Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5
6224 posts

Uber Geek
+1 received by user: 2930

Subscriber

  Reply # 1917666 12-Dec-2017 19:17
One person supports this post
Send private message quote this post

I have always been strongly against the census as a matter of principle. I am not against the collection of information, or the type of information collected. What I object to is the refusal to anonymise that information. How many toilets I have may be statistically relevant, but the fact they belong to me is not. It is none of your business and it is not the business of any authority.

 

For that reason I always make a point of travelling overseas so as not to be in the country on snapshot day or any day close to it. So how does that work with your deferred form collection?

 

 





I reject your reality and substitute my own. - Adam Savage
 


1749 posts

Uber Geek
+1 received by user: 916


  Reply # 1917674 12-Dec-2017 19:50
2 people support this post
Send private message quote this post

I truly hope it's all been done as well as is claimed. There are so many examples of government department IT incompetence it's gone beyond a joke.

Was the security testing done by:
1) An experienced and respected external company or group of companies.
2) An external company setup and owned by the government for the purpose.
3) Bill from the design team "cause he read about it once".




Location: Dunedin

 
 
 
 


916 posts

Ultimate Geek
+1 received by user: 194

Subscriber

  Reply # 1917679 12-Dec-2017 20:03
4 people support this post
Send private message quote this post

Rikkitic:

 

I have always been strongly against the census as a matter of principle. I am not against the collection of information, or the type of information collected. What I object to is the refusal to anonymise that information. How many toilets I have may be statistically relevant, but the fact they belong to me is not. It is none of your business and it is not the business of any authority.

 

For that reason I always make a point of travelling overseas so as not to be in the country on snapshot day or any day close to it. So how does that work with your deferred form collection?

 

 

 

 

 

 

as some one who doesn't work for Stats Nz but who has in the past, as both a contractor and employee, I can assure you the data is anonymized in such a way that no person is specifically identifiable.

 

As an example from the stats collected for business data.

 

There is one business in NZ that is pretty much the only business in a particular ANZSIC (aus and NZ industry classifcation)  and the efforts that went on to hide / obscure information so that personal / business information re that one business was phenomenal - right to the level of Govt / ministerial scrutiny.

 

Similarly data in the census is assigned non identifying markers to hold a parcel of info together but almost immediately divorced from the personal details that would identify a particular individual.

 

Other than the name and address etc identifying a particular person for the purposes of ensuring compliance with data returns, census data is a big amorphous blob of non identifying numbers.

 

 

 

Addresses are genericised into post codes ( well not normally post codes but a GIS equivalent), so that (for example) areas of poverty can be identified by correlating income / employment / age /etc geographically - but as for identifying a single person - not possible once the data is divorced from the identifiable data - which it is as pretty much the first action performed.

 

Names and addresses of returnees are kept - but again as they are divorced from the data entered in the census form, they are only useful as compliance contact.

 

Data without name and address (and other identifying data ) is not able to be used to target a single individual.

 

Even say the age of the oldest person in NZ - would probably end up as part of a data bracket - not a specific age. While the age would be a single figure and therefore identifyable  - it is not attached to other data so you cant tell more about nzs oldest person by looking up the record with the oldest age. .

 

 

 

The data is really anonymized.

 

 

 

As to why the data is required. without it the Govt cant plan. If we believe the role of Govt is defense of the realm, law and order, weights and measures, then it needs data to allow it to perform those roles. Aging populations need to be planned for with infrastructure. Changing religious demographics changes law and order and in some countries heavily affects physical logistics (e.g no travel on the Sabbath, Religious Hadj, working on sundays etc).

 

The data is an indispensable planning tool. If we want modern health care, roads, rules and defense of the realm, we need data. Even Caesar recognized this.

 

I can hand on heart say STATSNZ really works hard to protect privacy. Its mandated by law but is also Kaupapa, disseminated from the highest levels to the lowest levels. Its almost as close to a religious mantra that they have. :)





nunz

916 posts

Ultimate Geek
+1 received by user: 194

Subscriber

  Reply # 1917689 12-Dec-2017 20:26
4 people support this post
Send private message quote this post

 

Writing as a community worker in a low sociao economic area.

 

Hi @StatsNZ

 

One of the big issues around online census is access to technology. I work in an area of town where people cant afford internet connections little less the devices required to access the internet. With the increasing use of technology for compliance with govt requirements it is putting a lot of pressure on people.

