Lockstep

[Skip Navigation]
  • Home
  • About Us
  • News
  • Services
  • Partners
  • Library
  • Contact Us
  • Babysteps
  • PKI
  • Privacy
  • Smartcards
  • eHealth
  • Identity & Authentication
  • Lockstep Technologies
  • Clients & Case Studies
  • Government submissions
  • Online Banking Review
  • Conference presentations
  • Selected Media Interviews
  • Return on Investment
  • Quotes
  • Links
  • Science generally
  • Downloads

Government submissions

Stephen has made several detailed submissions to government inquiries, on security and privacy in the context of spyware, e-health and smartcards.

Access Card Consumer and Privacy Task Force (Discussion Paper 2) 2007

See http://www.accesscard.gov.au/VMEI_submissions/VMEI%20Sub%2015%20-%20Lockstep.pdf

Extract

Lockstep agrees that there are medico-legal imperatives to safeguard the integrity and authority of medical information held in the Access Card for the express purpose of aiding third party emergency services. While there might appear to be contradictions in granting ownership of information to cardholders while restraining their ability to directly affect that information, we believe that trusted intermediaries can provide satisfactory resolution of many of these issues, as they have in other online service delivery sectors such as banking.
Lockstep sees no technological problems in replicating electronically something very much like the Medic Alert system. In fact we propose in this submission a secure, lighttouch digital certificate based approach which would simplify the process of loading trusted data, and enhance the privacy and integrity of the system. Using certificates, we can convey the "pedigree" of medical data created by authorised parties without creating an additional special area of the card, or using any special protocol per se for storing authorised data to the card. Instead, pedigree can be embedded in the way the data is packaged before it is stored, simplifying the layout of the chip, and also improving the trustworthiness of data when accessed in offline environments.

Senate Committee inquiry into the Access Card legislation 2007

See http://www.aph.gov.au/senate/committee/fapa_ctte/access_card/submissions/sub45.pdf

On 2 March 2007, Stephen appeared before the Senate Finance and Public Affairs Committee reviewing the Human Services Access Card legislation. The Hansard record of Stephen's testimony is at http://www.aph.gov.au/hansard/senate/commttee/S10026.pdf.

Extract

The Access Card plans do not yet embrace the full potential of smartcard technologies to enhance consumer privacy and online safety … There is an array of privacy enhancements that are compatible with the expected Access Card platform. These could be implemented right away – or if need be, retro-fitted later – but only if the legislation allows. Public confidence and take-up of the card depend on getting privacy right, upfront. A huge opportunity to fully utilize this most important infrastructure investment might be lost if the Access Card Bill prematurely freezes the design of the chip, cementing possible privacy compromises, or inhibiting future safety improvements.

Lockstep offers the following recommendations:

  • There is no need for the legislation to be so specific about the contents of the chip.
  • There should be a new independent ombudsman or similar function to review and oversee all new Access Card applications so as to manage the risks of function creep without over-legislating the chip design.
  • To prevent the Access Card number becoming a de facto electronic identifier for indexing backend systems, it would be better for as many participating agencies as possible to have their customer reference numbers accommodated in the chip (and not merely Medicare and DVA numbers as currently drafted).
  • Given that significant welfare fraud is associated with manipulating or counterfeiting dependants’ details, more work may be needed on how dependants will be recorded and managed in the chip.
  • When it comes to legislating for the consumer-controlled area of the Access Card, we should anticipate beneficial third party services and intermediaries that will benefit consumers by enhancing smartcard-based information management.

