There’s a lot of people getting themselves worked up about the Australian census whose five-yearly cycle falls due today. For the most part, it’s like any other normal census we’ve done ever since I can remember, but what’s changed this year is the duration for which names and addresses will be retained against the census answers.
There are some good reasons to question the whole thing, plus some good reasons why it’s really a non-event. Let me share my view of things.
About the census
I’ve just literally been handed the census paperwork by the property managers at the place we’re staying at while trying to get in a bit of snowboarding. Here’s an example of what we’re talking about:
It’s stuff like where you live, your ancestry, household languages spoken, religion, education background, job and income plus a few incidental other questions. But do you really need to worry about the government collecting this data? Let me throw out some concerns followed by some rationalisation.
Why you need to be concerned
This is a lot of data being collected in a fashion that ties together many personal attributes about individuals. Were it to be leaked or otherwise abused, people would quite rightly be concerned. One of the defences I’ve heard is this:
Just heard a gov bod justify census security by saying “we’ve never been breached before”. No org has been breached until the first time…
— Troy Hunt (@troyhunt) August 7, 2016
It is never ok to try and placate people’s concerns about their personal data by simply saying that everything has been fine so far. (That they know of.) We’re living in an era where data breaches are a daily occurrences and as we saw in the case of the Philippines earlier this year, that includes an entire country’s electoral role. You must assume a breach and it sounds like even IBM are on the same page there.
Only a few days ago, IBM (the service provider for the online census), was quoted as saying a hack of the data is inevitable. Now I’m not entirely sure how I ended up being quoted in that piece, but it seems a Twitter account I didn’t immediately associate with IBM asked me if Have I been pwned could hold the entire census. I provided a brief, off-handed response:
@philip_nye I have 1.3 billion records, Aus population would be nothing!
— Troy Hunt (@troyhunt) August 3, 2016
I suspect Philip got himself into a bit of hot water there and his tweet was consequently deleted, but obviously not before media outlets picked up on it.
To try and quell the concerns being raised by the public, the government has talked about privacy safeguards such as strict controls on which officials have access to which data. Access controls are obviously important, but as we’ve seen in the past, whilst there are human controls involved there will inevitably be incidents of improper data access. It will almost certainly happen with the census data too, that’s just how some people are wired.
One of the arguments that’s being wheeled out by the government is that it’s ironic people are complaining about the census on social media where they share far more revealing data than what’s being asked for every 5 years. This is a major misreading of public sentiment for one simple reason: the biggest issue with the census is not that personally identifiable data will be collected and retained for a longer period, rather it’s that we don’t have any say in the matter.
The reality is though, most of us are disclosing this information via many other channels the government already has access to either willingly or implicitly and for that reason, I’m not at all (extra) concerned. Here’s why:
Why you shouldn’t be concerned
Firstly, names and addresses have always been collected in the census, the only thing that’s changing is the retention period. We’re going from 18 months to 4 years so it’s not the data that’s changing, merely the period before which it’s scrubbed (I suspect many people upset about the issue are not aware of this). Naturally this increases the risk of exposure, but it merely extends that period rather than introduces a new risk.
I file tax returns every year that detail not just what I earn, but on many of the things I buy. They also describe who I work with, how much superannuation (retirement plan) I contribute to and what benefits I claim on behalf of having kids. I have cars with rego plates so a bunch of my movements are tracked by the government plus I have the usual healthcare benefits so more tracking again there. The government knows my education history due to HECS (student loans while at university), my marital history and pretty much everything else on the form. In fact, the only thing I could pick they wouldn’t either explicitly know or could easily derive is religion.
Now to be fair, not everyone is me; certain personal attributes (such as religion) may be something they don’t want to disclose. But for the vast majority of Aussies, they’re not expressing anything that either isn’t already known or is easily discoverable. Whilst I see the lighter side of 65k Aussies listing themselves as “Jedi” religion in 2011, (and am particularly bemused at those decrying it’s just a fabricated belief system…), the fact remains that the data the census collects is actually pretty useful and should be provided accurately. The Australian Bureau of Statistics uses this from those of us down here to help the gov plan how the country should grow and IMHO, that’s actually a pretty important thing; the government has a huge amount of personal data on me because that’s what a country requires to be functional.
As for the senators who are stating that they won’t put their name on the census (and in some cases saying they won’t pay the subsequent fine and even go to jail), this is almost certainly more a reflection of politics at play than a deep-seated privacy belief. It gets them airtime in a post-election period where there’s not a lot else going on and is particularly ironic when you consider the public profile of these people; more of their personal data than just about anyone’s is already in the public domain. It’s great for news headlines, but it doesn’t say a lot beyond that.
In the broader spectrum of personal data collection, far more outrage is due to shopping centres providing loyalty cards than it is for the census, yet few people think twice about allowing grocery stores to track them. Perhaps it’s the monetary reward enticing people, but Coles and Woolies are able to track when you’re sexually active, when you have a drinking problem and as we’ve seen before, even accidentally disclose when you’re pregnant.
Where the ABS has really struggled on this issue is in explaining why data such as names needs to be retained at all. I was just listening to Michael McCormack on the news this morning and the reporter was grilling him on this question. All he could do was revert to political misdirection and play the Chewbacca defence as he went off on a tangent about tracking life expectancy. But this is a messaging problem rather than an indication of actual privacy issues.
Despite the noise coming via the social channels I follow, I doubt this whole issue will have much impact on how people fill out the census. There’ll be a few who rebel and go all Jedi on it (see what I did there?) or refuse to provide personal info or even leave the country to avoid it (you know your comings and goings from the country are still recorded, right?) but for the most part, no impact. I’ll fill it out accurately and legally because in the broader scheme of privacy, it’s a non-event. Now if only I could get my wife to ditch her loyalty cards…