Census Damned If You Do & Fined if You Do Not.

This is a submission I did against changes that the Liberal Govt wanted to push through just prior to Covid19.  It now has relevance for all Australians. Census has included the changes requiring former Australian Defence Force personnel to identify themselves.

5^th January, 2020

To the Reviewing Committee,

Re:  Proposed Amendments Details of the Census and Statistics Amendment (Statistical Information) Regulations 2019

Thank you for the opportunity to make a submission.

I wish my submission to be public, but to have only my address/email withheld for security reasons.

I believe I have both the personal and qualified experience to make my submission worthy of inclusion as I: -

(a)   served in the Australian Defence Force;

(b)   am a wheely for life above knee amputee and was also carer of a frail aged prior;

(c)   have experience of computers (old programming) for networked/large entities in the workplace as snr bookkeeper for over 10years requiring advanced exposure to program security. Hold a Dip Acc 2017 which covered the modules FNSACC505 Establish & Maintain Accounting Info System or AIS and FNSACC506 re Implement & maintain internal control procedures that have timely relevance considering the 2016 development of the Census.

 

My submission is longer than the usual 5 pages, but addresses Privacy & Security of Census gathering: - Centralised Data; Defence; & Medical.

Thank you for your consideration.

Yours faithfully,

 

Tracey Hoolachan

 

 

 

 

 

 

 

 

1      Privacy & Security of Centralised Data

 

Does Australian Parliament House have the privacy & security protections in place to secure Defence & Medical data in a single place?  No!

 

1.1 The last Census has proven this is doomed to fail. The last Census disaster showed the centralisation of data made the information a bigger target.  With all of its tech savviness USA has not prevented its own major private companies from having & allowing data breaches e.g. Facebook, Capital One & Amazon₈.  It is not if, but when information uploaded will be breached.  Whatever money is spent on security, it will never be enough.  This is 2020 after 40 years of home computer programming, we’re at Enigma Code meets Generation Turing. When the security puzzle is cracked, do we really want the winner to be able to take all in a smash & grab? ;

 

1.2 How did Census 2016 go so badly wrong? We’re advised it was IBM Australia’s use of sub-contractors. (They quickly disputed this)₁. A hugely publicised & incredibly fast payout by IBM of $30Million was made. (Where did those naughty sub-contractors disappear to?). No wonder media was almost asleep by comparison, when a $1Billion 5-year maintenance of multi government department computers was awarded to a company that couldn’t manage effectively the security in one department without outsourcing.  IBM boasted “under the agreement, all government agencies can access the financial benefits and technologies”.₂ This amplifies my security or privacy fears;

 

1.3 Currently we’re told that Census only captures numerical data.  Let’s look at that old form₃. The form has been set up with fields & instructs completion methods to make optical character recognition an easier process. The household individually numbered forms with the names enables an easier alpha-numeric saving ergo reducing fuzzy logic. Did Government have the ability to store all information? Absolutely! Form fillers find that out when they get to Part 60. When there, they are generously given the opportunity to be part of history & voluntarily sign away their privacy rights. Only the limited details of public release timeframes are given. Not how government & private entity will use data in the interim. At least data-miners give a free voucher for surveys & don’t legislate you must complete them. Box 60 is the box immediately before the signature box. This is so the form is completed before you’re aware of Government’s ability to save all.  That single line correction method on the front page enables the program to see your first answer & a simple code will enable it to record changes;

 

1.4 The ability to data match across Government agencies was enabled by the Data Match Act 1990.  Data matching is a key control for the purpose of fraud control & non-compliance₆. It is recorded in Government committee minutes as early as 2009-10_5.  The current Commonwealth Ombudsman Michael Manthorpe should be well aware of this. He was on DEEWR Committee that discussed this. It has been used for Robodebt & I’m asked to credit, that a Government that sat on a conflict of interest between that office & the Robodebt review processes would miss a golden opportunity to have recorded Census data for future data matching.  It’s an insult to my Robo-nous. An increasing number of departments are being merged & privatised. Every time that happens more of our data is captured & available to subcontractors & temporary contract workers thereto. Trust Government with more defence & medical data? I don’t know:- who the hell Government is now; who they are being led by; & whether that situation will be the same next week;

