26 November 2016

Propertisation

'‘Abandonment’ and the acquisition of property rights in separated human biomaterials' by Neil Maddox in (2016) Medical Law International 1-23 offers
a critique of the concept of ‘abandonment’ when utilized in relation to separated human biomaterials. In the absence of the recognition of even limited property rights in the human source of such materials, the author contends that utilizing abandonment is meaningless and misleading. Absurd consequences need not result from recognition of such rights and indeed most cases of purported abandonment of human tissue are more akin to voluntary transfers. Describing such transfers in terms of abandonment obscures questions as to the agency and the scope of the fiduciary duties of medical professionals and researchers. Income rights in such materials are more appropriately determined as normative questions as to who should benefit from windfall wealth in human biomaterials, not by reference to abandonment. An alternative framework that recognized that the source of human tissue had limited property rights in it would solve many of the conceptual difficulties outlined. 
Maddox argues
Modern advances in biotechnology have led to rigorous debate as to how we properly regulate biological materials once they have been separated from the person. There are conflicting views as the usefulness of utilizing a property model to deal with these issues. Questions as to the ownership of such separated materials, and in particular whether they vests in its source or a subsequent appropriator, such as a medical research institute, have led to some notable litigation. Broadly, these disputes can be divided into those where the power to control the materials is in issue and those where it is the entitlement to the income from their commercialization. To admit that the source has property rights in their tissue after it has been separated from their body, it is feared by some, would impose onerous costs upon medical researchers in investigating title, and would impede research. To prevent this, so this argument goes, the source should be granted no property in their own biological materials.  Nonetheless, and somewhat incongruously, a concept derived from property law, that of ‘abandonment’ has been invoked in this debate in aid of this view.
Abandonment first appears prominently in a report of the Nuffield Council on Bioethics in 1995 concerning legal and ethical issues relating to human tissue. The report recommended, inter alia, that in any consent to treatment, tissue removed in the course of that treatment would be regarded as abandoned by its source.
Such an approach would conveniently preclude the source of tissue from making any subsequent claims to it, protecting the hospital and subsequent researchers from having to fend off litigation that might impede the smooth running of the hospital and the progress of important medical research. In other words, it is a simple and easy way to resolve any potential title disputes relating to human tissue. The normative merits of this approach are not the focus of this article. Instead, I seek to critique utilizing the concept of abandonment to justify such an approach. There are a number of elements to this.
First, abandonment is one of those phrases that has different meanings depending on the context. When one describes a person ‘abandoning’ their property (or their tissue, blood or sperm sample for that matter), it is not always clear what is meant. It can mean, inter alia, the abandonment of all claims in respect of a thing, as appeared to be what was meant in the Nuffield report or be employed as a legal term of art to refer to ‘divesting abandonment’ a concept derived from property law, whereby an owner loses all ownership of his property if divesting abandonment is found to have occurred. Second, in property law there are specific requirements that must be met before divesting abandonment operates and an owner is deemed to have his ownership extinguished: There must be loss of de facto physical control, there must be an intention to abandon all rights in the property and there must be indifference as to who any subsequent owner might be. I contend that these requirements are often overlooked when discussing abandonment of human tissue, and, further, that if we are to examine these elements closely, it becomes apparent that many cases of purported abandonment of human tissue are more akin to voluntary transfer (also referred to as delivery). Incorrectly invoking abandonment obscures this, and also obscures the potential remedies available to a source of human tissue consequent on such a finding.
Third, I contend that is impossible to determine the role that the concept of abandonment might usefully play in relation to human tissue, when it is has not been conclusively determined where the original ownership of such material lies. I argue that this uncertainty may only be resolved by recognizing that limited property rights vest in the source of the material. Following on from this argument, I contend that the source of human tissue never has income rights to them, and thus such rights accrue as windfall wealth, not by virtue of their abandonment by their source, the concept here further confusing an already muddled area of law.
This article first sets out the differing meanings of the term abandonment and then examines the law relating to the property law concept of divesting abandonment, fleshing out is operation and requirements. Then, I examine how abandonment has been applied in relation to human tissue, critiquing such use in the Nuffield report and I outline the inappropriateness of using a line of American Jurisprudence as precedent for a general presumption of abandonment. I then set out the difficulty of utilizing abandonment in relation to human tissue, given the uncertainty as to who the original owner of such material is. I further contend that most cases of purported abandonment of hospital waste are more akin to voluntary transfers, as there is no break in seisin and no ‘roll of the dice’ by their source as to who the subsequent owner might be. I then discuss how income rights in human materials do not arise by virtue of their abandonment by the source, and that invoking abandonment obscures normative questions as to where such rights should initially vest. Finally, I argue that an alternative framework where limited property rights were granted to the source of human tissue need not lead to absurd consequences, and abandonment could be useful in such a framework, as there would be expressly identified rights to abandon.
Maddox concludes
There is a myriad of objections to invoking the concept of abandonment to separated human biological materials. Much of the difficulty comes from utilizing a property law concept, despite the failure (for the most part) of the law to recognize that the source of these materials has any property rights in them. Such materials are the source’s property in so far as their actions can be taken to have extinguished any ownership rights they had in them before being acquired by a hospital or research institute. However, when one inquires as to the ownership rights that the source abandoned, one is met with the objection that there is no property in the body. You can’t have your cake and eat it. While there is a failure to recognize the property rights of the source in the body, then it is the language of property that should be abandoned.
There is also merit in recognizing a limited form of property in separated body parts – mere property – that is an extension of the bodily use freedom principle. Absurd consequences need not result as such items would not be the same as chattels and would not be treated the same. Such an approach need not impose onerous costs on medical institutions in investigating ownership. Furthermore, most cases of purported abandonment in a medical context are more akin to a voluntary transfer, as there is no roll of the dice as to the identity of the next owner. The misdescription of such transfers as abandonment obscures questions about the agency and undue influence that are appropriately raised where a fiduciary personally benefits through the relationship from a gratuitous transfer of a valuable or useful res. Finally, it is more appropriate to determine entitlement to income rights in such materials by reference to nuanced normative questions concerning where ownership o

25 November 2016

Census Gluepots

Interested in the litres of glue used in the 2016 Census? There is data in Review of the Events Surrounding the 2016 eCensus - Improving institutional cyber security culture and practices across the Australian government, the self-indulgent report by the Office of the Cyber Security Special Advisor.

