This type of police surveillance will come as no surprise to Australian blogs which post on local and regional protests

CNN.com, 11 October 2016:

The ACLU of California reported that Geofeedia had been providing law enforcement with data -- including locations -- from the social media accounts of protestors. In response, it said Tuesday that Twitter, Facebook, and Instagram had cut off Geofeedia's access to their feeds.

The extent of law enforcement's social media surveillance was discovered through public records requests of 63 agencies in California, according to the ACLU of California. Emails obtained show the tools were used to monitor chatter around "the Ferguson situation," and that Geofeedia told California law enforcement agencies to find out how police in Baltimore used its tools to "stay one step ahead of rioters," after the death of Freddie Gray in police custody.

Geofeedia provided searchable data from public Instagram posts, troves of publicly shared information from Facebook (FB, Tech30) via the Topic Feed API, and public tweets. Information in Twitter, Facebook, and Instagram posts can be used to infer things like location, personal associations and religious affiliation.

The ACLU says Geofeedia and other social media surveillance tools can unfairly impact communities of color. Movements like #BlackLivesMatter began on social media, and Twitter, in particular, is used as a platform for organizing and amplifying protests.

"Communities of color rely on platforms to organize, to persuade, and to spread information," Matt Cagle, technology and civil liberties policy attorney at the ACLU of Northern California, told CNNMoney. "But here, the social networks left a side door open for surveillance by the police."

Law enforcement agencies invest thousands in the tools that aggregate and surveil conversation data --the Daily Dot reported that the Denver Police Department spent $30,000 on these types of tools in May. The ACLU launched an investigation in Denver in response to this report.

Based on information in the @ACLU's report, we are immediately suspending @Geofeedia's commercial access to Twitter data.

— Policy (@policy) October 11, 2016

In an email obtained by the ACLU of California through public records requests, Geofeedia claims "over 500 law enforcement and public safety agencies" use its services.

After the ACLU's report on Tuesday, Twitter tweeted that Geofeedia's access had been revoked.

"In addition to cutting off data access, the social networks should take additional steps to implement clear rules that prohibit the use of user data for surveillance, and oversight measures to ensure developers are not using the user data for surveillance," Cagle said.

The organization is joining with the Center for Media Justice and Color of Change to ask social media sites to commit to better protecting users engaged in political and social discourse.

Malkia Cyril, the executive director of the Center for Media Justice, said that people are using social media to expose human rights abuses, turning these platforms into modern day news outlets. However, the sites aren't not subject to the same kind of scrutiny or standards, she said.

"I wasn't surprised," Cyril told CNNMoney. "But I do think the average user should be shocked and dismayed at the scope and the scale of what the ACLU found."

Government Data Retention: think this won't happen again?

Think the situation set out below won't happen again in some shape or form?

What about when government outsourcing to the private sector means access to those government databases quietly collating personal and sensitive information on all individuals living in Australia?

Victorian Ombudsman, media release, 12 September 2016:

WorkSafe: complex claims process needs fixing

  

Victoria’s workers compensation scheme must be recalibrated to ensure that complex claims are resolved in a fair and timely manner, a Victorian Ombudsman investigation has found.

Tabling the Investigation into the management of complex workers compensation claims and WorkSafe oversight today, Victorian Ombudsman Deborah Glass said that while the workers compensation scheme is operating well in the vast majority of cases, the current system fails some particularly vulnerable people.

“The overall system is not broken, but the problems we identified in complex cases – some 20 per cent of the overall claims – go beyond a few isolated examples of bad behaviour. They cannot simply be explained away as a few bad apples spoiling the barrel,” said Ms Glass.

WorkSafe underwrites the Victorian workers compensation scheme with claims management functions outsourced to private insurers. During the investigation period the agent insurers for Worksafe were Allianz, CGU, Gallagher Bassett, Xchanging and QBE. The system currently incorporates a series of financial incentives for agents, including when claims are terminated or workers return to employment.

The investigation examined complex and often extended claims across different industries, roles and injuries (both mental and physical) to assess whether:

•          agents unreasonably denied liability or terminated claims
•          agents took such actions in order to obtain financial rewards available under the contract with Worksafe
•          Worksafe provides effective oversight of the agents and their claims management processes.

Key recommendations from the investigation call for a review of dispute resolution processes within the system and improvements in oversight of complex claims by WorkSafe.

