House debates
Tuesday, 27 February 2007
Human Services (Enhanced Service Delivery) Bill 2007
Second Reading
Debate resumed.
5:36 pm
Alan Griffin (Bruce, Australian Labor Party, Shadow Minister for Veterans' Affairs) Share this | Link to this | Hansard source
I rise today to speak on the Human Services (Enhanced Service Delivery) Bill 2007. This bill is about the $1.2 billion introduction of the government’s proposed health and social services access card. Labor supports the use of smartcard technology in service delivery. We also support the aims of improving service delivery and reducing fraud in Medicare and social security. But we do not support this proposal. We do not support it because it is full of holes and problems. I fully support the amendment moved by the member for Sydney. I also note, as other speakers have, that Labor reserves the right to move further amendments in the Senate, particularly any amendments to come out of the Senate inquiry.
Today I want to not only focus on the general concerns I have with regard to this bill but also highlight the specific concerns I have as shadow minister for veterans’ affairs. Under this proposal, by 2010 a person will need an access card to obtain any Commonwealth benefit, including Medicare, PBS subsidised pharmaceuticals, social security and, importantly, veterans’ entitlements. The cardholder’s photograph, name and digital signature, along with a new identifying number, expiry date and other information, will appear on the face of the card. Other information will be contained on a chip in the card—some in a public area of the chip, which can be viewed by a simple card reader, and some in a PIN-protected private area. All of the information on the surface and chip of the card will be held in a new massive database called the access card register. Officers at Medicare, Centrelink and other Australian government agencies will be able to access the register.
Labor has three main concerns regarding this current proposal for an access card. Firstly, we are concerned about the accuracy, security and privacy of data to be stored on the card and the database which supports it. Secondly, we are concerned about the registration process and the undue administrative burden that will be placed on people. Thirdly, we are concerned about the cost of implementing and manufacturing the card.
Labor is concerned about the security and privacy of this proposal. Under this proposal, information will be stored on the face of the card, within the chip contained in the card and on a database. The bill provides that a name, personal number, digital signature, photograph and expiry date must be displayed on the face of the card. In addition, people can choose to have their date of birth, veteran status and, if they are blind and on a disability support pension, the fact of their blindness on the face of the card. I am extremely pleased that an appropriate recognition of veteran status will be implemented on these cards. For example, gold card holders will be presented with a gold card and TPI recipients are able to also have their status reflected. This is very important to the veterans community. There had been great fears that this would not be the case. I therefore congratulate the government on at least getting this right.
However, the fact remains that there are real privacy concerns regarding the information that is to be displayed on the face of the card. The respected former ACCC chairman Professor Allan Fels was commissioned by the government to report on the privacy aspects of the card. He recommended to the government that the unique identifying number and electronic signature not be displayed on the card because they are unnecessary and pose a risk to people’s security. The government ignored this recommendation. I think that it is very unfortunate that the government failed to give this recommendation proper consideration. I know many veterans and war widows who remain concerned at the prospect of being defrauded and will now face the possibility of having an access card which they know displays information that the government has been told by an independent expert should not be required. The government should have accepted this recommendation. At the very least, it would have provided the community with greater confidence in this card.
In addition to the information which appears on the face of the card, information will also be contained in a microchip embedded in the card. The information will include data that can be read by a card reader, which can be purchased for a few dollars by anybody at an electronics store such as Dick Smith. It will also contain information that requires not just the card reader but also a personal identification number known only to the cardholder.
Many people may choose to have some health information stored on the public section of their card because in a medical emergency they may not be conscious or able to remember or state their PIN. It is likely, therefore, that medical information will be available to anyone with a simple card reader. I am not sure that the veterans community will appreciate the possibility of their medical conditions being available to strangers. Many veterans and war widows have sensitive medical issues and the last thing they need to worry about is having their privacy invaded.
Labor also has concerns regarding the information that will be stored on the central registry. The registry will contain your date of birth, citizenship or permanent residency status, sex, residential and postal address, date and status of your registration, PIN, veteran status and documents used to prove your identity. It will contain scanned copies of all original documents that have to be presented at the registration interview. This would make the registry an enormously valuable resource for criminals who hack into it or bribe public servants to get access to it. A criminal could steal a whole identity by accessing someone’s registry record. Identity theft is well known in the veterans community, where problems of impostors posing as war veterans have surfaced from time to time.
There are good reasons to be concerned about identity theft in our society. It was reported in August 2006 that 600 privacy breaches occurred within Centrelink, where staff had accessed customer records without proper cause or authorisation. Also, a report by the Child Support Agency found that 405 privacy breaches occurred in nine months. In at least two of these cases, mothers and their children had to be physically relocated at taxpayers’ expense because improper release of information had put them at risk.
Also, there is the problem of errors contained on the central records. According to an internal Centrelink random sample survey conducted by the Audit Office and published in June 2006, around 30 per cent of Centrelink records contained an error which resulted in wrong payment. I am sure that some veterans and war widows would be familiar with the problems of errors in records leading to incorrect payments. It would be a tragic thing if the new central registry exacerbated this problem.
The government has said that this card will be voluntary. This is a false argument for the general population but it is a particularly misleading argument in relation to the veterans community. Veterans and war widows will need the card to access Medicare, medicines covered by PBS, social security payments, their veterans’ entitlements and all government benefits and services that they receive. The government says that it is voluntary, but it is only voluntary if you are willing to forgo these services. Veterans and war widows who refuse to apply for the card will not be able to use any of these services.
Under this proposal all Australians needing access to these cards will have to undergo an interview process. At the interview process they will be required to present a number of documents and provide information to prove their identity and entitlements. The government has not even told us yet what documents they will be requiring, but it is thought that they will at least require Australian-issued birth and marriage certificates. As shadow minister for veterans’ affairs I have deep concerns about this registration process. This will affect at least 299,352 veterans and war widows who currently hold a gold or white card. It also affects non-gold-cardholders in the sense that all Medicare users will need to have access to this card.
Many veterans and war widows have already engaged in lengthy and sometimes stressful application processes for their current entitlements. To have them subjected to another interview and registration process to get a card that they are already entitled to seems to me to be unreasonable. They will have to go through the hassle yet again of collecting copies of forms and information to provide to the bureaucracy. In some cases this could cause them financial harm, as they may have to pay to obtain copies of original birth or marriage certificates.
When the Department of Veterans’ Affairs was asked whether any financial assistance would be provided to the veterans community due to the expected costs of the registration process, the head of the department, Mr Sullivan, replied:
... no, if a person does not have the documentation and wishes to procure it themselves, we are not offering at this stage financial assistance in procuring that documentation.
So we can expect veterans and war widows, again, to be out of pocket in order to register for a controversial card that will give them no more entitlements than they already have. I think veterans and war widows are in a special position, as they have already gone through so much bureaucracy and administrative processes to get what they have; therefore, I believe they should largely be exempted from a registration process. When the department was asked about possible exemptions at the recent estimates hearings, Mr Sullivan, the department head, said:
There will be exceptions where people are exempted from registration, and those will definitely include some of our gold card population, so they would not be required to enrol. As a general rule, a gold card holder would need to register for the access card.
When further pressed on what exemptions there would be, Mr Sullivan replied:
… they have not been decided yet, but people in high-care nursing homes and in palliative care institutions are possible examples.
I welcome this but, as you can see from that response, it is far from certain. Also, a relatively small category of current gold card holders will qualify for this exemption. Therefore, I am not sure why the government is even pushing this bill through before it has decided these issues.
Another concern I have is that veterans and war widows will also be required to travel to different locations to undertake this interview. While there will be some mobile registration vans for regional and remote areas, interviews will not be conducted in the veteran’s home. Many veterans on a high-range disability pension, a totally and permanently incapacitated pension or an extreme disablement adjustment pension will be required to travel. Many of those who fall within this category are restricted in their mobility and are already probably sick of having to travel the distance they are required to travel for their medical treatment. The department has said that it may look at financial assistance for travelling costs but, again, it is not sure. This is not good enough and again I ask: why are we debating this bill when these decisions have not yet been made?
Some of my colleagues in this debate have also raised the prospect of fraud occurring during this registration process, and I share their concerns. It is an issue that the veterans community should be worried about and should insist is fully resolved before we even look at this proposal.
So far I have outlined my concerns about the privacy and security of the card, and the undue administrative burdens that the registration process will place on the veterans community. Another major concern I have is the cost of the card. The government, in an extraordinarily arrogant move, is refusing to release any details of the cost-benefit analysis of this card. It has argued that the card will save money by reducing fraud, but it can produce no evidence of figures on this.
We do know that the card already has a budget of $1.2 billion, a budget that quite possibly will rapidly grow. The great fear is that these growing costs could mean that departments such as Centrelink, Medicare or even Veterans’ Affairs will be required to shoulder some of these costs, which means possible cuts to existing services. This would be completely unacceptable. Instead, the government are asking us today to accept their proposal that is full of holes, a proposal where they cannot provide any evidence of the benefits and one that is extraordinarily expensive.
The bill in its current state is full of holes and raises some real concerns for the veterans community. We should be clear: the Howard government is asking our veterans and war widows to accept a card that raises real privacy concerns, is costly and has yet another long bureaucratic registration process. We are asking our veterans and war widows to accept a card that many individuals and groups—for example, the Australian Privacy Foundation and the Australian Medical Association—have expressed their concerns about.
Even some coalition MPs have expressed their concerns. The member for Moncrieff has said that the access card could become a trojan horse for a national ID card. The esteemed member for Mackellar said that it does not pass the Nazi test, and the Attorney-General has admitted that the access card could in the future be exploited by governments. Yet this is the card the government wants for our veterans community. I appreciate that the government has recognised the importance of having a gold coloured card for veterans who currently possess a gold card and which also specifically recognises TPI veterans. Labor fully supports that. However, this bill is not good for the veterans community. In its current form, it gives the veterans community a card that has real privacy and security concerns that have not been addressed. It gives them a costly and burdensome registration process. It comes at great cost to government and we are yet to see any real evidence of the proposed benefits.
I do think smartcard technologies can make a difference and can be used effectively. However, the current proposal is so full of holes and will cause unnecessary hassle and burdens for the veterans community, which is why I cannot support it as it currently stands. I fully support the amendment moved by the member for Sydney, as it begins to address the problems with this bill. I also note that Labor reserves the right to make further amendments to this bill in the Senate.
I had hoped that the Minister for Veterans’ Affairs would have been more successful in representing concerns of the veterans community on this issue. Instead, the government has neglected to consider exactly how this proposal will impact on the veterans community and the fact they will be left with the problems I have outlined today. This is just another example of the veterans community being taken for granted by the Howard government. This card is not good for veterans, it is not good for war widows and it is not good for their families. That is why I cannot support this bill without the appropriate amendments, such as the one moved by the member for Sydney, to address these issues.
5:50 pm
Justine Elliot (Richmond, Australian Labor Party) Share this | Link to this | Hansard source
I rise tonight to speak on the Human Services (Enhanced Service Delivery) Bill 2007. I say at the outset that I support the amendment to this bill previously moved by the member for Sydney. The many concerns raised in that amendment have been noted by other speakers today.
Whilst Labor support the use of smartcard technology to improve service delivery in Medicare and social security, particularly with the aim and intention of reducing fraud, we do not support this proposal, because it is full of so many problems that need addressing. Many of those problems are listed in our amendment. Like much—or, indeed, some would say most—of the Howard government’s legislation, the Human Services (Enhanced Service Delivery) Bill 2007 has been rushed through without proper consultation, costings or indeed Senate committee input.
Whilst this may be typical of the Howard government, it simply is not good enough in terms of its impact upon Australians. This bill will have serious consequences on the day-to-day lives of all Australians. Firstly, it will be expensive to implement, it will be time consuming for families and it will certainly forever change the way in which Australians access government services. For all of those reasons it therefore deserves careful scrutiny—something which has not occurred in relation to this particular bill.