The report should be construed through reference to the ambitions of the Advisor's office (and that of the Digital Transformation Agency) and the historic incapacity of the Office of the Australian Information Commissioner. Recommendations for example that the OAIC be passed the ball provoke some wariness given the unwillingness of either the Coalition or the ALP to both adequately fund that agency and to foster a positive approach to privacy protection. Buzzwords such as 'new paradigms' need to be substantiated.

The report states
The Australian Government’s new paradigm of online engagement and services for Australians is not coming. It’s already here.
Government’s response to the eCensus events of 9 August 2016 provides an opportunity to change the conversation about cyber security: to one of trust and confidence in the government’s digital transformation agenda, where ‘digital first’ is the overwhelming preference for Australians, underpinned by tangible security and adherence to privacy.
The 2016 eCensus tells us that more of the same is not enough: there is a new imperative to embrace cyber security as a core platform for digital transformation. And when we make the necessary changes we will increase the chance to deliver on the promise of Australia’s Cyber Security Strategy, to strengthen trust online and better realise Australia’s digital potential. Much of the Government’s dealings with Australians now takes place online, and this trend will only accelerate. But because this world is new, some disruption is bound to occur as culture shifts. And setbacks are inevitable.
The 2016 eCensus was a setback. One of the government’s most respected agencies – the Australian Bureau of Statistics (the ABS) – working in collaboration with one of the technical world’s most experienced companies – IBM – couldn’t handle a predictable problem.
As a result, a key national event trended online globally as #CensusFail – a serious blow to public confidence in the Government’s ability to deliver on public expectations.
While the media proclaimed the usual “cyber attack”, this cyber security issue was, unusually, not a matter of national security. Instead, it was a clear demonstration of the broader impacts – and relevance – of cyber security on Australian society.
The ABS often cites “Australia’s largest peacetime logistical operation” and its proud history of 100 years of conducting censuses for Australians. The scale of the Census is immense and it touches the lives of all Australians. And in 2016 it worked hard to get more Australians to participate online. But this part of the Census represented significant risk.
In perspective, at around $9.6m – a fraction of the $471m overall spend on the Census – the payment to IBM to deliver the eCensus capability was small. Certainly the sum was small to IBM: between 1 January 2013 and 19 August 2016 IBM was awarded 777 contracts across the Commonwealth Government with a total value of $1.55 billion ($13.7m of which was with the ABS). But cost isn’t the only issue. Nor the most important one. Australia now knows that cyber security is not just about national security. Cyber security is about availability of services and confidence in government in a digital age. And the public’s confidence in the ability of government to deliver took a serious blow, more so than any previous IT failure.
Even though the denial of service attacks on the night were predictable and defeatable, the decision to close off the eCensus was justified and no data were lost. The outcome could have been worse. But crucially important is the need to understand how the Census got to the point where the cyber security arrangements brought into question the trust and confidence in a fundamental government service. The public’s lack of confidence will linger. The integrity of the collection and its data are of critical value to Australia.
Looking at the issue and its impact through the cyber security lens, lessons are clear: about managing risk, about security in a digital age and about Australia’s digital future.
Crisis communications and coordination
The nature of the eCensus event, its national implications and the breadth of consequences of something going wrong were clearly underestimated in crisis planning. While the ABS and IBM had a library of incident management documents to guide them through the events of 9 August, they were impractical, poorly tested and none outlined a comprehensive cyber incident response or communications plan that could be effectively implemented.
Further, whole of government cyber security incident management arrangements did not link the affected agency with support mechanisms, leading to sub-optimal communication with Ministers and the public. Escalation thresholds were not clear, nor were obligations and coordination mechanisms across agencies.
The impacts of cyber security events are not well understood. There is not a shared understanding across government, and a well-defined lexicon does not exist. A whole of government approach to resilience is required, and regular exercising of crisis arrangements will be critical.
Security is a risky business…
The ABS’s problems on the night of 9 August stem from decisions taken well before then: decisions about partnership, procurement and project governance. Organisational culture and skills also played a part.
Security architecture
No system connected to the Internet can have guaranteed security. But as more government services move online, project managers will need to address security and respond to security incidents as critical business risks.
The distributed denial of service (DDoS) protections for the eCensus were inadequate, yet were called for in the ABS sole-sourced request for tender (RFT) and written into the contract with IBM. DDoS was a foreseeable threat, and more robust security planning would have led to a different outcome. Controls were not considered within a comprehensive security framework; risk assessments underestimated the consequences of security incidents, leading to insufficient focus on mitigations; and there was poor independent assessment or verification of security arrangements. ABS and IBM emphasised some areas of security – the confidentiality and integrity of data – while underinvesting in the availability of the system.
The exchanges between the ABS, the Australian Signals Directorate (ASD) and IBM also suggest a lack of clarity in capacity, roles and responsibility for cyber security across government and with contracted service providers. Agencies look to ASD for advice to provide assurance; this may lead to a false sense of confidence. ASD endeavour to provide comprehensive advice and assistance. However, ASD’s ability to provide an integrated assessment will be limited by their available resources and the time available to address the request. ASD have outstanding expertise for supporting agencies, but not the capacity to service the clear need across government. A new approach is needed for agencies to meet Australians’ expectations of a modern digital government.
Protecting Australians’ privacy
The DDoS attack against the eCensus system did not include the compromise of personal information of Australians. In fact, the ABS’s decision to shut the eCensus website on 9 August was a privacy-protective measure.
However, the closure of the website appears to have amplified existing community concerns about security and privacy in relation to the Census; concerns which originated from an ABS decision to retain names and addresses for up to four years in Census 2016, in combination with the move to ‘digital first’. There is more that the ABS can do to improve its practices, from external scrutiny to enhanced public engagement on privacy issues. All agencies can learn from the ABS’s experience.
Not just communications, but engagement…