 

 

 

The MSD supplies computers at their offices to allow people to enter data. Census, seeing it is for a single day, cant do that. This puts a lot of pressure on people to get access to technology. Places like public libraries who provide computer access as wondering how this will impact them.

 

 

 

There are programs now who train community volunteers to know all the different MSD entitlements people are allowed, then support them through the MSD process. This type of community based support is supported by MSD as it helps them and their clients.

 

 

 

There are several issues that arise from this and in community support circles we have several questions.

 

 

 

 

 

     

  1. What plans are in place to help people who have no internet access or devices?
  2. Will there be free / no data cost set up with ISP's similar to MSD access not counting against data caps so people with no data on their 3g could use it to access census
  3. With pressure on public internet spaces, is there any support or plans in place to make access or training available (similar to the MSD / community initiatives) to assist those with no technology access to make use of public spaces /schools / libraries etc? also those who need assistance like the elderly or ESOL - will need trained people to support them.
  4. How are people meant to authenticate. The Govt has been pushing Real Me which is a nightmare for those who are technology savvy but for the elderly or non techs is a nightmare. How will Census handle this?
  5. What testing and process are in place to ensure data safety on shared access technology? Do you use cookies? Sessions? Auto log out? What is the authentication method used? Cookies? Sessions? Put / Get identifiers in the URL? How quickly does the session log out automatically?
  6. Can people restart a census data entry session if it times out? The elderly and disabled often take a lot longer to enter data and experiences with the IRD and similar have shown many people hurt by having to re-enter data as the session times out. But conversely it needs to time out on shared access devices to stop person B piggy backing on person A's session.
  7. Will the census be mobile / responsive? or need a bigger screen?
  8. Has the census been tested against WWW consortium disability access, e,g, screen readers etc compatible?

 

 

 

 

 

 

 

Thanks for taking time to engage with NZ'ers on this process. Great initiative.

 

 

 

 

 

 




 


nunz




nunz

10348 posts

Uber Geek
+1 received by user: 3187

Trusted
Lifetime subscriber

  Reply # 1917722 12-Dec-2017 21:40
One person supports this post
Send private message quote this post

What compensation will you pay to citizens whose private information is hacked from your keeping, should that event occur?






6224 posts

Uber Geek
+1 received by user: 2930

Subscriber

  Reply # 1917728 12-Dec-2017 22:07
Send private message quote this post

nunz:

 

The data is really anonymized.

 

 

My understanding is different. Only anonymised data can be released, but the link between the data and the person it came from is maintained forever and can be retrieved under certain circumstances. If the data truly is anonymous, then I have no objection.

 

 





I reject your reality and substitute my own. - Adam Savage
 


10348 posts

Uber Geek
+1 received by user: 3187

Trusted
Lifetime subscriber

  Reply # 1917734 12-Dec-2017 22:17
One person supports this post
Send private message quote this post

Rikkitic:

 

nunz:

 

The data is really anonymized.

 

 

My understanding is different. Only anonymised data can be released, but the link between the data and the person it came from is maintained forever and can be retrieved under certain circumstances. If the data truly is anonymous, then I have no objection.

 

 

 

 

 

 

Oh no. They might find out that I am not a Jedi after all...!cool






IcI

553 posts

Ultimate Geek
+1 received by user: 125

Trusted

  Reply # 1917765 13-Dec-2017 00:14
One person supports this post
Send private message quote this post

nunz:

 

     

  1. .
  2. .
  3. .
  4. How are people meant to authenticate. 
  5. What testing and process are in place to ensure data safety on shared access technology?
  6. Can people restart a census data entry session if it times out? ... But conversely it needs to time out on shared access devices to stop person B piggy backing on person A's session.
  7. .
  8. Has the census been tested against WWW consortium disability access, e,g, screen readers etc compatible?

 

 

     

  1. I'm guessing this QR code / unique URL will be sent in an envelope and not a post card?

     

       

    1. If it is on a post card, what'll stop others taking a photo and using my 'ID' to submit data?
    2. If in an envelope, what's stopping other stealing my 'ID' and submitting alternate data?
    3. Can an entry be re-submitted?
    4. Will you specify how securely I must treat the initial registration code? Guard with my life? Secure as a PIN code? Left lying, face up, on my desk (at work)?

