Chip-cards are flexible tools that can be used in a wide variety of ways. This FAQ outlines a framework within which a scheme could be developed that assists individual agencies in achieving their identification and authentication aims, but avoids the excesses of a national identification scheme.
The first crucial requirements are that:
To put it another way, the Government's "up to 17 cards" can be replaced not by 1 card containing 1 zone, but by 1 card containing up to 17 zones, each securely separated from the others. That way, the card-holder's multiple identities with separate programs and agencies can be sustained.
Such a scheme can be designed so that there is no linkage between the card-number and the various identifiers for the various agencies. The card-number then ceases to be a central feature of the National Identification Scheme, and becomes just a card-number.
Similarly, the imposition of an 'official name' is unnecessary, as well as being dangerous.
Further, and crucially, a central Register of personal data becomes unnecessary. All that is needed is a list of the card-numbers that have been issued. A central Register is only needed if the Government wants to have a central element of a National Identification Scheme.
With a decentralised scheme like the one the APF proposes, decisions about how each government program is to work can be taken by the agency concerned, rather than by a centralised commissariat that is remote from people.
Some agencies will find that the benefits of using a zone on the card would be low, and that separate cards will work better and more cheaply for all concerned. (This would be likely to apply in particular to concession cards, but perhaps also to some cards relating to benefits and services).
A scheme of the kind that the APF proposes would be a less grand monument to the Minister's term in office. On the other hand, being much simpler, such a scheme would be more likely to actually work.
Descriptions of schemes like what the APF is suggesting have existed for at least a decade (e.g. Clarke 1997. See also the Working Paper at Clarke (2006), and Wilson (2006).
In addition to adopting the balanced, privacy-protective architecture outlined above, it's also essential that the Government stop suppressing information, institute open and consultative processes, and provide transparency for the requirements statements, cost/benefit analyses, privacy impact assessments, and design details.
If you are aware of errors or omissions in this document, please let us know.
Go back to the previous FAQ Go to the next FAQ