The human services bill will allow for the introduction of a new microchip smartcard for Australians to access everyday government services. Using smartcard technology, the proposed card will replace up to 17 governments cards—of which the most commonly used are Medicare and Centrelink—in an attempt to streamline government services. In addition, the bill will establish an electronic register of the information stored on the card—information which is likely to be accessed by government departments and the police—with limited frameworks in place to protect this information. It is estimated that 16.5 million Australians will be required to produce an access card to carry out everyday activities such as going to the doctor or applying for Centrelink payments. So we will have a situation where 16.5 million Australians will have their information stored on a register, with limited safeguards in place.
The government claims that it is not an identity card by stealth and it will not be used as a surveillance card. Before outlining the multiple problems with this legislation, it is important to understand exactly what we are talking about here. We are talking about a card which will contain a citizen’s photograph, name, digital signature, identifying number and an expiry date. The register will contain a person’s date of birth, citizenship or residency status, sex, residential and postal address, date and status of registration, PIN, veteran’s status, as well as the documents used to prove the person’s identity. All of this information on 16½ million Australians will be available on one registry. Scanned identity documents for over 16 million Australians will be sitting in this registry and it will be able to be readily accessed. Looking at the bulk of information that will be stored on the card, I would like to know what assurances the government has in place to ensure that this information will not be outsourced offshore and also what safeguards it has put in place to ensure that that does not happen down the track.
Indeed, there are many problems with this bill—privacy, costing, convenience, security and fraud. They are all very valid concerns when considering the implementation of the access card, but none of them has been dealt with appropriately in the legislation in its current form. In looking at these problems, I will first examine those associated with costings, because the government has refused to release the full cost-benefit case for the card. The government commissioned KPMG to report on the business case for the card, but the report has been highly censored. Every time the government speaks about the savings generated by the card, the figures seem to change. When asked for an explanation, the government claims that the information is commercial-in-confidence. KPMG said that the access card could possibly save $1½ billion to $3 billion over 10 years. The government claimed that it will be around $3 billion, and the Prime Minister stated that it could even be $4 billion. Once again with this government, the numbers are all over the place; they do not add up. More importantly, potential savings in relation to fraud could be blown out of the water by the final cost of the card, which is likely to be a great deal more than $1.1 billion.
Perhaps the most serious issues pertaining to this legislation are those of privacy and fraud. There are several facets to my concerns in relation to these. The access card is due to be released before the document verification service will be completed. This system will be an online verification system connected to the states’ registers of births, deaths and marriages and will be able to detect anomalies in documentation produced. However, according to representatives of the Attorney-General’s Department during Senate estimates hearings, it will not be operational until 2010. Surely it is imperative that this technology be perfected long before we roll out this new card. Surely there need to be assurances that this technology will be in place before 16½ million Australians turn up at a registration point, all with their birth certificates.
A recent study conducted by Westpac and the New South Wales Registry of Births, Deaths and Marriages found that 13 per cent of all birth certificates presented to banks were fraudulent. Thirteen per cent is quite a high number. Without the document verification service, it is not realistic to manually check all of these certificates. If we calculate 13 per cent of 16½ million, the final figure is about two million. So two million access cards could be given out to the wrong person and used to commit some form of criminal activity. As a former police officer, I saw people engage in a wide range of criminal activity using identity fraud. Whether the cards were lost or stolen, they were used to commit a vast range of offences. I have major concerns about fraud in relation to this card. Also, the fact that the document verification service is not online is a huge concern.
With identity fraud on the rise, the last thing the federal government needs to do is introduce a card which can be easily given to the wrong person. We can and must wait for the document verification system to be operational before going ahead with this card. We need that to ensure that all Australians are protected. This is one of the amendments that Labor has moved in relation to the access card bill. The proposed access card makes the personal information of all Australians staggeringly vulnerable.
Each card will contain a microchip to hold a person’s personal information, but not all of it will be protected with a PIN. This means that, with a stolen card and the purchase of a card reader—which is cheaply available from many electronic stores—an identity could be easily stolen. Interestingly, the government commissioned research on the amount of identity fraud currently occurring in relation to Medicare, PBS and Centrelink cards has been withheld from the public. This information would have been insightful if it had been released. As I said, I have seen many instances of identity fraud and have major concerns about it.
KPMG were not the only experts consulted by the government. In recognising the importance of privacy, the government also commissioned a report by Professor Allan Fels. Professor Fels recommended that to minimise the risk of identity fraud a person’s unique identifying number and electronic signature should not be included on the card. Despite the government stating otherwise, this will be a compulsory card or, as the member for Moncrieff has stated, ‘a Trojan horse national ID card’. Everyday government services will not be able to be accessed without the card.
Another of my concerns is that people under 18 will not be able to receive the card. There seems to be a bit of confusion about where that stands at the moment, which is typical given all the confusion surrounding this bill. It is another example of how the bill has not been properly thought through before being brought before the parliament. I certainly have a lot of concerns about the serious ramifications for those who are aged 16 and who currently have access to Medicare or Centrelink cards.
One of the many groups opposed to the access card is the AMA, who sensibly point out that it will prevent young people from having access to or feeling comfortable seeking medical attention. Very serious issues such as depression or family violence are more likely to be ignored by teens, who would be reluctant to ask their parents for their access card in order to go to the doctor. It is an absolutely outrageous oversight. From a purely practical point of view, hundreds of thousands of teens between the ages of 16 and 18 start apprenticeships, move away from home and generally develop an independence that has not been catered for in this legislation. It seems that under this government it is fine for these Australians to be out there working and paying tax but not fine for them to have independent access to Medicare. Parents will be inconvenienced, having to lend their cards out to their 16- and 17-year-old teenagers, who should certainly be able to have access to one. There seems to be a large amount of confusion on the government side in relation to this matter. It is another example of how this has been very poorly thought out. This is a major issue for those 16- and 17-year olds throughout the community, and it has not been addressed.
One of the other ludicrous aspects of this legislation is the claim by the government that it will take approximately 10 minutes to register for this new access card. This is blatantly ridiculous. Clearly no-one on the government side has recently had dealings with Centrelink or Medicare, as they do not know the time that it takes to go through processes in relation to matters like this. The process will not be as simple as presenting one’s current Medicare card and smiling for a photo, with a machine spitting out a new card. Original identity documents need to be produced—although the government has not decided what identity documents will be required. Conservative estimates suggest that a family of four who need to obtain new original documents could be out of pocket by up to $400 in meeting the requirements. For many people living in my electorate of Richmond who are on fixed incomes, this is very much out of their income range. Having to meet that requirement would be very costly, especially with the cost of living increases that people are incurring at the moment. This would be a huge impost upon their living standards.
Another issue in relation to this is that the government has not decided whether or not to accept overseas certificates, which are more easily forged as we well know. Naturally, a person has no control over where they were born or where their birth was registered. Will this section of the Australian community simply go without an access card and, without that, access to Medicare and Centrelink provisions? On top of this, each person is required to attend an interview to register for the card. That is all very well if you live in a metropolitan area. This legislation is another example of the Howard government’s selling out rural and regional constituents, particularly many of mine in Richmond. While the government states that mobile registration vans will be in operation, I am particularly worried about farming families, who will be inconvenienced and out of pocket in their quest to obtain this new card. We have certainly seen a host of examples of how this government’s legislation is having a negative impact on rural Australia. There was Telstra, then industrial relations and now the access card.
My electorate of Richmond has a large number of senior Australians. Twenty per cent of the electorate are aged over 65. That is one of the highest percentages in the country. Not a week goes by where I do not hear about the immense difficulties that this sector of the population already has in accessing government services. This legislation will not help in the slightest. The registration process will be a nightmare for senior Australians, many of whom do not have the financial resources to track down original documents and who should not need to go through the time-consuming and stressful process of obtaining this new card. Already, I have been contacted by constituents who are understandably concerned at the prospect of their personal information being held on a register where it is vulnerable. I appreciate those concerns. Being in a regional area they have large concerns at having to travel to their interview for it.
It is somewhat surprising that it is up to the opposition to point out all the problems with this legislation. The simple fact of the matter is that, when a less extreme version of this legislation was presented to the parliament in 1986, the now Prime Minister and then opposition leader had no difficulties in understanding the problems with it. In 1987, the then opposition leader understood the privacy concerns of Australians, stating:
It is a major invasion of individual privacy ... It will concern and worry a large number of elderly citizens in Australia.
As I said, in my electorate it is certainly a major concern for many elderly people. Back in 1987, when the then opposition leader understood that this was not what the Australian people wanted, he claimed that:
... the Australian people are revulsed by it. The Australian people do not want it. If you try to ram it down the throats of the Australian people you will pay very dearly in political and other terms.
Then, quite remarkably, the then opposition leader moved a petition which expressed concern about civil liberties, stating that the introduction of a national identification numbering system was not only totally unnecessary but a severe threat to our civil liberties and privacy. My, how times have changed. Just like on the GST, just like on workplace relations, the Prime Minister has indeed shown his true colours. Australians cannot trust him or his government to keep their word on any legislation—to the detriment of the citizens of this country.
It is my sincere hope that the government will recognise the many shortcomings in this legislation, particularly those issues relating to privacy and to convenience. I hope that they can be honest with the Australian people about the costings to do with this access card. It is vital that the amendments that have been moved by the member for Sydney are supported in order to ensure privacy—which is one of the major concerns—and to make sure that the document verification system is online. Without those amendments, the bill in its original form cannot be supported, because there are too many problems with it and too many concerns about it. I have many major concerns for my constituents in Richmond.
6:06 pm
Annette Ellis (Canberra, Australian Labor Party) Share this | Link to this | Hansard source
I rise this evening to speak on the Human Services (Enhanced Service Delivery) Bill 2007. Despite its rather pleasant sounding name, this bill is all about forcing Australians, or some Australians, to carry an ID card. One would think, with a title including ‘Enhanced Service Delivery’, that this bill would deal with some of the complexities that many people face when dealing with government departments and government agencies. This bill will only make it more complex, more costly and more time consuming for members of the public. At a base cost of almost $1.2 billion we must also question whether the government is really getting any value for money either. However, the bill will allow for the introduction of the new access card to replace the Medicare card, the Veterans’ Affairs card and many other entitlement cards. It will establish a new electronic register and specify which information will be held on it. The bill also outlines the registration process for the access card and creates offences for unauthorised demands to produce the card—and, of course, for unauthorised use of the card.
Those of us on this side of the House have expressed numerous concerns about this project since it was first announced by the former Minister for Human Services, the member for North Sydney. As we have progressed through this public debate, very little information has been forthcoming from the government to allay those concerns.
Before I go into more detail on our concerns I would like to point out what I believe to be the arrogance of the government and the disregard it pays to both houses of this parliament. Once again we have seen the government proceed to a tender process, even though the legislation has not passed through either house. Those opposite, I believe, are growing more arrogant and out of touch every day. It is an affront to our processes in this place.
This government has decided to ignore the proper processes of this place and has gone ahead and called for tenders, thereby exposing Australian taxpayers to potentially huge financial risks should the tender specification be altered. I understand that this unacceptable and unnecessary financial risk was exposed only after questioning during Senate estimates hearings on the 16th of this month.
Those opposite, particularly the former minister, the member for North Sydney, have stood in this place and told us that this access card is needed to prevent fraudulent claims to government departments and agencies and to stop identity theft, yet they have provided no hard evidence on how it will do either of these things. At a cost to the Commonwealth of $1.2 billion over four years, this project represents an enormous investment by the Commonwealth. But the government cannot tell us what the financial benefits will be. For example, to pay its way, to justify the prevent-fraud argument, the access card would need to prevent over a quarter of a billion dollars worth of fraud each year, or over $5 million worth each and every day. To put it another way, the government’s current systems in relation to Centrelink, Medicare, the PBS and Veterans’ Affairs would need to be haemorrhaging over $5 million each day—if that is the base of the argument. Is the government telling us that, after more than a decade at the helm, they have let government departments become this susceptible to fraudulent claims? It is fraudulent claims they are using to justify this card. Some may say that is a long bow. But that is the evidence that is in front of me.