“We found agents cherry-picking evidence to support a decision to reject or terminate a claim – as little as one line in a medical report – while disregarding overwhelming evidence to the contrary. We found Independent Medical Examiners (IMEs) – whose opinions agents use to support their decision making on compensation – receiving selective, incomplete or inaccurate information. We also saw evidence of decisions being influenced by financial incentives to terminate claims.

“In effect, we found cases in which agents were working the system to delay and deny seriously injured workers the financial compensation to which they were entitled – and which they eventually received if they had the support, stamina and means to pursue their cases through the dispute process,” said Ms Glass.

The investigation attracted significant public interest after it was launched, with dozens of workers and others involved in the system contacting the Victorian Ombudsman to offer assistance or make submissions.

The investigation involved detailed reviews of claims across all five agents. A random sample of agent email records was examined and interviews conducted with injured workers and their families, executives from the five agents and former agent staff. Stakeholders including the Accident Compensation Conciliation Service, the Australian Medical Association, the Police Association of Victoria and the Community and Public Sector Union made submissions.

“Action must be taken to address the complex end of the system where terminations are rewarded. WorkSafe needs to examine its incentives – and the use of IMEs – to ensure the system rewards sustainable decisions and to target its oversight accordingly. The process for resolving disputes also demands careful reconsideration – it is in the interests of workers, employers and the public at large that the resolution of claims should be both timely and fair.

“WorkSafe has begun addressing many of these issues, and we have already seen improvements since my investigation began in 2015, but this work must go on. The cases we investigated are not merely files, numbers or claims; they involved people’s lives, and the human cost should never be forgotten,” said Ms Glass.

Investigation into the management of complex workers compensation claims and WorkSafe oversight

Notes to editors

•          The Victorian workers compensation scheme is funded by a compulsory system of insurance that covers employers for the cost of providing compensation to injured workers.
•          Worksafe manages around 90,000 workers compensation claims a year.
•          The Victorian Ombudsman investigation conducted a detailed review of 65 complex workers compensation claims; most claims involved decisions made in 2014 – 2015.
•         Insurers acting as Worksafe agents at the time of the investigation were: Allianz, CGU, Gallagher Basset, QBE and Xchanging. The Victorian Government decided in April 2016 not to renew QBE’s contract and QBE ceased acting as a Worksafe agent on June 30 2016. EML replaced QBE on the panel of agents. EML decisions and actions have not been examined during this investigation

UPDATE

A data breach in the making.......

Computer World, 13 September 2016:

The National Cancer Screening Register Bill 2016 and the National Cancer Screening Register (Consequential and Transitional Provisions) Bill 2016 are currently before the House of Representatives. The bills will create the National Cancer Screening Register, which will replace nine existing registers including the states’ cervical cancer register.

In May the Department of Health announced it had awarded the contract to establish and operate the register to Telstra. The $220 million contract has an initial term of five years with an option for a 10-year extension……

Labor “strongly supports” the move to establish a national register, King said today.

However, the MP said that the bills have been “rushed” into parliament because the government had decided to award the contract to Telstra before any debate on the register’s merits and associated privacy and data protections.

There was no debate over “whether it is even appropriate for such sensitive data to be placed into the hands for the first time of a for-profit provider,” King said……

The decision will “put some of the most sensitive data into the hands of a private telecommunications company.” “It’s a big question and a big call,” she said. “Not one that we, frankly, support”.

The new national register will hold information about every Australian eligible for cancer screening programs. “The register is not opt-in and an individual will only be able to opt out… of the register once it’s actually implemented,” King said.

Data held in the register will include individuals’ names, addresses, dates of birth, contact details, gender and sex, as well as Medicare item number, Medicare claims information and preferred GP or other health providers.

The register will also contain “extremely private and intimate health data” usually only disclosed to an individual’s GP, King said.

“Labor accepts that this information is necessary for the operation of the register, but we do not accept that Telstra – frankly with a questionable record of privacy breaches – should have Australians’ most private and sensitive health data.”

The fallout from #CensusFail continues......

It is now the sixth day after Cenus Night 2016 in Australia and information has been slowly seeping out into the public domain.

First there's the genuine attempts to explain the spectacular failure to launch as opposed to the ABS-Turnbull Government propaganda on the subject.......

