promises about limits on storage of information in the national ID database, and possibly even enables the collection of fingerprints, etc. Proposed offences are serious deficient: some are unlikely to be enforced due to the nature of criminal law, some would criminalise innocuous activity, and some show DHS has no confidence in the technological security of the card system architecture and enable individuals to be prosecuted for events beyond their control. - EFA's submission the DHS Access Card Consumer and Privacy Taskforce in response to Discussion Paper No. 1, 31 July 2006.
"...The Access Card-ID Card system poses greater risks to security and privacy than did the Australia Card proposal and will not prevent welfare fraud any more than the Australia Card might have done. ... EFA recommends that the Taskforce recommend that the Government abolish the Access Card system plan and go back to the drawing board to develop alternative means of fixing [Department of Human Services'] system failures, that do not incorporate turning everyone into a new identity card subject linked to a national identity database. ..."
EFA Research Papers
- EFA's Timeline of Federal Government smart card proposals
The Government's so-called Access Card system entails high potential for function creep, that is, that it will evolve or morph over time to serve quite different purposes and usages from the originally stated purpose. During the last two years, there have been strong indications that the government intended to introduce a smart card system to be used for controversial purposes beyond those stated when the Access Card was announced in April 2006. For more information, see EFA's time line of Federal Government proposals/plans to introduce a smart card for various purposes which may indicate a currently hidden agenda for the so-called Access Card. - EFA's Review of health care smart card systems in other countries
The Government's Budget 2006 document Fact sheet - International experience (PDF 18k) claims that the Access Card system is similar to card systems implemented in a number of other countries for accessing health and/or social services. However, none of the smart card systems in the listed countries are similar to the Australian Government's planned "access" card system. The most similar is South Africa's planned multi-purpose national ID smart card system which is plainly a Big Brother mass surveillance and information sharing system. If the Australian Government's plans are remotely similar to the South African system, Australians concerned about their security and privacy should be very afraid.
Other Resources
Senate Committee Inquiries
- Senate Finance and Public Administration Standing Committee
- Inquiry into the Access Card / Human Services (Enhanced Service Delivery) Bill 2007, February-March 2007.
- Submissions to the Inquiry
- Public Hearings Transcripts
- Senate Committee Report and Recommendations, 15 March 2007.
The Committee recommended, in effect, that the first Bill be withdrawn, various matters be re-considered by the Government and then a consolidated Bill (to include the proposed second tranche of legislation) be prepared.
DHS Consultation Papers etc
- DHS Access Card Consumer and Privacy Task Force Consultation Papers, Reports, etc.
- Discussion Paper Number 2: Voluntary Medical and Emergency Information, February 2007.
- Discussion Paper No. 1: The Australian Government Health and Social Services Access Card, July 2006.
- Submissions to the DHS Access Card Consumer and Privacy Task Force in response to their Discussion Paper No. 1, July 2006.
- Electronic Frontiers Australia
- Australian Privacy Foundation
- Office of the Victorian Privacy Commissioner
- Prof Graham Greenleaf, Cyberspace Law and Policy Centre, University of NSW
- Tim Warner, Access Card No Way Campaign
- Australian Medical Association ("AMA")
- See also other submissions on the DHS Task Force web site.
- Submissions to the DHS Access Card Consumer and Privacy Task Force in response to their Discussion Paper No. 1, July 2006.
- Government exposure draft of the first Access Card Bill, and public submissions in response, 13 Dec 2006 - 12 Jan 2007.
Campaign Sites
- Australian Democrats online petition urging the Government to stop the Access Card.
- Australian Privacy Foundation - Campaign: the national ID card
"The Federal government calls it a 'Human Services Access Card', 'Smartcard' or even a 'Consumer Card' ... We call it for what it is: the proposal for a national ID card system." - Access Card No Way Campaign
The Access Card No Way Campaign was founded by Tim Warner (a former State Parliamentary Staffer and former chair of the Victorian Liberal Party's 'Communications & IT' Policy Development Committee) and launched at the Australian Adam Smith Club dinner on 19th June 2006. "[Tim] was concerned that the announcement of the proposed Access Card on April 26th had simply not broken into the public mind. Remembering the example of the 1987 Australia Card, where protests at the 11th hour and an administrative bungle derailed that scheme, Tim wanted to get ensure that the campaign against this ID Card hit the ground running." - See also: Proposed National ID Card System Research Project (a.k.a. "Health and Social Services Access Card", "Smart Card", "Benefits Card", "People's Card", "every Australian's mini iPod", "a multi-humped, continuingly evolving and self-sustaining camel"... ), Cyberspace Law and Policy Centre at UNSW.