     

  2. With a two week window, how will you track my registration and my final submission?

     

       

    1. Will you track IP address / geo location of the registration / submission events?
    2. What if I register in the country and complete the submission from outside the country (because I'm doing it for the family still at home)
    3. What if I use a different browser

     

  3. You mention botnet & hacking attempts. This sounds like the 'in the moment', huge data flood attacks. How will you prevent low grade / below the radar threshold activity?
  4. The original blurb mentions that data in flight is encrypted, presumably via TLS and your browser?

     

       

    1. Do you include ciphers with forward secrecy?

     

  5. What about data at rest?

     

       

    1. Are the servers using full disk encryption
    2. Is the data in the db also encrypted
    3. Do you adhere to local equivalents of HIPPA / SOX

     

  6. Is access to the data logged

     

       

    1. What will record persons running a data queries?
    2. What will stop somebody doing a data extract to Excel and 'accidentally' sending that data via email?
    3. Have you go data loss preventions (DLP) processes / systems in place?

     

  7. Will you keep a snapshot of the data in read-only form for historical records?

     

       

    1. If it's on a hot / live disk, it can be altered, even when encrypted.

     

  8. I hope you are sanatising your user input?

 

@nunz: Excellent point about the mobile ready requirements and especially the disability access

 

For non-technical questions, I will have to query the S.O.


750 posts

Ultimate Geek
+1 received by user: 454


  Reply # 1917770 13-Dec-2017 01:01
One person supports this post
Send private message quote this post

nunz:

 

as some one who doesn't work for Stats Nz but who has in the past, as both a contractor and employee, I can assure you the data is anonymized in such a way that no person is specifically identifiable.

 

 

Good. Then they won't know when, yet again, I don't complete one.

 

nunz:

 

As to why the data is required. without it the Govt cant plan.

 

 

They don't seem to be able to plan anyway. They pretty much just stumble blindly about between popularity contests.





"War is an ugly thing, but not the ugliest of things. The decayed and degraded state of moral and patriotic feeling which thinks that nothing is worth war is much worse. The person who has nothing for which he is willing to fight, nothing which is more important than his own personal safety, is a miserable creature and has no chance of being free unless made and kept so by the exertions of better men than himself."
- John Stuart Mill


916 posts

Ultimate Geek
+1 received by user: 194

Subscriber

  Reply # 1917802 13-Dec-2017 08:10
Send private message quote this post

QR code wouldnt work unless it was smart phone based. Pc's dont have QR readers unless an app installed.

 

Stats NZ runs its data on SANS mostly - full disk encryption would be an issue if there was a failure of a node / disk / cluster. You cant rebuild FDE easily.

 

The Census servers are normally isolated from the rest. Locked cabinets, secured rooms etc. It is run like a separate entity with strong separation from the rest of SNZ. Even the workers are kept in secure separate locations, lots of security around who can get in and out. It is off limits to non census staff. There is a real culture of protection around census. They take it very very seriously.

 

The only differnce between this Census and previous from a data protection point of view is that instead of all the data being typed in / scanned it will be partially entered via an online medium. Once it is in SNZ the rest of the process and physical security will be as it always has been.

 

Having said that - the question would become - if you have end to end encryption etc using forward security, latest TLS ( heaven help those on older OS or using older versions of web browsers) then what process is there to separate receiving servers from Census servers.

 

@statsnz

 

1 - how will the receiving servers be isolated from the main servers? Air gapped?  highly sanitised and packet size checked data pull from high side servers? Physical transfer via sneaker net? Data drop into shared middle space storage?

 

2 - What level of browser tls will you accept? Certain versions of android, chrome, ios, old OS such as WinXP etc cant handle latest TLS. What level of security will be considered adequate for this task?

 

3 - Is there a test server we can poke at from the outside?

 

 





nunz



BDFL - Memuneh
59434 posts

Uber Geek
+1 received by user: 10647

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1917813 13-Dec-2017 08:13
Send private message quote this post

Folks, excessive quotes in this thread makes it hard for replies like to happen.




916 posts

Ultimate Geek
+1 received by user: 194

Subscriber

  Reply # 1917814 13-Dec-2017 08:15
Send private message quote this post

cadman:

 

nunz:

 

as some one who doesn't work for Stats Nz but who has in the past, as both a contractor and employee, I can assure you the data is anonymized in such a way that no person is specifically identifiable.

 

 

Good. Then they won't know when, yet again, I don't complete one.

 

 

Remember - the statistical data is separated from identifiable data as almost the first process. if this was done on paper forms the process would look something like.

 

1 - Data entry operator gets paper form.

