Wednesday, March 13, 2024

Ancillary Accommodation in South Australia

General

In the SA planning code basic restriction is that development shall not result in more than one dwelling on an existing allotment., where an allotment is for such purpose. Some allotments are for group dwellings, and multi-dwelling buildings.

Outbuildings and ancillary buildings are permitted on a residential allotment. Ancillary accommodation however was limited to that used by a member of the family, and the building dependent on the main dwelling for various services, such as bathroom, kitchen and laundry. However the extent of such dependency has become questionable as technology has changed. Obviously before mains services, the main dwelling and ancillary buildings were no different. Now the ancillary building is expected to have electrical power for lighting. With electric kettles and fry pans along with microwave ovens, cooking is permitted in a small space without need of a kitchen. If bedrooms can have ensuites, which maybe desirable for a "granny" flat, then have water supply. If have water supply, then get kitchen sink. The functions of kitchen, bathroom and laundry are available in a small space, and some can share space, and in some countries that is the normal, and technology has developed accordingly.

For example in some places it is normal to have a washing machine in the kitchen, in others to have it in the bathroom, there is thus no real need for separate laundry room. Such separate rooms made sense in the past, where laundry had its own trough and separate boiler, and various other large utensils. These days the equipment used is much smaller. Also some of these rooms were separate buildings, so the ancillary building was likely  a laundry. In other situations whilst the laundry is part of the main building it is only accessible from outside.

We can also add the increase in outdoor living, growing veranda sizes, and outdoor kitchens. Thus external space and ancillary buildings can provide functions which overlap with and supplement those of the main dwelling. 

Ancillary accommodation maybe required for extended families, or for those assisting the household, such as nannies, tutors, housekeepers, gardeners, and care givers. Given the costs of child care centres and nursing homes, this maybe a more affordable option. Whilst not getting rent, paying less for child care.

Again noting that average household occupancy is less than 3 persons per household, and that birth rate is less than replacement level, population growth is largely due to migration, either between towns or countries. The pressure for housing is largely due to inappropriately sized housing. The housing is inappropriate largely because its built as a financial investment for retirement rather than living in. Or property speculators building largest house for which they can demand the highest rent. The available housing is not compatible with the market need, and needed housing has been opposed because it has been seen as devaluing the over sized and priced monstrosities that are built.

We don't really need more land rezoning and more houses. We need the land using better to provide more appropriate housing. For the most part that is independent sole occupancy units, and two person units, to free up the 3 bedroom dwellings which dominate the supply.

The owners of a property are not necessarily the people who live in an accessory dwelling unit (ADU) or in ancillary accommodation (AA). For example an elderly couple could downsize to the ADU, and rent the main dwelling to others. This way they retain access to their gardens and neighbourhood, and a family gets a dwelling with gardens they don't need to maintain, as the owners do that. 

For the following I mostly referred to requirements for the neighbourhood zone in the SA Planning Code, other zones may have different requirements. In some instances the code is not very clear as it just gives long lists of options, but no criteria as to which applies.

Allotment Size

Smallest allotment size permitted per dwelling is typically on an allotment with group dwellings, such as a retirement village or residential caravan park. The smallest site being in a caravan park, in the old council development plans it was commonly 81 sq.m, but the new state planning code has increased this to 100 sq.m. Otherwise the minimum seems to be around 150 sq.m to 250 sq.m. Though in rural areas where using a septic system, the minimum area is 1200 sq.m.

So a block could have been 9m x 9m, whilst now it would need to be 10m x 10m. For an ADU it doesn't really matter as not subdividing the land, just putting an extra building on the land. However, can achieve increased privacy if can partition a piece of the land and set it aside as private to the ADU, and likewise land private to the main dwelling and that which is common space.

Assuming the 1/6th of an acre blocks of the 1970's, then have a block approximately 32m long and 21.333m wide. So to create a 150 sq,m block it would need to be 7.031m long, and for a 250 sq.m block 11.719m long. To subdivide would be looking at two blocks 16m x 21.333 (341.33 sq/m), formed as a hammerhead or battle-axe allotment, which requires using land as an access road, so the areas of the blocks reduce significantly (especially when some of the old council development plans required 9m wide two way access road).

