The world changed after the 9/11 terrorist attacks. The "War on Terror" produced strange political situations. In the USA, the Homeland Security Department was created and with it very strict conditions on people entering the country. The Real ID Act of 2005 was an Act of Congress that modified U.S. federal law in relation to security and authentication. New procedures were adopted for issuing state driver's licenses, ID cards and immigration cards.
In Britain, the Blair Labour government introduced an identity card in 2005. The National Identity Card is used both as a personal identification document in the UK and a travel document throughout the European Union.
The Australian Prime Minister announced on 26 April 2006 that would introduce a new card. The Access Card system was a proposal for a new national identity card system, similar to the Australia card of the 1980s. The Access Card project was finally abandoned by the Labor Government in December 2007.
Currently, there is no universal identifying number for Australian citizens. The closest thing we have to a universal identity card is:
The Medicare card for health services;
Tax File Number for tax matters; and
The state issued Driver's License.
Australian tax law expressly prevents government agencies from using the Tax File Number as an identifier. However, both Medicare cards and driver's licenses are used widely in Australia as de-facto identity cards.
In this chapter, I will explain why the Australian government was right in rejecting the concept of the national identification card. Further, I will also argue that using Medicare cards and driver's licenses as de-facto identity cards is a very bad idea that actually leads to more identity theft.
You only have to look at how the Social Security Number (SSN) in the USA became the default national identity card… And to see how it has been misused. Finally, I will argue that the best identity checking system you have is one that uses multiple forms of identity. An example of this approach is the "100 Point ID Check" used by Australian banks to create customer accounts.
The Australian government was right in rejecting the national identity cards.
The slogan 'Nothing to hide, nothing to fear' directed at people who oppose the adoption should be restated as: 'No legitimate reason to know, no legitimate reason to ask'.
The Access Card/system is an even greater threat to people's privacy and security than the 1980s Australia Card. This is due to the intended use of an all-purpose "smart card" which is linked to a centralised national identity database.
There are three grounds for opposition to the introduction of national identity cards:
They provide a false sense of security and are often misused;
Centralized databases become easy targets for hackers; and
They cost a huge amount of money to introduce and maintain.
Firstly, national identity cards provide a false sense of security.
Identity checks may make us feel safer but they have very little to do with increased security. Since 9/11, identification checks have often been used as a security measure. Airlines demand photo identity cards and hotels increasingly do so. Identity cards are required for admittance into government buildings and even hospitals. Everywhere, someone is checking your identification.
In the ideal world the goal is to identify the few bad guys among the multitude of good guys… and have an ID system that denotes a person's intention. We'd have all terrorists carrying a card that said, "I am a Bad Guy" and everyone else carrying a card that said, "I am a Good Guy".
Then security would be so easy. We would just look at people's IDs… and if they were "bad guys" we wouldn't let them get on the aeroplane or go into a building. On the other hand, if they were a good guy, they could come and go… and do anything they pleased!
Unfortunately, this security concept is a myth.
First, checking that someone has a photo identity card as a security measure is next to useless. Did you know that all the Sept. 11 terrorists had photo identification? In fact, the terrorists had genuine identity cards and passports… their own! How would having an identity card stop them from travelling? Further, Spain has had identity cards for 10 years but that didn't stop the Madrid bombing of 2004.
Identity cards really only affect the lifestyles of law-abiding citizens… not the criminals! Unfortunately, it places restrictions on the "good guys" but allows "bad guys" the ability to move freely using several fake identities. This could never be done in a country that requires multiple forms of identity.
Second, identification cards can be easily forged. Some of the 9/11 terrorist's identification cards were "fake". The terrorists used the details of real people with false names. The details were purchased from a crooked government employee in Virginia for $1,000 each.
A former officer of the Israeli spy agency Mossad has alleged that the spy agency has its own "passport factory" used to create false passports for use in intelligence operations.
In January 2010, Mahmoud Al Mabhouh the Hamas leader was killed in Dubai by Mossad agents. The Mossad agents allegedly used false passports of Australian, British, Canadian, German and French citizens. As I write this book, the relations between Australia and Israel are under severe strain. Many commentators believe that the Australian passports have been forged used for similar operations in the past.
