Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




BDFL - Memuneh
59418 posts

Uber Geek
+1 received by user: 10626

Administrator
Trusted
Geekzone
Lifetime subscriber

Topic # 225935 12-Dec-2017 09:02
Send private message quote this post

Hey folks. 

 

The folks at StatsNZ are working hard on next year's census. This will be the first time an online option will be prioritised. Understanding people may feel the need to know more about security and privacy aspects, the team wants to run a Q&A with the Geekzone community.

 

@StatsNZ will be available for a couple of days - 12th and 13th December - to answer your questions. Post in this topic for this to keep rolling.

 

As a background, Stats NZ provided me with this intro.

 

Ask away!

 

 

Government Statistician, Liz MacPherson, explains more about what we’ve done to prepare and our commitment to looking after your census information once you submit it. 

 

The next census will be different.

 

While this isn’t the first time that we have offered an online option for people to complete the census, it is the first time that we will be prioritising online participation  – and we’ve changed the entire model of the census in support. 

 

Next year, instead of people delivering paper forms to every household and then coming back after census day to collect them, Stats NZ will be sending or delivering access codes for every household to go online – and only following up with the households that haven’t taken part after census day.

 

Requiring everyone to take part in the census comes with the responsibility of doing everything we can to look after the data you submit to us, so the move to digital first meant that we needed to build a system that is reliable, and as easy as possible for everyone to use next year.

 

We’ve had a few challenges along the way – particularly designing a solution that strikes a balance between making the system as secure as we possibly can, while still making it easy and accessible for everyone in New Zealand to use at census time, but we’re confident that we’ve designed and tested a system that will work.

 

We’ve built from scratch, working with external partners, and we’ll be actively monitoring the system throughout the time that people are completing their census forms so that we can react quickly if anything doesn’t go to plan. We’ve also learnt a lot from our colleagues in Australia, who ran their census last year.

 

A huge focus has been building a system that can handle the scale and resiliency we need – we’re aiming for more than double the number of people to complete online than in 2013, and this means designing a system that can cope with a lot of people online at once, and a lot of attention.

 

We also know that your information is likely to go offshore when it is on its way to us. This is because the internet looks for the fastest route for the data to travel to our systems and in most cases, this happens to be via Australia.

 

But, while it is on its way, all the information you submit will be encrypted from your browser to our system, and can only be unlocked once it is received by Stats NZ systems. Once we have received it, both the data and the ‘pipe’ it travels through to our servers (where it is stored) are also encrypted. We’ve also put a global web security system in place to do everything we can to protect our systems from malicious attacks.

 

We’ve completed testing at every stage of the system build – this includes penetration testing conducted by external security partners. We’ve also run three public tests, involving thousands of households since 2016, to test how our new processes works – from sending out the letters and seeing how people complete the online forms, through to assessing how the data flows through the system to our servers.

 

We’ve done all of this work because we know how valuable the information we ask everyone to submit is.

 

The census is about everyone in New Zealand – it involves asking you to tell us information about yourself so that we can build a picture of how many people and dwellings there are in New Zealand, and how our society is changing over time.

 

Making sure that we make it as easy as possible for you to take part, and making sure we are ready to look after the information you share with us, is our top priority for the 2018 Census.

 

Keen to find out more about the census? https://www.census.govt.nz/your-information/

 





Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4 | 5
3314 posts

Uber Geek
+1 received by user: 1248


  Reply # 1917164 12-Dec-2017 09:39
6 people support this post
Send private message quote this post

Is it ethical to compel citizens (via threat of fines) to engage in work (completing the census) which creates value for SatsNZ without paying them?

 

Is it ethical to make information obtained from citizens by compulsion available for commercial use?





Mike

4 posts

Wannabe Geek
+1 received by user: 3


  Reply # 1917169 12-Dec-2017 09:42
One person supports this post
Send private message quote this post

Hi,

 

I'm interested in your approach to performance testing and simulating DDOS / botnet attacks. There was some pretty low hanging fruit in the Australian census / IBM debacle in 2016.

 

How do you know it will stand up?

 

 


 
 
 
 


1545 posts

Uber Geek
+1 received by user: 638


  Reply # 1917172 12-Dec-2017 09:43
7 people support this post
Send private message quote this post

MikeAqua:

 

Is it ethical to compel citizens (via threat of fines) to engage in work (completing the census) which creates value for SatsNZ without paying them?

 

Is it ethical to make information obtained from citizens by compulsion available for commercial use?