1.5 Within Microsoft Word we have the ability to find a word & replace that same word throughout an entire document.  Though not a feature of Word, there is an ability to merge documents₂₀. That enables correction or change of data across multiple documents at high speed. Excel workbooks again correction across multiple worksheets. With today’s graphic packages areas can be changed & replaced very quickly & standard forms make that process easier to do on a mass scale. It doesn’t take much imagination to picture how quick data can be changed across multiple Census forms whether forms are completed online or data extracted by optical character recognition;

 

1.6 We must consider it a very real probability Census data is being saved in full & used for data-matching to build up a body of evidence & profile what Government now calls cohorts (formerly known as the public, civilians, citizens & customers). Knowing that the capability is there, the questions to consider are: - who has potential access to all the Census data?; and how secure is the data of those completing Census?;

 

1.7 Immediately, the Public Service come to mind as the human face. At this time after Robodebt I’ve no hesitation in saying they can’t be trusted. I’m not satisfied my Robodebt No.1 wasn’t maliciously given (won full waive AAT) & I watched & recorded my Robodebt No.2 being created.  The Robodebt arose due to their own failed timely processing of a correct notification I gave.  I also lodged a complaint of their non-timely processing & still I got a Robodebt.  False information was placed on my file noting it was my fault.  This is already a subject in a submission to Senate, but what should be of concern for Census is I firmly believe Robodebt No.2 was done to manipulate the program’s success rate enabling continuance of what now is seen to have been unlawful process from the start. My concerns on this has been amplified by a televised video of a Robodebt performance motivation whiteboard₂₂.;

 

1.7 When a privatised section of Public Service, the Debt Team, was financially motivated to create & completely misrepresent data for a financial per scalp gain, it’s not hard to imagine that being replicated in a privatised Census environment where a per form processed contract exists. Let’s not fool ourselves. That’s where Census will go under an LNP Government. In light of interdepartmental resource sharing, I’d be highly surprised if it’s not already happened. Statistics I’ve checked recently from ABS have moved strongly away from expanding on long tested & proven data report formats. The result it corrupts historical data flows & we should all be asking why did it happen?;

 

1.7 Can Australians rely on the Australian Public Service hierarchy to protect their security & privacy interests?  No!  We’re watching Robodebt unfold as an unlawful administrative disaster. As a publicly outspoken victim of Robodebt from the start who fought it to Administrative Appeals Tribunal (won waive), I spoke out knowing OAIC gave Centrelink permission to breach vocal advocates privacy for defending their selves against Government’s unlawfulness. I’ve tried unsuccessfully to date to get my own privacy breaches & I allege other unlawful Robodebt actions addressed. I am dismayed that I can personally add to Robodebt unlawfulness being avoided by the Commonwealth Ombudsman’s office in addition to not one but two announced reviews. Knowing that Census has the ability to be stored, changed, altered & deleted & Public Service hierarchy will do absolutely nothing, but cover that up gives me absolutely no faith in ABS data from 2016 or any data anymore.

Privacy & Security of Defence Personnel

Will more information on Census forms be a greater defence risk?  Yes!

 

1.1                        It is usually via a backdoor information that hackers gain access and Census would be seen as an easier target for hackers than Defence. Putting Defence information on forms that include their family or friends’ names, birthdays details etc is instantly giving hackers & privacy breachers not just possible hints to personal passwords, but information that can be used in psychological warfare against Defence personnel;

 

1.2                        It has never been a good military tactic to secure anything in one central location that allows attacks from all sides. In WWII when Churchill thought England was lost, he did not move Dad’s Army down to London to defend the motherland.  He spread the information out all across the country for a fight back. We’ve lost already the technology war. Our data has already been mined by privately owned foreign companies via Social Media.  What are the two things still secreted by the majority in social media? Defence service & medical information. What is the most valuable data-mined information on the black-market? Defence service & medical information;

 

1.3                        With IBM likely to be doing the maintenance on computers storing data from documents it’s partnerships and relationships with other companies should be considered. They’ll no doubt subcontract out & align their processes to other partners interests for profit. Examples of alliances document management to partners 100% Japan foreign company Fuji Xerox₇who were allowed to pick our 2016 election winner by capturing the vibe of voters. When Fuji Xerox’s vibe is used in preference to my vote, I’m not a solicitor but I question how any Members of House of Representatives etc can lay claim to have been constitutionally “directly” elected 2016 or any subsequent elections like, shall we generously say “process” occurred. This is a foreign company & without prejudice a country that historically showed a hostile design on Australia by bombing us WWII. Who won, because their say is worth more than our votes now? We need a big look at what’s already out there, before rushing to give more information quickly into foreign hands by computer.  With budget restrictions old defence personnel records are unlikely to have been uploaded. Manual typewriters ruled the 80’s. A retired computer anonymous military Home Defence force made up of still capable 40-60y.o.’s is not a bad thing to keep offline in a changing world;