Fake driver's licenses for all 50 U.S. states are available for sale on the Internet… and they're professionally done. So, if identity criminals can easily make false passports and driver's licenses, why wouldn't they make false identity cards?
Third, the intention of criminal profiling is to categorize people. They may either be categorized as "bad guys" and need to be screened more carefully; or people who are "good guys" who can be screened less carefully.
The problem is that the "bad guys" often look like the "good guys" and don't get screened when they should. For example, the Sept. 11 hijackers went to great lengths to establish a normal-looking profile for themselves. They had frequent-flier points and long history of first-class travel. "Bad Guys" can also become identity thieves by stealing the identity a "Good Guy". Profiling itself gives the "Bad Guys" an easy way to get around security.
Another problem for profiling is that the "Good Guys" often look like "Bad Guys" who end up getting harassed, when they shouldn't. They could be accused of something as simple as "driving while black" or "flying while Arab ". Alternatively, it could be something more complicated like "protesting against the government". Profiling harms society because it creates fear... not from the "Bad Guys", but fear of the police!
Secondly, identity cards are bad because of centralized databases, which become a target of identity thieves and hackers.
The Access Card was a national identity card. The card's introduction would have multiplied and boosted fraud, as well as identity theft and identity fraud. Why is this so?
The Access card was a bad idea because it centralised personal information of 18 million Australian citizens onto one database. A single form of identification would have replaced the existing Medicare and Centerlink cards. Citizens would have used the card to prove their identity to obtain government benefits and services.
This plan is inherently flawed, as it generates a "honey pot effect". The centralised database provides a very attractive and highly rewarding target for identity thieves. Instead of several databases with identity information to be accessed, there is one single target. If the criminals could hack the database, they could reproduce counterfeit identity documents. Such centralization would increase identity theft and fraud.
There is nothing wrong with government agencies issuing smartcards, but they should not be based on a centralized database. Decentralized databases are better because criminals would need to hack a number of restricted databases to get the required information.
The cost of establishing and maintaining centralized registers is huge
Think of the opportunity cost. Money spent on the Access card could pay for many hospitals, schools, nurses and police…. It could be used to pay down the national debt. It's irresponsible to pass on escalating debt to our children and grandchildren. If terrorism is the problem, then spend the money on more police and Special Forces. That would make more sense.
Identity cards represent an infringement of civil liberties.
The argument for national identity cards skews the relationship between citizen and state and destroys personal freedom and privacy. When every citizen is obliged to surrender DNA and a finger or retina print to a national database, the state has rights over your personal information and identity.
The information stored in identity cards is personal data such as gender, race, age, residential status and a photograph. The government could compile a dossier on each person in the country. This isn't scaremongering… it's the explicitly declared proposal of the government.
You should be treated as an innocent person until a good reason emerges to suspect you. Under a national identity card, every time a crime is committed, your DNA and/or fingerprints will be checked against those found. In principle, you are a suspect for every crime until discounted.
The identity card permits the linking of information between all government departments. Your information will allow the government to share information about you. Do we want government to have that power? Even if you believe that your government will never do anything wrong, why should we have the scheme? It has no security benefit and is open to abuse. The only safe method of identification is not to have national identity cards in the first place.
History shows us that de-facto national identity cards can be misused.
Currently, there is no universal identifying number for Australian citizens. The closest thing we have to a universal identity card is:
The Medicare card for health services; and
The state issued Driver's License.
What is wrong with using Medicare cards or driver's licenses as de-facto national identity cards?
The experience of the SSN illustrates why our Australian driver's license or Medicare card should never become a de-facto identity card. It is a poor practice, which is open to abuse AND it encourages identity theft!
Consider the Social Security Number (SSN) in the USA. The SSN is a nine-digit number, which was inaugurated in 1936 with the intention of matching citizens to the retirement money.
However, over time the SSN became essential for getting credit and for employment background checks. Now it has become so deeply linked to personal data that it is the de-facto national identifier for all USA citizens.
Unfortunately, there have been many instances where the SSN has been used for identity theft purposes. Social security numbers are one of the most powerful pieces of personal information an identity thief can possess.
For identity thieves, the SSN is their magic key that gets them into every door. They can use it to get access bank or credit card accounts, establish credit or find someone they wish to harm.
Data brokers undertake scant checks to verify whether a request is legitimate… or not. In fact, there are several websites that sell full Social Security numbers!