Reddit user mykro76 via @Qldaar, 10 August 2016:

Sortius, 10 August 2016:

So, I contacted Softlayer support, this was their response @ABSCensus #CensusFail

Patrick Gray at Risky.Biz on #CensusFail, 11 August 2016:

Community and Public Service Union, media release, 12 August  2016:

ABS STAFF ANGRY AT TURNBULL GOVERNMENT OVER CENSUS DEBACLE

The CPSU says the highly qualified and dedicated staff at the Australian Bureau of Statistics must not be blamed for the decisions by the Turnbull Government that are the real cause of Tuesday night’s Census debacle.

The union’s National Secretary Nadine Flood said: “Our members working in the ABS have slugged their guts out for months to make this Census work despite multiple Government decisions that have caused major problems. They know how critical the information collected in the Census is to the nation and they’re absolutely gutted at the damage done to the ABS's reputation and the Census itself.”

“Staff saw these problems coming a mile off. There are 700 fewer staff at the ABS now than when the last Census was conducted five years ago and as a result staff are suffering under massive workloads. Critical planning time was lost as the Government foolishly considered axing the Census, chopped and changed ministers three times and dilly-dallied for nearly a year in appointing a new chief statistician.”

“It’s shameful that Prime Minister Malcolm Turnbull has said ‘heads will roll’ at the ABS over the Census while taking no responsibility for the real cause of this debacle, the decisions made by his Government.”

“It is Governments that are responsible for the reliability of public services and the Turnbull Government cannot dodge responsibility for slashing budgets and jobs. Prime Minister Turnbull should be apologising not finger pointing.”

“This situation in the ABS is just one example of how cuts to public sector staffing and capacity have gone too far, and how it’s ultimately the Australian public that suffers as a result.

Australians are struggling to get through on the Census hotline today, but that’s no less disturbing than the one in three calls to Medicare and Centrelink that go unanswered every day.”

“The dedication of ABS staff has ensured the Census has played a critical role in public policy in Australia for more than a century. It remains an important tool and we are urging Australians to participate despite the Government’s failings.”

Unsurprisingly the privacy concerns haven't gone away........

Digital Rights Watch, 12 August 2016:

The letter, signed by prominent privacy advocates, academics and journalists, reads:

The conduct of this year’s census raises serious and pressing ethical, legal, security and technological concerns. These throw doubt on the value of the exercise and the quality of the data collected.

The Australian government must put the Census 2016 on hold while it consults with the Australian people on the value and ethical ramifications of this and similar mass data-collection exercises. Expert input and advice must be sought to determine best practice ethical, governance and security standards for data collection, use, linkage, storage, and real-world implementation.

These problems, and the difficulties Australians have experienced in accessing and completing both the paper and electronic forms, make imperative the provision of the following two remedies.

We therefore respectfully request:

1. Amnesty for anyone who files a late or incomplete census
2. An independent inquiry into the ABS’s conduct of Census 2016. This should include a comparison of the ethical and institutional governance arrangements for hard-copy and electronic data collection, storage, linkage and use with international and best practice standards. Community consultation should take place in regard to the appointment of heads of this inquiry, precise terms of reference and timeframes for reporting.

Signed by:

Tim Norton, Digital Rights Watch
Amy Gray, Digital Rights Watch
Asher Wolf, journalist
Dr Suelette Dreyfus
Peter Tonoli
Jenna Price
Liam Pomfret, Australian Privacy Foundation
Mark Walkom, Australian Privacy Foundation
Simon Frew, Pirate Party Australia
Felicity Ruby, PhD Candidate
Professor Ariadne Vromen
Tim Cashmere
Mary Kostakidis, Freelance Journalist
Gautam Raju, Campaigner
Jack Skinner
Dr Leslie Cannold
Melissa Castan, Law Lecturer
Dr Ben Harris-Roxas
Professor Robert Sparrow
Robin Doherty, Hack for Privacy
Dr Kristoffer Greaves, Legal Educator
Archie Law, CEO ActionAid Australia
Thomas Kane
Kate Galloway, Law Lecturer
Tom Sulston, Technology Consultant
Trisha Jha
Suzy Wood, IP Lawyer
Justin Clacherty, Future Wise Australia
Cade Diehm, SpiderOak
Trent Yarwood, Future Wise Australia
Julian Burnside AO QC
Dr Matthew Rimmer, Professor of Intellectual Property and Innovation Law, QUT Faculty of Law
Dan Nolan, software engineer

Then there's those zealous casual employees on the ABS Census team attempting to salvage something from the wreckage…….