Media Reports, Commentary and Analyses
This section contains links to a small proportion of the many media articles and public commentary about the so-called Access Card system. See also Submissions to DHS Task Force inquiries above.
April 2006
- Liberal backbencher criticises smart card plan, ABC News Online, 27 April 2006.
- "A Federal Government backbencher has spoken out against the proposed new smart card and says other colleagues have concerns.
The high-tech card will be required to access health and social services from 2010.
Prime Minister John Howard believes the Government has found the right balance between protecting privacy and gathering individual information for the smart card.
But Liberal Steven Ciobo is not convinced.
'For all intents and purposes it would appear on the face of it as if this is effectively a card that all Australians will be required to have,' he said.
'I think it fundamentally alters the balance between the state and the individual when you are required to have a card like this in order to access basic government services.'
He says there are a number of elements of the debate he intends to have a close look at.
'And I suspect a number of my colleagues will as well,' he said.
- Business wary of possibility of "backdoor" Australia Card, Media Release, Australian Chamber of Commerce and Industry, 26 April 2006.
-
"The Australian Chamber of Commerce and Industry (ACCI), Australia's largest and most
representative business organisation, is concerned that the latest government proposal for a 'smart card' could possibly turn into an identity card.
According to reports, the new card would be used for social security, Medicare and other government benefits requiring identification. While this may provide benefits in reduced claims fraud, the implementation of an upgraded card runs the risk of providing government with a platform for a far more costly and intrusive 'Australia Card type' proposal.
Prior to the introduction of a smart card ACCI considers a robust cost benefit analysis should be completed. We are also seeking the assurance of government that the potential for so called 'function creep' is limited. There is concern across industry that if the original and more narrow identification purpose is expanded this may result in a significant compliance burden for business. ..." - ID still on the cards...no matter what you call it, Editorial, Sydney Morning Herald, 27 April 2006.
- "The Prime Minister should put his cards on the table. John Howard says Australians will not have a national identity card but will have a single electronic card for accessing welfare and other benefits. That sounds like a very blurry distinction. ...
It was Mr Howard who put the ID card back on the agenda after the terrorist bombings in London last July. The Attorney-General, Philip Ruddock, later commissioned a study to examine, among other things, the security benefits of a national identity card. Its findings have not been released. The debate about the security benefits, along with serious civil liberties issues, has instead been subsumed by concerns about dollars and cents. Australia's two decades of fitful debate about a national ID card have been resolved not by the horrors of terrorist attacks, but by the banal business of improving the bureaucracy."
May 2006
- Smartcard chief resigns, Michelle Grattan, The Age, 9 May 2006
-
"The man overseeing the introduction of the Government's smartcard has resigned, citing concerns about its implementation, including privacy.
James Kelaher, former head of the smartcard taskforce, yesterday warned that privacy and the confidence of those with a stake in the card - including the public, doctors, pharmacies, states and federal departments - were likely to be compromised by Human Services Minister Joe Hockey's proposed arrangements." - Smartcard privacy checklist: 20 questions for the public to ask persistently and for governments to answer satisfactorily about a government-issued smartcard that most Australians would need to have, Paul Chadwick, Victorian Privacy Commissioner, 14 May 2006.
- It's on the card: your life, that is, Brian Walters, Opinion, The Age, 16 May 2006.
- "Last week James Kelaher, the man overseeing the Federal Government's smartcard, resigned, citing concerns about its implementation, including privacy. The next day the budget allocated $1.1 billion to the card's implementation.