So not really practical to subdivide allotments to create additional properties. Really need to merge allotments, to create group dwelling complexes, or create ancillary accommodation on existing allotments. That is make more suitable rentable accommodation available for 1 and 2 person households, to free up the existing family homes.

Note that these minimums are for the allotment size, not the size of the building. There is no direct limit on minimum size of the building. The minimum size of building just comes from functionality, and meeting required performance criteria, which largely should be determined by anthropometric data and other human factors data.

Most of the additional requirements of the planning code, reduce the area of the allotment which can be used to provide buildings . So mostly concerned with ensuring buildings are not too big.

Boundary Set Backs

An ADU/AA will typically be placed in the back garden, though it could be placed side by side with the main dwelling.

The old development plans typically had set backs for front, rear and side boundaries. The new planning code doesn't consistently define these 3 set backs for each zone. It is most likely to define set backs for primary street frontage, and secondary street frontage, and side boundaries, with no mention of a rear boundary. Many of the given set backs typically do not apply to outbuildings or ancillary buildings.

The main rule is wall on the boundary or 600mm from the boundary. It is an access requirement to clear litter and prevent vermin. The NCC/BCA also has a requirement of 900mm from boundary to avoid fire rated construction. Masonry is considered to provide the accepted fire rating, so if closer than 900mm then need masonry.

Old development plan requirements typically had side boundary set backs of 1m. I hazard a guess this was response to the 1970's when for energy efficiency 600mm eaves overhangs became more popular, and several plan drafters , developers and builders, neglected the overhang and the gutter, with the result that the gutters overhung the neighbouring property. Also even if provide for the allowance, still have a continuous roof scape, and a lack of circulation.

Personally I consider the 600mm should be measured from the face of the gutter or other extremity of the building, since need to access the gutters for maintenance, preferably without going on the roof and without entering the neighbours property. So 600mm is just wide enough for small mobile scaffolding, which is considered preferable to ladders and steps. So allowing a maximum of 200mm for width of gutter and 600mm eaves overhang, and 600mm clearance, then wall needs to be at least 1400mm from boundary.

There are also ministers specifications for fire safety in caravan parks which require 3m separation of the cabins/caravans. So allowing equal spacing each property, then need 1.5m boundary set back.

The required set back from a primary street frontage is typically around 5m for the main dwelling or matching existing neighbouring dwellings. The actual value depends on the zone. For ancillary buildings it is 5.5m, it has to be set back from the front line of the primary building.

Set back from secondary street boundaries is typically 900mm, for main and ancillary buildings.

Side boundary set back maybe 1900mm or larger depending on the zone, site area and wall height. For small sites less than 800 sq.m, it is only 900mm.

The rear boundary set back at first floor level is 3m for the main dwelling, it does not apply to ancillary buildings and structures. The setback increases with wall height and site area.

Some websites have indicated a 3m boundary setback. I don't believe this is a requirement and is a misreading of the code. There is a 3m separation requirement but that is a different issue.

Walls on Boundaries

Walls on side boundaries are limited in length, the upper limit appears to be 11.5m depending on zone it could be smaller. But sum of all wall lengths is otherwise limited to 45% of boundary length. So with a 32m long side boundary, then would be limited to 14.4m of wall on the boundary. Whilst for the rear boundary (21.333m) a limit of 9.6m for the building.

As for the additional ruling, I'm not entirely sure what it means, but my interpretation is that if have more than one wall then they have to be separated by 3m. So if I have two walls on the boundary each 7.2m long, then they would have to be 3m apart. Or a single wall maximum of 11.5m, then a 3m gap, and another wall 2.9m long.

Also whilst it maybe permitted to build on the boundary, I personally consider that poor design and contrary to the origin of modern building codes, and contrary to the intent of the 600mm set back.

If two houses are built on the boundary there will be a gap between the two walls and water and other objects can get in that gap. Also note that water pressure is dependent on height not volume. Whilst the pressure may not develop high enough to burst brickwork, it is likely high enough to force water into permeable materials causing damp patches on the interior.