I have some specific concerns about the registration process as outlined in the bill. To register for the access card, every adult Australian will have to provide proof-of-identity documents. Currently, there is no way of checking the authenticity of these documents, and there will not be a working system for at least another two years, as I understand it, when the document verification system is due to come online. What is the point in having this access card if it is compromised from day one by people using false, fraudulent or simply incorrect documents to register in the first place? I understand that the member for Sydney has moved amendments in the House to address this particular problem and others. I strongly endorse her amendments. They are practical, common-sense amendments aimed at making this proposal workable. In its current form, it is far from workable.
Many people in my electorate of Canberra have serious and legitimate questions about maintaining proper privacy of information. They are rightly suspicious of anyone, including government, compiling vast amounts of information on them and of how that information may be used. The type and amount of information stored directly on the card is of grave concern. Remember, this card will be able to be read by an ordinary card reader attached to any computer. We have already seen numerous cases around the country of organised criminal groups using this very same technology to rip off credit card holders. There is nothing to prevent people’s whole identities being stolen in this way. With an unprecedented amount of personal information stored on the one card, I am concerned that this access card will become a one-stop shop for identity thieves. It is quite possible. Nowhere else would they be able to get all of this information on just one card—from just one source.
The Australasian Centre for Policing Research has produced an identity crime policing strategy covering identity fraud. It cites a case from the US where a hospital worker stole 393 patients’ identities. Given the access card will hold Medicare and PBS information, and therefore will be an instrumental part of the administration process in patients receiving health care, who of those opposite can say that this will not be possible with the access card? That report goes on to note that ‘criminals are often able to utilise new technologies to facilitate identity crime more quickly than government agencies can react.’
The government has ignored serious recommendations in relation to the information shown on the face of the card. The government commissioned the respected former chairman of the ACCC Professor Allan Fels to provide recommendations on the access card. Two key recommendations of Professor Fels to protect access card holders from identity fraud have been completely ignored by the government. Professor Fels recommended that the identifying number and the electronic signature not be displayed on the face of the card. I would welcome hearing the government’s reasoning for ignoring what seems to me to be a very sensible recommendation.
Furthermore, I am concerned about the type and amount of information to be held on the database registry that will be linked to the card. Information held on the registry will include your date of birth, citizen or permanent residency status, residential and postal address, date of registration and PIN and, possibly most dangerously of all, scanned copies of the proof of identity documents used at the time of registration. This last category of information could include birth and marriage certificates, drivers licences and other relevant documents.
Having all of this information in one location has the potential to make the access card a true one-stop shop for identity fraud. Criminals will be lining up to find a way to illegally obtain this information. Your whole identity could be stolen with one security breach—and let us not pretend that that cannot happen. Whilst I strongly acknowledge that the vast majority of public servants are fine workers with the highest levels of integrity, there have sadly been cases in the past of public servants inappropriately accessing information. In August last year, it was widely reported in the media that 600 privacy breaches occurred within Centrelink alone—600 cases where staff accessed customer records without proper cause or authorisation.
In June last year, a report obtained under FOI showed that in the Child Support Agency there had been over 400 privacy breaches in the previous nine months. I have only mentioned two government agencies here and already we have over 1,000 privacy breaches. The scope for these breaches with the access card is potentially huge. Now we have the government telling us not to worry and that the information linked to the access card will be safe and secure. History, sadly, shows us that this is not necessarily the case.
Despite the assurances of the former minister, Australians cannot realistically opt out of the access card system. ‘If you don’t like it you can opt out,’ are pretty cheap words. The former minister said that no Australian would be forced to apply for an access card. But they will have to register if they want to visit a doctor, buy a medicine listed on the PBS or claim a Centrelink or Veterans’ Affairs benefit. In other words, if they want to access a federal government service, they will need an access card—with all of the privacy intrusions that come with it.
A lot of this reminds me of a debate back in the mid-eighties, to which the member for Richmond has already referred—and I am sure others have as well—when a system called the Australia Card was being considered. There is a lot of familiarity—deja vu—attached to this debate. As the member for Richmond said, the current Prime Minister, who was the Leader of the Opposition at the time, said on 23 September 1987 in relation to the Australia Card:
The Australian people do not want it. If you try to ram it down the throats of the Australian people you will pay very dearly in political and other terms.
The question in my head that I am still attempting to resolve—though I think I am reaching a conclusion—is that the proposal back in the mid-eighties, from memory, would have included every Australian had it got up. This proposal before us now does not necessarily include every Australian. It will include only those who require a government service: pensioners, people accessing income support and other types of concessions, generally speaking. Maybe the Prime Minister was right when he said back in 1987 when he was Leader of the Opposition that ‘the Australian people do not want it’ because there were a lot of people of influence who could have convinced him that it would have been a bad decision. I do not know.
What I do know is that the people who are going to have this card put upon them by this government—not quite everybody—are the people who rely on government support and government services. There is quite a large number—many millions—but they are in a different position. Whilst it is fine for the minister at the time to have said, ‘If people don’t want it, they merely opt out of it,’ it is really a very misleading statement because it is not quite true. If you can afford to live your life with no contact with government at all, then you can probably get away with not having one of these cards, but the majority of Australians—a huge number—actually have that interaction and will therefore need these cards.
I repeat my support for the amendment. I had a junior primary school from my electorate in this building today. One of the questions I was asked was: ‘What is it like to be a member of the parliament? What sorts of things do you do in the parliament?’ I was so bold as to say, ‘We debate and argue issues. In the House, we all aim to bring out a product that will suit everybody at the end.’ I am afraid I might have misled that school group today, because if the government does not accept this amendment we are going to have a product that will not suit everybody in the end.
6:19 pm
Warren Snowdon (Lingiari, Australian Labor Party, Shadow Parliamentary Secretary for Northern Australia and Indigenous Affairs) Share this | Link to this | Hansard source
I congratulate the member for Canberra for her eloquent speech on the Human Services (Enhanced Service Delivery) Bill 2007 and her advocacy for Labor’s concerns on the issue of this card. It is not my intention to canvass all of the arguments that have been broached by others. However, it should be very clear that, while Labor support the use of smartcard technology and we support innovations that improve the use and storage of personal, medical and social security information, we cannot, as others have said, support the legislation in its current form. That is why we would encourage this House to support the amendment which has been moved by the shadow minister, the honourable member for Sydney. It is clear, as the shadow minister’s amendment points out, that this bill lacks adequate safeguards to protect the accuracy and privacy of information on the card and in the register. There is a very clear and obvious concern that, because of the nature of this legislation, it has the real potential to undermine the civil liberties of many Australians.
In addition, the government continues to keep secret key information about the cost of the card. It refuses to release the cost-benefit analysis. What we do know is that it is costing us almost $1.2 billion over a period of four years. There is no guarantee that the document verification service will be fully operational, and with appropriate safeguards in place, by the commencement date proposed. That is of huge concern to us. There is clearly real concern that the money for the card will come from other areas of the Centrelink and Medicare budgets, meaning potential cuts to existing programs and services.
But most particularly from my perspective the legislation and the approach to this card perpetuate the government’s history of disengagement from, or inability to understand or address, the needs of those in our community most disadvantaged and most marginalised—particularly those Australians who live in regional and remote parts of this great country. It is that aspect that I want to concentrate on. The government has proven itself to be singularly inept in addressing the ability of those who live in regional and remote areas of this great country to access to even the most fundamental and basic services.
One key problem for the bill, in terms of its acceptance by me at least, is the requirement for identity documents. The explanatory memorandum of the bill recognises:
Of course, there will be cases where some individuals (e.g. individuals living in remote Australia, homeless persons, or people at risk) may not be able to provide the types of documents required to process their application.
It goes on to propose:
Because the registration process is intended to be a robust and comprehensive process with substantially improved proof of identity arrangements, applicants wishing to be registered will need to provide documents or information relating to their identity.
We need to observe that the government argues that the card is voluntary. So it is a matter of choice, or at least that is what we are led to believe. But of course that is not the case. The government argues that no-one will be forced to get one or to carry one. But we know that you will need to have one of these cards to get access to Medicare, medicines covered by the PBS, social security payments, veterans’ entitlements and indeed all government benefits and services. Australians who refuse to apply for one of these cards will not get access to any of these services. That makes it very clear that it may be a matter of choice for the wealthy, for those who have very deep pockets, but for those who are marginalised, sick, perhaps unemployed or otherwise reliant on benefits from government, it will absolutely be compulsory. From my perspective, that highlights a very significant issue, because large numbers of people who live in my electorate of Lingiari so qualify.
I will go back to the proof of identity requirements. We now know it will be compulsory—even though the government leads us to believe it is not, it clearly is—if you need to access government services. Instead of resolving the dilemma about the proof of identity arrangements that could ultimately result in many people in remote parts of this country not getting a card at all, the government’s solution is apparently to provide:
... the Secretary to specify an alternative process to deal with such special or exceptional circumstances.
That seems to me to be hardly good enough. We need to understand very clearly what the intention is here in terms of providing a capacity for those people who require proof of identity and live in remote and rural Australia in circumstances where they cannot get access to the sort of documentation which the government may require.
Let us take the example of birth certificates. I would dare to say that everyone in this parliament and every family member of a member of parliament could access a birth certificate in one way or another. But I do not know that this parliament or the people within it properly understand that for many Australians, Aboriginal Australians and Torres Strait Islander Australians, there never was a birth certificate and, if there was one, it cannot be found. If you ask many, especially older, Aboriginal people who live in regional and remote Australia if they know their date of birth, they say they simply have no idea. I wonder how they are supposed to prove their identity if they cannot produce the most fundamental of the certificates that we would see as an identity document in this country—a birth certificate.
We know that to register for the card you may be required to meet the 100-point proof of identification. Families may be required to produce evidence of occupancy and residence for up to a 10-year period. It should not surprise—although I suspect it does—the government and the people advocating this card that many people who live in my electorate would certainly not get the 100 points and, most particularly, if you asked them to provide documentary proof of their occupancy or residence of a particular house or community, would find it very difficult indeed.
I am certainly not satisfied that allowing the secretary to specify an alternative process to deal with such circumstances will in any way resolve the situation. What we are facing here is not a system which intends to streamline and modernise Australia’s delivery of health and social service benefits. What we confront here is a distinct possibility that, because of the reasons I mention, there will be many people who will find they cannot access those services because they cannot get access to the card, simply because of who they are and where they live.
I am certainly not satisfied with the explanations the government has given thus far about how they might address that very difficult set of circumstances. I am also wondering how it is proposed that people who live in the many scattered rural communities of my electorate and in other parts of Northern Australia—in particular, the north-west of Western Australia, western Queensland, the top end of South Australia and all of the Northern Territory—who live in small communities of 50 or 100 people will register for the card. You would think the government would understand that the Centrelink network is very deficient. How is it that these people will register?
It is worth making the observation that remote Australia makes up around 78 per cent of Australia’s landmass. I can understand how the government might argue that this registration process will be easily done in a city like Sydney or Melbourne, or even Darwin—not for all, though, but largely. But I am certainly not satisfied with the explanations we have received thus far that the solutions the government is offering in this bill will go anywhere towards meeting the concerns and needs of the people I have been referring to.
The government’s documents say that they will be required to register people around the country in remote and regional areas and will need varying equipment such as mobile registration units to manage the registration process. So, then, even if residents of the bush in the areas I have been talking about have access to the documents that the government require, many will still be required to travel some distance, one assumes, to gain access, make an application and register for a card. I am not sure whether the difficulties involved in providing these services in the bush have crossed the minds of the people who are behind this.
