Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


BDFL - Memuneh
60822 posts

Uber Geek
+1 received by user: 11702

Administrator
Trusted
Geekzone
Lifetime subscriber

Topic # 225935 12-Dec-2017 09:02
Send private message

Hey folks. 

 

The folks at StatsNZ are working hard on next year's census. This will be the first time an online option will be prioritised. Understanding people may feel the need to know more about security and privacy aspects, the team wants to run a Q&A with the Geekzone community.

 

@StatsNZ will be available for a couple of days - 12th and 13th December - to answer your questions. Post in this topic for this to keep rolling.

 

As a background, Stats NZ provided me with this intro.

 

Ask away!

 

 

Government Statistician, Liz MacPherson, explains more about what we’ve done to prepare and our commitment to looking after your census information once you submit it. 

 

The next census will be different.

 

While this isn’t the first time that we have offered an online option for people to complete the census, it is the first time that we will be prioritising online participation  – and we’ve changed the entire model of the census in support. 

 

Next year, instead of people delivering paper forms to every household and then coming back after census day to collect them, Stats NZ will be sending or delivering access codes for every household to go online – and only following up with the households that haven’t taken part after census day.

 

Requiring everyone to take part in the census comes with the responsibility of doing everything we can to look after the data you submit to us, so the move to digital first meant that we needed to build a system that is reliable, and as easy as possible for everyone to use next year.

 

We’ve had a few challenges along the way – particularly designing a solution that strikes a balance between making the system as secure as we possibly can, while still making it easy and accessible for everyone in New Zealand to use at census time, but we’re confident that we’ve designed and tested a system that will work.

 

We’ve built from scratch, working with external partners, and we’ll be actively monitoring the system throughout the time that people are completing their census forms so that we can react quickly if anything doesn’t go to plan. We’ve also learnt a lot from our colleagues in Australia, who ran their census last year.

 

A huge focus has been building a system that can handle the scale and resiliency we need – we’re aiming for more than double the number of people to complete online than in 2013, and this means designing a system that can cope with a lot of people online at once, and a lot of attention.

 

We also know that your information is likely to go offshore when it is on its way to us. This is because the internet looks for the fastest route for the data to travel to our systems and in most cases, this happens to be via Australia.

 

But, while it is on its way, all the information you submit will be encrypted from your browser to our system, and can only be unlocked once it is received by Stats NZ systems. Once we have received it, both the data and the ‘pipe’ it travels through to our servers (where it is stored) are also encrypted. We’ve also put a global web security system in place to do everything we can to protect our systems from malicious attacks.

 

We’ve completed testing at every stage of the system build – this includes penetration testing conducted by external security partners. We’ve also run three public tests, involving thousands of households since 2016, to test how our new processes works – from sending out the letters and seeing how people complete the online forms, through to assessing how the data flows through the system to our servers.

 

We’ve done all of this work because we know how valuable the information we ask everyone to submit is.

 

The census is about everyone in New Zealand – it involves asking you to tell us information about yourself so that we can build a picture of how many people and dwellings there are in New Zealand, and how our society is changing over time.

 

Making sure that we make it as easy as possible for you to take part, and making sure we are ready to look after the information you share with us, is our top priority for the 2018 Census.

 

Keen to find out more about the census? https://www.census.govt.nz/your-information/

 





Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4 | 5
4556 posts

Uber Geek
+1 received by user: 1828


  Reply # 1917164 12-Dec-2017 09:39
6 people support this post
Send private message

Is it ethical to compel citizens (via threat of fines) to engage in work (completing the census) which creates value for SatsNZ without paying them?

 

Is it ethical to make information obtained from citizens by compulsion available for commercial use?





Mike

4 posts

Wannabe Geek
+1 received by user: 3


  Reply # 1917169 12-Dec-2017 09:42
One person supports this post
Send private message

Hi,

 

I'm interested in your approach to performance testing and simulating DDOS / botnet attacks. There was some pretty low hanging fruit in the Australian census / IBM debacle in 2016.

 

How do you know it will stand up?

 

 


1659 posts

Uber Geek
+1 received by user: 768


  Reply # 1917172 12-Dec-2017 09:43
7 people support this post
Send private message

MikeAqua:

 

Is it ethical to compel citizens (via threat of fines) to engage in work (completing the census) which creates value for SatsNZ without paying them?