Access Card Consumer and Privacy Task Force (Discussion Paper 1) 2006

See http://www.accesscard.gov.au/discussion/1C6_lockstep.pdf

Extract

To ensure that the Access Card delivers maximum value to the public and to the government, Lockstep recommends that the following unique capabilities of smartcard technology be more fully factored into the policy formulation and system architecture:

  • Mutual Authentication: smartcards should be the clearly preferred means for accessing sensitive services online, to protect consumers against phishing, pharming, web fraud and spam, as well as identity theft.
  • De-centralisation of data management: fraudulent card use can generally be better detected by the card itself rather than by data mining all health & welfare transactions, resulting in better consumer privacy protection, less invasion into routine transactions, and better system performance.
  • Multiple identifiers: smartcards can store and manage diverse consumer identifiers, to preserve their existing relationships with backend schemes and systems, and thus resist unnecessary data linkages.
  • Anonymity: smartcards can encrypt identifiers to protect against eavesdropping, and to "firewall" business conducted in different domains using the one card.

Senate inquiry into the Privacy Act 2005

See http://www.aph.gov.au/senate/committee/legcon_ctte/privacy/submissions/sub11.pdf

Extract

Our considered view, based on independent research and analysis, is that greater use of smartcards is urgently required to protect the privacy of Australians. ... Smartcard technologies represent the only viable solution to phishing and, in the longer term, to spam as well.

It seems vital to us that governments not lag behind banks with regard to public policy on privacy and security. Most banks are responding to the threats of identity theft by making various forms of 'two factor authentication' available. With medical records and other confidential government services being clearly more sensitive in nature than bank accounts, it is incumbent on law and policy makers to provide for at least the same level of security as do financial institutions. And yet, of all the authentication solutions available today, only smartcard technologies can address phishing, counterfeit websites and spam.

DCITA spyware inquiry 2005

See http://www.dcita.gov.au/__data/assets/pdf_file/30809/Submission_24-_Lockstep_Consulting.pdf

Extract

One of the most important countermeasures against spyware for now and the foreseeable future is [Mutual] Authentication, to safeguard against phishing and fraudulent websites (as these are major vectors for the propagation of malware). Lockstep contends that the only truly effective means for bilateral authentication today is smartcard technology. Other commentators, and the US Government, agree that conventional two factor identity devices have major weaknesses in remote authentication over the Internet.

Therefore, Lockstep believes government would do well to foster the use of smartcards as best practice [mutual] authentication. Government could do so by implementing smartcards for public servants as the standard means for remote access security. The smartcard reader supply side could be stimulated by government purchasing policy mandating the inclusion of readers in standard builds (as has happened in the US Department of Defence).

National Health Privacy Code 2003

See http://www7.health.gov.au/pubs/nhpcode.htm

Extracts

The current definition of health information includes "genetic information ... which is or could be predictive (at any time) of the health of the individual". We suggest that the predictive power of information about diet and exercise is stronger today than is almost any genetic information at hand, and is therefore just as deserving (if not more so) of inclusion in the definition.

We strongly support [proposed definition option 2] where the scope of the Code is broad enough to cover all organisations handling health information of any individual. Thanks to e-commerce, there is a fast growing array of non-health organisations capable of compiling rich veins of health-related information about individuals. For example:

  • Bookstores and libraries tracking interest in self-help books can determine what their clients at least believe they suffer from, if not what their medical conditions actually are.
  • Grocery stores with regular customers can determine in great detail the eating habits of families and individuals.
  • While herbal remedies remain generally available from supermarkets and retail outlets, these organisations too can work out what some of their customers may believe they suffer from. For example, regular purchase of St Johns wort is very likely to indicate a depressive illness, real or imagined. ...
  • Internet fridges are capable of fine-grain tracking of what and when people eat. It is not yet clear which types of organisations are going to be collecting this information as Internet fridges and other domestic appliances penetrate the market; if whitegoods manufacturers can collate the data automatically, then there could be a ready market for the information. There are clear health privacy implications.

If the definition of health information was to include diet and lifestyle information then there is a strong case that any organisation handling such information , including bookstores, Internet search engines, grocery outlets and fast food companies , should be covered by the Code.

© 2008 Lockstep Consulting ABN 59 593 754 482
11 Minnesota Avenue Five Dock NSW 2046
Mobile: +61 (0) 414 488 851 Email Us
Terms and Conditions