Queensland Transport is introducing a new “Smart Licence” for Queensland. I think this is a BAD idea. Here’s the first (well, first that was responded to) email. I’ll post more as I get replies

From: Phil
To: newlicence@transport.qld.gov.au,
CC: TTEIR@ministerial.qld.gov.au, email@efa.org.au
Date: 23 January 2009 10:38
Subject: Details of measures to protect privacy, security and confidentiality of data contained in smart card drivers licences

To whom it may concern,

I have previously enquired about privacy, security and confidentiality of the proposed new Queensland Drivers Licence (30 July 2008). I have not yet received any response to this, hence the second contact, including the Minister for Transport, Trade, Employment and Industrial Relations. I have also include the Electronic Frontiers Australia group, as they are an important organisation representing on-line freedoms and rights for internet users. Due to the nature of electronic data storage, this is particuarly relevant.

I would like to have the following questions answered. As I will be a consumer of this technology when it is released, I, and the public of Queensland, have a right to know the details of the technology, to fully understand the implications that it will have for me. Given that a Queensland Drivers licence is a de-facto state identification document, the ability to “opt-out” is not realistic for the vast majority of the population.

It should be noted that the release of detailed technical specifications of encryption, data protection and access control measures does not compromise the security of such measures. Relying on the secrecy of security schemes, known as “security through obscurity” contrasts with “security by design” which relies on well designed algorithms and systems, in conjuntion with strong cryptographic keys to provide security. “Security through obscurity” requires systems and algorithms to be kept secret, which prevents peer-review of the system to ensure it is robust. See http://en.wikipedia.org/wiki/Security_through_obscurity and http://en.wikipedia.org/wiki/Security_by_design

1) Please provide details of access to personal information by police and other authorised parties. Detail the audit processes used to detect potential mis-use of access. Also detail the penalties that apply to such mis-use.

2) Provide detailed technical specifications of the scheme used to restrict access to data by the use of a PIN. If different protection mechanisms are used for different segments of memory, provide details here.

3) Provide detailed technical specifications of the public key infrastructure which allows authorised officers (such as police) access to information stored on the smartcard without the use of the PIN. Include the process for key revocation in the case a unit used for these purposes is lost or stolen, or keys are otherwise
compromised.

4) Provide details of any intended future uses, as mentioned as “Future applications”, of potential expansion of use.

Please do not hesitate to contact me via mail, email or phone, as detailed below. I look forward to your response.

Phil Cole