In most respects, the ABS had a well formed and prepared communications strategy and awareness raising campaign; but it was focussed on the wrong things. The communications problem they needed to address was not a low level of awareness of the Census, but rather, the introduction of a ‘digital first’ approach and the associated barriers to participation – concerns over security and privacy.
The ABS failed to adapt its media and communications in response to the public relations storm that built up in the weeks prior to the Census regarding privacy and security in both mainstream and social media. Instead, ABS rigidly stuck to its plans, forgoing crucial opportunities to influence and drive the conversation around the Census. Processes for approval of campaigns, and changes to them, may need to be changed to promote agility.
On Census night, the ABS severely underutilised social media as a communications tool to keep the public up to date and informed of the incident. The ABS’s lack of timely and transparent communications lost it trust because it opened the door to speculation. The continued slow updates and virtual absence from the media meant that ABS struggled to win back the trust of the public in the following days. Ministers must also be supported with clear and accurate advice, and senior executives must be equipped to understand and talk about cyber security as a matter of business risk.
Procurement, contracting and governance
Procurement practices fell short. Vendor lock-in, coupled with a particularly close and trusting relationship between the ABS and its long-term supplier IBM, meant that the ABS did not seek sufficient independent verification and oversight of critical aspects of the eCensus. Documentation suggests that there was compliance – risk matrices completed, committee meetings held, minutes taken – but the security culture was not resilient and adaptable. The ABS and IBM had delivered eCensus services for the 2006 and 2011 Censuses as well, the latter with a third of the population utilising the online form. Why should 2016 be any different?
The risk appetite of the ABS was not clearly defined: harm and consequence assessment appeared underestimated – particularly associated with security risks to the eCensus – leading to unsatisfactory risk mitigation strategies.
A lesson in culture
Culture matters. And the culture of the ABS identified by the Australian Public Service Commission (APSC) Capability Review in 2013 — insular, inward looking, reactive — affected decisions and performance as the ABS planned and carried out the 2016 Census. Moreover, its reliance on past patterns to guide future strategies doesn’t work.
The prevailing culture can be identified in actions and decisions taken to prepare for the 2016 Census that date back to June 2012. Many seem innocuous, and almost all are compliant with established government practice. In many ways, the ABS is seen as an exemplar of established government practice: ticking the boxes, but not appreciating the challenges change presents. There is no doubt that the preparations for the 2016 Census occurred during a complex time for the ABS. They were without a substantive Australian Statistician for most of 2014. However, it is clear that the ABS’s culture clearly contributed to the outcomes on Census Night. The ABS’s actions since only underscores the importance of culture: it has steadfastly refused to own the issue and acknowledge responsibility for the factors leading to the events and shortcomings in the handling of events on the night.
Over the last few years the ABS has devoted energy and resources to aggressively address the cultural issues highlighted in the APSC Capability Review. The ABS must draw upon the lessons it takes from the Census experience to help guide and advocate the cultural change path it is following.
Integrity of the Census
The Census outages prevented Australians from filling in forms online for almost 43 hours. This not only precluded online responses during the outages, but also likely reduced online responses over subsequent days due to confusion about security and the status of the eCensus. Considerable catch up then followed and many more Australians than planned turned to paper forms.
58 per cent of households participated online, up from 33 per cent for the 2011 Census. But ahead of the Census, the ABS had expected that 65 per cent of households would participate online. 2016 online return rates did not reach what were expected or desired.
Short delays in response do not impact on data quality. Many more households than usual not completing the Census by the end of the data-collection period would reduce quality. The Census response rate, a critical indicator of quality, is estimated to be over 96 per cent. At this stage, it is unclear if the target rate of 96.5 per cent will be met. This target is based on the rate achieved in the 2011 Census.
A more granular assessment of Census quality will not be available until data has been processed, which will be completed by March 2017. Other indicators of data quality, such as refusals and item non-response rates, are likely to be comparable to, or better than, outcomes in the 2011 Census. Unaware of these encouraging signs, post-Census surveys of public attitudes towards the 2016 Census find that many Australians believe that the data collected is unreliable. The latest Survey found that: • 42 per cent agreed, to some extent, that this year’s Census has been a failure; and • 33 per cent agreed, to some extent, that the data collected from this year’s Census are unreliable.
For the Census to be fit-for-purpose, the users of the statistics, and the public more generally, need to see the Census as credible. This credibility is to ensure that Census statistics are used for their intended purpose and that the public continues to provide quality responses to future Censuses.
Cyber Security for Australia’s Digital Future
The ABS’s experience provides insight into agencies’ ability to operate in a digital age. Unpacking the incident, the scope is broad-ranging: issues facing the ABS included dealing with privacy issues in a dynamic technology environment, while adapting communications to new forms of online media. The ABS did not look at alternate service options, such as cloud service provision. Cloud computing can offer significant security, cost and efficiency benefits, but the ABS’s interpretation of privacy obligations of the Census and Statistics Act, and a lack of maturity in cloud service offerings at the time the contract was established, impeded take-up of cloud services which were limited to serving static content. There are likely similar barriers to cloud take up across government.
Digital awareness, including security risks and consequences, needs to be a core part of toolkits to deliver services in a modern online economy, where the needs and expectations of the community rapidly evolve. Small agencies such as the ABS are probably ill-equipped to deliver technology outcomes of scale.
The August 2015 review on ‘Learning from Failure’, by Professor Peter Shergold AC, called for more adaptive government and enhanced responsibility and accountability for program management. There are opportunities to adopt learnings from the eCensus incident in Phase Two of the government’s Digital Transformation Agenda: security must be ‘baked in’ to design and delivery. Government can develop a more ‘shared service’ consultancy approach to cyber security to boost agency capacity.
So what now…
The ABS is likely not alone. Agencies need to transform their thinking to support a truly digital engagement with Australians. And cyber security and privacy was shown to be critical to the confidence of Australians in the online services delivered by government, and therefore in government itself.