For six months of the year many communities are totally isolated and roads are impassable. I was at a community recently in Central Australia, where not only were all the roads impassable but the airstrip—because it is a dirt airstrip—was out as well, for some period of time. Again, I can understand how, if you live on the North Shore of Sydney, you would say this is pretty good—pretty bloody easy. But if you live, let us say, on the Nicholson River, on the western side of the Gulf of Carpentaria—most people in this chamber will not have heard of that, Mr Deputy Speaker Kerr, though I am sure you will have—how is it proposed that the people in your community will be registered for the card? How is it proposed that communities like that, which are spread right across the north of Australia, will get access to the documents they require for the identity test and to be registered?
I am sure that there are very well-meaning people beavering away in the bowels of the Public Service trying to find solutions to these problems. But I have to say that without seeing the solutions in this parliament I am not prepared to support this proposal. I am not here to buy a pig in a poke; the people I represent in this place would abuse me if I did, and well they might. We have, as the member for Canberra rightly pointed out, a responsibility in this place to represent the interests of all Australians, and we need to be able to have a dialogue across the chamber to ensure that we get the best possible outcome for all Australians. But I do not believe, as the member for Canberra said, that the proposal before us is going to provide the best possible outcome for all Australians. It is clear to me that many people will miss out, and when they get crook or require access to benefits they will find that they hit a brick wall.
I was going to talk at some length about the appalling failure of the government as evidence of not only the difficulties they confront but, most importantly, the way they have absolved themselves of any real responsibility to address the needs of people who live in rural and remote Australia. This is also about the way they have dealt with rural health. It is this sort of issue that really gets at you.
This is a government that says it is trying to help improve delivery of services and that, somehow, having access to this card will do that. We know that there has been a rural health funding drought in the bush. A report entitled Rural, regional and remote health, on a 2005 study by the Australian Institute of Health and Welfare, found that death rates increased with remoteness and were 10 per cent higher in regional and remote areas when compared with major cities. The report found that death rates were 50 per cent higher in very remote areas and annually there were 2,414 more deaths of non-Indigenous people outside major cities than expected if death rates for non-Indigenous people from major cities had applied for those areas. That should give you some cause to think, I would have thought, about the needs of people who live in the bush. Apparently this government is either oblivious to or has chosen to ignore those needs, despite the crowing we hear from cockies corner here about the importance of regional Australia to the National Party. We have failed these people miserably. We know that the Senate estimates hearings of 30 October 2006 revealed that the government has failed to spend 90 per cent of a $15 million election promise to improve rural health.
What I am trying to highlight here are the concerns of the people in the bush about getting a proper deal from this government. What I am saying here is that the process designed around this card does not think of them; it does not take their particular needs into account. Never mind, as we all know, the arguments about young people who are under 18; here is another story. Imagine young kids in the bush under 18. How do they get access to a card—even when the government changes and admits it has made a mistake and seeks to fix the problem, at least insofar as the generality of children under 18 is concerned? I implore the House to support the amendment moved by the opposition.
6:39 pm
Ms Anna Burke (Chisholm, Australian Labor Party) Share this | Link to this | Hansard source
The Human Services (Enhanced Service Delivery) Bill 2007 is the much anticipated high-security chip based replacement for the existing smartcard of the previous Minister for Human Services. In a speech to the Press Club last November, the member for North Sydney said:
Human Services is now established as a viable, dynamic department that is constantly looking at better, simpler and more secure ways for Australians to do business with their Government.
At the same time, it has become abundantly clear that the current system of health and welfare entitlement cards is becoming increasingly insecure and open to fraud. The Medicare card in particular is cheap and easy to copy. The AFP estimates Medicare cards are now involved in some way in more than 50 per cent of identity fraud cases.
So what have we done? The Government’s response has been to begin work on replacing our 17 health and social welfare cards and vouchers with a single smart card that has become known as the Access Card. Smart card technology is something Australians will become very familiar with over the next few years.
He went on to say:
Put simply, smart card technology is safer than the traditional cardboard and magnetic strip cards most Australians carry around in their wallets because a microchip is more secure and harder to copy. Smart card technology offers greater privacy because it allows users to display less information on the face of the card. This means more information is kept out of the immediate view of any unauthorised person.
The bill before us proposes to spend $1.4 billion over four years to realise the vision of the previous Minister for Human Services. While some of us might disagree that the Department of Human Services is now a viable, dynamic department, we probably do not disagree with the vision that was set out in that speech. It is probably a valid vision to get all the cards into one card and into a viable technology that protects people from identity fraud, and smartcard technology can do that. The tragedy with the bill before the House is that it does not live up to the vision as outlined. There are too many flaws within this bill and the old adage that the devil is in the detail has been entirely neglected. If you are going to do something that is so progressive then you need to do it right, and you need to do it right the first time, because the horror of introducing this card and then discovering that you have sold everybody’s identity down the river is too horrible to contemplate. So I commend the amendment moved by the shadow minister in this place and ask: why the haste to introduce a bill and a system that needs greater detail and greater finetuning?
I want to address two areas of concern in my speech this evening that have been left exposed by the lack of detail in this bill. These areas of concern are not being raised by the ALP alone. In our corner we have the AMA, Professor Fels, the government’s own adviser, Liberal backbenchers and indeed some Liberal frontbenchers. The contractor is seeking a bid from the department to supply the system, and numerous other privacy experts have raised concerns about the introduction of an access card without proper safeguards. I think it is the height of audacity that the tender process has already gone out for this system when we have not even introduced the legislation into this place. But the tenderers for the system for the database implementation have raised numerous concerns, and I want to address one today.
The first issue I wish to raise is the security of the information on the register. There is currently no guarantee that collection, storage and maintenance of the information needed to create the database which forms the basis of the access card will not be outsourced. Companies tendering for contracts to administer the system may even outsource the database to offshore entities, where we know personal data cannot be guaranteed protection by Australian privacy laws. A quick look at work undertaken by the Finance Sector Union on offshoring in the finance sector paints a stark picture of what people think and fear about their personal information going offshore. If there is concern about banking details being in the hands of an Indian operation, what fear would the general public have about their very identity being handled by overseas operators?
What do I mean by ‘offshoring’? There is an increasing global trend for companies to relocate various parts of their operation to locations outside the country where the service is being delivered. This practice is sometimes referred to as offshoring. The greatest trend in offshoring has been in the area of computer databases. It could easily be done in respect of this card if particular legislative protections are not put in. The work by the FSU states:
All levels of Government in Australia should set an example by ensuring that government outsourcing of contracts include a provision that work will not be moved off-shore. 88% of people surveyed believe that the Australian Government should be forced to keep jobs in Australia.
A recent public poll of Australians conducted by McNair Ingenuity found that 96% of Australians believe that Australian companies such as Westpac have a responsibility to invest in Australian jobs and skills.
In 2004, 85 per cent of people polled said they would express concern if their information were to go offshore.
In 2004 there was no data protection legislation in India. I think that is still the case today. This lack of protection may expose customers to an increased and unknown risk. Some of you are already exposed to that risk and do not even know it. The risks of cyberfraud are beginning to emerge in places such as India, where large numbers of call centres and bank office processes are being located, through offshoring. People described as ‘data-harvesting brokers’ have offered personal details for sale. Consumers have benefited from advances in technology. However, these advances also carry risk. Vast amounts of personal and financial details are processed and stored every day. Given the increase in identity fraud and computer hacking, the importance of data security cannot be overstated.
In the McNair research, 85 per cent of people expressed concern about their personal information being stored overseas. In Australia there is currently no requirement for companies to disclose where their services are being provided or if personal data is being held offshore. The majority of customers polled in the research felt that companies should tell them if they have provided customer service from an offshore location. A logical comparison is labelling laws for various products, under which companies must state the country of origin so that consumers can make an informed decision. A recent poll of Australian consumers conducted by the FSU found that 90 per cent of respondents preferred their data to remain in Australia, while 80 per cent believed the government should take action to protect their information.
The principle of right to know has been adopted in France, and legislation has been introduced in several states in the United States. The right to know was also ALP policy in the 2004 federal election. One grave concern is the notion of the outsourcing of your privacy. The legislation does not cover this loophole, and I think it is a glaringly obvious flaw in what we are doing. The banks have also warned on this issue of privacy law. An article by Emma Connors in the Australian Financial Review on 10 October 2006, entitled ‘Banks warned on privacy rules’, stated:
Australia’s banks are steadily ramping up offshore processing activities, prompting warnings from the federal government that the financial services industry will be held responsible for any data spills or privacy breaches involving Australian customer information sent overseas.
Federal Treasurer Peter Costello said yesterday Australia’s privacy laws and the banks’ fiduciary duty to act in the best interest of those whose assets they manage meant the banks were not entitled to disclose any personal information without the permission of customers.
“If there is a bank that is exploiting some loophole or breaking that law, then I will refer it for prosecution,”—
the Treasurer told Alan Jones. The article continued:
He was responding to a report that the Australian Bankers’ Association had circulated a seven-page document that advised banks on how to avoid a consumer backlash by not telling customers that personal data had been sent overseas.
The ABA later released a statement in response to the Treasurer’s comments which said it did not think there was “any evidence of inadequacy (or loopholes)” in the regulatory framework. It noted that many banks around the globe will perform some functions overseas and “by definition, this means overseas providers will have access to the data needed for that service.”
Further on, the article stated:
Attorney-General Philip Ruddock said yesterday he was concerned about the security of account information transferred by Australian banks offshore.
He said Australian organisations were obliged to ensure any information passed on to employees or contractors in other jurisdictions was effectively protected and warned any breaches could be investigated by the government’s privacy commissioner.
That is not actually the case; it is not actually the situation at hand. If your information has been sent off overseas and you do not know about it, how do you know that there has been a breach? And what law actually covers that data when it is overseas? Is it protected by Australian legislation or by that of the country where the data has gone to? Is it protected by Indian privacy laws? To the best of my knowledge, they do not have any, so what is happening?
If, in respect of this legislation, the information on your access card is not protected and can go offshore, that is a severe risk and a severe concern. I think the Australian public would be outraged to discover that there has been no protection put into this legislation to ensure that their very identity is being protected. What privacy would be afforded all Australians if there were no protection against the information on access cards being sent overseas? I would like to know, and I am sure the public would also. The public needs greater privacy protection before any access card can be issued and legislation that guarantees that databases supporting the card cannot be offshored.
The FSU has been calling for action on offshoring for many years. They have a four-point plan, which is to:
1) Require that contracts to perform work for the Australian Government agencies include a condition that the work cannot be sent off-shore.
2) Call on governments to convene tripartite industry summits to map out a future path for Australian industries ...
3) Introduce laws that ensure that no financial or personal information is sent off-shore without the express permission of the consumer.
4) Introduce laws that require service providers to disclose the country where their work is being performed at the time of the transaction.
I endorse these measures. I particularly endorse the measure that requires a contract to perform work for Australian government agencies to include a condition that work cannot be sent offshore. If we do not have that protection, we have no protection in this database. The access card is being introduced at a time when the Law Reform Commission is conducting a review into the Privacy Act 1988. Surely this review will bear greatly on the introduction of this card. Why not wait to receive the outcome of this review, which is not reporting until March next year? Why introduce this card which could compromise the identity and privacy of all Australians?
The other issue I wish to look at briefly is that of medical details on the access card. This truly clouds what the card is to be used for. Is it to be for dealing with government agencies or is it about medical alerts? This is a dangerous area, one fraught with many issues. If you do not update that medical alert on a constant basis, the information being accessed in an emergency could be inaccurate. Also, who would have access to that information? There has been a lot of discussion within the insurance industry about the information you can get about a person’s health or genetic make-up. Could that information be used when you are going for a job? Could it be found out that you are a hepatitis C sufferer and, therefore, by virtue of that information on the card becoming public, an employer will not take you on?
I think this is an area absolutely fraught with danger, and it needs to be clarified now and not added on as some whimsical prayer that says, ‘Cardholders may choose to do this.’ It is not that simple. It is not that easy. What happens if it becomes a sort of standard form for all ambulance officers attending at a scene to say, ‘I’ll get the card and I’ll screen it’? If you do not have a card, they will not know and they will not treat. It is absolutely fraught with danger, and no-one has thought through the ramifications of this.
