The National Digital ID Will Fail Just Like the Others, Says Dataveillance Expert Dr Roger Clarke
Both major parties in Australia have been keen to establish national identity schemes going back decades. However, the public has consistently rejected them, especially once the privacy-minded inform the broader constituency of their potential to undermine rights and enhance social control.
The go-to example of such a scheme is the Hawke government’s failed Australia Card: a proposed system that could identify every individual and corresponding information, via a rectangular piece of plastic.
Indeed, so controversial did the Australia Card become that it led to the dissolution of parliament and an early election, prior to its ultimate rejection.
Following the Morrison government’s attempt to establish a national digital identification system, it’s now Albanese’s turn. And finance minister Katy Gallagher has made clear she’s aiming to see legislation establishing an online ID system tabled in parliament by spring sittings.
However, much of the public is unaware of this. And while there’s been many attempts to establish such schemes that have all fallen over, it continues to be essential to campaign against these all-pervasive monitoring systems, otherwise the government could slide one in under the radar.
As is often the case with proposals to surveil the public, the Coalition government established a small-scale model in 2015. Known as the Digital Identity System, it links a user’s online IDs to government agencies. And the aim was to eventually make this whole-of-economy.
“Australia needs to grow a backbone,” remarked then NSW customer services minister Victor Dominello early last month. “In the information age, this spine must be digital. It must empower the individual with more control and protections over their privacy and security.”
The outgoing minister said this as he was talking up the NSW digital ID, which he stressed needs to be linked to a federated system that would connect all citizens and residents across the country in what he describes as a “decentralised” manner, ostensibly to make accessing services online easier.
Dominello spruiked the online system as opposed to a card, as he claimed that physical identifiers make too much unnecessary information available, whilst his proposal not only conceals information online, but it’s “decentralised” as details with be stored on various federal and state databases.
Stalled at the gate
Xamax Consultancy’s Dr Roger Clarke has been monitoring disruptive information technologies for decades. And he insists that while the privacy concerns sparked by a nationwide identity system are warranted, such proposals have consistently collapsed.
The doctor outlines that most MPs continue to push for a broad identifying system, despite their ongoing rejection, as these politicians are, for the most part, ignorant of the past failures. Although, when it comes to the public, he’s confident it will once again mobilise in opposition.
Sydney Criminal Lawyers spoke to UNSW Visiting Law Professor Dr Roger Clarke about the history of attempts at such schemes, why major party politicians continue with the futile quest to establish one, and the unlikelihood that the current proposal being sold as voluntary will remain so.
Finance minister Katy Gallagher met with data and digital ministers nationwide in February to ensure legislation to establish a national digital identification system will be on the agenda later this year.
The 2014 Murray inquiry report warned its scheme is likely to be associated in the public mind with the much-maligned Australia Card proposal of the 1980s.
But you assert that many attempts have been made to set up a national identification scheme, which have ultimately foundered.
Dr Clarke, what are some of the other attempts at setting up a nationwide ID scheme over the last 30-odd years?
Over 1985 through to 2007, the Australian Privacy Foundation (APF) maintained a page with resources on successive attempts by bureaucrats to get governments to give them a national ID scheme.
The project that made the most noise – and was particularly silly – was one of Joe Hockey’s many follies, the so-called Human Services Access Card.
It was dressed up not as a loyalty thing, like the Australia Card was, but as a service. And it was devised by the same people that brought us Robodebt.
APF ran a very successful campaign from the beginning of 2006 until late 2007. The weight of evidence eventually resulted in a Coalition-dominated senate committee severely criticising the project.
So, the Coalition gave in, and the incoming Labor Government scrapped the project and the Office of Access Card very shortly after its election.
During the last 15 years, NTIF (the Trusted National Identity Framework) and TDIF (the Trusted Digital Identity Framework) have been the buzzwords.
Those have been attempts by central government to achieve some kind of federated system, where the many players in the game, across nine jurisdictions and half-a-dozen industry sectors, can all cross-leverage one another’s infrastructure and personal data collections.
But APF gave up submitting to the Digital Transformation Office (DTO)/Digital Transformation Agency (DTA), because of its incapacity to take any notice of anything said to it.
In any case, nothing it did ever got very far, because of its inability to listen, design, negotiate, or to perform in a competent manner any of the other things involved in a large-scale, complex and sensitive program.
In most cases, the projects collapsed under their own weight. They are gargantuan, because they have to comprise a wide array of elements.
They’re also ineffective because anyone who’s serious about avoiding, circumventing, getting multiple identities in the system, et cetera, has no trouble getting around it.
All that these projects would achieve is more work and pain for normal people, and maybe a little more visibility of the many errors made and the modest level of small-scale fraud.
The Australia Card and the other schemes you liken to it all share common elements. What are the key features of these schemes that reveal commonality?
The last time I did a paper explaining this was seventeen years ago. A bit of the terminology has changed in the meantime, and there may now be better ways to describe some of the elements.
But the principles remain much the same.
The main elements of national identity schemes, include a database, a unique signifier for each individual, an ID token, such as a card, quality assurance mechanisms, widespread use of data, identifiers and the database, obligations for each individual and many organisations, as well as sanctions for noncompliance with the system.
It’s always a bit of a challenge to map any particular project onto that model, because the designs are never clear, by accident and/or design.
Some schemes accentuate the token, whereas others stress the database, or the services, which really means the data flows and the obligations to provide ID and authenticators in order to get services.
Schemes are always trumpeted as being voluntary at the beginning and are always designed on the assumption that they will become mandatory soon afterwards.
In the private sector, this technique is called “bait-and-switch”.
Authorities globally have long been attempting to establish such all-encompassing identification systems, with advances in technology being incorporated into them as we go along.