While the eCensus delivery was a single technical project, it was also a step toward the government’s future digital services agenda. And the setback the Census suffered must lead to a significant mindset shift that all agencies will need to make: digital disruption of their own service delivery.
All agencies must learn from the ABS’s experience. This report contains: • actions to improve the fundamentals supporting the transformation to secure onlinegovernment; • improvements to the ABS approach to technology risk, procurement and governance; • better practice recommendations for agencies as they make the transformation to online government.
The report features the following Summary of Recommendations
• Crisis Communications and Coordination: The Department of the Prime Minister and Cabinet should strengthen cyber security incident management arrangements across government and ensure the policy is widely circulated, well understood and regularly exercised. This includes:
o incorporating lessons learned from the eCensus incident response into the Cyber Incident Management Arrangements (CIMA);
o ensuring effective crisis incident notification and coordination arrangements across Australian Cyber Security Centre agencies and between the Australian Cyber Security Centre, the Crisis Coordination Centre and the Department of the Prime Minister and Cabinet;
o developing communications strategies, with key talking points for a range of cyber security incident scenarios; and o developing a whole-of-government ‘cyber security lexicon’ to assist with clear and consistent communication relating to cyber security issues.
• Education: The Attorney-General’s Department should develop a “Cyber Bootcamp” for senior government executives and Ministers as part of the Cyber Security Strategy Awareness program. The Bootcamp would educate participants about cyber security fundamentals and how to talk about issues with the public and be aligned to Data61’s work with the Australian Institute of Company Directors.
• Security Framework: The Australian Signals Directorate should strengthen the framework to help agencies improve the security of their networks: o update the Information Security Manual about security measures to protect the availability of online services; o in collaboration with the Digital Transformation Agency, lead a ‘sprint’ to lift agency capabilities to protect against denial of service attacks; this should provide a pilot model for future ‘sprints’ to build cyber security capacity across the Commonwealth; o develop and implement a security framework for high-risk online essential services and special events, to complement the high risk agency security framework identified in the Cyber Security Strategy; and o review its model for prioritisation and proactive engagement with agencies to provide cyber security support and develop a service catalogue of offerings to ensure clear understanding of capabilities; this may require additional resources to achieve. The Australian Signals Directorate should come back to government with a plan coordinated with the Cyber Security Special Adviser.
• Creating a Positive Risk Culture: The Department of Finance should assist agencies to actively engage with cyber security risk by developing: o guidance for managing risk in ICT and cyber security outsourcing; and o a strategy to accelerate government to improve agency understanding and uptake of secure cloud services and hasten cloud certification to PROTECTED (potentially modelled on the US FedRAMP program). This would require additional resources for the Australian Signals Directorate for accreditation services. The Australian Signals Directorate should come back to government with a plan coordinated with the Cyber Security Special Adviser.
• Embracing Adaptive Government: The Department of the Prime Minister and Cabinet’s ICT Procurement Taskforce should consider the ABS eCensus procurement process as a case study on the barriers and opportunities to delivering better ICT outcomes. This should include developing a more agile approach to market testing and contracting options, ICT procurement skills and outsourcing oversight arrangements.
• Cyber Security in a Digital First World: The Digital Transformation Agency, in partnership with the Australian Signals Directorate and the Department of Finance, should:
o develop a proposal for consideration by the Digital Transformation Committee of Cabinet to create a “cyber security shared services” digital security consulting organisation within the Digital Transformation Agency. This would ensure security is integral to all new online service delivery proposals and facilitate partnering between agencies to draw on cyber security expertise in larger agencies with more mature capabilities.
o consider how to strengthen central governance and assurance, and this ownership may no longer logically sit with ASD, given their broader portfolio of responsibilities.
o identify capable agencies and accredit them to deliver shared services for citizen-facing projects where, for higher risk online delivery programs, smaller agencies must partner with (or source their ICT project management from) an identified lead agency or through a core service such as GovCMS.
Recommendations for the Australian Bureau of Statistics
• The ABS should engage an independent security consultant for a wide-ranging examination of all aspects of their information collection and storage relating to Census data – from web application through to infrastructure and policies and procedures.
• The ABS should ensure future significant changes to personal information handling practices are subject to an independently-conducted privacy impact assessment and are supported by broad ranging consultation.
• The ABS should adopt a privacy management plan to enhance its capability to identify and manage new privacy issues.
• The ABS should assess and enhance existing ABS privacy training for staff.
• The ABS should develop a specific strategy to remove the current state of vendor lock-in. • The ABS should strengthen its approach to outsourced ICT supplier performance management to ensure greater oversight and accountability.
• The ABS should draw upon the lessons it takes from the Census experience to help to guide and to advocate for the cultural change path it is following.
• The ABS’s decision in August to assemble an independent panel to provide assurance and transparency of Census quality is supported and the resulting report should be made public.
• The ABS should implement a targeted communication strategy to address public perceptions about Census data quality. The ABS should report monthly to their Minister outlining progress against the above recommendations.
Better Practice Guidance for Agencies:
• Agencies should review their approach to cyber security incident response planning and coordination and exercising of those plans with stakeholders.
• Agencies should ensure independent security assessments are conducted on critical ICT deliverables.
• Agencies should test security measures and monitoring systems for online government services under foreseeable adverse conditions, including under attack conditions.
• Agencies should be conscious of updated interpretations of governing legislation to addressing the changing technological environment. Agencies should review their oversight and assurance arrangements for outsourced cyber security services.
• The Office of the Australian Information Commissioner has recommended the government develop an APS-wide Privacy Code in collaboration with the Office. The Code should address privacy and security risks by requiring all agencies to:
o have an up-to-date privacy management plan
o appoint dedicated privacy contact officers
o appoint ‘Privacy Champions’
o undertake written Privacy Impact Assessments where relevant, and
o take steps to enhance internal privacy capability.
(13,500 litres of glue but alas, no data on the amount of coffee consumed or Red Bull purchased by coders.)