 

Is it ethical to make information obtained from citizens by compulsion available for commercial use?

 

 

I think you're missing the point of this thread.  Maybe post this in Politics or contact Stats directly with this query.





Most of the trouble in the world is caused by people wanting to be important. (T.S. Eliot)


1692 posts

Uber Geek
+1 received by user: 823


  Reply # 1917181 12-Dec-2017 09:56
One person supports this post
Send private message

Interesting,

 

I was sure I completed mine online last Census.


Banana?
4331 posts

Uber Geek
+1 received by user: 1016

Subscriber

  Reply # 1917185 12-Dec-2017 09:59
Send private message

I definitely did my Census online last time too. I remember where I was sitting to do it.


1434 posts

Uber Geek
+1 received by user: 150


  Reply # 1917186 12-Dec-2017 09:59
Send private message

Pumpedd:

 

Interesting,

 

I was sure I completed mine online last Census.

 

 

I thought I did too.




BDFL - Memuneh
60822 posts

Uber Geek
+1 received by user: 11702

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1917203 12-Dec-2017 10:18
Send private message

I have edited the first post to reflect the fact this one will be prioritised. Please ask away...





653 posts

Ultimate Geek
+1 received by user: 270

Subscriber

  Reply # 1917204 12-Dec-2017 10:21
One person supports this post
Send private message

@StatsNZ

 

Here are a couple of questions:

 

You mention encryption of data traversing international links, you don't mention where your servers are located. Where are your servers located?

 

Are you using a public cloud solution to host your servers? If so are you going to make publicly available your Cloud Risk Assessment that you provided to the DIA?

 

 

 

 

 

 








6699 posts

Uber Geek
+1 received by user: 3456


  Reply # 1917210 12-Dec-2017 10:24
2 people support this post
Send private message

My questions would be less along the lines of security of the system, but if the census is supposed to be a "snapshot", but a (surely unknown) number of people don't or won't use the online system and need to be "followed up" at a later date, then you haven't got a snapshot, but to continue to use a photographic analogy - you've got a time exposure and the possibility of blur.

 

To put it another way - if you ask me a week from today what I had for breakfast this morning, I'd be guessing.

 

I suggest that rather than follow-up of non-participants after the date of the census, then send access codes out well before census date with request to please register before the census survey goes live - with enough time to ensure that paper census forms can be delivered to all who haven't responded before the census date - not after.  At least then, you only have to deal with those who have registered - but not completed the survey.


3972 posts

Uber Geek
+1 received by user: 675

Trusted
Subscriber

  Reply # 1917388 12-Dec-2017 13:06
Send private message

This is not a technology question, but something I'm curious about so hopefully I can still ask it here.

 

How do you determine whether a particular question is 'too personal' to include in the census? Obviously different people will be dramatically different attitudes around what type of questions they are comfortable responding to, so what guidance do you apply to determine where to draw the line?


10 posts

Wannabe Geek
+1 received by user: 2

Trusted
Stats NZ

  Reply # 1917618 12-Dec-2017 17:27
Send private message

gbwelly:

 

@StatsNZ

 

Here are a couple of questions:

 

You mention encryption of data traversing international links, you don't mention where your servers are located. Where are your servers located?

 

Are you using a public cloud solution to host your servers? If so are you going to make publicly available your Cloud Risk Assessment that you provided to the DIA?

 

 

@gbwelly:

 

Our servers are housed in data centres that are physically located in different locations in New Zealand. These data centres form part of the Government private cloud, which is a service provided by vendors that have gone through a rigorous selection process run by DIA. They have all been tested for their ability to store and protect data.

 

No, we’re not using a public cloud solution to store responses for the census.  While we do use public cloud for some aspects of our field operations management, we do not make risk assessments or other design information, available as these might possibly contain detailed information that an attacker may find useful.





Stats NZ

10 posts

Wannabe Geek
+1 received by user: 2

Trusted
Stats NZ

  Reply # 1917619 12-Dec-2017 17:33
One person supports this post
Send private message

alasta:

 

This is not a technology question, but something I'm curious about so hopefully I can still ask it here.