If going to have two adjacent boundary walls then they should be properly capped and sealed together on all sides: which I doubt is permitted. Secondly need to give consideration to circulation around the building. That is circulation for fresh air, and circulation for firefighters to have adequate access to the property. 

A whole street of independent houses built boundary to boundary is poor design. Far better to build proper terraced or row houses, with appropriate ginnels to access the rear. Detached houses should be detached and clear of one another.

Separation of Buildings

For fire safety buildings on same allotment need to be separated, and the separation should not be less than 1.8m as required by the NCC/BCA. For caravan parks it is 3m as required by ministers specification. Smaller distances are permitted but that then requires fire rated construction, for which masonry is an acceptable solution. though there are other solutions available, some of which involve multiple layers of plasterboard

 Building Floor Areas

Ancillary building floor areas not to exceed 60 sq.m for sites less than 800 sq.m, and not to exceed 80 sq.m for sites greater than 800 sq.m. It depends on zone and can be as low as 40 sq.m.

Note that is an upper limit, not a lower limit. So transportable modules 2.4*4.8 (11.52 sq.m) , or 2.4*12 (28.8 sq.m) are acceptable. If such area meets your needs and the requirements of a class 1 building, then it can be the main dwelling.

The problem isn't that we are prohibited from constructing small buildings, its that they are not being built, and there is a lack of vacant land to build them on.


Site Coverage

It is not permissible to cover all the natural ground surface with impermeable materials. There are thus limits on roof coverage and requirements for private open space and soft landscaping. Stormwater detention tanks may still be required to temporarily hold water on site during a storm even if meet these requirements.

For sites being considered, with ancillary buildings soft landscaping has to remain at 25% of site area for areas greater than 450 sq.m, for sites less than 150 sq.m the limit is 10%.

So for a site 32 x 21.333m site area is 682.7 sq.m, so soft landscaping has to be 307.22 sq.m, or 14.4m wide across the width of the block, or 4.8m wide each side down the length of the block. For a small 100 sq,m site, landscaping would need to be 10 sq.m, so for a 10m x 10m block, a 1m strip garden along any side.

Site coverage by buildings not to exceed 60% of the site, so for 682.7 sq.m site, maximum coverage by buildings is 409.62 sq.m. Given main dwellings are currently up around the 250 sq.m mark, this leaves 159.62 sq.m for additional buildings (which includes verandas). The upper limit for an ancillary building appears to be 80 sq.m, but for this site it would be 60 sq.m. So leaves 99.62 sq.m for sheds, carports and verandas. Though the houses on these sites likely less than 250 sq.m unless they've been extended, their areas possibly down around 150 sq,m. {If have larger floor areas, they maybe 2 storey, rather than the more common 1 storey.}

Private Open Space

Private open space typically has to be provided behind the building line, that is it is typically the back garden, the front garden doesn't count. The area required depends on the area of the site. If site less than 301 sq.m then require 24 sq.m, if over 301 sq.m then require 60 sq.m. With a requirement that at least 16 sq.m is directly accessible from a living room, and has minimum dimension of 3m.

Smaller areas are permitted for multistorey buildings typically in the form of balconies. Cabin and caravan sites are permitted 16 sq.m, no minimum dimension given, but can be used as a second car parking area.

This open space has to remain on an allotment after the ancillary accommodation building is provided. But it may be desirable to provide the ancillary building with its own private open space. Which is why I suggest a 9 x 9m or 10  x 10m site internal partition for the ADU, or possibly larger options of 15 x 10m, or 20 x 10m depending on width of main allotment. Also expecting that the building would only need be between 25 sq.m and 54 sq.m.

Parking Space

Typically site required to provide some off-street parking. Dwelling with 2 or more bedrooms, 2 parking spaces to be provided, one of which is to be covered. For dwelling with 1 bedroom, 1 parking space required. For group dwellings with 3 or more dwellings, space also to be provided for visitors, at rate of 0.33 spaces per dwelling or 1 extra space for every 3 dwellings.

