Copyright 1988-2006 1 National Identity Cards? Bust the Myth of Security ¼ber Alles Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, Unis

  • View
    214

  • Download
    2

Embed Size (px)

Text of Copyright 1988-2006 1 National Identity Cards? Bust the Myth of Security ¼ber Alles Roger...

  • Slide 1

Copyright 1988-2006 1 National Identity Cards? Bust the Myth of Security ber Alles Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, Unis. of Hong Kong, U.N.S.W., ANU http://www.anu.edu.au/Roger.Clarke/......../DV/NatID-BC-0602 {.html,.ppt} 7th Annual Privacy & Security Conference Victoria BC 9 February 2006 Slide 2 Copyright 1988-2006 2 Were Living in an Era of Myths They Threaten Civilisation Far More Than Do Islamic and Christian Fundamentalism and Terrorism The Many Myths Must Be Debunked Myth No. 1 This is about just a Card Slide 3 Copyright 1988-2006 3 Elements of a National ID Scheme A Database centralised or hub (i.e. virtually centralised) merged or new A Unique Signifier for Every Individual A 'Unique Identifier' A Biometric Entifier An (Id)entification Token (such as an ID Card) Mechanisms for: (Id)entity Authentication (Id)entification Obligations Imposed on: Every Individual Many Organisations Widepread: Use of the (Id)entifier Use of the Database Data Flows including the (Id)entifier http://www.anu.edu.au/Roger.Clarke/DV/NatIDSchemeElms.html Slide 4 Copyright 1988-2006 4 Myth No. 2 This is about just another Card Slide 5 Copyright 1988-2006 5 Myth No. 2 This is about just another Card Characteristics of a National ID Scheme Destruction of protective data silos Destruction of protective identity silos Consolidation of individuals many identities into a single general-purpose identity ==>The Infrastructure of Dataveillance Consolidation of power in organisations that exercise social control functions Availability of that power to many organisations Slide 6 Copyright 1988-2006 6 Identity Management of the Most Chilling Kind The Public-Private Partnership for Social Control With the Capacity to Perform Cross-System Enforcement Services Denial Identity Denial Masquerade Identity Theft Slide 7 Copyright 1988-2006 7 Myth No. 3 Privacys dead. Get over it Slide 8 Copyright 1988-2006 8 Privacy is a Fundamental Requirement for Humanity and Civilisation psychologically, people need private space, closed doors, drawn curtains. People need to be able to glance around, judge whether the people in the vicinity are a threat, and then perform potentially embarrassing actions (break wind, jump for joy) sociologically, people need to be free to behave, and to associate with others, without the continual, even continuous, threat of being observed. The alternative is the context that we deplored about life behaind the Iron and Bamboo Curtains economically, people need to feel free to innovate. Sustaining standard-of-living depends on continual reinvention politically, people need freedom to think, to argue, and to act. The chilling of behaviour and speech destroys democracy Slide 9 Copyright 1988-2006 9 Privacy is a Fundamental Human Right, not an Optional Extra UDHR 1948, Article 12 ICCPR 1966, Article 17 national Constitutions and Bills of Rights Privacy is not a Mere Economic Right Slide 10 Copyright 1988-2006 10 Dangers of Dataveillance (1 of 2) Dangers of Personal Dataveillance -wrong identification -low quality data -acontextual use of data -low quality decisions -lack of subject knowledge of data flows -lack of subject consent to data flows -blacklisting -denial of redemption Dangers of Mass Dataveillance To the Individual - arbitrariness - acontextual data merger - data complexity, incomprehensibility - witch hunts - ex-ante discrimination, guilt prediction - selective advertising - inversion of the onus of proof - covert operations - unknown accusations and accusers - denial of due process Slide 11 Copyright 1988-2006 11 Dangers of Mass Dataveillance To Society as a Whole -prevailing climate of suspicion - adversarial relationships - focus of law enforcement on easily detectable and provable offences - inequitable application of law -decreased respect for the law and law enforcers - reduced meaningfulness of individual actions - reduced self-reliance and self-determination - stultification of originality -increased tendency to opt out of the official level of society -weakening of society's moral fibre and cohesion -destabilisation of the strategic balance of power -repressive potential for a totalitarian