24 November 2016

CensusFail

The Senate Economics References Committee report on the 2016 Australian census debacle reflects terms of reference regarding
a) the preparation, administration and management on the part of the Australian Bureau of Statistics (ABS) and the Government in the lead up to the 2016 Census;
b) the scope, collection, retention, security and use of data obtained in the 2016 Census;
c) arrangements, including contractual arrangements, in respect of the information technology aspects of the Census;
d) the shutting down of the Census website on the evening of 9 August 2016, the factors leading to that shutdown and the reasons given, and the support provided by government agencies, including the Australian Signals Directorate;
e) the response rate to the Census and factors that may have affected the response rate;
f) privacy concerns in respect of the 2016 Census, including the use of data linking, information security and statistical linkage keys;
g) Australia’s Census of Population and Housing generally, including purpose, scope, regularity and cost and benefits;
h) the adequacy of funding and resources to the ABS;
i) ministerial oversight and responsibility; and
j) any related matters.
The permissive report unfortunately fails to meaningfully engage with erosion by the ABS of public trust in the census.

The report features the following recommendations -
R1
4.81 The committee recommends that all future Privacy Impact Assessments relating to the census, are conducted externally with the final report published on the ABS website 12 months in advance of the census to which it relates.
4.82 Following the release of a PIA recommending changes to future censuses, consultation across the Australian community should be undertaken by the ABS with the outcomes clearly documented on the ABS website no less than six months before a future census.
R2
4.83 The committee recommends that the ABS update its internal guidelines to make clear that consultation requires active engagement with the nongovernment and private sector.
R3
5.46 The committee recommends that the ABS publicly commit to reporting any breach of census related data to the Office of the Australian Information Commissioner within one week of becoming aware of the breach.
R4
6.89 The committee recommends that the Australian Government commit the necessary funding for the 2021 census in the 2017–18 Budget.
R5
6.90 The committee recommends that the ABS conduct open tendering processes for future census solutions requiring the participation of the private sector.
R6
6.91 The committee recommends that the ABS give greater attention to intellectual property provisions in contracts that include licensing and royalty arrangements.
R7
6.92 The committee recommends that the 2021 eCensus application be subject to an Information Security Registered Assessors Program Assessment.
R8
6.93 The committee recommends that the ABS take a more proactive role in validating the resilience of the eCensus application for the 2021 census.
R9
6.94 The committee recommends that the Department of Finance review its ICT Investment Approval Process to ensure that projects such as the 2016 Census are covered by the cabinet two-pass process.
R10
6.95 The committee recommends that the Australian Government provide portfolio stability for the ABS.
R11
6.96 The committee recommends responsible ministers seek six-monthly briefings on the progress of census preparations. These briefings should cover issues including, but not limited to, cyber security, system redundancy, procurement processes and the capacity of the ABS to manage risks associated with the census.
R12
6.106 The committee recommends that the ABS consider establishing a dedicated telephone assistance line for people who require special assistance in completing the census.
R13
7.28 The committee recommends that the maximum value of fines and any other penalties relating to the census be explicitly stated.
R14
7.29 The committee recommends that the Australian Bureau of Statistics develop a clear communications strategy outlining the outcomes for non-compliance with the census, including resolution processes and the value of possible penalties.
R15
7.57 The committee recommends that the Australian Government provide sufficient funding for the ABS to undertake its legislated functions to a continued high standard.
R16
7.58 The committee recommends that the responsible minister act as a matter of urgency to assist the ABS in filling senior positions left vacant for greater than
In noting privacy concerns the report states
4.54 It was argued to the committee that the destruction of name and address information is central to the willingness of individuals to give up their personal information to help society distribute goods and services equitably: There is an implicit social compact underpinning the Census: give us our anonymity and privacy, and every five years we will give you the data you want, in the form of a national, anonymous snapshot, to be used for planning, policy and research purposes. We will answer all those questions, truthfully, because we have been promised that our answers will never actually be linked back to us.
4.55 The CCHRL argued that the decision to retain names and addresses is a threat to privacy: We are concerned that the use of census data and data linkages across government agencies leads us into 'a system requiring personal information under compulsion of law where the system has increasingly powerful capacity to store, sort, match and predict' individual behaviour…Such a system, even if authorised by law, itself represents a fundamental breach of people's rights to privacy.
56 The APF argued that the changes introduced in the 2016 census have harmed the reputation of the ABS in the community: Before the 2016 census the Australian public generally trusted the ABS. This is no longer true for many Australians. That trust was destroyed by the ABS when it changed the purpose of the census from aggregated statistical data to personal tracking. It still remains unclear what the ABS plans to do with the personal information it has collected.
4.57 The committee heard that the willingness of the community to engage in statistical projects is proportionate to the trust the community has in that organisation. If respondents do not trust that their information is safe they are less likely to honestly participate in the activity.
4.58 Electronic Frontiers Australia argued that the changes to the 2016 census may represent an ongoing threat to future Censuses: The apparently significant erosion of public trust resulting from the manner in which the 2016 Census has been implemented represents a serious threat to both the integrity of the data collected in the 2016 Census and to all future Censuses.
4.59 It was put to the committee that while the ABS was a widely trusted organisation, it is necessary that the ABS continues to engage with stakeholders to assuage 'actual or perceived' risks in completing the census to ensure ongoing high data quality.
4.60 The ABS recognises the importance of community trust in completing its work, with the ABS' Corporate Plan citing trust as one of the essential components of its success. The ABS argues that it enjoys high levels of community support: An independent survey in 2015 found that institutional trust was high among general community respondents with 81 [per cent] indicating that they either trust greatly or tend to trust the ABS. Among the informed users of ABS products, the level of trust rose to 100 [per cent]. These are very high trust ratings for an organisation, and higher than comparable surveys of statistical organisations in other countries.
4.61 Although the final census results will not be ready for some time, the committee was informed that initial quality checks conducted by the ABS 'show low levels of item non-response to the known sensitive questions'. The ABS further reports a preliminary response rate in excess of 96 per cent, indicating that the concerns relating to the 2016 census did not tamper community enthusiasm for statistical participation.
 In discussing function creep the report states
4.62 The committee heard concerns regarding function creep where data collected for one purpose is later used for another. One of the key questions that anyone naturally has when asked to provide information, is the use to which that information will be put. This report has already canvassed some of the uses to which census data is put, including determining electoral boundaries, determining areas in need of greater public services, and tracking changes in demographics. A number of submissions queried how the enhanced dataset would be used by the ABS and government.
4.63 Australia has no privacy protections written into the Constitution. This means that there is no way the government can guarantee that the current and proposed legislative controls will remain indefinitely. Current protections might be robust, but there is no guarantee this will continue.