So with ancillary accommodation on allotment, have less than 3 dwellings, and only need 2 parking spaces for main dwelling if has 2 or more bedrooms. So no additional parking spaces required for the ancillary accommodation.

Parking spaces 5.4m long, and 3m wide if enclosed by fencing, or 2.4m wide if uncovered and centre line is 1.5m from obstructions. (pg. 1627)

Storage

For 3 bedroom dwelling not less than 12 cu.m. For 1 bedroom dwelling not less than 8 cu.m. So assuming 600mm wide storage space, and 2.4m high, then would need to be 5.6m long. So a 4.8m long module may not meet the planning requirements for a 1 bedroom dwelling. For a 3 bedroom dwelling it would need to be 8.3m long. 

Note this is not necessarily a reference to the dwelling, but the allotment. So additional storage space can be provided by outbuildings, if cannot fit in the main dwelling. So a garden locker, 0.6*1.8*1.2=1.296 cu.m of storage, and place these around the external perimeter of the building.

Waste Bin Storage

Storage space required for bins, area 2 sq.m and minimum width 900mm, and not part of private open space or car parking areas.

Subfloor Space

Space below transportable buildings is enclosed to give appearance of permanent structure. Seems more an issue for light weight construction mounted on pads and piers, with tie-down anchors, than simply transportable buildings. Also assume it doesn't apply to elevated buildings on stilts, especially in flood areas where want open space below, or buildings on sloping ground. That is the pads need to be hidden where inconsistent with neighbouring slab on ground construction, or suspended floors on dwarf walls.

Also note the NCC/BCA requires minimum openings for ventilation to the subfloor space. Also floor framing has ground clearance requirements. If no termite inspection requirements then 150mm ground clearance to underside of lowest framing, if termite inspection required then 400mm clearance. Note this is a poor crawl space. If want to access the space below to crawl around on knees, then 800mm clearance is preferable, and if want to squat and work, then 1250mm clearance. (Refer new metric handbook )

Storm water

Development may require rainwater tanks for both detention and retention. Generally these are additive, not shared storage space. For sites less than 200 sq.m  1000 L retained and 1000 L detained. so total 2000 L. Flat rectangular water tanks would suit these requirements.

Paving and Foot Paths

Generally the first metre of ground around a building should have a fall away from the building, and preferably should be paved. If the building is only 600mm or 900mm from the boundary, then the required fall is not met as the last 100mm to 400mm is on the neighbouring property and falling in the opposite direction. Also the triangular trough formed by the two neighbouring properties, has a smaller section area than provided by 1m of paving, and therefore a smaller volume of water which can be held in its length, and it will be closer to the two buildings than desirable.

So preferable that building walls are greater than 1000mm from the boundaries. The required fall depends on rainfall intensity and is either 25mm or 50mm.

Floor Level.

Required Finished floor level (FFL) is typically given relative to the Australian Height Datum (AHD), it may otherwise be given as some height above street kerb level. Typical values in the past have been 100mm to 300mm above kerb level.

For a slab on ground the finished slab level should be 50 to 150mm above the ground. It depends on rainfall intensity and whether the ground is paved.

Conclusion

The above outlines requirements of the SA Planning Code and some issues of the building code which overlap with planning as regards providing ancillary accommodation or for that matter the main dwelling.

As far as I can tell there are no minimum size dwelling or room requirements in either the planning code or the NCC/BCA. The only minimum is a ceiling of 2.4m and there has been increasing number of situations in which lower is permitted.

In Australia we don't have the confusion of manufactured buildings to HUD specifications that they have in the USA. In Australia all buildings are to the NCC/BCA: transportable, modular, manufactured. Constructed on-site or off-site it doesn't matter.
 