The mocking has even spread into mainstream media on Northern Rivers…….

The Daily Examiner, 13 August 2016:

SORRY guys, looks like we caused the Census website to crash, but it was worth it.

We only told one little lie but suddenly our street is crawling with engineers, government types, teachers, plumbers, interpreters, shopping centre magnates and consultants.

Man, we haven't seen so many consultants since they sold Telstra.

Anyway, it was all part of objecting to have to put your name on the Census.

Not sure why we're objecting, everyone knows me and I would be happy if someone stole my identity. I could just slip away quietly and watch the fireworks.

They are as welcome to the $10 in my bank account as they are to my dog, and well, truth be known, Ms L. probably would appreciate the change too, and it'd be cheaper than a holiday for her.

But if it's not good enough for Nick X, then it's not good enough for us, so I didn't use my name.

However I did say that there were 23,000 people staying at our place that night and that's when the fun started.

We ensured half the number were children so the Education Department has acquired land for a primary school, a high school, half a TAFE and a branch of some wannabe regional uni, all within a kilometre.

Westfield is knocking down the other houses in our neighbourhood and building a shopping centre.

The Department of Transport built a bus interchange across the road (guess we didn't make the cut for an airport, but gee it gave Badgerys Creek a fright).

There's a new hospital with no queues on a Saturday night. However that might be because of the lockout laws. Yeah, we didn't see that coming. Apparently when you get that many people together they want to stay up late and party. Well, der. But this is Australia, mate, not Paris or Berlin, New York or London.

We're locked out after dark and the internet doesn't work, but gee the other services are good and I'll drink to that. BYO at home, that is.

Sorry about the website thing.

An important point that shouldn't be lost in all the media noise........

Finally, an estimation of how many premises and or households are still missing in action (including an unknown number involved in acts of civil disobedience)......

It is possible that as of today the Australian Bureau of Statistics only holds an est. 30-45 per cent of all Census forms (paper & online) it anticipated receiving.

The statistical margin of error flowing from that sort of respondent percentage would be too large to make it a credible national snapshot of population and housing.

"Stick your census in your ear you won't get any data here"

First Dog on the Moon

Creating the Digital Australia Card in 2016: ABS Census has holes in its security fence

Hard copy version of the Australia Card

  a national identity card rejected by the Australian population in 1987

The aim of the Census of Population and Housing is to collect accurate data on the key characteristics of the people in Australia on Census night, and the dwellings in which they live.

However, on  census night 2016 (and every national census thereafter) the names and addresses of those completing the compulsory national survey, along with the names of others in the same household, will be retained to allow data matching across as many agencies as the Australian Bureau of Statistics will from time to time decide it requires to form a complete longitudinal profile of every person living in this country.

Given that the census requires all questions to be answered on pain of a legally enforceable penalty and given that the questions asked are of an intimate nature - including a person's bathing and toileting regime (Question 20) - I do not think it unreasonable for those compelled to respond to publicly query security measures the ABS has allegedly put in place to safeguard privacy.

Nor do I think it unreasonable for persons so compelled to refuse to record their names alongside their answers to the census questions in light of the legitimate concerns that remain unresolved.

Especially as it is clear that the security of any database cannot be fully guaranteed and the Australian Bureau of Statistics (ABS) is not immune from data breaches and illegal use of data by staff.

Indeed as "Name of each person" (at points 2. & 53.) appears to be the only detail on the census form which is not couched as a question, I rather suspect that the ABS itself may not be entirely sure it has an enforceable right to compel a response despite what is asserted in Census and Statistics Regulation 2016.  

A new regulation that remakes the Statistics Regulations 1983 which in turn does not include "name" in Prescribed matters in relation to which statistical information may be collected even if the Census and Statistics(Census) Regulation 2015 does.

How the statisticians have been laying down the groundwork for the creation of the longitudinal database capable of producing individual profiles......

Australian Bureau of Statistics Annual Report 2014-15:

The ABS worked closely with the National Mental Health Commission, the Department of Health, and the Department of Human Services to provide timely statistics on mental health by linking information on the use of medical services with Census data.

A pilot project to inform policy development through the combination of Census and social security information was established between the ABS and the Department of Social Services.

ABS is moving beyond the public data environment to draw insights from retail scanner data...

Australian Bureau of Statistics Annual Report 2013-14:

The Australian Census Longitudinal Dataset (ACLD) brings together data from the 2006 Census with data from the 2011 and future Censuses…..

