Medicare details available on dark web is just tip of data breach iceberg

Modern governments use a lot of data. A lot. Our social services are organised by massive databases. Health, welfare, education and the pension all require reams of information about identity, social needs, eligibility, and entitlement.

Our infrastructure is managed by massive databases holding information about traffic flows, public transport usage, communications networks, and population flows.

Our security is maintained by complex information systems managing defence assets, intelligence data, and capabilities and deployment information.

We should be thinking about these enormous data holdings when we read the news that thieves have been selling Medicare numbers linked to identities on the “dark web” – a mostly untraceable anonymous corner of the internet.

That last detail is what has made this such a scandal for the government, as Human Services Minister Alan Tudge and the Australian Federal Police have scrambled to identity the systems’ weaknesses.

But the fact that the Medicare numbers are being sold is the only thing that makes this an unusual data security breach. Australian government databases are constantly being accessed by people who are not authorised to do so.

Here’s just a taste. Last year the Queensland Crime and Corruption Commission revealed it had laid 81 criminal charges and 11 disciplinary recommendations in the space of 12 months for unauthorised access to confidential information by police. One of those was a police officer who had been trawling through crime databases looking for information about people he had met on a dating service. He was convicted of 50 charges of unauthorised access.

A Queensland police officer was disciplined in May this year for using the police database to share the address of a woman with her husband who was subject to a restraining order.

The Victorian government’s police database was wrongly accessed 214 times between 2008 and 2013, by “hundreds” of officers.

Earlier this year 12 staff were fired from the Australian Taxation Office for accessing tax data on celebrities and people they knew.

We could go on. These of course are the instances we know about because they have been detected and reported on. There are undoubtedly others.

Governments manage a lot of data because we ask them to do it a lot, and to do what they do well.

They run thousands of complex systems. Many of these systems have been jerry-rigged and adapted from earlier systems, a series of politicised, over-budget and under-delivering IT projects stacked on top of each other over decades.

But these repeated episodes of unauthorised access show that these complex systems are in dire need of reform.

It is clear that the “permission” structures on these government databases are deeply broken.

In the debate over mandatory data retention one of the big questions was whether law enforcement and regulatory agencies should have to obtain a warrant before accessing stored data. In the end the government decided no warrant was necessary – because warrants could only slow down investigations.

This is exactly the sort of loose permission structure that leads to abuse. Just two weeks after data retention officially came into effect this April, the Australian Federal Police admitted one of its members had illegally accessed the metadata of a journalist.

This breach was entirely predictable. Data retention opponents repeatedly predicted it.

Last week’s Medicare breach has been made possible because thousands and thousands of people – bureaucrats, health professionals, and so on – can access the Medicare database. Most police officers, bureaucrats, and health professionals are trustworthy. But it only takes a few bad actors to wreck a system built on trust.

Rather than leaving data access up to the discretion of thousands of people, we need stricter codified rules on data access. Government databases need to be restructured to prevent, not simply penalise, government employees from going on fishing expeditions through our data.

The point isn’t to provide a legal or technological fix to the problem of unauthorised access. Rather, we should completely reimagine who owns the information that the government keeps on all of us. We ought to own and control our information, not the state.

New cryptographic technologies increasingly being applied to blockchain and cryptocurrency applications allow for even greater personal control over information. If applied, they would only allow government agents to know exactly what they need to know.

And it would move us from a system of surveillance and big data, to one of personal disclosure and privacy.

In the past, economic reform was targeted at big sectors like banking, telecommunications, and trade.

As Australian governments evolve inevitably into complex information brokers, the next wave of reform will have to focus on data management.