Australian Government's Stupid Census Plans Puts Privacy At Risk, May Destroy Their Own Census
from the short-sighted-in-the-extreme dept
You may have heard that tomorrow is the official day for the Australian census to take place... and many people are planning to ignore it, because of massive security concerns and some incredibly stupid plans by the Aussie government to retain and make use of the data collected. Having an accurate population census is an extremely important tool for a wide range of government services, but especially in an age of increasing (and very legitimate) concerns about government overreach and surveillance, some are reasonably worried about what's done with the data. In the US, it's been made quite clear that census data absolutely must be kept secret and not connected to individuals or used for other purposes.Over in Australia, they've apparently got some other ideas in mind. Late last year, the Australia Bureau of Statistics announced that for this year's census it would, for the first time, retain all the names and addresses it collected. This has raised some pretty serious concerns, and some fairly weak claims from the government. Prime Minister Malcolm Turnbull has announced that no one should worry because the government always protects people's privacy. No, really.
Mr Turnbull said on Wednesday the organisation "always protects people's privacy".Anyone claiming that the security of any system "is absolute" has no fucking clue about security. There is no such thing as absolute security, and saying as such probably just acts more to entice hackers to try to break in than anything else. The comments from the ABS's chief statistician are not any more comforting. When asked about security, he went with a Trumpian response of "we have the best security features."
"The security of their personal details is absolute and that is protected by law and by practice," he said.
"That is a given."
"The ABS has the best security features," he said.Making matters even worse, over the weekend, it was revealed that the ABS actually had plans to crossmatch people's data to other government services, and do other things with it -- which is exactly what a large part of the concerns were about.
"We've never had a privacy breach with Census information and we do secure the information somewhat differently … These days we can keep names separate from address and separate from other Census content, in three separate computer systems and never brought together."
When asked if he believed this year's Census had been handled poorly, Mr Kalisch responded that "we're well ahead of where we thought we would be".
“Retention of personal identifiers could improve the value of census data through data integration and linking, which would enable new products,’’ the document, released under freedom of information laws, stated.The same document notes that there may be some "public backlash" to all of this "which would need to be carefully managed."
So far, they're not doing a very good job managing anything. The privacy and security concerns are growing rapidly, and people are speaking out on why they're willing to face fines and punishment by refusing to fill out the census -- even those who strongly support the idea of the census. This post from the former Deputy Privacy Commissioner, Anna Johnson, is well worth a read:
There's a lot more in Johnson's post that is worth reading, including just how ridiculous the privacy promises are, and even an analogy of how the ABS is acting "like a very, very bad boyfriend" who "keeps on breaking promises, pushing boundaries and disappointing you."The definition of ‘census’ is “an official count”. I actually want to stand up and be counted. But only counted; not named or profiled or data-matched or data-linked, or anything else. The privacy risks of doing anything else are just too great.
I have thought about just refusing to provide my name. But even if I don’t give my name, if the ABS is determined to link my Census data with other datasets, there would be enough other information in my Census answers (sex, age, home address, previous home address, work address) to let them proceed regardless. It won’t be enough to protect my privacy.
As for the security assurances, beyond just being ludicrous in claiming "absolute" security, there are already some pretty serious concerns. First of all, can you really claim that your security is "absolute" when you're storing passwords in plaintext? I don't think so -- but that's apparently what the ABS is doing with census passwords.
On top of that, some are already finding that their older computers are apparently unable to handle the census. If the goal is to collect information on everyone, perhaps you should design a simple system that doesn't require a modern computer.
And, now, because of this mess, plenty of people say they're simply not going to obey and respond to the census. And while the Australian government may try to crack down on such behavior, in the end, it's absolutely going to call the accuracy of the census into question. So in their quest to expand the power of the census, the ABS may have done the exact opposite. * Special thanks to Australian journalist/privacy activist Asher Wolf for helping me go through some of the details on this story.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: austaralia, census, crosslinking, data, privacy, security
Reader Comments
The First Word
“...just like they've always done in... oh yeah, in no census ever.
However much of a problem it may be over the short term, personally identifiable data in census records makes for incredibly valuable historical documents. Just ask any historian or genealogist.
Subscribe: RSS
View by: Time | Thread
http://i.imgur.com/pKKwbvv.png
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
"Retention of personal identifiers could improve the value of census data through data integration and linking, which would enable new products"
So... they're never brought together. Until the data's integrated with additional systems.
Did this actually make sense to someone when they stated it, or is it only with the benefit of edited we can see how dumb it is?
"We've never had a privacy breach with Census information"
Don't worry, you've made yourselves look incompetent *and* issued a challenge to any interested hacker out there. It won't be long. Unless your ability to detect a breach is on par with your ability to secure user passwords, in which case it's way too late.
