Pirate Party calls for resignation of ABS chief over Census debacle

3

news The Pirate Party has hit out at the Australian Bureau of Statistics’ (ABS) handling of the Census, saying it “incompetently” allowed the online data collection to “fail” and that the bureau’s head, David Kalisch, should resign as a result.

On Census night, 9 August, the website run by the ABS to allow Australians to submit their returns online was taken offline.

“The ABS has blamed this on a hardware router failure, a false positive in a monitoring system, and external attackers who were allegedly attempting to overload the servers through a distributed denial of service (DDoS) attack occurring at the same time,” said the Pirate Party in a statement.

Additionally, David Kalisch, head of the ABS, said that that the servers were taken offline between 7:30 pm AEST. However, after that time the “main social media accounts continued to advise people that there was no problem and to complete the Census forms until 10 pm”, according to the Party.

“The public was advised prior to the Census that it would not be a target for attack. The claims made after the event call into question the competence of those who planned the Census, as well as the Minister responsible,” said Simon Frew, Pirate Party President.

“The ABS has already breached the public’s trust by admitting to retaining personal information and enabling the linking of external datasets. They have now made that worse by incompetently allowing the online data collection to fail,” he said.

Frew said online collection of data by any government department must be made “opt-in”, so that individuals “can choose secure methods of having their data collected”.

“The unavailability of the census online is a new chapter in the saga of the 2016 Census, and has done nothing to inspire confidence in a once-anticipated event that was intended to provide accurate information to government in order to better inform the development of our country,” he said. “The extent of these failings demonstrate how out of touch government departments and ministers are when it comes to digital affairs and matters of privacy.”

The Party also raised the “real risk” brought by plans to link Australians’ data using the statistical linkage key (SLK).

“Anyone with access to the servers can figure out what the SLK is for an individual, then cross-reference the data with other systems,” the Party said. “The danger for privacy comes from this cross-referencing, as the data will be invaluable for hackers, overbearing governments and abusive former partners, among others.”

The Pirate Party called upon the ABS to abandon plans to make the private data searchable and cross-referenceable, in order to “protect the privacy of every Australian”.

It also called on the ABS to send out paper Census forms and not penalise anyone who refuses to share identifiable information.

“The problems on Census night are just one aspect of a wide array of privacy and security concerns, and the cavalier attitude of the ABS toward privacy thus far means they cannot be trusted with the private data of all Australians,” said Frew.

“Further, the Pirate Party affirms its position that opt-out programs are inherently dangerous when it comes to dealing with personal data, and calls on the resignation of ABS head David Kalisch as a result of this debacle,” he said

The Pirate Party President added that data collected after Census night is now “likely to be terminally compromised”, as, following claims of an attack, individuals may now be less inclined to provide accurate information.

“The ABS needs to immediately admit to its failings, address them transparently, and tell Australians what it plans to do to repair the trust in its processes,” said Frew.

3 COMMENTS

  1. Unfortunately another attack hit them from inside Australia. This was a straight up DNS reflection attack with a bit of ICMP thrown in for good measure. It filled up their firewall’s state tables. Their solution was to reboot their firewall, which was operating in a pair.
    They hadn’t synced the ruleset when they rebooted the firewall so the secondary was essentially operating as a very expensive paperweight. This resulted in a short outage.
    Some time later IBM’s monitoring equipment spat out some alerts that were interpreted by the people receiving them as data exfiltration. Already jittery from the DDoS disaster and wonky firewalls, they became convinced they’d been owned and the DDoS attack was a distraction to draw their focus away from the exfil.

    http://risky.biz/censusfail

  2. TURDBULL NEEDS TO GO. HE IS RESPONSIBLE AS THE LEADER. AND RESPONSIBLE FOR THE CUTS, OUTSOURCING AND JOB LOSSES.

  3. Not doing it till door collector comes. No hurry LOL! Haven’t got a form yet, shows they don’t care. Loving the blame game. And not giving correct info unless they scrap the data match keys. They had 5 months notice people hated it for privacy reasons. so they created their own mess. They won’t back down on data retention, and nearly everyone I know won’t give them private info because of that. I value the census, but not the brand new data matching fascism.

Comments are closed.