 

1.4                        Make no mistake from what I’ve seen recently coming out of Government you already have a lot of security problems that have been ignored for a very long time. That means your security is so compromised you have a serious threat from the inside. Government’s shown a blatant intent, every opportunity to irresponsibly expose the identity of defence personnel past & present.  In one breath we are told there is a terrorism threat and “cyber security is one of the Australian Government's highest national security priorities”.  In another breath, acts like this Census change.  We’re giving those cyber terrorists even more candy.  As a former defence personnel member, I’ve watched Government of late offering badges to wear to get free drinks on planes. “Thank you for pointing them out”, says Mr Hi-jacker. The discount loyalty card that in an age of computerised cash registers with item entry buttons for that defence discount code data captures that discount for debit/credit card purchases.  When Investopedia only tells you the 5 biggest credit card hacks, it’s a big hint there’s an awful lot₁₁.  

 

1.5                        As we enter an aged population there will be a lot of people succumb to aged related illnesses. Whether a reservist or full-time defence personnel member all were trained in the same barracks & bases.  When considering exposure to fire fighting chemicals etc I can only see a negative effect of higher personal insurance premiums or denial of claims to former military personnel based on military service data results.

 

3.  Privacy & Purpose of Medical Information

3.1 Even without fires, the Christmas timing of these proposed changes, when health workers have statutory holidays shows an intent to stifle fair response;

 

3.2 Joe Citizen is having major problems with trusting their data privacy and the computer savvy of Federal Government and rightly due to: -

3.2(a) 2015 Metadata₂₂ & Anti-encryption laws 2018₂₁;

3.2(a) the 2016 Census fiasco;

3.2(b) My Health Wrecks a computer opt-out process;

3.2(c) Robodebt attacking and probably unlawfully, more than the Senate advised 300 ‘vulnerable’ test citizens if the 2030 figure of deaths within a year of Robodebt receipt are correct (the algorithm certainly isn’t);

 

3.3 Over 2.5 million people opted out of My Health Record because they didn’t trust Federal Government & stunts like this timed response to Census changes shows why₉. Why should citizens trust Federal Government respects their health privacy when: -

3.3(a) My Health Record previously termed E-Health was promoted by Hon. Ley as for release to many incl. Gymnasium Instructors_10.  My Health Record was never about protecting our health security rather selling the data to the highest bidders & now that has been prevented this Census move is not a good look;

3.3(b) Government has handed numerous health contracts incl. defence & NDIS to Serco who co-own Viapath₁₃ genome sequencers. Serco has a sordid history of overcharging UK’s National Health Service_15.  December again more charges to defend for yet again accounting issues to now the Dept of Justice (charging for deceased prisoners) _14.  Despite systemic accounting problems through Serco Group of companies, this appears to be no barrier for our Government who have been handing them government contracts on our health like confetti. So enamoured are they Mr Birch former boss of My Health Record’s obvious conflict of interest with Serco (co-consulting simultaneously) was not a problem₁₆;

3.3(c) they are threatening Social Security recipients with blood testing because they are so desperate to get more of our health data;

 

3.4 Yes, but once we get passed: -

3.4(a) the unhealthy appeal Government seems to have in signing contracts without qualifying contractors e.g. Paladin head office Kangaroo Island beach shack₁₇

3.4(b) the Government’s willingness to sign health contracts with companies with skills so poor they possibly can’t even identify a dead body e.g. Serco as per s3.3;

3.4(c) considering sister co’s & partnerships conflict of interests e.g. IBM s1.2; and

3.4(d) allowing the use of unscreened subcontractors e.g. again IBM s1.2;

what’s left?  Well actually the real Public Service have a pretty poor historical record on privacy breaches themselves.  Over 100 were caught in one sweep at Centrelink alone_18.   Additionally, anyone reading the excellent audit reports coming out of ANAO will be aware they’ve been raising poor privilege user access controls amongst other cyber risks across multiple departments for years_19;