The Australian Census and Migrants Integrated Dataset was created by integrating data from the 2011 Census and the Department of Immigration and Border Protection (DIBP) Settlement Data Base (SDB) of the 1.3 million people who migrated to Australia under a permanent Skilled, Family or Humanitarian stream visa and arrived in Australia between 1 January 2000 and 9 August 2011.

Australian Bureau of Statistics Annual Report 2012-13:

The Technology Services Division (TSD) supports all areas of the ABS in the delivery of business outcomes through the effective and innovative application of information technology…. TSD is also challenged in its ability to maintain the range of technology skill sets required for support and to build new capabilities for the future, including addressing growing requirements for effective security measures in the face of more sophisticated cyber security threats.

The whole sorry saga........

IT NEWS, 1 August 2016:

The Australian Bureau of Statistics has been forced to answer questions about the security of its online Census website after it was revealed to be using an insecure and deprecated form of encryption to protect the sensitive personal details of the nation’s citizens.

Tests of the strength of encryption used on the main Census website, first highlighted by security consultant and software engineer Ben Dechrai, reveal the website supports the SHA-1 hashing algorithm long considered to be insecure.

SHA is a component of a Secure Sockets Layer (SSL) certificate that is used to prevent the modification of data.

All major web browser operators have said they will stop accepting SHA-1-based signatures by next January. Internet Explorer owner Microsoft recently said it would bring that date forward to September 2016 after research showed real-world ‘collision attacks’ could open the door to digital signature forgeries even before 2017.

The Australian Signals Directorate deprecated SHA-1 from its list of approved cryptographic algorithms in December 2011 after finding the risk of a successful attack on the platform was “higher than acceptable”. The US National Institute of Standards and Technology (NIST) has said SHA-1 should “not be trusted” past January 2014.

Despite this, the ABS is still supporting SHA-1 to ensure those using older versions of web browsers are able to fill out the online form on Census night.

“As the overwhelming majority of browsers and operating systems are SHA-2 compliant, most people completing the Census will be secured using SHA-2,” a spokesperson said.

“However there are some older browsers and operating systems that only support SHA-1. To enable users with these older systems to complete their Census online, the online Census also supports older SHA-1.”

But users will still face the risk of a man-in-the-middle downgrade attack, which uses available backwards compatibility to force a computer to a lower and more vulnerable version of encryption, Dechrai said.

"[It] increases the likelihood of a user's data being intercepted," he said.

The security expert suggested a better approach was either to stick with the current paper forms or introduce a tiered model of online security.

“[They should make] the page where people click to start the Census less secure, so it works on older browsers, [then] do browser detection, and if the browser is too old, prompt them to upgrade, or order the paper form,” he said.

“Only supported browsers show the "Start" button [which loads the submission form from a properly secured server].”

The ABS was also criticised for choosing not to implement perfect forward security, which would protect past communications and sessions from compromise should attackers be able to access long-term secret keys.

The agency argued that perfect forward security would disrupt its other security protections.

“As part of our total platform security for the online Census, we need to be able to detect and respond to any malicious traffic,” the spokesperson said.

“Implementing perfect forward secrecy would reduce the effectiveness of other security layers, and as such may compromise overall security.”

However, Dechrai said that while perfect forward security could disrupt web application firewalls and intrusion detection systems, it was a “solvable problem”.

“Better architecture is a bit more complex, but doable,” he said….

IBRS security advisor James Turner said he was "horrified" by the "naivety" of the ABS' response to public concerns.

"ABS executives had to know that privacy would be a huge issue raised around this change of protocol," Turner said.

"I think most people are looking at the ABS responses as "we think this is cool, so we're doing it and we don't care about your privacy". 

"[It] doesn't seem to understand that it gets one shot at this. If there is a breach, then the horse has well and truly bolted. It won't even matter if they promise not to do it again, because the data has already gone."

The Australian Bureau of Statistics' failure writ large in this disingenuous Letter from the ABS on 2016 Census on the Little Bird Network, 28 July 2016:

Hello,

Thank you for your query about the 2016 Census on Monday 18 July 2016.

Yes.
Names and addresses are specified in the Census Regulations as Statistical Information, like all other Census topics. This requires the ABS to collect this information as part of the Census. The requirement for all topics, including names and address, on the Census forms to be filled completely and accurately is consistent with 105 years of Australian Census practice, the Census and Statistics Act 1905 and legal advice to the ABS from the Australian Government Solicitor. The only exception is religion, which the legislation specifies is optional.

