NZ: avoiding the folly of absolutes
I gave a presentation yesterday “All-of-government Authentication and Privacy” at the Technology and Privacy Forum hosted by the Office of the Privacy Commissioner.
Ken Lewis wrote about it in m-net “Govt’s online authentication regime no guarantee against fraud“.
Unfortunately, the article has several factual errors and misinterpretations. Nevertheless, the basic point that he makes, “[the service] will not stop people defrauding the government”, is accurately reported.
As I’ve mentioned earlier in a post about the folly of absolutes, there is no point trying to set an expectation of a foolproof solution.
Whether a person’s identity is verified by an opt-in service using the Internet (the Identity Verification Service for example) or documents or national identity cards as in some countries, anyone who thinks that these completely root out identity fraud is kidding themselves.
People need to think about levels of confidence rather than absolutes.
Ken was probably accurate in quoting me saying, “The idea is to minimise ID fraud and to react quickly to it.” By not setting an expectation of an absolute, it is then possible to plan for it, design for it, and ensure that processes are in place to deal with it.