4.64 There are examples from Australia's past where governments have put short-term administrative need ahead of principle. Prior to the World War II, the then Tax Commissioner attempted to access census data for the purposes of a court action against a taxpayer. In that instance the Australian Statistician had, in the meantime, destroyed the name identified census card thereby preventing the use of this data. Although the legislative loophole that enabled the Tax Commissioner to make this claim has since been closed, it does highlight how data collected for one purpose at one point in time is often threatened with repurposing.
4.65 Even if consent is given initially to collect and use the data, we have no way to ensure that someone consents to that data being put to different uses. Salinger Privacy expressed concerns relating to the potential uses of the census dataset: It is my opinion that the risk of function creep was under-estimated by the ABS. Once they hold identifiable data on all 24 million people in Australia, I cannot believe that not a single government department, Minister or police force will be interested in tapping into that data for their own, non-research purposes. A list of the agencies queueing up to gain access to the metadata that telecommunications companies must now keep by law provides a salient example of the likelihood of function creep.
4.66 The committee heard that concerns regarding function creep featured prominently in the findings of the 2005 PIA, and were also cited by the ABS in a submission to the 1997 'Parliamentary Inquiry into the Treatment of Census Forms' in which the ABS recommended against the retention of identified census data.
4.67 The PIA prepared by the ABS relating to the retention of name and address data considered the possibility of function creep which it defined as: 'name and address information from the 2016 Census may be used for purposes beyond what is currently contemplated by the ABS'. The ABS assessed the likelihood as 'very low', and would mitigate against the risk by ensuring that 'any data integration project involving retained information is undertaken for statistical and research purposes only'.
In relation to linking to administrative datasets the report states
4.68 A further criticism of the ABS' handling of the decision to retain name and address information was the lack of clarity regarding how this data would be used in linking datasets. Legal academic Dr Cassandra Cross argued that linked data sets represent a growing threat to individual privacy: The linking of Census data to these other administrative data sets has the ability to paint a detailed picture of individuals and in and of itself, poses challenges to the privacy and anonymity of those subjected to it.
4.69 Assistant Professor Kate Galloway similarly argued that the linkage of compulsorily acquired data under the census to other data sets itself represents 'an increase in scope of the census' and an erosion of individual privacy.
4.70 The committee also heard views in support of linking census data with other data sets. Dr Liz Allen from the Australian National University (ANU) argued that many countries have been using statistically linked census data for decades, and that: The benefits of data linkage outweigh any potential harm which may be associated with the statistical undertaking. An example of the power of Census linkage is the methodological work by the ABS estimating Aboriginal and Torres Strait Islander life expectancy.
4.71 The committee similarly heard support for data linkages from the ANU School of Demography: Our second point is that the linkage of census data and other sources synergistically increases their value, and we would like to see more linkage in Australia. We provide an example to illustrate this point. Census data are necessary to provide the denominators for many indices, including demographic rates and many health measures. Without data linkage, the numerators and denominators, for example, to calculate the mortality from registered deaths and population numbers can only be aligned by reference to geographic area. Any additional information on the characteristics, such as the socioeconomic status, is assumed on the basis of the average socioeconomic status of people living in the area. In other words, the mortality of the individual is not directly linked to the socioeconomic status of the individual.
4.72 It may be that at this point the ABS itself has not fully decided upon the scale of potential data linkages. Internal ABS documents from 2015 discuss some of the potential applications of improved statistical linkages: ABS data integration activities can be expected to expand significantly in the coming years as ABS gains access to additional key nationally important administrative datasets. Maximising the utility of these datasets, as well as of the Census and survey datasets, will result from the ability to conduct multiple high quality linkage projects, through linking multiple administrative datasets, linking administrative datasets to surveys and/or the Census, and linking the Census to surveys. Name and address information has the potential to markedly improve the quality of data linkage. … Statistical data integration offers the potential to produce new data products, as well as enrich existing data products. There are many administrative datasets that are likely to have considerable statistical value. In addition to the Personal Income tax data which has already been used in data integration projects, future data integration projects could include the use of FaHCSIA welfare payments data, Centrelink unemployment benefits data, Medicare and Pharmaceutical Benefits Scheme data, Australian Immunisation Register, the AEC electoral role, and other nationally important datasets.
4.73 The ABS informed the committee that there currently exists strong demand for the delivery of greater statistical information on: the nature, extent and outcomes of industrial changes that are taking place in the economy; changes in in the community as the population ages and work and family patterns change; the education and health interventions most likely to produce outcomes; and the outcomes of government programs and services.
4.74 The ABS reported to the committee that there was 'strong community support for high quality data linkage'.
The Committee's view is
that overturning the long-standing practice of destroying name and address data collected through the census is a significant change that warranted significantly more public consultation and external scrutiny than it received.
4.76 It is apparent to the committee that level of consultation undertaken by the ABS in the lead-up to this decision was manifestly inadequate, especially considering the changes affect every Australian household. At a minimum, the PIA should have been conducted by an independent body. This is especially so considering that the ABS Executive Leadership Group was aware that within the organisation there was a 'widely held view' that the practice of destroying name and address was a barrier to meeting organisational objectives.
4.77 As discussed in chapter 2, previous privacy concerns regarding the census had resulted in reduced community participation in the census. We may live in an age where more and more personal data is voluntarily shared electronically, but we also cannot assume that Australians do not take their privacy seriously.
4.78 Based on the evidence received, the committee remains confident that the ABS is committed to using census data for the purpose for which it was collected. In weighing the prospect of any future function creep, the committee notes the ABS' strong track record of protecting personal information privacy. This can give Australian's confidence that the data collected through the census will be used for improving public services and the ability of governments to meet the needs of the Australian population.
4.79 Although the ABS has repeatedly declined to provide the legal advice received from the Australian Government Solicitor to the Senate—presumably confirming its authority to collect, retain and use names and addresses—the committee is not convinced that the ABS has acted beyond its powers, although some submissions expressed contrary views. The move to change how names and addresses are used is not insignificant however, as evidenced by the completion of a PIA in 2015, as well as similar investigations into the merits of such a scheme over the preceding decade.
4.80 As such, the committee is in agreement that all future PIAs relating to the census need to be undertaken by a suitably qualified external body and that the outcomes of this assessment are made publically available on the ABS website well in advance of any census. In addition, the committee is cognisant of the great work the ABS undertakes but is also aware of the significant negative impact the 2016 census has had on the ABS reputation. Once a new PIA is completed, the ABS should undertake extensive public consultations regarding any future changes or impact a new census might have in order to adequately inform the Australian public and its parliament, but also to re-establish its public credibility.

