Identity Management: Is an Identity Card the Solution in Australia? Presentation to RSNA Conference The Social Implications of Information Security Measures.

Slides:



Advertisements
Similar presentations
June 27, 2005 Preparing your Implementation Plan.
Advertisements

JCAHO –A HIPAA Business Associate National HIPAA Summit
Erasmus Work Placement Workshop: the risk & insurance implications Rachel Phillips Marsh UK HE Practice Leader Mary Murtagh – Marsh Risk.
ASYCUDA Overview … a summary of the objectives of ASYCUDA implementation projects and features of the software for the Customs computer system.
1 Introduction to Safety Management April Objective The objective of this presentation is to highlight some of the basic elements of Safety Management.
1 Welcome Safety Regulatory Function Handbook April 2006.
1 FPEG Identity theft & payment fraud point December 2007.
1 Targeted Case Management (TCM) Changes Iowa Medicaid Enterprise October 14, 2008.
HIPAA AWARENESS TRAINING
Project Appraisal Module 5 Session 6.
© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.
The Legal Foundation TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
EMS Checklist (ISO model)
12 November 2002Digital Identity Forum – London Biometrics and ID Bill Perry Independent Consultant Phone:
2009 Data Protection Seminar
1 2 Note: The following slides represent suggestions to enhance the writing of a SAR narrative. This information should be used in conjunction with the.
Red Flags Rule BAS Forum August 18, What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.
Senior Manager – Research Finance & Programmes
IPM THEORY CHALLENGE QUIZ NUMBER 3 Unit 3 Outcome 3.
1 Attributing the costs of health & social care Research & Development – Understanding AcoRD Trudi Simmons Senior Manager – Research Finance & Programmes.
Lecture 5: Requirements Engineering
1 And Tips to Avoid Becoming a Victim Recent Cyber Crime Cases.
Red Flag Rules: What they are? & What you need to do
1 Project Nexus Modelling costs and benefits Andrew Wallace, Cesar Coelho Ofgem Project Nexus IA Subgroup 25 July 2012.
EURIM Personal Identity Group Data Sharing Model for Public Services 13 th January 2005 Jim Lound © Experian Ltd 2005.
Barry Sandison Deputy Secretary, Health and Information Department of Human Services Data: creating value for service delivery.
Report on Comprehensive Social Security System 26 August 2004.
HIMAA Symposium 2008, Canberra 1 Integrating the Healthcare Enterprise Klaus Veil Manager - IHE Connectathon and Interoperability Showcase 2008 Chairman.
Anti Money Laundering (AML) An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.
Identity cards and systems Professor M. Angela Sasse University College London Professor Brian Collins RMCS Shrivenham.
RMG:Red Flags Rule 1 Regal Medical Group Red Flags Rule Identify Theft Training.
National Smartcard Project Work Package 8 – Card Governance Report.
Data-Sharing and Governance Consultation ANALYSIS OF RESPONSES.
The Health and Social Services Access Card: What will it mean for Australians? Financial Literacy, Banking and Identity Conference 25th and 26th October.
Security Controls – What Works
Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.
The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.
Identity Cards: Strategy, Implementation & Challenges A Melodrama in Three Parts Simon Davies Director, Privacy International Visiting Fellow, London School.
WPLA study on fraud prevention in online land registers Jon Atkey, United Kingdom UNECE WPLA, Baku, 4-5 March 2010.
Solution Overview for NIPDEC- CDAP July 15, 2005.
Identity verification in the private sector Chris Gration 30 March 2006.
Other Laws (Primarily for E-Government) COEN 351.
FTC RED FLAG RULE As many as nine million Americans have their identities stolen each year. Identity thieves may drain their accounts, damage their credit,
30/09/09Copyright - The Earl of Erroll1 Lord Erroll - Merlin Member of the HOUSE of LORDS - an Independent Peer PITCOMParliamentary Information Technology.
Garry Compton Manager Government Authentication ANTA Workshop 05/08/03 Canberra, Australia An update on Commonwealth Authentication.
Data Protection Act AS Module Heathcote Ch. 12.
Employment Eligibility Verification The I-9 Form Bluefield State College New River Community & Technical College.
New Identity Theft Rules Rodney J. Petersen, J.D. Government Relations Officer Security Task Force Coordinator EDUCAUSE.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.
The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;
IT Applications Theory Slideshows By Mark Kelly Vceit.com Privacy Laws.
PROTECTION OF PERSONAL DATA. OECD GUIDELINES: BASIC PRINCIPLES OF NATIONAL APPLICATION Collection Limitation Principle There should be limits to the collection.
An Introduction to the Privacy Act Privacy Act 1993 Promotes and protects individual privacy Is concerned with the privacy of information about people.
The Protection of Personal Information Bill 13 February
Privacy Compliance in Schools Darrebin A/P’s Network 7 May 2009.
Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.
Privacy and Personal Information. WHAT YOU WILL LEARN: What personal information is. General guidelines for the collection of personal information. Your.
Understanding Privacy An Overview of our Responsibilities.
MONEY LAUNDERING “The Basics”.
Understanding Privacy An Overview of our Responsibilities.
Kids' legal rights in medical care, your obligations and risk minimisation 27 April 2017.
Anti Money Laundering (AML)
Florida Information Protection Act of 2014 (FIPA)
IT Applications Theory Slideshows
TFN’s & ABN’s.
Presentation heading (one or two lines)
Florida Information Protection Act of 2014 (FIPA)
Data Protection Legislation
Red Flags Rule An Introduction County College of Morris
E-identities (and e-signatures)
Presentation transcript:

Identity Management: Is an Identity Card the Solution in Australia? Presentation to RSNA Conference The Social Implications of Information Security Measures on Citizens and Business Margaret Jackson and Julian Ligertwood May 2006 Presentation to RSNA Conference The Social Implications of Information Security Measures on Citizens and Business Margaret Jackson and Julian Ligertwood May 2006

Company OverviewSlide 2 Introduction This paper examines the Governments most recent proposals for identity-related cards and the UK Identity Cards Act It asks whether a national identity card will address public and private security concerns while remaining consistent with privacy laws

Company OverviewSlide 3 Australian ID Card Proposals ID Card during World War II Australia Card (1987) Australia Card II ( ) – July bombings/Jan announcement by Ruddock/shelved April 2006 Human Services Smartcard ( )

Company OverviewSlide 4 Identity Cards Act 2006 (UK) Section 1(3) of the Act sets out the purposes of the national identity register: … to facilitate, by the maintenance of a secure and reliable record of registrable facts about individuals in the United Kingdom – (a) the provision of a convenient method for such individuals to prove registrable facts about themselves to others; and (b) the provision of a secure and reliable method for registrable facts about such individuals to be ascertained or verified wherever that is necessary in the public interest. Something is in the public interest if it is in the interests of national security; or is required for the purposes of the prevention or detection of crime, of enforcement of immigration controls, of the enforcement on prohibitions on unauthorised working or employment, or for securing the efficient and effective provision of public service (Identity Cards Act 2006 (UK) s1(4)).

Company OverviewSlide 5 UK Identity Cards Act Sections 3,6-7 & Schedule 1 set out the information to be collected and retained on the register Section 10(1) provides for updating personal information but only Sec of State appears to have the power to correct data Sections 17 – 20 provides for public interest access to the register by government agencies – individuals consent not required

Company OverviewSlide 6 UK Identity Cards Act cont… The Act also: -empowers the Secretary of State to enforce registration (section 7) - establishes new offences for the possession of false identity documents (sections 25 & 31) -prohibits compulsory production of the card (section 16) except when accessing public services (section 13)

Company OverviewSlide 7 UK Identity Cards Act cont… The Act does not provide for: - a time limit on storage of personal information - a right of access to the Register by an individual - a requirement that an individual consents to third party provision of data

Company OverviewSlide 8 UK Identity Cards Act cont… The Act will allow about 265 government departments and 44,000 private sector organisations access to the register

Company OverviewSlide 9 UK Identity Cards Act cont… The UK Government maintains that its Identity Card scheme will: - Help prevent crime that depends on being able to use false identities -Enable people to access current services more easily -Provide a watertight proof of identity for use in everyday transactions and travel -Provide a means of providing more efficient services

Company OverviewSlide 10 UK Identity Cards Act cont… However, the UK Information Commissioner has voiced concerns that the Act is potentially inconsistent with the Data Protection Act (UK) 1998 including that: The proposed extent of the information retained on the National Identity register is unwarranted and intrusive The breadth of the purposes of the Act could lead to function creep into unacceptable areas of private life The technical and administrative arrangements proposed in the Act lack independent oversight The large breadth of organisations with access to the register is inconsistent with a secure database The extent, in practice, to which individuals consent to a check will be freely given, specific and informed There will be extensive use of secondary legislation and a lack of privacy impact assessments. Primary legislation should be used to make the scheme compulsory, with appropriate safeguards