 

 

I think you're missing the point of this thread.  Maybe post this in Politics or contact Stats directly with this query.





'Listen' is an anagram of 'Silent'.


1249 posts

Uber Geek
+1 received by user: 566


  Reply # 1917181 12-Dec-2017 09:56
One person supports this post
Send private message quote this post

Interesting,

 

I was sure I completed mine online last Census.


Banana?
4123 posts

Uber Geek
+1 received by user: 903

Subscriber

  Reply # 1917185 12-Dec-2017 09:59
Send private message quote this post

I definitely did my Census online last time too. I remember where I was sitting to do it.


1264 posts

Uber Geek
+1 received by user: 98


  Reply # 1917186 12-Dec-2017 09:59
Send private message quote this post

Pumpedd:

 

Interesting,

 

I was sure I completed mine online last Census.

 

 

I thought I did too.




BDFL - Memuneh
59418 posts

Uber Geek
+1 received by user: 10626

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1917203 12-Dec-2017 10:18
Send private message quote this post

I have edited the first post to reflect the fact this one will be prioritised. Please ask away...





572 posts

Ultimate Geek
+1 received by user: 238

Subscriber

  Reply # 1917204 12-Dec-2017 10:21
One person supports this post
Send private message quote this post

@StatsNZ

 

Here are a couple of questions:

 

You mention encryption of data traversing international links, you don't mention where your servers are located. Where are your servers located?

 

Are you using a public cloud solution to host your servers? If so are you going to make publicly available your Cloud Risk Assessment that you provided to the DIA?

 

 

 

 

 

 








5246 posts

Uber Geek
+1 received by user: 2484


  Reply # 1917210 12-Dec-2017 10:24
2 people support this post
Send private message quote this post

My questions would be less along the lines of security of the system, but if the census is supposed to be a "snapshot", but a (surely unknown) number of people don't or won't use the online system and need to be "followed up" at a later date, then you haven't got a snapshot, but to continue to use a photographic analogy - you've got a time exposure and the possibility of blur.

 

To put it another way - if you ask me a week from today what I had for breakfast this morning, I'd be guessing.

 

I suggest that rather than follow-up of non-participants after the date of the census, then send access codes out well before census date with request to please register before the census survey goes live - with enough time to ensure that paper census forms can be delivered to all who haven't responded before the census date - not after.  At least then, you only have to deal with those who have registered - but not completed the survey.


3787 posts

Uber Geek
+1 received by user: 592

Trusted
Subscriber

  Reply # 1917388 12-Dec-2017 13:06
Send private message quote this post

This is not a technology question, but something I'm curious about so hopefully I can still ask it here.

 

How do you determine whether a particular question is 'too personal' to include in the census? Obviously different people will be dramatically different attitudes around what type of questions they are comfortable responding to, so what guidance do you apply to determine where to draw the line?


10 posts

Wannabe Geek
+1 received by user: 2

Trusted
Stats NZ

  Reply # 1917618 12-Dec-2017 17:27
Send private message quote this post

gbwelly:

 

@StatsNZ

 

Here are a couple of questions:

 

You mention encryption of data traversing international links, you don't mention where your servers are located. Where are your servers located?

 

Are you using a public cloud solution to host your servers? If so are you going to make publicly available your Cloud Risk Assessment that you provided to the DIA?

 

 

@gbwelly:

 

Our servers are housed in data centres that are physically located in different locations in New Zealand. These data centres form part of the Government private cloud, which is a service provided by vendors that have gone through a rigorous selection process run by DIA. They have all been tested for their ability to store and protect data.

 

No, we’re not using a public cloud solution to store responses for the census.  While we do use public cloud for some aspects of our field operations management, we do not make risk assessments or other design information, available as these might possibly contain detailed information that an attacker may find useful.





Stats NZ

10 posts

Wannabe Geek
+1 received by user: 2

Trusted
Stats NZ

  Reply # 1917619 12-Dec-2017 17:33
One person supports this post
Send private message quote this post

alasta:

 

This is not a technology question, but something I'm curious about so hopefully I can still ask it here.

 

How do you determine whether a particular question is 'too personal' to include in the census? Obviously different people will be dramatically different attitudes around what type of questions they are comfortable responding to, so what guidance do you apply to determine where to draw the line?

 

 

@alasta

 

To determine the final census content we undertook an extensive review process. This included public engagement and consultation. We carried out survey development work, which included further research, development of the questionaries’ and testing. Our testing included cognitive testing of questions, mass completion tests, along with three public tests in 2016 and 2017, where we asked people to fill in draft census forms.