3.5 No self-respecting budget committee would model an aging population future based on Census collected 5 years apart. An ageing population means every year that health budget should be increasing by not just the CPI, but also to allow for increases in aged condition medical uptakes. A Census that could be 5 years behind the times just won’t cut it.  Already reports from the Royal Commissions on the Aged and submissions to Disability on NDIS are showing an appalling delivery of health care under the current Government. Make no mistake when people have had their deaths hastened by non-provision of essential equipment via NDIS & from lack of aged care home packages the criminal negligence that has gone on is not going to be swept under a carpet. If the current fires have shown anything Joe Public has just about it & Government needs to lift its game fast & show its actions have the best interest of voters at heart. Using yet another stall of waiting for Census figure analysis is just not good enough. Times well & truly up;

3.6 Census forms are completed by individuals & more than probably they are not their own medical assessors. Any data therefrom is totally worthless for accurate statistics so the question then becomes why are the medical questions being asked in the first place?  We have annual budgets & a facility for further appropriations for when ambitious optimistic Governments screw up. Appropriations not demanded by Public Servants to the extent people are being dying is both inexcusable and unquestionably negligent.  A politician giving a directive that in anyway discourages Public Service requests for additional appropriations to the detriment of citizens health is not showing good order & therefore I struggle to see they would be empowered by the Constitution s50 to give such an instruction. Consolidated Revenue has directly received an additional 7.5% income tax since 1950 when Menzies shifted the money from the National Revenue Fund. (Collected since 1943-6 until 1950 to a separate fund that showed it made a healthy surplus).  Using the pathetic excuse, the Trust Fund doesn’t exist when the income tax bracket adjustment that raised the funds was never readjusted back, doesn’t wash. Health & Welfare has been overpaid for with the 7.5% Income Tax adjustment and a whole range of levies Medicare, smokers, alcopops on top. Start paying now & don’t even think of trying to stall with Census as an excuse.

3.5 These questions are on a form I have a statutory obligation to complete.  This is an incredible breach of my medical privacy and make no mistake I consider it to be disability discrimination.  The Act is very clear answers given by someone healthy and someone with a medical condition are going to be “materially different”.  The same clause Disability Discrimination Act 1992 30(2)(b) is assaulted time and again by LNP. From proposed Drug Tests, opt-out Cashless Debit Cards the LNP Government has slated multiple processes that offends every aspect this clause. The Disability Discrimination Act 1992 was formed in the shadow of international Human Rights. 

3.

6 We’re told these Census additions are for our health benefit. LNP Government has an appalling history on health. Consider NDIS. It repurposed $3.9Billion off the care assessed Plan needs of disabled NDIS participants including myself. We weren’t dying fast enough so it cut a further $1.6Billion in the Budget a few months later.  All across the country horror stories of LNP’s NDIS neglect eg a child in a wheelbarrow 5km from where I use to live. Me over quarter of a million worth of Plans that I may as well have wiped my proverbial *rse on. 20hours cleaning in over 2 years will be raised with LNP named as my abusers in my Royal Commission submission.  I have video taken by my solicitor’s physio and hospital reports subsequent to the ambulance he phoned for me attesting I’ve been physically impaired by the neglect I’ve had due to LNP’s games with my NDIS care Plan funds. I do not believe for one single minute LNP can be believed on anything related to health. It’s solution to the screams for care from disabled $800,000 extra money to propaganda consultants and a virtual reality computer so no-one has to listen.  Let me be very clear I have no hesitation in going on the Royal Commission & other records to say it is my personal opinion that the LNP Government has pro-actively conspired to deny both health care and justice for its non-provision. 

3.7 Before LNP is given access to any more health information the nature of its relationship with Serco & other contractors should be further investigated.  The number of medical contracts that have gone to Serco that for all intents & purposes is a foreign private company has virtually given that company a data monopoly of Australian health.  LNP further concealed information from the Australian people until media outed facts that Serco: -

3.7(a) was also getting consultant advice from Mr Health Record boss Birch (resigned after media outed him);

3.7(b) was caught out overcharging UK’s National Health Service;

3.7(c) is co-owner of a genome sequencers Viapath which makes any involvement in health data, a conflict of data-mining interests.