We have just ordered a medical alert bracelet for my son because of his severe allergies. Does this legislation mean that, because my child would necessarily be on my Medicare card, if he has an allergic attack at school, somehow they have to find me to scan the card to find out about his severe allergic reactions? It does not add up. What is this card? Is it meant to be all things to all people or is it meant to be about an access card and information to deal with government agencies? You cannot keep adding bits and pieces to it. You have to define what it is and work out how to do it, but you keep adding these things.
The task force chairman, Allan Fels, said to the government that it had to consider the introduction and whether the information was to be held for medical emergencies or for the convenience of the holder, who may, for example, want to carry a list of their medications. What is the issue with this legislation? It needs to be clarified. It needs to be far clearer than it already is. Again, there are just too many serious flaws in the bill before the House. While the vision may be one thing, the reality and the introduction are another.
6:54 pm
Peter Andren (Calare, Independent) Share this | Link to this | Hansard source
I must say at the outset that I have had no overwhelming opposition from the electorate to the Human Services (Enhanced Service Delivery) Bill 2007 or the card that will no doubt emanate from it, but perhaps that is due to the piecemeal way in which the legislation is being introduced in several phases. We do not have the benefit of much of the relevant reportage and, indeed, a Senate inquiry addressing all of those processes which I certainly believe are absolutely crucial to any fair consideration of this most important piece of public policy. When considering this government’s track record on manipulating truth or dispensing with it altogether, and when thinking about the attempts to silence dissent on government policy and the attacks on the freedoms to protest against unethical or unscrupulous behaviour by both government and corporations, my gut feeling is to go looking for a rat in the bill.
The bill introduces and describes an integrated card to replace a number of health and social service cards and vouchers that entitle the holders of those cards to various concessions, services and payments from a number of government departments and agencies. The participating agencies include the Department of Veterans’ Affairs and the Department of Human Services and its agencies—that is, the Child Support Agency, the Commonwealth Rehabilitation Service, Centrelink, Medicare, Australian Hearing Services and Health Services Australia.
On reading the various discussion papers that have been made available so far and the first two reports of the Access Card Consumer and Privacy Taskforce, as well as KPMG’s business case and the various submissions put forward by individuals and groups, notwithstanding the AMA’s reservations about aspects of this, I do accept that there exists a case for the access card and that the bill makes it very clear that it is not to be an Australia Card, even though individuals may choose to use it as a photo identity card if they so wish. However, there are quite a number of matters not dealt with in this bill to be covered by way of legislation yet to be introduced. The process of introducing this legislation without the benefit of the task force’s third discussion paper or report about the registration system and prior to the outcomes—as I said—of that Senate inquiry into the project requires me to err on the side of caution.
It is for that reason that I cannot support the bill, at least until I can see the legislative framework that also particularly guarantees the effective oversight and governance of the access card system and the protection of the information and resolving of the individual’s private area of the microchip in the card. On the other hand, the claimed purpose of the card itself, despite those misgivings, would seem to make sense. The existing so-called benefit cards to be rolled into this one access card include the Medicare card; a PBS entitlement card and PBS safety net concession card; a pensioner concession card; a healthcare card, including a low-income healthcare card and foster child card; a reciprocal healthcare card; a Commonwealth seniors health card; a cleft lip and palate card; a war widow or widower transport card; and three DVA cards, gold, white and orange.
I understand the system will work something like this: each agency’s database—such as those of Medicare, DVA or Centrelink—with its files of personal information for each of its clients will remain with that agency as it currently does. All those existing databases will continue to be unlinked, with their own customer reference numbers. The introduction of the access card system will not alter that status quo. This means that the privacy safeguards and the legislative bases and processes for data matching or information sharing between the agencies that may currently exist remain the same. Future legislation to consolidate the different privacy and secrecy provisions under the one act will make it clearer and easier to refer to. Access by police or security services to any information held by a particular agency on its database remains subject to the same safeguards and warrant requirements as currently exist. The access card itself is supposed to authenticate identity for health and social service purposes. It is not to be used to prove identity for anything outside the stated purpose of accessing health and social services and benefits from the participating agencies I have mentioned.
With known Medicare and Centrelink losses from linkage or claiming of benefits and concessions by those who are not eligible to receive them totalling nearly $1.5 billion, the card will provide immediate validation to agencies dispensing those concessions that the cardholder is eligible to receive a particular benefit or concession. The card is to be used not to ensure or deny access to services but only to validate the holder’s eligibility to receive payments, benefits or concessions conferred by the current cards and vouchers of those participating agencies.
The legislation clearly sets in place substantial penalties for individuals or corporations that explicitly state or implicitly insinuate that the provision of their goods and services is dependent on presentation of the access card. With the commensurate cost of replacing some 1.3 million cards every year due to changing details such as addresses, or the fact that there are some 520 forms in Centrelink alone requiring an individual to provide information on their identity, it makes sense to use up-to-date technology to allow one simple change of details through the card and the register which then funnels through to the relevant agency’s own records. Prima facie, it all seems so logical. Every person who wishes to receive the benefits of any of the participating agencies will need to apply and be registered for a card. This includes people wishing to use Medicare—in short, most Australians. There does not seem to be much detail in the bill about how, when and under what circumstances 17 million people are going to have to line up for their mug shots. But the cardholder will own the actual card.
Generally, the card will have on its surface the cardholder’s preferred name, provided it complies with current laws about naming. It will have the access card number, the expiry date, a digitised representation of the cardholder’s signature and a photograph—and more about that in a moment. The surface of the card may also have the person’s date of birth if they request it; some people might choose to use the card as proof of age. It could also have various DVA information such as TPI, blind, POW, war widow or widower et cetera. No other information is permitted to be included on the surface of the card, with any proposed future additional information requiring an amendment to the legislation.
A number of categories of people may be exempt from having a card at all or from having various elements appearing on the surface of the card. These include those who are over the age of 90 and those who are in palliative care or under witness protection. The latter is one of the few concerns I have fielded on this matter in my electorate, and that concern seems to have been covered. Those who are in witness protection programs will receive the same level of identity protection as they are currently afforded. I understand that the Office of the Access Card has conferred very closely with the Australian Federal Police to ensure that this happens.
The card will contain two microchips to store and process information. The card owner’s microchip will allow the owner to include information that can be accessed by anyone with a card reader, including emergency services. That might include information chosen by the cardholder, such as organ donor status or allergy information. While this kind of accessible information could be lifesaving, it also raises issues such as those discussed in the task force’s second discussion paper on voluntary and medical emergency information on the access card. Issues like the medico-legal questions raised by the inclusion of such information have not yet been addressed. This is hardly surprising, given that the discussion paper was released six days ago.
The second microchip will hold information to be accessed by the relevant Commonwealth agencies and will not be accessible by any unsecured card reader. This microchip will include the person’s legal name, date of birth if requested, sex, residential address, access card number, expiry date, signature if not exempt from providing signature, PIN protected by encryption, benefits to which the person is entitled, Medicare number or reciprocal health care number, emergency payment number and registration status. It would also hold the DVA number and status. It will hold a biometric photograph: a photograph taken to allow specific facial measurements to forensically confirm identity when compared with other such photographs. This has caused a lot of concern, but such photographic information is now required on Australian passports, so the precedent is there. It will contain other technical information necessary to the system that does not expressly identify a person in any way; in fact it contains only such technical information as is reasonably necessary for the administration of the register. Again, those under witness protection programs or certain police or security officers will be exempted from having their legal name, residential address, photograph or signature in the Commonwealth chip area.
Essentially, this bill describes the card, the basic information to be held on it and the uses to which the card may be put by third parties. It also describes the significant penalties for abuse. But the matters and issues that the bill does not address are numerous and serious enough to warrant precaution. To pass the first piece of legislation without reference to following legislation is throwing caution to the wind and is unacceptable. A system such as that which is proposed must be based on the very best and informed advice—something that we as a parliament have not yet had. The opportunity to get it right from the outset should and must be taken. The linkage between the card and agencies’ individual databases—the secure customer registration service—is probably the most important part of this process, yet the task force’s discussion paper on the registration part of the program has not yet been released.
This register is effectively the gateway between the card and the agencies’ databases. It will keep a duplicate record of the information held on the card. The card, like all other cards it replaces, provides a ‘handshake’ with the relevant agency, through the register, which can only link the access card number to the records of the agency that swiped the card. It cannot link a person to their Centrelink records if the card is swiped at a Medicare office. It cannot reveal PBS records if it is swiped at a pharmacy for concessionary treatment of medicines—beyond advising of current eligibility to receive a concession. So there are issues yet to be resolved. While some may seem fairly benign and some may raise considerable alarm, the fact that we do not have the full details of the reports available to us must, I believe, make any legislator treat this piece of legislation with extreme caution.
I accept the argument, as did the privacy task force, that the inclusion of a photograph on both the surface of the card and in the mirror file is essential to immediate identification, but I ask why a biometric photograph is necessary to provide confirmation of the person’s identity—unless the government is not being entirely forthcoming about the possible future uses of the register. Surely if this is the case, the public deserve to be informed of and educated about the possible other uses of the photograph, such as perhaps national security. Certainly it would be naive indeed to not realise that such information is already sought under appropriate warrants.
And what of the security of the photo database itself? While the recommendation of the task force that the photograph be stored in a separate database within the register has been rejected on various grounds by the government, the same government responds that rigorous access controls will be put in place. But this bill does not deal with that. In fact, it does not deal with any of the safeguards promised to protect the accuracy and privacy of the information on the card and in the register.
With this in mind, I also support the recommendation of the task force that proof of identity documents not be scanned, copied or kept on file once those documents have been verified. I agree with Professor Fels that these documents, which are already held in paper files all over the country, should not be held electronically. The government’s response that it will explore the implementation of this recommendation is commendable, but I want to see these processes confirmed in legislation before supporting it. After all, the whole point of the access card is that it is not issued unless POI documents have been verified as true—and it is supposed to be about verification, not about the amassing of data.
This brings me to the issue of the national document verification service. The success of removing potential for fraud begins with the registration of each person, using their documents of identity, such as a birth certificate. However, if the system has no way of checking whether these POI documents are fraudulent to begin with, there exists the real possibility that the access card could be granted to people on the basis of fraudulent information from the outset. Would it not be prudent to allow enabling legislation to come into effect prior to the system going online? As is specified in the explanatory memorandum, there are many other details that are not covered in this bill—for example, details about the implementation phase, the replacement of lost and stolen cards, suspension and cancellation of registration and how dependants, carers and other linked persons are treated in the exercise of this system.
This is a major change. The access card’s national photo database is a first in this country, and it raises many concerns and issues about privacy and security. Without subscribing to some of the more hysterical or misleading claims made about the card, I certainly would prefer to wait—as I know my constituents would prefer to wait—until all the relevant details, processes and security processes are presented and the identified weaknesses addressed before supporting this legislation. I support the proposed amendments as the best this House can achieve at this point, pending the availability of the Senate report due on 15 March and the privacy task force discussion paper and the report on the registration system. How can any member be required to support such a legislative shambles?
7:11 pm
Kelly Hoare (Charlton, Australian Labor Party) Share this | Link to this | Hansard source
I rise to speak on the Human Services (Enhanced Service Delivery) Bill 2007 and the proposed access card. This bill proposes to introduce a new chip based card, called the access card, which will replace numerous concession and entitlement cards, including Medicare cards, Centrelink cards and veterans’ cards; to establish a new electronic register and specify the information to be held on this register; to specify information that will appear on the surface and chip of the access card; to introduce the registration process for the access card and create offences around unauthorised demand to produce, and use of, the card; and to generally provide the first part of a regulatory framework for the collection, use and disclosure of information on the new register and card.