Building Code of Australia, BCA-1 is similar to the international building code (IBC) and BCA-2 is similar to the international residential code (IRC). According to the HUD website they have adopted the national models codes, which as far as I know are the IBC/IRC. And the IBC/IRC are adopted by states and cities, So the houses should be the same, except HUD indicates they have imposed additional durability requirements. Beyond that the HUD specifications require a chassis and wheels. Which is weird given HUD=housing and urban development. Point is shouldn't really be any confusion, though could do with changing the name, so the word "manufactured" can be used properly. So really have houses to HUD specification or to the IRC, either of which can be fabricated or manufactured in a factory.  If choosing to supply globally, then American manufacturers would require design to another specification like the NCC/BCA. Whilst Australian manufacturers choosing to supply to the USA would have to choose HUD versus IRC. I don't know why they would choose HUD over the IRC.

Tiny Homes

The tiny home movement. Not sure I understand its emergence in Australia. Tiny homes appear to be poorly designed vehicles, poorly designed caravans and poorly designed houses. The dimensions of a shipping container (2.4x2.4 section area and 6 to 12m long) has dimensions which are most transportable, but still likely to encounter problems. The Australian design rules (ADR) limits 2.5m wide, 4.3m from ground to top, and length possibly 12m. Length limits are somewhat confusing, and depend on type of vehicle, and likely have difficulty finding trailers and vehicles which meet the maximum. Making a vehicle to these dimensions is not sensible, it may still encounter problems with low bridges, and narrow tunnels. The dimensions are for compatibility of new vehicles and new infrastructure. They are not for suitability with existing infrastructure.

For most part people are aiming for light vehicle less than 4.5 tonne which can drive or tow with ordinary drivers licence. In SA towing limit imposed by licence is typically defined relative to capabilities of vehicle, the towed vehicle typically has to be less than the towing vehicle, and that typically puts the trailer at 3.5 tonne. Either way there are few light vehicles which can tow such weight in Australia. So likely will have to get  it towed or transported on a truck. Or keep it small, streamlined and light, like a proper caravan.

For the most part  in Australia a tiny-home is either a small transportable building to the NCC/BCA or if its on wheels (THOW) then its considered a caravan. There is little value in it being considered a caravan. You are typically not permitted to live permanently in a caravan, nor a class 10 shed. You can live in a small transportable building which meets the NCC/BCA and planning code requirements for class 1 building. There may be some Australian states which have dimensional constraints on housing, South Australia is not one of them. The constraint is the size of the allotment of land, and the number of dwellings permitted on that allotment in a planning zone.

Also several years back, as I recollect there was a law introduced to SA which prohibited buying empty blocks of land and holding onto it and selling it for a higher price. The requirement was to either put a house on the land in 1 to 2 years or sell the land to someone who would. This was primarily concerned with the scattering of empty blocks around suburban streets, which hadn't been developed, and so there was land available for needed housing without need for rezoning anything.

So cannot live on a suburban or rural block permanently in a caravan or shed. Nor can set up a village on farmland. Though a farmer could set up a village for seasonal workers or farm tourism. These would likely have to provide facilities similar to a caravan park, though the planning code does have a workers settlement zone for seasonal workers in rural areas. There is no need to put the buildings on wheels, and buildings can be transportable without need of their own wheel set.

Developing Land to Rent for use with Transportable Buildings

Humans have legs and are meant to be mobile. To be mobile need somewhere to move to, which suggests a need for more residential caravan parks. If the objective is to be mobile. That however doesn't seem to be the objective, its just a desire for a smaller building. Possibly a desire not to own land, and only rent land whilst own building. So may be opposed to the tie-down anchors to prevent wind blowing building over: though anchorage connection doesn't have to be permanent. May also be opposed to some of the energy efficiency performance requirements which keep increasing and increasing the cost of housing: thus oppose the NCC/BCA hence building on wheels to avoid compliance.

So first thing is that housing sites can be developed to move buildings in and out. Secondly landscaping to front gardens is not consistent. So landscaping can be used to hide a house, if not consistent with other houses. The house frontage can be made to match other houses, whilst the house behind is different.

Instead of having slab on ground with all services embedded in the concrete, can just have a simple slab and a utility service box. The slab can just provide for the maximum rectangle permitted on the site, or define a smaller area.