22 November 2016

Constitutional Zanies

Senator Culleton's deliciously zany submission to the High Court reads
The respondent, Rodney Norman Culleton, a Senator duly elected for the State of Western Australia makes the following submissions in support of an adjournment:
In Breach of S1 Constitution since 1990 in Act no 138 of 1900, it appears the Parliament of the Commonwealth has not been constituting itself with the Queen, and renamed itself without a Referendum the Parliament of Australia.
By S 32 Judiciary Act 1903. (Cth) now we are in the High Court on one matter on referral from the Senate, all the grievances, I have with the Government of Australia can and must be aired and all such remedies shall be granted to the respondent as it appears to be just. Consequently this submission is substantial.
That renamed Parliament of Australia appears to be held in contempt by the Judges and Magistrates of Australia after it started, on the 8th January 1991, enacting Legislation as “The Parliament of Australia enacts.” Because the Queen has been removed from the enacting words of the Parliament of the Commonwealth a reign of terror for which only physical violence or the threat of it, and the good common sense of Swat Teams and Police called upon to commit proxy violence in the name of Banks, Financiers and non compliant Courts, created by the States of Australia on any individual or family or corporation that dared to make a Political protest causing suicides family breakups, destruction of the family unit, and immense heartbreak to thousands of committed hard working Australians.
One such Court in my personal experience is the Supreme Court of Western Australia which appears to have been constituting itself with a single Registrar and making orders to be executed by the Bank's agents including the Police, without a trial or any proper judicial proceeding under Order 62A R4(1) Supreme Court Rules of Western Australia, even if the victim is in Court as I was, Registrar Whitbread made orders giving a shell lender possession of another entity of my own personal property and other third party assets which had nothing to do with the case. Under the guillotine Order you only have three days to Appeal which has recently been extended. Under this Order the WA Supreme Court had shut its doors preventing me from having my case heard.
The seeds of this disastrous failure in the delivery of peace order and good government started in 1952 when the High Court Rules 1952 were promulgated and approved by somnolent and irresponsible Parliament allowing the so called High Court to depart from the promised and mandated Federal Supreme Court to a selective, isolated, elitist High Court with power given to a Registrar and a Judge sitting alone, not the minimum of three Justices, mandated by S 71 Constitution, and without a hearing, just on the papers, to refuse access to the High Court as it now calls itself.
The Original published version, of the High Court of Australia Act 1979 as published in 1979, while outside the scope of S 71 Constitution, did in fact have the proper enacting words, but the latest version, obtained from the Table Office in the Senate has no enacting words at all in it. It is no wonder Banks, Trustees, their liquidators, receivers and agents have been able to use the Supreme Court of each State to get arbitrary orders stripping the assets of hard working Australians and giving them with the help of Armed Swat Teams, to the legal thieves, condoned by the State Governments of Australia.
This should never have been allowed to happen but for a series of incompetent, hopeless, Attorneys-General in both the Commonwealth and in the States. Who have been delivering law but not justice, since 1991, using armed swat teams, created as a Private Army by every State mostly from ex Army personnel, trained in assault weapons, in breach of S 114 Constitution.
These 150,000 odd strong armed organisations one in every State have been protected since 1983, by the Commonwealth Director of Public Prosecutions, who since 1983 has had the power to deliver protection from the application of the common law and Part III Crimes Act 1914 (Cth) by Complaint and Summons in a Magistrates Court in the State of Victoria, Queensland and New South Wales and in Western Australia, by using S 9.5 Director of Public Prosecutions Act 1983 to take over and discontinue any proceedings started by a person authorised by S 13 Crimes Act 1914 (Cth) or S15F Crimes Act 1914 (Cth) and deny access to justice to aggrieved Australians unless their Political Masters, in whatever Government happens to be in power directs.
An physically intimidating thug in a 550 horsepower Tow truck came to a property unannounced I was leasing in Guyra, without any paperwork, or other documentation or identification. He attempted to repossess a company vehicle by force ,and I physically resisted him on his failure to leave, and we had a fight about it. The individual was adamant he was coming in, and in order to stop him stealing or trespassing I switched his idling truck off, and removed the single key from the ignition. The thug started punching me, I punched back, and during the altercation, the key allegedly got lost, although he could have put it in his pocket. I was not worried about a key but where I would land my next punch. I was searched but he was not.
He alleges that he hot-wired this Turbo Charged Truck and got it going but since modern trucks have several layers of protection against theft, he almost certainly had the key. He drove away.
On the 12th September 2016, in the Senate I raised as an Issue for the Senate to consider, the fact that since the High Court Rules 2004, no longer issued process in the name of the Queen the High Court was out of order, and in contempt of Parliament, as 33 High Court of Australia Act 1979 mandates that Process be issued in the name of the Queen.
In fact it has been out of order since 1952, when Order 58 rule 4 Subrule 3 was approved by the Parliament of the Commonwealth and this malpractice continued in the High Court Rules 2004 in Rules 6.5, 6.6 and 6.7.which means no political pressure relief valve through the courts, and revolving door government.
In fact the High Court and Attorney-General were informed by action in the County Court in Bendigo in 2006, over ten years ago, and used the Australian Government Solicitor and political pressure on the County Court in Victoria to overturn a Default judgment entered against the Commonwealth in that action by one Judge Davis. The State of the Judiciary in Victoria being hopeless since 1986, no further action was taken by the Community Law Resource Group but the paperwork, letters from the High Court Registrar, the Office of Legal Services Coordination the Writ and most of the paperwork, is still available for filing.
The High Court is authorised to make Rules for the purposes of carrying into execution, the purposes and objects of the Judiciary Act 1903 by S 86 Judiciary Act 1903. It has been granted original jurisdiction under S 30 Judiciary Act 1903 to try on indictment any offence against the Laws of the Commonwealth.
