Australia Scraps National ID Plan

IPU = Imaginary Property Unicorn writes "The proposed Australian 'Access Card', a universal ID that would be required for any Australian wishing to use Medicare, Centrelink, the Child Support Agency, or Veterans' Affairs, has been scrapped by the incoming Rudd Labor Government. The card would have contained an RFID tag with the person's name, date of birth, gender, address, signature, card number, card expiration date, and Medicare number, but there were also provisions to add more personal data later on. It seems that Rudd Labor is not eager to copy the American REAL ID Act."

Re:So what do you want?

[Zey]

An RFID card that can be read can fill in all that data for you, but is also intrusive. Can't have the best of both worlds.

Of course you can. It's currently called the magnetic strip. Can't be read from a distance, just with a reader. Go high tech with the basic principle and you'll use NVRAM or a DVD-RW optical stripe. Go high tech/low tech and you can have the data written in highly miniaturized bar codes, too small for the naked eye but, again, visible to readers.

Government will know what it wants to know know about you. That fight was lost decades ago. The questions remaining are: (1) whether that right is annoying at the day to day level, (2) whether we can at least benefit in lower paperwork from it (rather than being punished for clerical errors), and, (3) whether we can stop everyone else stealing our details in the process, given most governments are managed at the bureaucratic level by incompetent baboons.

Re:Good.

[arivanov]

Actually not quite so.

There are plenty of ways to provide identity that do not require online access to a database. X509 at your service. Tried, tested, works, scales to the size of a population (most continental EU ID cards are actually smartcards wich hold an x509 cert). The only thing the ID reader needs to do is verify that the cert on the card is correct and show the information. This can be done by a sub-10$ mass produced device nowdays. It can also be completely standalone for less important apps and for the more important it needs to check for revoked certs via OCSP. It does not really need access to a centralised database. In fact it is better for an ID like this to hold your photo and your biometric because the verification is done through cryptographic integrity. If it holds them it does not need central database access in 99.99% of the cases.

Issuing the ID is a completely different ball game. There you need a database if you want to avoid identity fraud. The bigger, the nastier, the more comprehensive - the better. As a matter of fact such the databases already exist in most countries, they are reasonably well maintained and they work. These are the taxation system databases and all countries with successful ID systems use these as a primary source of information. A good example of database nations like this is any Scandinavian country and Bulgaria out of the ex-Soviet block.

There is a crucial difference here - the database is accessed only on issuing IDs and on updating/checking tax records. It is not accessed by every wannabie wanker in a small quango office who has declared himself the supreme owner of your identity. This is also the crucial difference between RealID, The UK ID, the Australian ID and working ID projects. These all aim to sneak a provision for tens of thousands of wankers to access your data and they do not try to build on the tax system data (which the tax system office rightfully denies them access to). This is also doomed to be abject failures long before they have even been started because they have to build a database for the whole country from scratch.

Re:Good.

[rucs_hack]

but PLEASE learn from our mistakes.

The thing with the US is no matter how bad it gets, your culture has within it a tendancy to say 'screw you' to anyone that's in power, and throw them out. Either that or make things so tough that people quit.

I've been surprised at the no-cons apparent ability to just take over and start the conversion to a police state (facism?) though. Why there hasn't been soime sort of mass revolt is beyond me. You're apparently just sitting back and letting them re-institute a pro rich/powerful people nation.

I have a lot of respect for Americans, but as a country your starting to look a bit, well, stupid. Quite aside from the political situation, its what, 80% of your population beleive the earth is less than 10,000 years old? This does not fill me with confidence. I was considering paying for my son to spend his univeristy years in the state, now I have a doubt.

How long is this going to go on do you think?

Re:Good riddance.

[nomorecwrd]

Maybe it'a a matter of country size, but here in Chile we implemented a national ID number decades ago, ONE number and one ID card for almost everything, my ID number is the same as my passport, same as my driver's licence, same as my Medicare, same as my social security, etc. Even private companies, like banks, insurance, telephone, cable, etc. identify you with this number. Easy! and very convenient. The number is given to the new born when registred. Our IRS (SII) tracks your taxes with this number. Companies are assigned with an ID also (much higher number than individuals). Even foreigners can ask for an ID number. (needed if you want to work in here) Again, it's a very convenient system! I don't know how you guys can keep a whole big country running without this. Just my two cents.

The problem is not ID card themselves

[loopkin]

Most of Europe has ID cards, and nobody ever heard it's police states.
The thing is to emit cards, you need a database. So the card becomes a key to your entry in the ID database. So far, so good.
Now, if you use it also to pay your taxes, the same card has become a key to your tax records and earnings. The same if you use it for your medical insurance, and so on.
Here's the privacy breach: the "one card does all" scheme is really very bad, because it allows easily to retrieve personal data from different databases.

Take France. There is one of the most advanced computer-related privacy law (IT and Freedom Act):
- there is a "national" ID card, that is connected to nothing, except maybe the passports database
- there is a medical state insurance ID card (Vitale card), that is connected to nothing, except other medical insurances, and your record at your doctor's
- for the rest (taxes, ...), where you don't need an ID card, there aren't ID cards.
All the systems have different unique identification numbers ("national" ID card number, medical state insurance number, tax payer number, ...) and it is disallowed by the law (for anyone, including the state), to make a database that references all those id numbers.
So where's the problem there ? (except that it's for sure more expensive that having a "one card does all", but privacy has its price).