Failure to complete the form, regardless of how many questions, is subject to the potential penalty of 180 dollars. This penalty can apply to each day that the form has not been completed and returned to the ABS, for example 180 dollars every day until the form is received by the ABS. Fines for knowingly providing false or misleading statements or information will be 1800 dollars.

If you need help or more information, search our online Help. If you can’t find the information you’re looking for, call 1300 214 531.

Thank you.

Australian Bureau of Statistics

Please do not reply to this email, this address is not monitored.

Help – census.abs.gov.au/help
Privacy – census.abs.gov.au/privacy

The Sydney Morning Herald, 2 August 2016:

"The whole concept behind privacy is control of your personal information," said Kat Lane, vice chair of the Australian Privacy Foundation. 

"What we need to understand as a society is that it needs to be a choice whether you share your data with the world and whether you don't."

Ms Lane said Australians needed to be assured by the government that they would not be prosecuted and fined for not putting their names on the census if they did not wish.

"[The Australian Bureau of Statistics] didn't factor in a large amount of media coverage over what is a significant change...the consultation process was so poor, they should be announcing that no one should be prosecuted."….

Sixty-five per cent of Australian are expected to complete the census online this year, doubling the online response rate of 2011.

Those who do complete the survey online will receive a 12-digit code enabling them to fill out the form online. ……

Guy Eilon, Australian vice president of defence grade global cyber-security firm Forcepoint, said providing personal information to the census online is, "in many ways, no different" to posting a status on Facebook, or banking online.

"Ultimately, there will always be risks in situations where personal data is collected and stored, from the biggest bank to the smallest business," he said.

"In these circumstances all parties...must act in a transparent way, and ensure they put in place the most appropriate security, privacy and governance processes."

Households who would still like to fill out a paper form are told to contact the ABS to receive one, but community groups are complaining that the process is not so simple.

"Despite the ABS putting on 300 concurrent phone lines, many of those applying for paper census forms cannot get through", said  Paul Versteege, policy coordinator for the Combined Pensioners and Superannuants Association.

"The Census Inquiry phone line is overwhelmed and people are being told to call back later. Many  people are not online and are concerned they won't receive their paper forms in time and will be fined $180 a day for every day they are late."

Telephone connectivity issues have applied to both the ABS support hotline and the hotline to request a paper census form.

Ms Lane said the unresolved privacy concerns of Australian's could mean many "might actually want to move to the paper", but are as yet unable to source a form.

"I'm not doing it online, so I don't know what I'm doing on August 9."….

The Register, 1 August 2016:

The Australian Bureau of Statistics (ABS) has so badly mishandled the question of retaining names that its senior leadership need to consider their futures.

The ABS is – sorry, was – probably one of Australia's most trusted bureaucracies, alongside the Bureau of Meteorology, the Australian Electoral Commission, and Geosciences Australia.

But since deciding that this year's Australian census will retain participants' names and use them for ill-defined data-matching purposes, the Bureau has so alienated people there are serious calls for name-boycotts and a persistent discussion about the scale of fines (AU$180 a day up to a maximum $1,800, if you're interested). Those calls can undermine the census and its mission of providing policy-makers with useful data.

And the ABS persistently ignores questions put to it. Its first response when asked about the retention of names is something like the Tweet below, which talks about collection, not retention.

It's a mess that the ABS created for itself.

It takes a lot to make me say “security is now no longer the primary consideration”, but that's what the ABS has achieved.

Its data is useless without the trust of the public, and I've never seen public goodwill burned as quickly as has happened since Australians learned – somewhat after the decision was made – that the Bureau wants to keep their names.

And since then, the bureau has acted in a high-handed, condescending and dismissive manner……

Here's a speech from 2015, which is in no way reassuring, by the chief statistician David Kalisch.

The exact concerns being raised now, he dismissed last year: “Technology, expertise and confidentiality are not the issues or the constraints. It can take some time and resources for government agencies to provide better access to their data, even to an organisation such as the ABS with all the data protections and community support you would require.”

Ahem, confidentiality and technology certainly should be considered “constraints”, when the aim is to create a named identifier for all citizens, which Kalisch clearly admires.