 

2 - Operator checks form filled out correctly / completely

 

3 - Operator changes address to GIS type code and puts it in for office use only part of census form

 

4 - Operator cuts off top of form with name and address after ticking box to say that parts 2 and 3 are done otherwise rejects it for further followup as incomplete.

 

5 - Stats data now anonymised as no name and address. Other identifyable data possibly anonymised (e.g age) and then thrown into the big stats bucket.

 

6 - Forms burnt  / shredded / nuked when no longer required.

 

 

 

 

 

 





nunz

3315 posts

Uber Geek
+1 received by user: 1248


  Reply # 1917864 13-Dec-2017 09:38
Send private message quote this post

nunz:

 

Remember - the statistical data is separated from identifiable data as almost the first process.

 

 

Are you sure this is the approach Stats take?

 

I ask because for a business survey, I got a follow up from StatsNZ one year because the data I provided was completely different from my predecessor because we had interpreted divergently, questions that were ambiguous in the context of the business.

 

So in that case (again business not private) Stats were able able to compare two subsequent returns from the same business and then contact that business.

 

I can't remember whether this comparison extended to the fact the returns were completed by different employees but I think it was mentioned by stats in the conversation.





Mike

1254 posts

Uber Geek
+1 received by user: 570


  Reply # 1917869 13-Dec-2017 09:44
One person supports this post
Send private message quote this post

Rikkitic:

 

I have always been strongly against the census as a matter of principle. I am not against the collection of information, or the type of information collected. What I object to is the refusal to anonymise that information. How many toilets I have may be statistically relevant, but the fact they belong to me is not. It is none of your business and it is not the business of any authority.

 

For that reason I always make a point of travelling overseas so as not to be in the country on snapshot day or any day close to it. So how does that work with your deferred form collection?

 

 

 

 

The only other person I kn ow who was against a Census was the Chch Wizard.

 

It is utter nonsense to be against a census which is required for so many legitimate reasons for Government. I suggest you do some reading up on the reasons for the questions and what use a census is put to.

 

Put simply its also the primary methodology for running a democracy, as eventually the electoral boundaries are changed based on a census. If you run and hide from a Census than I would suggest you have a lot of issues that need attention. I could go on, but I am not wasting more time on this...but you deserve to be charged as it is illegal to avoid a Census.


3315 posts

Uber Geek
+1 received by user: 1248


  Reply # 1917886 13-Dec-2017 10:09
One person supports this post
Send private message quote this post

Pumpedd:

 

The only other person I kn ow who was against a Census was the Chch Wizard.

 

 

I'm against any system in which people are compelled to do work for free to create value for any organisation.  That's fundamentally opposed to what i see as core tenets of democracy such as freedom, liberty etc.

 

Pay me (or my employer) for my time and I would be happy to help and I would also invest effort/time in doing it properly, rather the minimally-compliant approach I take now to what is ultimately a nuisance distraction.

 

The general census is also fundamentally unnecessary.  Any decent statistician should be able to design a survey that uses a sample, not the entire population.  Electoral boundaries could be managed well enough by electoral enrolments (which require an address).





Mike

1 | 2 | 3 | 4 | 5
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

New Zealand's IT industry in 2018 and beyond
Posted 22-Jan-2018 12:50


Introducing your new workplace headache: Gen Z
Posted 22-Jan-2018 12:45


Jucy set to introduce electric campervan fleet
Posted 22-Jan-2018 12:41


Hawaiki cable system will be ready for service in June 2018
Posted 22-Jan-2018 12:32


New Zealand hits peak broadband data
Posted 18-Jan-2018 12:21


Amazon Echo devices coming to New Zealand early February 2018
Posted 18-Jan-2018 10:53


$3.74 million for new electric vehicles in New Zealand
Posted 17-Jan-2018 11:27


Nova 2i: Value, not excitement from Huawei
Posted 17-Jan-2018 09:02


Less news in Facebook News Feed revamp
Posted 15-Jan-2018 13:15


Australian Government contract awarded to Datacom Connect
Posted 11-Jan-2018 08:37


Why New Zealand needs a chief technology officer
Posted 6-Jan-2018 13:59


Amazon release Silk Browser and Firefox for Fire TV
Posted 21-Dec-2017 13:42


New Chief Technology Officer role created
Posted 19-Dec-2017 22:18


All I want for Christmas is a new EV
Posted 19-Dec-2017 19:54


How clever is this: AI will create 2.3 million jobs by 2020
Posted 19-Dec-2017 19:52



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.