To achieve this, requires Rules providing for Grand Juries, to investigate and commit to trial offenders caught offending against the Laws of the Commonwealth, but neither the High Court Rules 1952, nor the High Court Rules 2004, contain Rules to facilitate this very important function of a Federal Supreme Court no matter what it is called. Breach of Statute Law was always an Indictable Offence at Common Law, but without access to the High Court or rules that regulate such a proceeding, the State Governments of Australia may have embarked on a reign of terror against the subjects of Her Majesty Elizabeth the Second living within their borders.
In Breach of S 90 Constitution which gives exclusive jurisdiction over Excise to the Commonwealth, State and Territory Governments have levied an internal taxes including vehicles, property and transfers, a tax on the right to drive by selling driving Licences, acquired private property without paying compensation, all taxes and actions that are absolutely prohibited to the Queen, unless legislated for in Her name, with the consent of both Houses of Parliament.
In New South Wales where the incident prompting this referral to the High Court occurred the Parliament of New South Wales in 1970 legislated to give a rules Committee of nine Judges power, under S 6 Supreme Court Act of New South Wales power, by Rules of Court to overrule any prior inconsistent Act, including the Commonwealth of Australia Constitution Act 1900 and Constitution, thereby depriving the Australians in New South Wales of the protection of a court of Judicature as required by Ch III Constitution.
In 1986 an Oxymoron of an Act was agreed between the States and Commonwealth that both abolished the Australian Constitution and continued it and the Australian Courts Act 1828. This inconsistency was presented to the High Court by Senator Len Harris of Pauline Hanson’s One Nation around one year prior to the election where he was defeated, and it was rejected under Order 58 Rule 4 Subrule 3 High Court Rules 1952, and this capricious and unreasonable conduct by the Registry of the High Court and the Judges of it has resulted in Revolving Door Governments in every State and the Commonwealth since 1952.
It appears to be clear the Family Court of Australia has never required the Judges of that Court to swear Allegiance to the Queen, and as a consequence it puts a big question over its legitimacy, never been legitimate, because Allegiance to the Queen is the cornerstone of representative democracy, because the Queen, before She can assume Office, must take an Oath Herself, and that Oath incorporates the Principles of Protestant Christianity into the fabric of society.
Those principles are: (a) That no one shall be subject to arbitrary judgment by one individual over another. (b) No one shall be compelled to worship false gods. (c) Only a panel drawn from the electoral Roll, comprising more than one, can find a verdict or the truth. (d) No one shall be the slave of another and all persons shall be equal before Almighty God , and therefore the Law. (e) A conscience of Almighty God is exercised by the Queen in all her judgments, and the Conscience of Almighty God is called equity, and it was exercised by the Archbishop of Canterbury as Chancellor of the Exchequer, in the Chancery Court until 1873, when the Court of Chancery and Courts or Law were amalgamated, to make the courts of Judicature.
The Court of Chancery as the conscience of Almighty God was charged with executing and maintaining the Statute Laws of the Realm, and it was a simple matter of a pleading of Statute in that Court to instil respect in the deliberations of the Parliament. As a safeguard, the principles of the Magna Carta were observed by that court and all parties since 1275, and the Statute of Westminster the first, had the right to elect mode of trial: at Bar before Judges or with a jury of their peers.
The Principals outlined in Paragraph 18 above are incorporated into the International Covenant on Civil and Political Rights. As Schedule 2 to the Australian Human Rights Commission Act 1986, by s 13 Acts Interpretation Act 1901 this is law, but its application has been frustrated by Judges and Magistrates whose allegiance to the Queen must be questioned, because it was enacted properly in 1986 at the same time as the Australia Act 1986 gave the States a licence to do as they pleased to Parliaments in every State by removing Judicial Review as envisaged by Alfred Deakin in the second reading speech to the Judiciary Bill 1902.
Without Judicial Review as a right to peace order and good government no one can truly live in peace in this country, because if he does anything at all to upset a government official, a nasty vindictive Judiciary will be engaged to attack him.
To protect Parliamentarians, who under Parliamentary Privilege may bring the grievances of the people to the Parliament S 14 Parliamentary Privileges Act 1987, one of the Acts properly enacted before 1990, is enacted and it provides that no Parliamentarian ‘shall be required to attend before a court or a tribunal…on any day: (c.) on which the House of which that member is a member meets. (e.) which is within five days before or five days after a day referred to min Paragraph (c.) or (d.)”
Consequently on the above submissions, I humbly request that the hearing be adjourned to another date and time agreeable to both parties.
Signed Rodney Norman Culleton proudly Representing Western Australia in the Commonwealth Senate.

Risk

'Anonymization and Risk' by Ira Rubinstein and Woodrow Hartzog in (2016) 91(2) Washington Law Review comments
 Perfect anonymization of data sets that contain personal information has failed. But the process of protecting data subjects in shared information remains integral to privacy practice and policy. While the deidentification debate has been vigorous and productive, there is no clear direction for policy. As a result, the law has been slow to adapt a holistic approach to protecting data subjects when data sets are released to others. Currently, the law is focused on whether an individual can be identified within a given set. We argue that the best way to move data release policy past the alleged failures of anonymization is to focus on the process of minimizing risk of reidentification and sensitive attribute disclosure, not preventing harm. Process-based data release policy, which resembles the law of data security, will help us move past the limitations of focusing on whether data sets have been “anonymized.” It draws upon different tactics to protect the privacy of data subjects, including accurate deidentification rhetoric, contracts prohibiting reidentification and sensitive attribute disclosure, data enclaves, and query-based strategies to match required protections with the level of risk. By focusing on process, data release policy can better balance privacy and utility where nearly all data exchanges carry some risk.