Moreover: the ABS is not mandated to be the data integrator Kalisch imagines and desires. Kalisch is already advocating scope creep when he should be resisting it in the name of privacy.

In the presence of such sensitivities, transparency and trust are indispensable – but the bureau dispensed with both.

And at last, I will come to the generally-demanded “tech angle” to this story: it's perfectly feasible to tie data to a unique identifier without the name being that identifier.

If two data sets – the Census and the Pharmaceutical Benefits Scheme, for example – contain enough data points to consistently identify me, then a hash of that data would work just as well for anonymous analysis.

Richard Chirgwin with a date of birth and an address will produce the same SHA-256 key (c2483d63179b71b37334f730385272c81b5d6bd3ae6edffb49234cfeb7f7d9a6, I just tried it) no matter the source system – but the hash cannot be reversed to deliver my personal data.

If the data records with name are sufficient to identify me uniquely across two government systems, a hash of that data will be just as unique and will provide the same analytical link.

The ABS – and the data users defending it – must explain why names are indispensable to the mission.

But the cack-handed mishandling of the public debate is so destructive, it should be the next chief statistician to give the explanation. 

Bootnote: As a clarification, I need to point out: I am saying Census data (with a hash as an identifier) should never be brought together with a second source (example above, the PBS) with names intact on either side.

Should a researcher demonstrate a use-case to construct Census-versus-PBS queries, the names in PBS data should be hashed before the two datasets are brought together.

News.com.au, 3 August 2016:

THE Government today admitted organisers of next week’s online census were unprepared for a flood of public inquiries about the August 9 national headcount….

Earlier, independent MP Andrew Wilkie today warned of confusion and concern, and called for assurances no one will be fined for not completing the Census form.

“I have been shocked by the number of people who have approached me and my office with all sorts of concerns about the national Census scheduled for next week,” Mr Wilkie said today.

“A big problem is the difficulty and cost being experienced by many people attempting to contact the Australian Bureau of Statistics by phone.

“Typically they are experiencing very lengthy delays, if they can get through at all, and even having to pay for the calls.”

Mr Wilkie said examples of the “confusion in the community” came from visits to his Hobart office today by seven constituents.

“One had received a paper Census form even though he didn’t request or want it, one had been visited by a census official at home, two had received a letter at home with a code to use online, one had received three letters at her home, and two hadn’t been contacted at all,” he said.

“The one who got a paper Census form is baffled by the two different serial numbers it contained, received no detailed instructions and found no mention of the specifics of fines.

“Despite the collection of names in previous censuses the logic for this has not been communicated to the public, if indeed there is any logic at all. Nor has any explanation been given for why the ABS holding this information for much longer than normal is warranted.”

Remembering the history of census taking and past governmental misuse of national census data is important in deciding whether such punitive, political and/or criminal instances could occur again in the future......

Punishment

The Sydney Morning Herald, 26 June 1966

Political motives

Australian Bureau of Statistics, 2011

Persecution and Genocide

A final word.......

Beware the Secret State - Part Two

The Secret State is becoming more than a concept in Australia as successive governments spend more and more money on surveillance and give more and more surveillance power to federal and state government departments and agencies.

On 5 August 2014 the Prime Minister announced his intention to further broaden surveillance powers via the mandatory retention by service providers of all telecommunications metadata, in order for government agencies to access information on Australian citizens, permanent residents and visiting tourists. 

Between 1 July and 31 December 2013 just one of Australia’s major telecommunications companies received these requests for data held on its customers:

Telstra customer information, carriage service records and pre-warrant checks 36,053

Life threatening situations and Triple Zero emergency calls 2,871

Court orders 270

Warrants for interception or access to stored communications 1,450

Total 40,644

Note: These figures do not include requests by national security agencies.

By 30 June 2014 these requests for data held on its customers in the 2013-14 financial year totalled :

Telstra customer information, carriage service records and pre-warrant checks 75,448

Life threatening situations and Triple Zero emergency calls 6,202

Court orders 598

Warrants for interception or access to stored communications 2,701

Total  84,949

Note: These figures do not include requests by national security agencies.

In addition the centralised database of all Australian telephone numbers including the service and directory addresses provided by the customer, the Integrated Public Number Database (IPND), was accessed by agencies approximately 104,000 times (excluding national security agencies) during the 2013-14 financial year.