[ link to this | view in chronology ]
Re:
FTFY
[ link to this | view in chronology ]
Not even God could sink this ship.
[ link to this | view in chronology ]
Nothing to See Here
Of course not - you never previously had data anyone would want to steal.
[ link to this | view in chronology ]
Re: Nothing to See Here
[ link to this | view in chronology ]
Re: Re: Nothing to See Here
Gotta love auto-correct.
[ link to this | view in chronology ]
Re: Re: Re: Nothing to See Here
[ link to this | view in chronology ]
"census data absolutely must be kept secret"
[ link to this | view in chronology ]
Thank goodness, at least Australia has a Privacy Commissioner.
You'all in the 'States should get one (or fifty-one) of these. They're good to have.
[ link to this | view in chronology ]
What I can buy with 180$AUD
Then they can pay us back 180 dollars a day for every day after they're hacked until the genie is back in the bottle.
[ link to this | view in chronology ]
Re: What I can buy with 180$AUD
Of course then they'd have to charge you twice that in extra taxes to pay for it.
[ link to this | view in chronology ]
Genuinely concerning
[ link to this | view in chronology ]
Re: Genuinely concerning
[ link to this | view in chronology ]
This is a problem, that is true. Should not happen.
As for keeping names and addresses, that is what a census is. Historical census returns are invaluable for the study of migration patterns, economic and indsutrial development, disease patterns and health research amongst other reasons. This is how we detail our history, and in particular the lives and history of ordinary people (not many of us would have been wealthy or important enough to appear in written records of the 1840s, for example). One day soon each of us will be history too and I WANT my descendants to trace me and my ancestors. Hence the 100yrs+ rules in so many countries. Until the 'secret' retention period has expired then the data should only be available in summary form. Census records are national treasures and should be treated as such if we value our cultures and histories.
[ link to this | view in chronology ]
Re:
And rounding people up. You forgot that one.
[ link to this | view in chronology ]
Re:
Perhaps it's different in other countries, but the intended purpose of the census in the US is for the apportionment of representation. You can pass information to your descendants without census mission creep or governmental assistance. Kids would probably value a family tree that was created and passed down by an ancestor more so than census data that was collected without their forebears' informed consent, and it would probably be more accurate than the BS responses that will be returned for the Australian census.
[ link to this | view in chronology ]
Re: Re:
That is the constitutionally required purpose, but is not the only purpose. Everything else the AC said about the purpose of the census applies to the US census as well, except that in the US, individualized information is not made available for 72 years rather than 100+.
[ link to this | view in chronology ]
Re: Re: Re:
So what part of the Constitution authorizes the federal government to require people to tell them whether they have a refrigerator, or their ethnicity, or whether they have trouble concentrating?
[ link to this | view in chronology ]
Re: Re: Re: Re:
"in such Manner as they shall by Law direct" has been interpreted as being expansive, meaning that any question may be asked. The Census bureau has this to say on the subject:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
And any answer may be given. For security purposes, I salted (i.e. added plus-or-minus a random amount in the range of "large fraction of the actual answer") my responses to the nosy (US) "long form" (before it got replaced with the ACS form).
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
Lying on the census is a federal crime.
For security purposes, I salted (i.e. added plus-or-minus a random amount in the range of "large fraction of the actual answer") my responses to the nosy (US) "long form" (before it got replaced with the ACS form).
You just admitted to committing a federal crime. And since you're a registered user, the feds could, if they so desired, subpoena your information from Techdirt and prosecute you.
[ link to this | view in chronology ]
Re: Re: Re: Re:
Since you seem to be too lazy to read it yourself, Article I, Section 2 empowers the Congress to carry out the census in "such manner as they shall by Law direct".
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
The courts may support them, but the courts are routinely too permissive when it comes to the powers it allows the federal government to have.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
You may believe that your personal authority exceeds that of the federal courts. I, however, disagree.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
With regards to the census specifically, the courts have ruled this way from the very beginning. The objections you're raising have been raised pretty much since the census began.
You may disagree with the interpretation (I disagree with plenty Constitutional interpretations myself), but that's what it currently is until someone can make a strong enough effort to change it.
This one has had longstanding and unwavering acceptance, though, so the required effort will be substantial.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
And yeah, I know my personal feelings count for nothing. I may think jury duty is a clear violation of the 13th amendment, but I'd still show up, because I'd rather not be thrown in jail for violating the unconstitutional law. The punishment for merely not answering census questions is only a maximum of $100.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re:
And a criminal record, with all that entails.
[ link to this | view in chronology ]
Well and good
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re:
What actually happens if you refuse to participate in the census is that census workers knock on your neighbors doors to ask about you and fill in whatever they can learn that way.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re:
https://familysearch.org/wiki/en/Beginning_Research_in_United_States_Census_Records#What_can_I _find_in_them.3F
Even the 1790 census had the name of the head of the house.