This legislation purports to improve the use and storage of personal, medical and social security information. Labor support innovations aimed at improved service; however, we have justifiable reservations on the scheme proposed by the government. Labor will support this legislation only if significant amendments are accepted by the government. Labor will not support this proposal in its present form. We make clear that we reserve the right to move further amendments in the Senate, in particular any amendments to come out of the Senate inquiry to ensure that the proposed access card is secure and fully protects the Australian public.
I have been contacted by many constituents who are very concerned about privacy safeguards surrounding the access card. There has been no public or non-government organisation consultation about this smartcard, which raises concerns about the government’s intentions for privacy protection for individuals and communities. Other aspects of the proposed scheme need to be addressed. The wild claims made by the government that the card will be effective in emergency situations, that it will be of assistance in the reduction of terrorist threats and that the use of biometric photography will render the card fail-safe, and the potential perils of function creep, are issues that deserve closer scrutiny.
Labor is concerned that the government has done nowhere near enough to address the issues of security, privacy and quality of data or to provide confidence to the general public that the information stored will not be used across government agencies and departments. The government panders to the public’s scepticism by labelling this card an access card. It is imperative the Australian public recognises that this is stealth by semantics. The new card is in fact a national ID card, and the government should be condemned for the lack of transparency surrounding this initiative.
The concept of a national identification scheme has been shadowing the government for some time. During 2004-06 the government endeavoured to initiate national identification schemes via the Medicare smartcard and the national identification scheme project. Both initiatives were dismal failures. The Australian public has repeatedly and vehemently rejected the concept of a national identification scheme. In spite of this, the access card proposal was approved by cabinet on 26 April 2006.
The Australian public must be made aware that the access card is more invasive than any previously touted identification scheme. Every time a card is placed in a card reader, the reader will provide data to the central register. All such transactions will be logged. This scheme will create a database of names, photos, dates of birth, ID numbers and addresses of every adult, along with the corresponding listing of their dependants, and the access card will contain extra information that will replace all concession cards and create a database containing biometric photographs of every person.
It is estimated that between 16 million and 20 million cards will be issued. Personal data will be displayed on the surface of the card, including the name, photo and signature of the cardholder. The card will be a smartcard, which means that it will contain a computer chip. There will be a considerable amount of personal data stored in the chip. All information on the surface and in the chip of the card will be held in a database called the access card register. The New South Wales Council for Civil Liberties note:
The “Access Card” will create an unprecedented identity database in Australia.
They also state:
While such grand invasions of privacy have come to be tolerated over time in some European and totalitarian nations, the Australian democratic tradition has been strongly and continuously opposed to such Orwellian proposals.
It remains unclear as to who will have access to the data. Mention has been made of the Privacy Act protections, but these have been hugely devalued since the act was passed in 1988 because so many agencies have won exemptions and exceptions.
The Australian Privacy Foundation states that the security working party supporting the project contains representatives of many intelligence agencies. It is reasonable to expect that primary users of the register will be intelligence, law enforcement and social control agencies. They will not require additional authority to access the data, as national security and law enforcement agencies already have sufficient authority. It is likely that all Department of Human Services agencies and the DHS itself, which does not actually provide services, will also have access.
We must appreciate that some individuals within our society require more robust protection of their identity. The inability of the government to guarantee the security of information concentrated on this smartcard could jeopardise many ordinary Australians. The possibility of information being secured inappropriately to the detriment of abused women, whistleblowers, and police informants, for example, cannot be dismissed and forms an incontrovertible reason to view this bill with caution.
Labor supports a reduction of identity fraud. It is reported that identity fraud is a growing problem within Australia and may cost our community in excess of $1.1 billion every year. We must recognise, however, that the proposed access card will be a treasure chest of information. The scheme gathers personal data, concentrates it in a card and a register and makes the data on the card accessible to card readers. These card readers are to be installed throughout the country in various government offices, in every hospital, in every doctor’s surgery, in every pharmacy and in every one of the many other kinds of locations that provide health care and other human services. This will enable thousands of people to access data.
In spite of this, the government repeatedly refers to the card’s facility to reduce the risk of identity theft. The government cannot guarantee that the Australian public will be at a reduced risk of identity theft via the introduction of this card. Tens of thousands of Australians are likely to lose their card or have it stolen and, until the individual becomes aware of the loss, identity fraud is a huge concern. The card chip can be read by ordinary card readers and these card readers can, apparently, be purchased over the internet.
Information stored on the register could potentially be accessed and used by unscrupulous people. In particular, the scanned copies of original documents stored on the database could present the opportunity for identity theft and privacy breaches by public servants. Last night, the Liberal member for Moncrieff told parliament that the new access card will undoubtedly be forged. In the last 24 hours other government backbenchers have also expressed their concern.
The government misleadingly market the card as being of benefit to the Australian public. They claim it will replace up to 17 cards and streamline access to Human Services. The truth is that no-one has 17 cards. Most people have only one card—a Medicare or a DVA card—that will be replaced. Many people have two or three. Most people will not experience any such benefit.
The government has spruiked that a national identification card will help stop terrorism. Evidence from other countries exposes this as propaganda. The Spaniards have had a card for more than 40 years. It was introduced by the Franco dictatorship. Sadly, in the Madrid bombing, it was used to identify the victims. It did not stop the terrorists exploding their bombs.
The government has further suggested that the access card will assist in providing emergency payments to people who have suffered as a result of disastrous situations, such as cyclones or floods. This is a ludicrous suggestion. In disaster areas, often there is no electricity to drive card readers or cash dispensers. Catastrophic weather conditions occur frequently in areas where access to cash dispensers is not an option.
In short, categorically this scheme is not designed for the benefit of cardholders. The access card has been created to benefit service providers. Why is this so? The government has been reluctant to provide any meaningful information about the scheme’s benefits. We can assume that participating government agencies—Medicare, Centrelink, the Child Support Agency, the Department of Veterans’ Affairs et cetera—will be forced to adapt their systems and business processes in order to use a standardised central scheme instead of one designed for their own purposes. When the disruption eventually settles down, they might see some internal cost savings, but much more money will be spent centrally by the government—hence, by taxpayers—than will be saved by participating agencies.
State government and private sector service providers in health care and other aspects of Human Services will also face considerable increased costs and dislocation. The government have repeatedly asserted that the scheme will give rise to fraud savings. What the government have not outlined is how these savings will be made. They have refused to release the taxpayer funded cost-benefit analysis and refused to consider that they will recover only a fraction of the vast sums of money expended on creating it.
It is also possible that funding for the card will be drawn from other areas of the Centrelink and Medicare budgets. The repercussion of this is possible cuts to existing services at a time when the welfare sector is openly struggling to manage the impact of current government policy. The real benefit of the scheme for the government and the Public Service executives is the enhancement of social control. They want to be able to exercise more power over the public.
The potential for cost blow-outs in the access card budget is unquestionable. Over 16½ million Australians will need to be interviewed for registration. As the access card will not be issued without an interview, and the supply of it will require documentation, the government estimate of a five-minute interview per person may be a gross underestimation due to the fact that many people will forget or will not bring the relevant documents and will have to return for a second interview. Families with no original copies of certificates could suffer financial hardship—for example, it would cost a typical family of four as much as $400 to provide the necessary documentation for the smartcard.
Labor and the welfare sector have real concerns as to why the government has refused to release a cost-benefit analysis case for the card. The government argues that the card will save money by reducing Medicare and social security fraud, but this scenario could in fact be blown apart by the final cost of the card. This cost might be paid for out of Medicare and Centrelink budgets and result in cuts to existing services.
We are also concerned about the proposed use of biometric photography to identify cardholders. Biometric photography is a method of electronically reading photographs by translating the measurements of the human face into unique mathematical formulae. It is notoriously unreliable. In tests at airports, biometric readers confuse similar looking people. The government itself complains that biometric readings are only 90 per cent accurate. Biometric technologies incite fears of constant supervision, profiling and control, leading to a loss of individuality, privacy and freedom. People may feel uneasy being scanned and are alarmed about having their bodily data digitally stored in large databases along with sensitive personal information. Can we trust the accuracy of biometric technology? Many questions arise.
Another issue has to do with the fact that biometric data is digitally stored. Digital information is easily copied, transmitted, altered and searched. Biometric databases can be merged or cross-referenced with other biometric or non-biometric databases to gain even more information about individuals. Biometric data is particularly useful for data-mining and cross-referencing of databases since they represent a unique identifier that does not change over time.
While names, addresses, membership numbers and user handles can change, biometric data stays fixed, making it an extremely reliable and thus valuable commodity. If a government agency takes a digital photograph of an individual and stores it digitally alongside other personal information, the individual loses control over the data. Even if the individual in question initially consented to the collection of the data, what does this mean in terms of duration of the storage? Who is allowed to access the data and how is it protected against unauthorised access? To whom is it communicated and for what purpose? These and other questions remain in many cases unanswered.
Further controversy is caused by the automation of identification processes. Biometrics makes it possible to discard the human factor and let scanners and computers take over the task of identification and, with it, ultimately the task of granting or denying certain rights. While the whole point of using biometrics is avoiding human error and even corruption, the questions remain: what happens if the technology fails? Who programs and watches the machines? Who is accountable? The more authorities and private entities transfer important decisions over to the computer systems, the more damage is done when the systems fail.
In a study undertaken by the University of Ottawa, it was determined that, while biometrics has the potential to provide public and private entities with additional means to identify individuals and therefore make it harder for criminals to gain access to personal information, no system is infallible. ID theft occurs in a number of different ways as a result of a number of different leak points, including theft by those with access to the data and hacking into computer databases. Even the strongest biometric system of authentication cannot close all of the gaps which make ID theft possible.
The New South Wales Council of Civil Liberties has stated that the system is being designed specifically to facilitate function creep—that is, it will evolve or morph over time to serve quite different purposes and usage from the originally stated purpose. It is incumbent on us all to remember the history of the UK ID card. From its issue during World War II to the time of its abolition in 1952, the functions of the card went up from three to 39. The government cannot guarantee there will be no function creep, because it cannot restrain the powers of future governments. Any legislation it might pass in relation to the imposition of penalties could be repealed. Function creep is a real threat to the future privacy of the Australian public.
Another concern was raised by a government backbencher, the member for Moncrieff again, when he admitted that there is enormous business interest in the access card. The Australian public must be made aware that the government has not committed to legislation that would limit the functions of the new card. The access card is poised to become a high-quality identifier in addition to its function as a means of obtaining entitlements and concessions.
I urge the government to recognise the very serious concerns expressed about the proposal to introduce an access card in its current form. I urge the government to support Labor’s amendment to the bill and to acknowledge the peril of establishing a national identification scheme by proxy.
7:28 pm
Michael Hatton (Blaxland, Australian Labor Party) Share this | Link to this | Hansard source
What is this access card? It is a social security card. It is not the Australia Card that members of this government were so against in 1986. At the time, the now Prime Minister railed at the dreadful nature of the Australia Card that was proposed by the Hawke government.
I have to tell you: I was not afraid of the Australia Card then, and I am not afraid of an access card now or of the social security cards that governments worldwide have brought in in order to better organise the manner in which individual citizens access government services across a range of departments. Whether the proposed access card will replace one card, say, a Medicare card, or a deck of cards—17 cards could be replaced—is not the problem. I also do not think the nature of the card itself is the fundamental problem. The basis of the problem is the fact that your individual identity could somehow be easily pinched or nicked.
The problem in 1986 was that there was a massive scare campaign. In primitive societies—and we would not like to think of our society as being primitive—the taking of a picture of someone is akin to stealing their soul. In 1986, the argument about the Australia Card was very much like that: that people’s souls might be taken from them—their very being captured. I know a place where that happened, where the command over information and the use of advanced technical processes to work through available information led to death camps and the gas chamber. The IBM Corporation did the work. The corporation analysed data not just in the United States but in Nazi Germany, where they had a major operation, throughout the war.