 

How do you determine whether a particular question is 'too personal' to include in the census? Obviously different people will be dramatically different attitudes around what type of questions they are comfortable responding to, so what guidance do you apply to determine where to draw the line?

 

 

@alasta

 

To determine the final census content we undertook an extensive review process. This included public engagement and consultation. We carried out survey development work, which included further research, development of the questionaries’ and testing. Our testing included cognitive testing of questions, mass completion tests, along with three public tests in 2016 and 2017, where we asked people to fill in draft census forms.

 

We also considered questionnaire constraints, real-world change, respondent burden, classification reviews and international trends. You can find out more at: http://archive.stats.govt.nz/Census/2018-census/2018-census-content-report.aspx





Stats NZ

10 posts

Wannabe Geek
+1 received by user: 2

Trusted
Stats NZ

  Reply # 1917620 12-Dec-2017 17:35
Send private message

thesifter:

 

Hi,

 

I'm interested in your approach to performance testing and simulating DDOS / botnet attacks. There was some pretty low hanging fruit in the Australian census / IBM debacle in 2016.

 

How do you know it will stand up?

 

 

 

 

@thesifter:

 

Performance testing and testing our ability to deal with DDOS attacks has been an important focus of our security testing. We have also worked closely with our Australian counterparts to understand the issues they encountered.  With the 2018 Census systems having been designed and built from scratch over the last few years, we have been able to incorporate their learnings into our final design.

 

We have completed testing at every stage of the system build. This includes design, code and penetration testing. And we have used trusted specialists contracted through our government approved panel to do this testing.

 

Operationally we will be monitoring the flow of data and our systems throughout the census, and this includes being able to detect and deflect DDOS attacks. If we believe that personal information or integrity of the system is compromised in any way, we will shut down access to the online system until we’re confident that we have the situation under control.





Stats NZ

10 posts

Wannabe Geek
+1 received by user: 2

Trusted
Stats NZ

  Reply # 1917621 12-Dec-2017 17:38
Send private message

Fred99:

 

My questions would be less along the lines of security of the system, but if the census is supposed to be a "snapshot", but a (surely unknown) number of people don't or won't use the online system and need to be "followed up" at a later date, then you haven't got a snapshot, but to continue to use a photographic analogy - you've got a time exposure and the possibility of blur.

 

To put it another way - if you ask me a week from today what I had for breakfast this morning, I'd be guessing.

 

I suggest that rather than follow-up of non-participants after the date of the census, then send access codes out well before census date with request to please register before the census survey goes live - with enough time to ensure that paper census forms can be delivered to all who haven't responded before the census date - not after.  At least then, you only have to deal with those who have registered - but not completed the survey.

 

 

@Fred99:

 

From our work to date, we have an estimate of the number of people and dwellings in NZ. This is what we use to validate our response to the 2018 Census.   We allow people to fill in the census forms a few weeks before census and a few weeks after for practical reasons, because of the sheer size of the operation.  We encourage people to fill in their census forms ‘as if it was census day’. We also carry out an independent survey after census to determine how many people did not participate.

 

Your suggestion is pretty similar to our operational plan, actually. Letters with access codes and instructions will be sent out in February, which will give people time to request paper forms if they’d prefer them. We’ll also be sending out reminders just after census day, and then our field teams will be able to concentrate on following up with the households that haven’t taken part.





Stats NZ

4 posts

Wannabe Geek
+1 received by user: 3


  Reply # 1917624 12-Dec-2017 17:44
One person supports this post
Send private message

Thanks for that and good luck.


 1 | 2 | 3 | 4 | 5
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Hawaiki Transpacific cable ready-for-service
Posted 20-Jul-2018 11:29


Microsoft Dynamics 365 Business Central launches
Posted 10-Jul-2018 10:40


Spark completes first milestone in voice platform upgrade
Posted 10-Jul-2018 09:36


Microsoft ices heated developers
Posted 6-Jul-2018 20:16


PB Technologies charged for its extended warranties and warned for bait advertising
Posted 3-Jul-2018 15:45


Almost 20,000 people claim credits from Spark
Posted 29-Jun-2018 10:40


Cove sells NZ's first insurance policy via chatbot
Posted 25-Jun-2018 10:04


N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.