Why is such a system so desired by ministers and senior bureaucrats? And why have Australians been opposing them since, at least, the time of the Australia Card proposal?
Senior bureaucrats, especially at the federal level, live comfortable lives, well removed from the tumult of society, as it really is.
Their job is to ensure there’s some orderliness, plus demonstrable need for them and their empires to continue to exist, plus plenty of announceables for their minister to bask in.
A national ID scheme has been desired by the mandarins ever since World War II melted away into peacetime.
When a tax-lobbyist sold Bob Hawke the idea of a scheme to weed out tax evaders, dole cheats and illegal immigrants, the public service was able to dust off some proposals that they’d had in place for years.
They told him it was a good idea and assured him they could deliver in short order.
Each new government is sold on the idea by one or another of in current term departments of Attorney General, Home Affairs, Human Services, Finance, or even Health.
It’s always pitched to ministers and cabinet in ways calculated to appeal to them and whatever they see as their constituency.
Many ministers get into their short-term jobs with remarkably little insight into what goes on in government agencies generally, and in their agency in particular. And some are silly enough to take up the idea.
Following the February meeting of Australian data and digital ministers, a statement was released, outlining that a national digital identification system is on the agenda.
This is in the wake of the Coalition having established a smaller limited model of such a system that it sought to broaden to encompass the entire economy.
This model being proposed by Gallagher is being spruiked as a voluntary system, but there are questions as to just how much of a choice citizens will have, and, as you’ve just mentioned, often this is the way to bait the public in.
So, what are your thoughts on the bipartisan push to establish a nationwide digital ID system?
Yet again, the federal level offers money to the states, and they say, “Yes, please”.
The conditions that come with the money don’t concern politicians whose time-horizon is the next election, and whose motivations are to be seen to succeed within their party, get media-coverage, and get voted back in by electors who recognise their name.
The design of all these schemes is vague at the beginning, gradually emerges, but changes shape with successive media releases.
It’s instructive to use my 2006 checklist as a framework and map whatever information is available onto that framework.
It’s instructive mainly in identifying that they’re just blundering along and/or they’re devious and are suppressing some key elements of the scheme.
The bipartisan nature of the scheme reflects the considered position of both major parties that being seen to be a bit left of centre is a loser.
So, the scheme can initially be painted as being about efficient delivery of services to people, but depicted quite differently each time there’s a cause around, like small-time tax-evaders, welfare cheats, migrants stealing Australians’ jobs, dead-beat dads, wife-abusers, paedophiles, et cetera.
You point out that former NSW digital minister Victor Dominello is a prominent voice in the debate around the national digital ID system.
The outgoing minister, who continued to campaign on it right up until last month’s state election.
What are Dominello and others of his ilk pushing for in terms of a broader digital ID system?
Dominello is used to getting plaudits. He could see the writing on the wall in NSW, and managed to avoid the mud that was bound to be scattered around.
He also had admirers at the federal level, not all within his own party. He’s managed to stimulate an unaccustomed degree of organisation within some aspects of NSW government activities and appears to be enthused about the chance to try the ideas out at the federal level.
I have trouble seeing Dominello as a protofascist, like Dutton. So, it seems pretty unlikely Dominello’s motivated to enable the more extreme forms of social control.
He’s an ever-smiling politician, capable of stimulating and organising competent people and has gained a reasonable understanding of the relevant technologies.
So, he seems like a subscriber to the services-and-control school of thought, rather than to the hardnosed Department of Human Services worldview.
Unfortunately, Dominello’s grasp of and/or interest in the impacts and implications of the technologically-based schemes that he’s involved with is far, far slimmer than his ability to talk tech.
And lastly, Dr Clarke, despite the huge opposition to the Australia Card and others versions of it that have failed to take hold, governments continue to push for a national identification system.
Why hasn’t this just been dropped considering the widespread and persistent opposition? And after decades of opposing such schemes, are you confident opponents can continue to maintain that such systems aren’t rolled out?
The half-life of politicians is very short. Most burn out very quickly, and a new bunch arrive on the scene, green behind the ears, imbued with the teachings of the recent version of their particular party.
Do they learn from history?
At any given time, there’s only a handful of members of parliament who can remember anything from secondary and tertiary studies, who read and have a broad ideas catchment-area.
The large majority of them are caught up in their own party echo-chambers, selectively hearing, motivated by personal progression within their own rarefied world and are unable to comprehend that real people have perspectives different from theirs.
In short, if the system talks about “digital identity” as “a good thing”, based on whichever mythology is in vogue at the time, then that’s what they believe.
The abundance of analytical argument showing the nature, impacts and implications of proposed schemes, and the abundance of empirical evidence of successive failures, is outside their lived experience and outside such vicarious experience as they muster.
I do have a lot of confidence in the robustness of society, and the scope for committed people to get the messages through, and get the skids under the wheels of each iteration of the Australia Card scheme.
As a consultant, I mostly did eCommerce, eGovernment, ePublishing and suchlike, plus some of what we currently seem to call cybersecurity.
But I did a variety of privacy consultancies when interesting ones turned up. When dealing with clients in that space, I used a simple aphorism: Privacy doesn’t matter… until it does.
It was remarkable that I almost always got a prompt, rueful nod of recognition of the point being made.
Governments, government agencies, corporations, and whole industry sectors, can get away with murder, until circumstances arise in which too many people see too many organisations as having gone too far.
Then the pressure builds very rapidly and large-scale projects and the investments put into them, get blown away in a short time.
For about fifteen years, I maintained some documentation of interesting disasters in the private sector. The volume of them hasn’t let up, and I’d made my point, so I haven’t continued with it.
But some of the old ones still resonate, and a dozen could be easily added from the last year alone.