- The Strategist - https://www.aspistrategist.org.au -

Will our digital national identity survive our lack of care?

Posted By on July 23, 2018 @ 12:30



Australia’s national identity has always been difficult to define. It is complex and ever-changing, the dynamic collective of Australians and our environment, history, geography, culture and outlook.

Defining our national identity might be a significant challenge, but so is storing, preserving and interpreting the data that forms it. National identity data is the digital evidence of who we are, how we see ourselves, and how we relate to the rest of the world. It includes high-value personal, social, legal, democratic and historical data, such as records of births, deaths and marriages; immigration records; the decisions of our courts and parliaments; and the many stories told on our screens and airwaves through social and electronic media.

Because of its importance to us as a nation, we must keep it safe and accessible. Nationally, digitalisation is only going to increase; most Australian governments are committed to being fully digital within the next few years. As custodians of the bulk of national identity data, government agencies have a responsibility to protect it. And with the creation and retention of fewer paper traces, accessing and preserving this information is becoming more complicated.

Equally disturbing is the inability to access, understand and adequately discriminate between what’s valuable and what isn’t. In 2016, American historian Abby Rumsey argued that we are now so far ahead of ourselves in the accumulation of data that we may never catch up or truly understand its significance. One way to address the information overload could be through the use of artificial intelligence and big-data analytics, though we don’t yet know how successful that might be.

But how safe is our data? All government agencies are required to comply with the cybersecurity policies set by their respective jurisdictions, but you only have to read recent audit reports by the Australian National Audit Office and its state equivalents to see that those standards aren’t being met. While audits focus on particular agencies, they’re a snapshot into the reality of how agencies are faring more generally.

The ANAO’s 2017 cyber-resilience review of three large, well-funded agencies—the Department of Human Services, the Australian Taxation Office and the Department of Immigration and Border Protection (now the Department of Home Affairs)—was illuminating. Only DHS was compliant with the top four cyber-intrusion mitigation strategies in the government’s information security manual, and it was also the only department that qualified as internally cyber-resilient.

The review found that the agencies’ lack of compliance puts their data at risk. The Australian Signals Directorate has estimated that around 85% of cyber-intrusions would be mitigated if the top four strategies were implemented.

Given the range of information-management and cybersecurity protocols and frameworks disseminated by the Australian Signals Directorate, the Attorney-General’s Department and the Department of the Prime Minister and Cabinet, it’s worrying to see the inconsistencies across agencies that hold critical data relating to Australia’s national identity and security.

And then there are the ultimate information and data custodians—national and state archives, records organisations, libraries and other cultural institutions—which are struggling to keep even their basic services afloat, let alone protect and preserve our digital heritage and national identity data.

The current parliamentary review of national institutions in Canberra is evidence of that. The committee has received numerous submissions and testimonials from the heads of cultural institutions decrying the continued funding cuts. Although a handful of agencies have recently received one-off funding for digital initiatives, the National Archives of Australia, which holds some of the government’s most valuable and sensitive information, has unsuccessfully sought funding to build a digital archive five times over the past 10 years.

A great deal of effort and focus is placed on protecting critical infrastructure like roads, communications and ports, as well as classified and sensitive information, but the same can’t be said of our national identity data, or of the national and state institutions that protect and provide access to those digital assets.

The value of our digital national identity must be more widely recognised by governments, the public and the entities that create it, and it must be protected.

Keeping that data safe and accessible is vital not only for chronicling Australia’s past, but also for supporting government transparency, accountability, and the rights and entitlements of all Australians now and in the future.


Article printed from The Strategist: https://www.aspistrategist.org.au

URL to article: https://www.aspistrategist.org.au/will-our-digital-national-identity-survive-our-lack-of-care/

[1] Abby Rumsey argued: https://www.bloomsbury.com/us/when-we-are-no-more-9781620408025/

[2] Australian National Audit Office: https://www.anao.gov.au/pubs?search_api_views_fulltext=cyber%20resilience

[3] 2017 cyber-resilience review: https://www.anao.gov.au/work/performance-audit/cybersecurity-follow-audit

[4] information security manual: https://acsc.gov.au/infosec/ism/index.htm

[5] Australian Signals Directorate has estimated: https://acsc.gov.au/infosec/top-mitigations/mitigations-2017-table.htm

[6] review of national institutions: https://www.aph.gov.au/Parliamentary_Business/Committees/Joint/National_Capital_and_External_Territories/NationalInstitutions

[7] decrying: https://www.canberratimes.com.au/canberra-news/more-cuts-will-put-national-institutions-core-purposes-at-risk-20180513-p4zez8.html