If you read the book by Edwin Black that looks at how IBM, as a worldwide organisation, conned and gulled not only the US government but allied governments worldwide when they worked hand in glove with the Nazis, you will understand the real concerns people have about information being gathered together that could allow a government with evil intent not just to know who you are but, if they wanted to do so, to obliterate you from the face of the earth. The Gypsies, the disabled, homosexuals and six million Jews—four million of them from Poland as well as those from France, Belgium, Holland et cetera—were tracked down using machines. IBM manufactured these machines and in America they produced specialised punch cards to go into the system. Throughout the war, these cards were taken from America and provided to the Nazis in continental Europe. They were the death cards. They were access cards to the gas chamber for the people who were on the end of them.
Fundamental questions arise. The collocation of information about a person means that you are able to hold their very souls in your hands. The key question is this: how will that information be used? That is why the initial response to the access card was the same as the response to the 1986 Australia Card: if you can know everything about me then I might be in more peril. That is why the member for Mackellar said that it did not pass the ‘anti-Nazi’ test. IBM did not pass the ‘anti-Nazi’ test with what Dehomag and the other constituent parts of their company did during World War II. IBM rose to become the world’s greatest information technology company, on the back of profits made at the expense of all those people who died and suffered. In respect of how information is used, you should always keep that in the back of your mind and understand that there are fundamental problems with this.
Labor has a series of amendments. I will go a bit broader and look at some technical problems associated with the proposal. I do not have my wallet on me, so I cannot pull out my magnetic strip Medicare card, but the same technology that was around in 1986 is around now in those magnetic strips. We know that, if you scratch it, belt it, knock it around or run it through a series of different types of modems, sometimes it will work and sometimes it will not. There is a cost in terms of card replacement. What we also know is that when we hand a Bankcard, MasterCard, Visa card, Amex card, Medicare card or whatever over to someone it can potentially be misused. Given that it can potentially be misused, it is always best to keep it in sight. Scamsters want to access that information. This has happened time and time again worldwide: the scamsters take the card out into the back room and simply copy the magnetic information that is on it. What is available now can be used by people in nefarious ways.
Part of the problem with going to the next level—which we will with the access card—is that you will have a biometric photo and an electronic signature. We are in a digital age, not an analog one. It is possible that we could be putting far more information into the hands of criminals with this card than with what is available now. If a person has a mug shot and a signature, they have more to work with. This happened in the past when people first used biometric photos on bankcards and MasterCards. Some companies put those out. As a serious test in Great Britain, somebody rolled up and said, ‘I want to take money out of the account.’ They presented the card, and they were able to access the account. They got the money out and they walked away but on the card was a picture of a dog, not a picture of the person. So human error is another problem; it is not just about the information that is on the card. It is possible that the system will not be as tight as people otherwise might think.
But there are a further series of problems here. Just about everybody in this place has a passport. We all know that passport photos are not the most flattering of photos. We know that we have a digital photograph integrated in our passport. We also have a digital signature. What will be on the access card is in our passport, so the proposal is not new in that regard.
In passing I will also note that one of the arguments with regard to the biometric photos is that, if you put on weight—or, as in the case of the member for Bruce, if you lose significant amounts of weight, from all the exercise that you are doing—then your face changes, the biometrics change and it is not so easy to match people up; there is a particular problem in terms of getting that match. But anyone with a passport knows, as Al Gore said quite tellingly, that the only thing that can make you look like your passport photo is airline travel—it is never the best representation of us! Since they will not allow you to smile when you are getting your local licence, maybe that has the same sort of problem—the match-up is not what we have in our heads.
But there is a further problem. Professor Fels was asked to look at this area. His advice to the government was that the photo information and the digital signature should not be shown on the card—they should not be up-front because there would be a greater likelihood that, although the card could be accessed, that vital information would be more protected. That information would be available if you let it out. That is looking at the face of the card.
Let us look at the very nature of moving to smartcard technology. Instead of having a ribbon at the back, you actually embed a chip within the card. That chip can contain a great deal of information. In the provisions of this bill you have the fact that the chip would include your fundamental Medicare information, your name, your address—and, if you wished, your date of birth, allergies and other useful information could be appended to that. So it could be as useful as you wished and you could add information to it. But there is also a series of problems in simply choosing to have a smartcard. That chip could have a great deal more information on it. People could copy it and access it if they could break into it. I think we need to think about that pretty clearly. The question with respect to the information going to government, and the information that might go to people who want to criminally defraud the government, banks or other institutions, goes to how much you can give them in one job lot.
A core question here is how much information is concentrated into a single place. One of the problems is not the fact that so much information about people will be in this place but the fact that it could be accessed and used inappropriately. If someone wants to take your identity—and this is an increasing worldwide problem—and then use it fraudulently, digitisation of most of the things we are doing makes that easier. One of the key problems with the card is that it can make it a hell of a lot easier because you can get all the information in one go—there is a photo, but you also get a signature, date of birth and the rest of the information. The problems with the biometric recognition system has been argued by other members.
One of the things this card does not have, which I think would proof it against other people pinching the information and would make sure the biometrics work, is a DNA strand. If you had a single piece of DNA, which is unique to an individual, incorporated into a card then you would not have the failings of the rest of the biometrics. I think that one day that sort of thing will be incorporated into this or into other cards if we want absolute certainty. Against all the arguments about the fact that you cannot be really sure about what is going on here is the fact that you could be certain because you could make it particular to a single individual by doing that. That raises a whole series of other questions in relation to what might be done with it, but it would be a potent way of going beyond fingerprints, beyond photographs and beyond other bits and pieces of information and would say: ‘This individual is so singular that this is not only their universal mark but their unique mark, the one that no other person in the history of the world has. This is that person.’
But let us go a bit broader. Compared with the relatively primitive amounts of information that can be provided to people to say who I am—whether it is on a licence or something else with these card readers, where you just use the strip on the back—there is much richer information available in a smartcard. To consider the speed with which technology has changed, look at what has been only a 21-year period from 1986 to the transition to a smartcard. Really we should go back to the mid-1990s, so you are looking at something that is 10 years old. Throw forward. This would really be far more potent in terms of identification. An access card has that as its basis: getting information together to say (1) this is a person, (2) this is the person they say they are and (3) this person has a certain entitlements to a Medicare card, a pension benefit, a veterans’ entitlement or other social security benefit. Whatever the range, the panoply, of things that are involved, how might we do this in the future at less cost and with a greater certainty that the dangers of this information leaking out or being otherwise used will be less?
I suggest that the world is becoming increasingly web based. If we had had a government over the past 10 years with the wit to pursue adequate broadband coverage of Australia we would have a minimum of eight megabits a second broadband covering all of Australia—up to about, say, 25 megabits a second, which is possible with ADSL2 services—which, as you would know, Madam Deputy Speaker Bishop, is available now and has been for a couple of years in country New South Wales and in country Australia, because that is where these very fast services have been initially set up. Telstra has just come to the party and joined the latest technology. Mobile phones and mobile PDA access will provide a very fast service. Optus and other companies will have a fast 3G service on a mobile basis throughout Australia. But linked to that every school, every office, every Medicare office in the country could have a super-fast broadband service. If Labor is elected, that is what they will get. You could then have not a card based system but a web based system in the same way that our services in Parliament House for senators and members are called ‘One Office’, where the idea is that wherever you are in the world you prove who you are not only by the access privileges you have and by remembering a PIN but also by having a small token that randomly changes the access numbers so that only you can get at your information. So there is a double process to it. You can have encrypted information that is not available on the access card.
One of the things Professor Fels said was that this should not be up-front. I think they should be encrypting the photo and certainly encrypting the digital signature. That would provide not only greater privacy but also greater surety against this thing being nicked and being used against people. Instead of having a card where, if you pinch it, you have everything I have got, we said that there might be a smarter way to do it. Instead of a single card based approach, we could have a web based approach with universal broadband access Australia-wide to a central server like we have in Parliament House for members and senators. Our information is held here on the Parliament House servers.
Medicare, Veterans’ Affairs and the other government departments could likewise run central services from Canberra, Sydney or anywhere else in Australia where you had an encrypted service between the user accessing it in Gulargambone or Bankstown and the central area where the information is held. You would have a series of protocols to ensure that only the person who should access that information is allowed to do so. You could build in a series of protections in terms of which people in institutions or departments could gain access to that. That is a smarter way of doing it than a portable card which not only can be lost—losing access to cards and information is legion—but also is legion in fraud. Westpac did a study—it is noted in the background paper—and 13 per cent of cards are fraudulent.
Gaining access to one of the access cards will involve providing information and original documents in long interviews and at a high cost. We know the same sort of process has been in place to get a passport ever since the Hope inquiry. It is right and proper that we have those secure controls in place, but it comes at a high cost. A richer, deeper, more flexible, more certain and more controllable system would be to adopt the very latest internet or Internet 2 approach to this. The world has moved on. It is not still a 1990 situation with 1990 smartcards. You just need access to an information store and you are able to protect the information much more readily by having government servers run by government personnel with protocols to ensure that the hackers cannot get into them. If you protected the whole thing with firewalls and a series of protocols to ensure that departmental employees did not aggregate what is available to them, that would be a much better process than that which we have here.
Labor is not against smartcard technology. As we pointed out, we have a series of arguments as to why the current proposal is full of holes. I had very little fear of the Australia Card in 1986 and I have very little fear of this access card—the social security card—in terms of aggregation of information, but it is how you protect the information that is critical. We would be a lot better off with a faster, smoother and more web based approach, but in order to be able to do it you need a government willing to commit to fast broadband for the whole of Australia with a minimum eight megabits per second up to 25 megabits—truly fast broadband. The Labor Party is the party of the future and the only one that will make that commitment and bring it into practice to have better access for all Australians. (Time expired)
7:48 pm
Brendan O'Connor (Gorton, Australian Labor Party, Shadow Parliamentary Secretary for Industrial Relations) Share this | Link to this | Hansard source
I rise to oppose the Human Services (Enhanced Service Delivery) Bill 2007 and support the amendment moved by the shadow minister, the member for Sydney. I think that the contribution made by the member for Blaxland was very insightful and really encapsulated the concerns that the opposition has over the failure of this government to properly balance the tension between securing information centrally on one hand and providing and guaranteeing safeguards for people’s individual freedom on the other.
That is one of the concerns that Labor has expressed in the course of this debate. We are still unsure that the government has provided sufficient guarantees that there are the necessary safeguards. For that reason, the shadow minister has moved the amendment, which includes the provisions:
“while supporting the use of smart card technology to improve service delivery in Medicare and social security; to reduce the number of cards necessary for people using these services; and to reduce social security and health fraud;
the House is of the opinion that the bill should not proceed in its current form because:
- (1)
- there are inadequate safeguards to protect the accuracy and privacy of information on the card and in the register;
- (2)
- the Government continues to keep secret key information about the costs of the card; and
- (3)
- there is no guarantee that the Document Verification Service will be fully operational with appropriate safeguards by the commencement date proposed”.
There are concerns that are yet to be attended to by the government in relation to this matter. Throughout the course of this debate, I think opposition members have managed to emphasise the main concerns that we have. We would ask the government to consider the propositions put, because in a proper consideration of those recommendations we are confident that the government will consider incorporating them into the bill. That would, of course, provide an opportunity for us to reach some agreement on this particular matter.
It is important to note that the government is seeking to spend $1.2 billion over the course of the next four years on the so-called access card. The card itself seeks to replace up to 17 cards, including Medicare cards, PBS concession cards and all Centrelink cards. According to the government, by 2010 a person will need an access card to obtain any Commonwealth benefit, including Medicare, PBS subsidised pharmaceuticals, social security and veterans’ entitlements. According to the Attorney-General, the cardholder’s photograph, name, digital signature, new identifying number, expiry date and other information will appear on the face of the card.