[ link to this | view in chronology ]
Re: Re: Re: Re:
They're just asking for people to check "yes" on this question and ignore all the others, aren't they?
[ link to this | view in chronology ]
Re:
I for one will be giving false information for I value my privacy.
Being threatened a hefty fine to protect ones private information is abhorrent and amateurish
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
cunty cunt holes all of them
[ link to this | view in chronology ]
~Joseph de Maistre
I feel sorry for individuals, but never for a nation!
[ link to this | view in chronology ]
Re:
I have no sympathy for them.
[ link to this | view in chronology ]
Re: Re:
Every time someone asks their government to save them from something...
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
'Joseph-Marie, comte de Maistre (French: [də mɛstʁ]; 1 April 1753 – 26 February 1821) was a Savoyard philosopher, writer, lawyer, and diplomat. He defended hierarchical societies and a monarchical State in the period immediately following the French Revolution.
...
Maistre, considered by Masseau and Didier to have been a key figure of what they termed as the Counter-Enlightenment, saw monarchy both as a divinely sanctioned institution and as the only stable form of government. He called for the restoration of the House of Bourbon to the throne of France and argued that the Pope should have ultimate authority in temporal matters.'
Given the source that line strikes me as less 'the government is a reflection of the will of the people' and more 'if your government is acting badly you deserve it as punishment from on high'.
[ link to this | view in chronology ]
Sounds like Trump
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
just look at all the security features it has,
there are no better security features anywhere.
And believe me, I know about security features.
I have a very good brain and I've said a lot of things
about security features. No one knows security features as much as I do.
[ link to this | view in chronology ]
new products
[ link to this | view in chronology ]
...just like they've always done in... oh yeah, in no census ever.
However much of a problem it may be over the short term, personally identifiable data in census records makes for incredibly valuable historical documents. Just ask any historian or genealogist.
[ link to this | view in chronology ]
Re:
I have no obligation to future historians or genealogists to make their job easier.
At least in the US, the census is supposed to be to determine population, so we can correctly apportion congressional representation. They have no business demanding that people answer all of those long form questions. Even on the short form I would say they have no business demanding my race. They need to know the number of people. That's it. They don't need to know if I have a refrigerator or whether I took a ferryboat to work.
In 1790, they listed the name of each head of household, and they asked questions about the number of free White males aged under 16 years, the number of free White males 16 years and upward, number of free White females, number of other free persons, and number of slaves. That's it. (Differentiating the slaves was required at that time due to the 3/5 rule.) They didn't even ask for the names of anyone except the head of household until 1850.
[ link to this | view in chronology ]
Re: Re:
Actually, the US Constitution says that the US census is to be conducted in the manner determined by Congress. So Congress determines what gets asked, not you. Sorry.
[ link to this | view in chronology ]
Re:
An easy way would be to set up a deadman switch with a lawyer to release that PID when I have been confirmed dead.
As for "Historical Documents" saved in a totally safe computer database, it always starts out really noble and all like this, but then turns into this, and ends up with this.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Interesting definition of "secret" or "private"
[ link to this | view in chronology ]
Re: Interesting definition of "secret" or "private"
[ link to this | view in chronology ]
http://www.macrobusiness.com.au/2014/06/abs-budget-cuts-blind-economic-policy/
http://www.sm h.com.au/comment/budget-cuts-how-asic-the-abs-and-the-ato-are-turning-off-the-lights-20140608-zs16p. html
It's not like this already lead to embarrassing problems like getting basic employment figures wrong:
http://www.afr.com/news/policy/industrial-relations/jobs-figures-are-dodgy-abs-admits-20141008 -11cc5q
https://theconversation.com/joe-hockeys-user-pays-plan-for-the-abs-doesnt-add-up-32790
And it's not like the increases in budget since then went straight into the shift to computerized data collection that's blowing up in their faces:
http://www.computerworld.com.au/article/574411/250m-it-upgrades-abs/
No, I'm sure that all of that was completely coincidental.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
I suppose I'd object to providing all that information if I ever got one. Somehow though, my mailman always seems to lose mine (along with other mail), and I'm always out when they come by. They probably call, but I don't have a cell phone and my answering machine doesn't always record messages properly. I really should get a new one...
[ link to this | view in chronology ]
Data retention
[ link to this | view in chronology ]
Pay $180 and have at least an ounce of self-respect
There will come a day when having a receipt for this fine will be highly celebrated.
[ link to this | view in chronology ]
That didn't take long!
[ link to this | view in chronology ]
Re: That didn't take long!
To save face, they are now claiming that this event was caused by foreign hackers/DDoS.
Still waiting on paper form that was requested a week ago.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]