The commercial sale of social security numbers has contributed to the epidemic of identity theft or fraud that has touched about 10 million Americans in 2009. There were a series of privacy breaches involving large information brokers. Unfortunately, they were tricked by identity thieves who posed as legitimate businessmen, into selling personal data on 175,000 people. So far, these revelations have not stopped the practice of selling and re-selling personal data.
A simple Internet search on Google yields more than 1,000 web sites offering the SSN for sale. Some are run by small data brokers, re-sellers and private investigators.
Some insurance companies still use the SSN as an individual's account number. They print the SSN on identification cards which leaves people completely vulnerable if their wallets are stolen or lost. Medical offices routinely request SSN when initial appointments are made. Many universities use the SSN as a student identification number.
Up to June 2001, Alaska printed the driver's SSN on the actual driver's license. This change was due to a Federal law about the display of Social Security Numbers.Can you imagine what would happen if the driver's wallet was stolen, which included the driver's license, the person's date of birth, address and SSN?
Secondly, the SSN number can be easily guessed. Research has shown the possibility of guessing several of the nine digits in a person's Social Security number by simply using readily available information.
Many SSN numbers can be guessed simply by knowing a person's birthday. You can easily get that from Facebook or MySpace.
The Australia Card
The story about the Australia Card has been a war between two opposing camps…the privacy advocates vs technology groups. The narrative took on the form of the David vs Goliath battle, where a small group of privacy advocates battled and defeated the more powerful forces of the government, bureaucrats and technology vendors who were lined up against them.
The story is all about the rise of an unprecedented peril, called the Australia card. A small band of activists gained the attention of the Australian media and the community and successfully stigmatized their opposition as being people who placed a low-value on people's privacy. In the eyes of privacy advocates, the evil Australia Card concept was defeated but the danger always remains and they need to be ever vigilant about protection from this threat.
The other camp paints the Australia card as being akin to a miracle-worker or hero. Proponents of the Australia card argued that it was just an essential part of keeping up with technology advancements…taking Australia out of a technology backwater. The Australia card would have addressed the twin evils of tax evasion and welfare fraud to bring in improved health service delivery. The card would also have brought other benefits such as reducing identity fraud.
The Australia card was introduced in the 1980s and was defeated by suspicion… even hysteria. The concept of the card was reintroduced in 2006 by the conservative Howard government and again did not gain traction with the Australian electorate. It was formally destroyed by the new Labour government in 2007 when the government dropped it completely from its policy platform and the government department was disbanded.
Proponents of the Australia card concept still claim that the concept of the Australia card is sound. They believe that it has strong technology backing and will eventually become part of sound public policy. They claim that the cards eventual adoption will be incremental not revolutionary. They point to evidence of the growing community acceptance of other identifiers such as Tax File Number (TFN) identification, driver licenses and medicare cards which currently address Australia's security needs.
From an international perspective, the Australia Card issue is of interest to activists. This provides an example of successful opposition to the imposition of a national identity card upon its citizens.
Activists, vendors, politicians, journalists and government officials have used the same events to develop opposing interpretations. The versions from the privacy group include:
Australia shows that other countries should not establish a national identity card;
The defeat of the Australia Card was about the citizen's unease with government intrusiveness;
The defeat of the Australian card was a sign of the vitality of government. The citizens know that they can influence public policy and politicians respond to their calls.
The technology based groups provide totally different assessments like:
The abandonment of the Australia Card is insignificant. The Australian government has already achieved many of the original objectives through changes to regulations;
The defeat of the Australia Card was like a referendum defeat e.g. a republic;
The Australia card was a victim of poor timing, marketing and political payback: and
The card would have been successful had it been wrapped in the Australian flag and linked to the Bali Bombing.
Does Australia need a national identity card?
The Howard government emphasized that the Access Card would not be made a national identity card. This argument is correct if national identity card is the equivalent of an internal passport…issued to all citizens and produced on demand!
However, most Australians would have been enrolled in the national card register. The card would have replaced state-issued drivers' licences as being the de facto national standard for proof of identity. There would not be a centralized database covering the individual's total interaction with the government. Such a database is not necessary and would likely be hijacked by competing bureaucratic empires in Canberra.