There is a concern in relation to the information that would be provided. I would like to make the point that the government commissioned Professor Allan Fels to report on the privacy aspects of the proposed card. He recommended to the government that the unique identifying number and electronic signature not be displayed on the card because they are unnecessary and pose a risk to people’s security. Unfortunately, Professor Allan Fels’s recommendations fell on deaf ears and the government has chosen to instead include those pieces of information on the card. I think that exemplifies the government’s disregard for concerns raised on this matter. Concerns were raised not only by the opposition but also by an academic who was asked to provide a report upon it, commissioned by the government. Some of the recommendations that Professor Fels made were completely and utterly ignored.
It is also important to note that, although I am not sure whether government members have chosen to express their concerns in the chamber, a number of members, including the member for Moncrieff and the member for Mackellar, have expressed major concerns about the way the government has gone about this proposed access card. The member for Moncrieff indicated:
… the Access Card could become a “Trojan horse” for a national ID card.
That is the view of the member for Moncrieff. As I say, I am not sure whether he has actually visited the chamber and put his views but I am aware that many of these views have been expressed publicly by him. He may well be right that if there are not proper safeguards there will be concerns about the way this could be used improperly in future.
The member for Mackellar managed to utilise, some would argue, some hyperbole by saying it does not pass the Nazi test. I do not think I would advance the argument in the way the member for Mackellar would advance the argument that there are concerns about the card, but clearly her point underlines the fact that this government is not united on the way the minister is proposing to introduce this bill. There are major divisions within the government. Clearly the executive government is ignoring not only the concerns of the Labor opposition and Professor Fels, who was commissioned to undertake the review of the way the card would operate, but also its own members in this place. That is not the first time we have seen the government choose not to listen to concerns raised by members. I would advise the government to reconsider its failure to review the comments made by both government members and opposition members in this debate.
There are a number of other issues I would like to raise. Much of this debate could be given against the backdrop of the Australia Card debate of many years ago, of the mid-eighties. I recall at the time the then opposition leader, the now Prime Minister, raising concerns about the way that card was being proposed. In a debate that was held in September 1987, the then opposition leader indicated:
Basically, that is what the Government is doing with this proposal. It has not really discharged the onus of proving that there is a superior public claim to justify the erosion of the private right. It has not discharged that obligation and until it discharges it by satisfying the Australian public on privacy grounds and on cost benefit grounds—it is a long way short on both of those ...
You can see that the Prime Minister almost 20 years ago raised concerns about the way a particular card would be introduced and he raised, quite rightly, some concerns about whether the balance was being met between individual considerations and rights of privacy and the need to store information.
As we well know—and it has been well articulated by the member for Blaxland—the capacity for society to collect information has increased exponentially over these 20 years. Whilst that can be a good thing insofar as enabling governments to work efficiently in storing and using information—and I think the point that has been emphasised by the opposition is that we can see some benefits—there is also the flip side to that technological change over the last 20 years, and that is that there is a great capacity for people to misuse information. Governments, and third parties who hack into systems, can misuse information, and the information stored in many respects will be very sensitive information to particular individuals. That is why I think it is a very important debate to be had and it is important that the government consider the amendment being proposed by the shadow minister responsible for this area—because, without properly ensuring that there are protections in place, many constituents of mine in the electorate of Gorton and indeed many citizens of this country are going to feel alarmed by the proposition that we need to proceed along this path.
Throughout the debate I do not think the opposition has sought to be in any way hysterical or exaggerate the concerns that people have in relation to this matter. By way of contrast, I think members opposite, government members—perhaps not in this place but certainly publicly—have expressed concerns in an extreme way. I think the opposition has attempted to in a temperate manner raise concerns about the way the government chooses to propose legislation that in our view has not really met the balance between the two competing interests: the need to improve the efficiency of collation and use of sensitive information and the need to protect that information from misuse by either government or third parties in the future. For that reason I oppose the bill but support the amendment moved. I ask the government to reconsider its position.
8:00 pm
Mal Brough (Longman, Liberal Party, Minister Assisting the Prime Minister for Indigenous Affairs) Share this | Link to this | Hansard source
In concluding the debate on the Human Services (Enhanced Service Delivery) Bill 2007 I would like to first of all thank all members for their contributions. This bill is one of the more important measures to come before the parliament thus far this year, and the level and intensity of the debate certainly indicate that. As the speakers today are aware, the bill provides for the introduction of a new chip based card, a smartcard to provide access to Australian government health benefits and veterans’ and social services. The card will replace the Medicare card and up to 16 other cards and vouchers needed in order to access Australian government benefits. It supports substantially improved proof of identity arrangements to obtain the card and improved proof of identity information on the register, on the card and in the chip. The bill introduces a comprehensive and robust registration process for consumers wishing to obtain a card. The new process will mean that consumers will only need to register once for a service or benefit and only notify relevant agencies once of changes in household circumstances, such as change of address. Clearly, this is going to be a major step forward for many families in their busy lives and will streamline many of our processes.
The bill ensures that the new card will only be required to be produced for the purposes of accessing Australian government benefits and confirming concessional status. I say that again—it is key to this bill—you are not required, under any circumstances, to provide this card on demand. You are not required to carry this card with you at all times, as some people would potentially lead you to believe. This card’s ownership is vested in the cardholder. The new card will replace cards currently held by individuals with one single, high-integrity card. This will make transactions with the government in relation to benefits easier, faster and, most importantly, more secure and less complex. The new system will allow individuals to change or update data in a single operation, and the payment of emergency or disaster relief will be made far easier by the introduction of this card.
As a result of the comprehensive registration system proposed in the bill, the new access card will significantly reduce fraud on the Australian taxpayer. This will enable the government to better provide for those truly in need rather than wasting money on those who deliberately set out to defraud our social welfare system. The new card will be much more resistant to forgery because of the smartcard technology employed within it. It will also be much harder for fraudsters to use the card in order to impersonate others when accessing Commonwealth benefits. All of this will result in a significant saving in Commonwealth revenue; it has been estimated by KPMG to save some $3,000 million over 10 years. That is an enormous sum of taxpayers’ money which can be better put to use than by fraudsters.
The registration process introduced by this bill will ensure a robust and strengthened proof of identity process for card owners. It will provide Centrelink, Medicare Australia and the Department of Veterans’ Affairs with more reliable and up-to-date information, better ensuring that the right payments are made to the right person and at the right time. This is essential to the integrity of the whole benefits system. We need to be sure that the $100 billion paid each year in health benefits and veterans’ and social services goes to those who are eligible, ensuring that taxpayers’ money goes to the right people and that they get the correct payment.
The registration process will require individuals to attend an interview and provide documents verifying their identity. For example, applicants will need to produce birth certificates, passports or other relevant documents. These documents will be checked with the relevant issuing authorities to verify identity. During the interview, applicants will have their photograph taken and will also need to provide a signature. Both of these will be incorporated into the card and will be included on the card’s chip and on the customer register. Clearly, there will be circumstances where it will not be feasible or appropriate for a person to attend an interview, to be photographed or to provide a signature. The bill therefore allows exceptions to be made to these requirements by the secretary, on a case by case basis, or by the minister in relation to identified classes of people—for example, for those in hospices.
The government intends that the registration process will commence in April 2008, when people will be invited to apply for a card. Between 2008 and 2010 people will not need to apply and will be able to continue using their existing cards until 2010. However, in order to ensure a timely transition and to avoid a last-minute rush, people will be encouraged to apply sooner rather than later. As this bill is the first step in the creation of the total card scheme, it does not and is not intended to deal with all aspects of this scheme. The bill has been brought forward to give certainty about the framework of the card and to inform further debate on the issues when the information on the card and the register have been clearly set out in the legislation.
There have been a number of issues raised during this debate, and I would like to take a brief moment of the time of the House to address these issues. It is clear that the member for Hotham has a very selective memory when it comes to the Australia Card. In his speech yesterday he said that he supported the Australia Card because it was only to be used for taxation, social welfare and Medicare purposes and was not to carry a photograph. Obviously he did not know what he was supporting, because the proposed Australia Card most certainly did have a photograph. If he goes back to the original legislation and looks at clause 12, paragraph 3, of the Australia Card Bill he will have that confirmed. The Australia Card scheme would have resulted in a photographic database of all Australians. So he was quite happy to support that proposition in 1986, but his convenient memory to date does not allow him to do so now.
Under the Hawke Labor government’s Australia Card Bill you could not open a bank account without producing your Australia Card; under the access card system you can. You could not withdraw money from an account unless you produced your Australia Card to the bank; nor could a bank pay you interest on your deposits unless you produced your Australia Card. You could not invest money unless you produced your Australia Card. You could not buy land unless you produced your Australia Card. You could not purchase shares in a public company unless you produced the Australia Card. You had to produce your Australia Card when starting a job, and the employer had to record your Australia Card number on your group certificate.
This government’s smartcard is nothing like the Hawke government’s national identity card. Its purposes are limited to the provision of health benefits and veterans’ and social services. The two are as different as chalk and cheese. There are no provisions in this bill that require members of the public to produce their card in order to go about their ordinary business. Unlike the Australia Card Bill, this bill makes it abundantly clear that the smartcard is not a national ID card and is not to become a national ID card. There are very severe penalties for businesses or individuals who demand the access card for identity purposes. Under this bill you can go about your normal daily business without having to carry or produce your access card.
Members opposite have also made a great deal about the KPMG business case. They have suggested that significant portions of the business case have been kept secret and that they cannot make any informed decision about the legislation without access to the full business case. No relevant information is being kept secret. Obviously, part of the business case that may provide tenderers with sensitive commercial information or which could compromise security has been omitted from the public release document. That is only reasonable; there is no surprise in that whatsoever. Similarly, it would be inappropriate to release commercial information which may undermine the government’s negotiation strategy for the development of a smartcard infrastructure.
The member for Sydney also referred to the recommendation of the Fels task force in relation to the digitised signature and the unique identifying number. She said that the government ignored the recommendations of Professor Fels on these issues but had not given any reason for ignoring it. I refer the member for Sydney to the government’s response to the recommendations of the Fels task force, which was released at the same time as the task force report. The government’s response provides reasons for its decision in relation to each of the task force recommendations. I will not take time to detail those reasons here, but the member for Sydney is free to read the government’s decision in the publicly released response. I would be happy to provide her with a copy of that response or she can obtain a copy from the access card website.
Finally, I would like to briefly comment on the issue of function creep that was raised by a number of speakers. Legislative provisions in the bill and parliamentary scrutiny provide a robust protection against function creep. Clauses 6 and 7 of the bill set out the objects and the purposes of the bill respectively. These specific objects and purposes prevent function creep. Any changes in the objects in clause 6 and the purposes in clause 7 will require the government of the day to propose an amendment to the legislation and have it debated in this place and passed through both houses of the parliament. While members opposite may prefer to live in the past, this government is committed to moving with the times and using up-to-date technology to ensure that our health benefits, veterans’ and social services are delivered effectively, efficiently and with the least possible risk to the Australian taxpayers.
I believe that the measures in this bill strike the right balance between providing convenience for people and how they use their access card while at the same time protecting their privacy. Consumer and privacy issues were very important in the development of the smartcard. Without robust proof of identity to verify eligibility, measures that merely cut red tape and improve access for consumers would fail to eliminate weaknesses in the present system, such as identifying fraud problems which are undetected currently, and they will not deliver the benefits to the community that the government is seeking.
In summary, this government believes that the new card system will provide a number of important benefits to consumers: benefits in more efficient and productive interactions with the government’s health benefits, veterans’ and social service agencies; benefits in potential improvements to security for individuals in protecting them against identity fraud and enhanced privacy protection; benefits in preventing fraud against the Australian taxpayer; and benefits for other users chosen by the consumer. I am sure that in years to come people will look back and wonder why this debate took the turn that it did when, clearly, using the latest technology to benefit the Australian consumer, the Australian taxpayer and the Australian welfare system must be a positive step that all will applaud in years to come. I commend the bill to the House.
Question put:
That the words proposed to be omitted (Ms Plibersek’s amendment) stand part of the question.
Original question put:
That this bill be now read a second time.
Bill read a second time.