In Conclusion

While acknowledging the need to gather statistics we should be reminded from a medical point of view it has information from qualified sources and from Government applications in place now. An example of this the waiting list raised at the Royal Commission for home care packages showing those people that didn’t die first wait an average of two years. This data extracted from applications completed by the target market accompanied by medical professional data.  Suggesting up to the minute application process statistics are replaced by 5-year statistics from non-medical professional data that is possibly inflated when you consider the hypochondriac factor is laudable.  Only Governments hiding their total incompetence & negligence would use those statistics.

 

As Australians we need to sharply wake up that this world is changing and our alliances are going to change as that occurs. Whist we can not stop contracts signed giving access to information we can limit what information is their that can be damaging to Home Security. Government already has defence records of personnel past and present.  Enabling that data to be accessed by foreign company subcontractors is just plain stupid and dangerous.

 

 

 

 

 

References (If the link does not work copy & paste to your search bar)
No	Link
1	https://www.abc.net.au/news/2016-11-25/ibm-to-pay-over-$30m-in-compensation-for-census-fail/8057240
2	https://www-03.ibm.com/press/au/en/pressrelease/54124.wss
3	https://www.abs.gov.au/ausstats/abs@.nsf/Lookup/2901.0Main%20Features802016/$FILE/2016%20Census%20Sample%20Household%20Form.pdf
4	https://www.theguardian.com/australia-news/2018/may/29/government-cleared-of-privacy-breach-in-robodebt-row
5	Pg 112 https://docs.education.gov.au/system/files/doc/other/annual_report_200910_part_1.pdf
6	https://www.humanservices.gov.au/organisations/about-us/publications-and-resources/centrelink-data-matching-activities
7	https://www.fujifilmholdings.com/en/news/2019/1105_01_01.html
8	https://apnews.com/8cbfa4e9d17f46448a4f34d4d268f461
9	https://www.theguardian.com/australia-news/2019/feb/20/more-than-25-million-people-have-opted-out-of-my-health-record
10	https://www.smh.com.au/business/sussan-ley-to-trial-new-ehealth-record-for-the-fitbit-generation-20151028-gkk8ep.html
11	https://www.investopedia.com/news/5-biggest-credit-card-data-hacks-history/
12	https://www.nationalsecurity.gov.au/WhatAustraliaisdoing/Pages/default.aspx
13	https://en.wikipedia.org/wiki/Viapath
14	https://www.theguardian.com/business/2019/dec/16/sfo-charges-two-ex-serco-employees-with-and-false-accounting
15	https://www.independent.co.uk/news/uk/politics/exclusive-overcharging-by-outsourcing-giant-serco-costs-nhs-millions-9695342.html
16	http://onthenewsnow.com/news/my-health-record-boss-jim-birch-privately-giving-advice-to-serco/
17	https://www.kaldorcentre.unsw.edu.au/publication/secrecy-over-paladin%E2%80%99s-423-million-contract-highlights-our-broken-refugee-system
18	https://www.smh.com.au/national/centrelink-staff-sacked-for-spying-20060823-gdo8je.html
19	https://www.anao.gov.au/work/performance-audit/cyber-resilience-2017-18
20	https://helpdeskgeek.com/office-tips/merge-combine-multiple-word-documents/
21	https://www.itnews.com.au/news/mozilla-may-treat-aussie-staff-as-insider-threats-to-code-base-519793
22	https://www.news.com.au/technology/online/new-data-retention-laws-begin-today-this-is-what-you-need-to-know/news-story/28ea2dc1b01d15e53f474e21b6d68501
23	https://www.9news.com.au/national/robodebt-what-happens-inside-centrelink-offices-australia-news/d073fdfa-01a0-4d33-bcfe-a2df387417e9

 

 

Schedule 1 – Amendments

Items 1 and 2 insert two new topics into the list of topics in relation to which the Statistician proposes to collect statistical information.

 

 

Item 1 requires the Statistician to collect information about service in the Australian Defence Force from persons 15 years and older. Collection of this topic on the Census will allow for a better understanding of the circumstances of Australia’s veteran community, and will facilitate targeted services and support related to this community’s health, economic and social wellbeing.

Item 2 inserts a topic relating to health conditions diagnosed by a doctor or a nurse. This topic will be answered by all respondents and assist health service planning and service delivery at the local level.

Item 3 repeals the topic related to access to the internet at the dwelling from the list of topics. The growth in internet access outside of the home on mobile and other personal devices has rendered the current topic collecting household internet access as less relevant.