government Dangers of Dataveillance (2 of 2) http://www.anu.edu.au/people/Roger.Clarke/DV/CACM88.html Slide 12 Copyright 1988-2006 12 Myth No. 4 You cant have privacy if you want security Slide 13 Copyright 1988-2006 13 Myth No. 4 You cant have privacy if you want security Yes, if course privacy protections are used by people for anti-social and criminal ends But the privacy advocacy argument is not extremist like the national security agenda Privacy protections are about: Justification, not Blithe Assumptions Balance, not simplistic notions like Zero-Tolerance and we need to do anything that might help us wage the war on terrorism Slide 14 Copyright 1988-2006 14 Myth No. 5 Strong Form: A national ID scheme is essential to national security Weaker Form: A national ID scheme will contribute significantly to national security Slide 15 Copyright 1988-2006 15 Terrorists, Organised Crime, Illegal Immigrants Benefits Are Illusory Mere assertions of benefits: its obvious, its intuitive, of course it will work Lack of detail on systems design Continual drift in features Analyses undermine the assertions Proponents avoid discussing the analyses Slide 16 Copyright 1988-2006 16 Biometrics and Single-Mission Terrorists Terrorism is defined by an act, not an identity: Biometrics... cant reduce the threat of the suicide bomber or suicide hijacker on his virgin mission. The contemporary hazard is a terrorist who travels under his own name, his own passport... until the moment he ignites his shoe-bomb or pulls out his box-cutter (Jonas G., National Post, 19 Jan 2004) It is difficult to avoid the conclusion that the chief motivation for deploying biometrics is not so much to provide security, but to provide the appearance of security (The Economist, 4 Dec 2003) Slide 17 Copyright 1988-2006 17 Miscreants (Benefits Recipients, Fine-Avoiders,...) Benefits May Arise, But Are Seriously Exaggerated Lack of detail on systems design Continual drift in features Double-counting of benefits from the ID Scheme and the many existing programs Analyses undermine the assertions Proponents avoid discussing the analyses Slide 18 Copyright 1988-2006 18 Myth No. 6 Strong Form: The Scheme will include privacy protections Weak Form: The Scheme complies with the [Privacy] Act Slide 19 Copyright 1988-2006 19 The Vacuousness of Data Protection Laws FIPs (Fair Information Practices) were designed for administrative convenience OECD Guidelines were designed to protect businesses from inconsistent national laws Exceptions, Exemptions, Loop-Holes Over-Rides http://www.anu.edu.au/people/Roger.Clarke/DV/PP21C.html Slide 20 Copyright 1988-2006 20 Myth No. 7 A National ID Scheme can be devised so as to preclude abuse by: Unelected Governments, e.g. Invaders Military Putsch Elected Governments, e.g. that arrange the law as they wish that act outside the law Slide 21 Copyright 1988-2006 21 Myth No. 8 The public accepts that the world changed on 11? (12!) September 2001 Privacy valuations are highly situational The gloss has gone People are becoming inured / bored / realistic about the threat of terrorism People know that a national ID scheme wont prevent terrorism Zogby Poll 2 Feb 2006 2001 - 2005 Luggage Search63 - 44 Car Search 60 - 37 Vehicle Search 59 - 33 Mail Search 55 - 25 Tel Monitoring 38 - 28 http://www.zogby.com/news/ReadNews.dbm?ID=1068 Slide 22 Copyright 1988-2006 22 The Privacy Advocacy Core LSEs Identity Project http://is2.lse.ac.uk/idcard/ Privacy International http://www.privacyinternational.org/ APF International Resources http://www.privacy.org.au/Campaigns/ID_cards/Resources.html US, e.g. EPIC http://www.epic.org/privacy/id_cards/ UK, esp. SayNo2ID http://www.no2id.net/ Australia, esp. APF http://www.privacy.org.au/Campaigns/ID_cards/NatIDScheme.html Slide 23 Copyright 1988-2006 23 Conclusion There can be no reconciliation or balance between privacy and security that involves a national ID scheme Attempts by intellectuals and regulators to accommodate a national ID scheme must be seen by everyone, and treated by everyone, for what they are: a sell-out of liberty, and a derogation of their duties as human beings Slide 24 Copyright 1988-2006 24 National Identity Cards? Bust the Myth of Security ber Alles Roger Clarke, Xamax Consultancy, Canberra Visiting Professor, Unis. of Hong Kong, U.N.S.W., ANU http://www.anu.edu.au/Roger.Clarke/......../DV/NatID-BC-0602 {.html,.ppt} 7th Annual Privacy & Security Conference Victoria BC 9 February 2006

View more >