In the 1980s, the debate about the Australia Card was hijacked by self-interest groups promoting their own agenda. Little had changed in ten years later. The technologists pushed technology project development while the Government Ministers and their advisers looked for political advantage'. Community advocates advocated the privacy version of a red flag, while journalists were more concerned with sound bites. Yet again, the debate fixated on the bit of plastic.
In December 2007, the new Rudd Labor government formally abandoned the Access Card project. The government closed down the authority managing the card and shut down its website.
The 100-Point Identity Check using multiple forms of identity is the best method.
When opening new financial accounts across Australia, such as a bank account or betting account, people have to comply with the points system.
The 100-point check resulted from the Australian Commonwealth Government's aim at restricting individuals and companies from hiding financial transaction fraud. This was enacted by the Financial Transactions Reports Act (1988) (FTR Act. The Australian Transaction Reports and Analysis Centre (AUSTRAC) were established to detect financial fraud.
The introduction of the 100 point check is important because it established mandatory reporting by the financial services providers e.g. banks, bullion dealers and solicitors. It also strengthened the regulation of the gambling industry.
In 2009, a law was passed stating that buyers for Subscriber Identity Modules (SIMS) require the 100 point check. A purchase of a mobile phone now requires the 100 point check.
The system is used to fight against welfare fraud, tax evasion and money laundering offences. It is provided to a range of federal and state/territory law enforcement and revenue agencies. This system is now widely used in organizations keeping official records, such as the driver's license system.
Financial reporting involves customer identification. A person's identity is being verified through the documentation provided by the person. Each document is given a points value and the total points scored must equal hundred points. A 'primary' document is the passport which features a photograph and is tamper proof. A passport can only be obtained through significant checking process. Primary documents like passports and birth certificates are worth 70 points.
Click here for the complete requirements and explanations of the Australian 100 point Identity check. Click here for Financial Transactions Reports Act 1988 which provides detailed regulations about the identification procedures.
The 100 point identification system is not foolproof
Australian consumer perceptions of 100 Points identity checking scheme appears to vary widely. Financial institutions have complained that the scheme is too costly and inflexible. Consumer advocates claim the scheme places undue burdens on disadvantaged people.
For example, the 100 point check excludes blind people and quadriplegics who do have basic documents like a driver's licence. Officials have responded to this complaint by issuing administrative guidelines. Disabled people and recipients of income support should not be disadvantaged by fees.
Security analysts argue that undue trust has been placed in 100 point schemes. The 100 point total is arbitrary. It could easily have been worth 110, 150 or 200 points. In theory, if you achieve 100 points, you are accepted as who you say you are. However, the simple acceptance of achieving 100 points is misleading because:
Legitimate documents have been stolen;
Documents may have been altered or are false; and
Methods for scrutinising documents and checking information are faulty.
The 2004 AGIMO Options paper about combating e-fraud in Australia commented that "driver's licences should only be a proof of driving ability".
The supporting documents used by transport authorities to establish your identity when issuing you with a driver's licences may themselves be obtained fraudulently. Driver's licences can be reproduced in vast numbers.
Few people sighting official documents have formal forensic skills. Rather, their scrutiny is based on the fact that it looks right and the context of the document. They can use government and private sector databases for further verification. Unfortunately, these so called "accurate" databases have varying degrees of accuracy….from reasonable to poor! Garbage in….garbage out!
Are 100 point schemes likely to evolve and be adapted in future?
These types of schemes are attractive because they work in the finance sector. They are endorsed by government and are not threatening. It is not surprising that various groups have argued the use the 100 point identity verification in other areas.
For example, in 2003 many people suggested to a federal parliamentary committee, that anyone wishing to create an internet account should supply the ISP with 100 points of identification. Unfortunately, they do not understand the nature of the internet. Australians often use ISPs based in other countries…the only requirement is a valid credit card. How could the Australian authorities police such a requirement?
In this chapter, I have explained why the Australian government was right in rejecting the concept of the national identification card. I have also put a case against using Medicare cards and driver's licenses as de-facto identity cards.
The Social Security Number (SSN) in the USA has become the default national identity card and has been misused. Australians should never allow our driver's licenses or Medicare cards be used this way.
The Australian "100-Point ID Check" using multiple forms of identity that add up to 100 points represents the best method of identity checking. Even then, there are issues about using forged documents to build an identity.
What's next?
