#CensusFail

Editor’s Note: On Tuesday the 9th of August the ABS website was shut down after a series of hacking attacks attempted to sabotage the national census. While the identity of the hackers remains unknown, the following column, written before these recent events, is now more relevant than ever.

n-CENSUS-628x314

Here’s an idea: let’s get everyone in Australia to note down their names and addresses, chuck em’ on a server somewhere and maybe make a few nice graphs while we’re at it. Great, right?

Now look, Australian Bureau of Statistics, stats and pretty pie graphs are nice and all, but quite a lot of people are unhappy with how privacy and security is being handled with the latest census. Logging onto Twitter and following the #CensusFail hashtag reveals a plethora of disgruntled Australians, voicing their concerns all over social media and beyond. These aren’t just your Average Joes either, mind you, with some of the loudest critics over the past week including public officials, university academics, defence personnel and even a former head of the ABS!

So what the hell did the government do this time? We’ve been having nation-wide census-es (censuseses? censi?) for decades, and while the odd privacy concern has cropped up here and there, it has been nothing like what we’ve been hearing recently; the concerns about terrorists possibly getting a hold of the data, and mass boycotts being encouraged. So what changed?

There are a few footnotes in the Census’ privacy policy this time around, which we have just realized have some major, worrying ramifications. This year is the first time the ABS is using the internet as their primary census platform, which is supposed to save them $100M. This is not too significant on its own, but the census has also been changed so that data will be kept for four years rather than 18 months – data which now includes names and addresses.

Now your average citizen may not worry too much about this information being provided to a government authority, but with terrorist concerns amplifying, and with religious and gendered minorities becoming quickly identifiable on the census data, and people mostly being distrustful of the government and their surveillance policies after WikiLeaks… Well, yeah, it is a bit of a problem.

Regarding these concerns, ABS officials have responded quite vaguely via social media, reassuring the public about their “brilliant” security system. This isn’t to imply that people shouldn’t be worried though – all it takes is one hate-fanatic to breach this security system and bam: the neo-Nazis know where everyone lives. In the modern age, all it takes to break into government data servers is one neckbeard with enough doritos and mountain dew. Jokes aside, the prospect of this information ending up in the hands of fringe groups and extremists is extremely problematic.

A data breach may be unlikely, but it’s certainly not impossible. I suppose we could always just count ourselves lucky that there’s a strong anti-correlation between people’s extremism and their overall level of intelligence.

We shouldn’t be too hasty to ring the panic bell. Surely the data isn’t stored that insecurely. Quantum computing is supposed to be a thing, right? It can protect us from all the hackers. Well, not quite, but at least ABS doesn’t store all this stuff as plaintext; there are hashes and complicated security keys which detach your raw info from the stats, and keep number theorists employed. Essentially, they don’t need your name or address to store your data – they can anonymise you and encrypt your data so that it’s hard to access.

But wait! They’re storing the names and addresses anyway. Supposedly for “deeper, richer data linking”

Let’s also remember that this is the same security system that has been breached 14 times since 2013. That is once every two months… and now they are planning to keep our details for twice as long as before? Cool. So our data isn’t really that secure. No wonder the ABS hasn’t had any good comebacks for the savage social media condemnation as of late.

It is worth asking just how bad it really is to have our names and addresses on file. Just think about this for a moment – has there been a time in history when having your name, address, religion and gender all “safely” in the hands of the government ended not-so-well?

Census data, historically, has been used many times by states to persecute ethnic groups. Americans with the Japanese, UK with the Catholics in Northern Ireland, Yugoslavians with the Bosnians and Croats, and, of course, Nazis with the Jews. Now, while a course of action equating to severity is unlikely any time soon, let’s keep in mind that Trump may soon be the President of the US, and we have four One Nation senators lined up for the government rodeo at home. I’d bet Pauline Hanson would just love to know where every Australian Muslim lives…

Great! You should now be either paranoid and have thrown out your census letter, or are glossing your eyes over the latest sensationalist article. If you’re reading this prior to having completed the census or mailing your responses, you’re probably wondering what can you do? Well, you didn’t hear it from me, but I heard that if you ‘accidentally’ misspell your name, or write a nickname instead, ABS can’t do shit. Plausible deniability man, it’s a wonderful thing. If, rather unfortunately, you’ve already sent the government your deepest darkest secret super-sensitive census data, you better cross your fingers and hope the fanatic neckbeards stay away from mountain dew for the next four years.