Company OverviewSlide 11 UK Identity Cards Act cont… The London School of Economics undertook a major investigation into the Identity Cards Bill, producing a report titled The Identity Project: an assessment of the UK Identity Cards Bill and its implications on 27 June 2005 It stated that the proposals are: too complex technically unsafe overly prescriptive lacking a foundation of public trust and confidence

Company OverviewSlide 12 UK Identity Cards Act cont… The LSE Report found: No evidence that the introduction of the proposed UK Identity card would reduce identity fraud and could lead to a greater incidence of such fraud An identity card would have no impact on private sector fraud such as credit card fraud An identity card would not reduce most immigration fraud and that money laundering usually does not involve false identities Its only likely effective role would be to reduce social security fraud The Report concluded that the proposal would be very expensive and queried the Governments calculations This Report provided the basis for the initial rejection of the Identity Cards Bill in the House of Lords on 16 January 2006

Company OverviewSlide 13 Will a national identity card scheme work? The UK Government has not been able to show how the Identity Card and the Register will be used to reduce terrorism and other security threats The LSE Report found that an identity card would have little impact on identity fraud and on a range of other areas of fraud (would affect 1% of total benefit fraud) An Australia Card similar to that in the UK may be in breach of privacy laws

Company OverviewSlide 14 What scheme could work in Australia? Various identity cards already exist in Australia. Passports, drivers licence and Medicare Cards are quite acceptable by Australians as they have clearly defined purposes Proposed cards: -Human Services Card -Document Verification Service -E-Passport -Medicare Smart Card -Electronic Health Records (Health Connect)

Company OverviewSlide 15 The Access card First mentioned in April 2005 as the Human Services Smartcard July 2005 – Government Services Card Contain a photo, replace 26 government services cards and concession cards and cost $500 million January 2006 – compulsory ID card for all welfare recipients and contain biometric Feb 2006 – to be used via EFTPOS machines for medical bill reimbursement March – stop welfare fraud and for disaster relief but only compulsory for the provision of government services

Company OverviewSlide 16 The Access card April 2006, Cabinet approves a smart card for access to health and welfare services – cost approx $1.1 billion Subsequently referred to as the access card Who can access it?

Company OverviewSlide 17 Purpose: -reduce welfare fraud -replace 17 other cards, including Medicare and aged pension cards -make payments to patients -provide instant Medicare rebates via EFTPOS machines in surgeries (still included?) -make welfare payments -delivery of services, not national security -disaster relief -slash red tape -all government financial transactions What information is collected? - biometric photographic identification -medicare number -- name -signature -Microchip will contain age -information about dependants -address Proposing a voluntary field: -blood type -organ donor -allergies -emergency contacts -but no health records Who can access it? -(originally ATO, Centrelink, Medicare, DEWR, Aust Customs Service, DITR) -Coles and Woolworths -Readers to be placed in all doctors surgeries, chemists and ambulances Proposing a user-managed data vault for personal information that the user can make available to specific agencies Individuals can access it to update details Who does it apply to? -aged pensioners -those on welfare (unemployment, disability, etc) -veterans -child care rebates -PBS -Austudy -Maternity payments -Family tax benefit payments -people with a Medicare card

Company OverviewSlide 18 Concerns Government history of dealing with personal information eg ICAC reports and the Victorian Police LEAP database Deputy Secretary of Dept of human Services says that the card will deliver significant benefits to government Treasurer quoted as saying he proposed card will contain more information than the Australia card Head of the taskforce implementing the proposed card will contain more information than the Australia card Ruddock days the smartcard development reflected ongoing work on better ensuring peoples identities remained secure

Company OverviewSlide 19 Conclusion If Australia uses the UK Identity Cards Act as a model for its own national identification scheme, the Governments original, vaguely stated objectives of ensuring national security and reducing identity fraud, would not be met The Access card might reduce government services fraud The need for a national identification scheme and identity card will have to be demonstrated compellingly and should not merely be an attempt to use one card to solve a range of identity management and verification issues

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.