Those agencies who can access all this metadata with or without a warrant include; federal, state & territory police forces, Customs, CrimTrac, state anti-corruption agencies, Australian Commission for Law Enforcement Integrity, state & territory corrective services, Australian Competition & Consumer Commission, Australian Securities & Investment Commission, Australian Taxation Office, Australia Post, Dept of Human Services (including Centrelink, Medicare, Child Support Program), Dept of Veterans’ Affairs, Dept of Immigration and Citizenship, Dept of Defence, State Emergency Services, the RSPCA, local councils – and many more.

That the system is open to possible abuse is evident.

The Global Mail reported on 13 December 2013 that:

In November [2013], Federal Police Commissioner Tony Negus admitted his force had accessed the call data of “up to five” members of parliament. Negus made much of the judicial oversight, through the issuing of a warrant, for any interception of the contents of phone calls, emails or SMS messages – but the elephant in the room was his admission that up to five MPs had been the subjects of warrantless data-surveillance, and that no judge had any input at all regarding the propriety of this access….

The extent of use of these powers is surprising – and suggests that it is being used to shirk the hurdle of judicial oversight. No less than 40 government agencies made 293,501 warrantless requests for metadata from internet service providers in the 2011-12 financial year. Just 56,898 of those requests were made by the Federal Police, which has the primary criminal law-enforcement role. The RSPCA, Wyndham City Council, the Tax Practitioners Board and even the Victorian Taxi Directorate also have been allowed to access individual telecommunications data for a ‘law-enforcement purpose’. Why are we giving quangos and a taxi administrator the power to access often highly sensitive personal telecommunications data?

Voters will never know the level of metadata access, with or without a warrant, that has been available to national security agencies in the the last three financial years.

However, they do know that the Abbott Government intends to increase national security agency powers to spy on them, under the National Security Legislation Amendment Bill (No. 1) 2014 before the Senate .

The Australian Human Rights Commission stated that it is particularly concerned about the following elements of the bill which are overly broad in their coverage and which potentially impact upon rights to privacy and freedom of expression:

* Provisions enabling warrants for 12 months access to computers, computer networks and premises in the absence of adequate safeguards

* Blanket immunity to ASIO officers from Australian law in conducting surveillance activities with inadequate, independent oversight

* Strict liability for disclosure of information that could capture the work of journalists, among others.

That the Abbott Government intends to use this new legislation to capture journalists' sources can be inferred from this excerpt from a media report in The Sydney Morning Herald on 31 August 2014:

The Australian government has asked the federal police to investigate if lawyer Bernard Collaery and a former spy can be charged with disclosing classified information after revelations Australia spied on East Timor during sensitive oil and gas treaty talks.

Confirmation of the investigation came as the AFP asked the ABC to hand over material relating to its reports on the clandestine operation.

According to sources, the AFP was particularly keen on getting unedited footage of Mr Collaery's interviews with 7.30, Lateline and Four Corners.

It might also want an extract of an affidavit from the former Australian Secret Intelligence Service agent that reporter Conor Duffy claimed to have obtained.

In the interviews with the ABC and other media organisations, Mr Collaery – who had acted for East Timor and the former  ASIS agent – detailed how the former spy led the operation to insert listening devices into the wall cavity of East Timor's government offices under the cover of an aid project.

Attorney-General George Brandis and solicitor-general Justin Gleeson both said the former spy and Mr Collaery appeared to have breached laws preventing the public disclosure of classified information.

The offence carried a prison term of up to two years.

When asked if it was investigating Mr Collaery and the former spy for breaching commonwealth laws, a spokesman for the AFP said: "The AFP can confirm it has received a referral in relation to this matter. As this investigation is ongoing, it is inappropriate to comment further."

The referral was understood to have come from Senator Brandis or his department, which includes ASIO.

In emailed comments, Mr Collaery said he understood ASIO referred the matter to the AFP because of a suspected breach of section 39 of the Intelligence Services Act.

He noted that current ASIO boss David Irvine was head of ASIS at the time of the spying, which Mr Collaery said was illegal.

"This is the police knowingly or unknowingly trying to base a search warrant on an illegality. 

"The AFP should be investigating [former foreign minister Alexander] Downer and Irvine."

The ABC was considering its response but was understood to be prepared to reject the request, despite intimations from the AFP that it would seek a warrant for the material if it failed to comply.

While it was happy to provide footage that went to air (it was available online anyway), it regarded the unedited footage as including off-the-record information that might reveal the identity of protected sources.