The smartcard (now referred to as the 'Access Card') will cost billions of dollars and won't achieve the aims proclaimed by the Government. But it will change the way of life of all Australians. ..." - Smartcard privacy fears, Daily Telegraph, 18 May 2006
- "A SECOND senior bureaucrat developing Australia's photo ID health
and welfare benefits smartcard has resigned raising further concerns
about the project.
Assistant secretary and Smartcard project leader Suzanne Roche resigned yesterday just a week after another senior bureaucrat quit after raising privacy concerns.
The former head of the Smartcard Technology Taskforce James Kelaher quit after the Government scrapped an external advisory board that would have overseen the privacy and security of the new card.
Opposition human services spokesman Kelvin Thomson said yesterday the resignations meant the project was in disarray." - The Value of Privacy, Paul Chadwick, Victorian Privacy Commissioner, Law Week 2006 address, 23 May 2006
- "...Any government that wants to issue a unique identification number to most of the
population and then to compile and link information about them using increasingly
powerful technology bears a heavy onus to justify its case. ..."
- Paul Chadwick's paper explains why.
- Health smartcard fizzles, Karen Dearne, The Australian IT, 30 May 2006
- "The Medicare smartcard launched in Tasmania two years ago has been quietly scrapped, a Senate estimates hearing has been told.
More than $4.5 million was spent on developing the card, which featured a microchip with far greater data capacity than the magnetic strips on current Medicare cards.
Federal Health Minister Tony Abbott launched the smartcard in Launceston in 2004 as part of the now stalled HealthConnect electronic patient record program. It is understood only 1 per cent of eligible Tasmanians expressed interest in registering for the card. ...Problems with establishing proof of identity for enrollment in the program were revealed in Senate estimates hearings in February. Some Tasmanians had been denied cards because they could not provide the necessary documents. ..."
June 2006
- Access card could link to surveillance, Annabel Stafford, The Age, 5 June 2006
- "The proposed health and welfare smartcard could be used to identify faces picked out of a crowd by security cameras, the Victorian Privacy Commissioner has warned.
The warning from commissioner Paul Chadwick came after Government bureaucrats failed to rule out the possibility that smartcard information could be used for surveillance.
The new fears about the so-called Access Card arose as the Government was criticised for plans to make parents use swipe cards or a personal identification number to access child-care services. ..." - Quacking like a duck: The national ID Card proposal (2006) compared with the Australia Card (1986-87), Prof Graham Greenleaf, Cyberspace Law and Policy Centre, University of NSW, 12 June 2006 [PDF 255Kb].
- The $1 billion house of cards, Nick Miller, Next, Sydney Morning Herald, 13 June 2006.
- "...The card is said to reduce fraud by making it harder to create a false identity, preventing the use of another person's card, cutting down on pharmaceutical and welfare claims for concessions that are invalid or expired, and reducing the number of people claiming Centrelink benefits. Between $1.6 billion and $3 billion will be saved over the first 10 years.
Last year Medicare and Centrelink blamed losses of $252 million and $1.1 billion on 'leakage' and fraud respectively. So the smartcard cuts just 10 per cent of current fraud and leakage - less than a third of 1 per cent of the total welfare budget.
But British e-government expert William Heath says fraud may increase under a smartcard: as soon as government services and access are combined into one card, it becomes a 'honey pot' for fraudsters. ..." - The proposed Access Card: why PIAC is unconvinced, Public Interest Advocacy Centre ("PIAC"), 16 June 2006.
- "The Federal Government plans to implement a smart card scheme to combat health and welfare fraud. The Government has been keen to attempt to quell concerns with the card but PIAC still remains unconvinced. We do not believe that the new access card will present any real benefits for the public, especially when you consider the proposed costs of implementing the scheme, and a range of security and privacy concerns inherent in an IT and identity project of this magnitude. Below is a list of our key concerns ..."
- Access cards an 'ID card by stealth', Gerard McManus, News.com.au, 17 June 2006.
- "THE Howard Government's proposed smart card could become a national identity card by stealth, card taskforce chief Allan Fels has warned. ...
'We don't want it to become a national ID card and Australians are against that,' Prof Fels said. 'I detect a degree of concern that this new card might somehow evolve into a national identity card by the backdoor, a sort of Australia Card Mark II.'