 

We also considered questionnaire constraints, real-world change, respondent burden, classification reviews and international trends. You can find out more at: http://archive.stats.govt.nz/Census/2018-census/2018-census-content-report.aspx





Stats NZ

10 posts

Wannabe Geek
+1 received by user: 2

Trusted
Stats NZ

  Reply # 1917620 12-Dec-2017 17:35
Send private message quote this post

thesifter:

 

Hi,

 

I'm interested in your approach to performance testing and simulating DDOS / botnet attacks. There was some pretty low hanging fruit in the Australian census / IBM debacle in 2016.

 

How do you know it will stand up?

 

 

 

 

@thesifter:

 

Performance testing and testing our ability to deal with DDOS attacks has been an important focus of our security testing. We have also worked closely with our Australian counterparts to understand the issues they encountered.  With the 2018 Census systems having been designed and built from scratch over the last few years, we have been able to incorporate their learnings into our final design.

 

We have completed testing at every stage of the system build. This includes design, code and penetration testing. And we have used trusted specialists contracted through our government approved panel to do this testing.

 

Operationally we will be monitoring the flow of data and our systems throughout the census, and this includes being able to detect and deflect DDOS attacks. If we believe that personal information or integrity of the system is compromised in any way, we will shut down access to the online system until we’re confident that we have the situation under control.





Stats NZ

10 posts

Wannabe Geek
+1 received by user: 2

Trusted
Stats NZ

  Reply # 1917621 12-Dec-2017 17:38
Send private message quote this post

Fred99:

 

My questions would be less along the lines of security of the system, but if the census is supposed to be a "snapshot", but a (surely unknown) number of people don't or won't use the online system and need to be "followed up" at a later date, then you haven't got a snapshot, but to continue to use a photographic analogy - you've got a time exposure and the possibility of blur.

 

To put it another way - if you ask me a week from today what I had for breakfast this morning, I'd be guessing.

 

I suggest that rather than follow-up of non-participants after the date of the census, then send access codes out well before census date with request to please register before the census survey goes live - with enough time to ensure that paper census forms can be delivered to all who haven't responded before the census date - not after.  At least then, you only have to deal with those who have registered - but not completed the survey.

 

 

@Fred99:

 

From our work to date, we have an estimate of the number of people and dwellings in NZ. This is what we use to validate our response to the 2018 Census.   We allow people to fill in the census forms a few weeks before census and a few weeks after for practical reasons, because of the sheer size of the operation.  We encourage people to fill in their census forms ‘as if it was census day’. We also carry out an independent survey after census to determine how many people did not participate.

 

Your suggestion is pretty similar to our operational plan, actually. Letters with access codes and instructions will be sent out in February, which will give people time to request paper forms if they’d prefer them. We’ll also be sending out reminders just after census day, and then our field teams will be able to concentrate on following up with the households that haven’t taken part.





Stats NZ

4 posts

Wannabe Geek
+1 received by user: 3


  Reply # 1917624 12-Dec-2017 17:44
One person supports this post
Send private message quote this post

Thanks for that and good luck.


 1 | 2 | 3 | 4 | 5
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

New Zealand hits peak broadband data
Posted 18-Jan-2018 12:21


Amazon Echo devices coming to New Zealand early February 2018
Posted 18-Jan-2018 10:53


$3.74 million for new electric vehicles in New Zealand
Posted 17-Jan-2018 11:27


Nova 2i: Value, not excitement from Huawei
Posted 17-Jan-2018 09:02


Less news in Facebook News Feed revamp
Posted 15-Jan-2018 13:15


Australian Government contract awarded to Datacom Connect
Posted 11-Jan-2018 08:37


Why New Zealand needs a chief technology officer
Posted 6-Jan-2018 13:59


Amazon release Silk Browser and Firefox for Fire TV
Posted 21-Dec-2017 13:42


New Chief Technology Officer role created
Posted 19-Dec-2017 22:18


All I want for Christmas is a new EV
Posted 19-Dec-2017 19:54


How clever is this: AI will create 2.3 million jobs by 2020
Posted 19-Dec-2017 19:52


NOW to deploy SD-WAN to regional councils
Posted 19-Dec-2017 19:46


Mobile market competition issues ComCom should watch
Posted 18-Dec-2017 10:52


New Zealand government to create digital advisory group
Posted 16-Dec-2017 08:47


Australia datum changes means whole country moving 1.8 metres north-east
Posted 16-Dec-2017 08:39



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.