Releasing the first discussion paper on the new access card consumer and privacy taskforce yesterday, Prof Fels' group also conceded the Government's claims about 'voluntary' taking up of the card did not stack up."
July 2006
- Information Paper: What we do (and don't) know about the proposed 'Access Card', Australian Privacy Foundation, 14 July 2006 [PDF 500Kb].
- MP warns of access card misuse, Matthew Franklin, Courier Mail, 18 July 2006
- "A Federal Liberal MP has called for tough legislation to prevent misuse
of the Commonwealth's proposed Access Card.
Member for Moncrieff Steven Ciobo said that without strong legislative guarantees, the role of the card, designed for users of government services, would evolve beyond its initial design and put individual privacy at risk. ...
In an article written for the Australian Liberal Students' Federation, Mr Ciobo said the card would be at risk of 'function creep', a process under which new systems introduced for a specific purpose evolved over time to serve different purposes."
August 2006
- Smartcard worries doctors, AAP/The Australian IT, 3 August 2006
- "Lives may be at risk under a plan to allow patients to include their own health information on the federal government's proposed smartcard, the Australian Medical Association says.
...
'There is a real concern about the reliability of that information for the purposes of health care and particularly health emergencies,' the AMA said in a submission to the taskforce charged with investigating consumer and privacy issues surrounding the cards.
'For example, from a doctors' perspective the consumer is not always a reliable source of information on allergies. Many consumers incorrectly translate adverse reaction as "allergies".'
The AMA said it would be risky for the medical profession to rely on the information, particularly if a patient was unconscious or otherwise unable to confirm the details." - Libs, business rebel on Access Card, Karen Dearne, The Australian IT, 8 August 2006
- "An unholy alliance over privacy is emerging as Victorian Liberals
launch Access Card No Way, a campaign to oppose the introduction of
the federal Government's health and welfare services card.
...
'An ongoing scandal in Victoria is the LEAP Police database,' [Tim Warner] said. 'If a bored desk sergeant can look up the records on a next-door neighbour, how much easier will it be when he can ring his mate at human services and find the neighbour's pension details.' ..."
Government Documents / Statements
- Government to Proceed With Access Card, Media Release, Prime Minister, 26 April 2006.
- Transcript of Joint Press Conference, involving the Prime Minister, the Minister for Human Services and the Attorney General, 26 April 2006.
- Govt to introduce 'smart card', PM, Radio National, interview with Minister for Human Services Joe Hockey, 27 April 2006.
- Smart Card, Radio National Australia Talks Back, interview with Joe Hockey Minister for Human Services and others, 27 April 2006.
- Department of Human Services Access Card Budget 2006 documents, 9 May 2006:
- Department of Human Services Fraud and Compliance Budget 2006 ($282.3 million over five years to strengthen and expand activities that protect the integrity of the social security system), 9 May 2006.
- Professor Allan Fels to head Access Card Consumer and Privacy Taskforce, Media Release, Joe Hockey, Minister for Human Services, 24 May 2006.
- KPMG Access Card Business Case - Government Censored Public Release Version (PDF 3,507 Kb), issued 6 June 2006.
- Discussion Paper No. 1: The Australian Government Health and Services Access Card, issued by the DHS Consumer and Privacy Taskforce, 16 June 2006.
- See also the Government's Access Card site for more recent documents.
Background Information
- Identity Cards - E-Brief, Roy Jordan, Law and Bills Digest Section, Commonwealth Parliament Library, 2006.
"This e-Brief provides background on the 1980s proposal by the Labor Government to introduce a national identity card (the Australia Card), its subsequent defeat, recent initiatives by the Coalition Government to consider an ID card in an effort to deter crime and terrorist activity, and the current policy to introduce a social services access card. Links are provided to some key documents and Internet sites, as well as background on some overseas countries." - Proof of ID Required? Getting Identity Management Right, Malcolm Crompton
(former) Federal Privacy Commissioner, Australian IT Security Forum, 30 March 2004
"The widespread implementation of lazy identity management solutions - a real risk - would make it technically easy to combine vast amounts of electronic information held about a person, wherever it is stored, without that person's knowledge or permission and actually facilitate, instead of prevent, identity fraud. ..."