The site is rented, and tenants provide their own house. So tenants responsible for maintenance of own house and can do as they wish with the house. So landlords using other peoples money only have to pay for the land, their costs are lower, therefore rents are lower. Whilst tenants are paying for a house they can own. House owners can start with tiny-house and trade up to larger house.

When I was at school in 70's, current affairs shows, indicated that people in Adelaide were moving interstate to work, that they were renting interstate whilst they had mortgages on houses in Adelaide. They couldn't sell the houses, because no one interested in moving to the city, due to lack of employment.

Land allotments don't have natural water supply, and are not large enough for growing food. Land is basically useless, it just provides space. All really need is a licence to occupy and use the land, no real need to own. If people have transportable house then it can go where they need to be, and they don't have to settle for what ever rubbish is already built on the land. A lot of development wastes the available land, and deprives people of access to land. Development does not require constructing a building, it requires making the land more useful.

Developers can assess that the buildings on an allotment of land are worthless and put a bulldozer through them. Then possibly merge allotments or subdivide allotments, followed by constructing new houses and making a profit. The typical person cannot afford to buy a property and remove the house.

But change the situation. The house on the land is not suitable. The land has the required space, its in the appropriate location and the neighbourhood is acceptable. The house is moveable and reusable. The house is removed and sold to others, and the desired house is moved in.

Thus developers don't need to build houses, they just need to make the land more useful. They demolish the existing houses, improve the site. Then future occupants choose the house they want, and the developer puts the appropriate transportable house on the site.

This is better than property speculators building oversized houses asking for extortionate rents and having problems finding tenants, and otherwise using up land which could be put to better use. Now some of these over sized properties can be changed into boarding houses, and get more people in.

To prevent future waste however, leave the sites empty, but with appropriate development to accommodate transportable buildings. The future tenant then chooses suitable house. The property investor may buy the house, and rent both to the tenant, or just rent the site. The tenant may have the option to rent to buy the house. The property investor likely doesn't have much use for the house, as unlikely suitable for future tenants.

Transportable houses can be moved off-site and renovated, then moved back. During the renovation the occupants can live in a substitute house delivered to site, with contents placed in temporary storage. A property investor could have more houses than allotments. They can have houses being renovated, whilst others are occupied.

With movable houses, and rented land, we can expand and contract the housing supply as needed. Plus we can more readily upgrade housing, or change the nature of housing. So can have 3 bedroom house one day, and a sole occupancy unit the next. Plus property investors can change a site from having a family dwelling one day to having multiple sole occupancy units another day. They are not stuck with an empty building which doesn't meet the needs of the market. A fixed building which costs too much to renovate, and too much to demolish and replace. Transportable buildings can be moved in and out, and relocated to where they are needed.


Related Posts

Revisions:
[13/03/2024] : Original

Wednesday, January 03, 2024

Housing Crisis ?

Here in South Australia, back at the beginning of the 1990's average household occupancy was less than 3 persons per household and vehicle ownership at 2 vehicles per household, and around 500,000 dwellings. So could assume on average 1 person per household not yet coupled and with zero population growth further construction of houses would drop average household occupancy to 2 persons per houshold. In detail however, there were a large number of 3 bedroom houses occupied by one person. Whilst "state of housing" report indicated around 5% of houses had inadequate number of bedrooms when assessed against a Canadian quality of life index. This basically indicates when siblings of certain ages and genders ought to have separate bedrooms: not essential but desirable.

One vehicle assembly facility in the state could build 100,000 vehicles per year when operating at full capacity. Therefore it had potential to provide private space to 250,000 couples in 2.5 years, and provide all with a vehicle in 5 years. The building industry statistics indicated it oscillated between 5000 dwellings per year and 15,000 dwellings, and was down at less than 10,000. So assuming could be boosted to 10,000, then it would take 25 years, to provide housing for the 250,000 potential couples. Thus expectation that average household occupancy would be 2 persons, by 2015: assuming zero population growth.

However, basically no change has occurred, as average household occupancy is still less than 3 persons per household but not yet 2. This is due to population growth, mostly derived from immigration. This migration mostly fuelled by incompetent managers, who do not appear to realise the job is to maximise the benefit from the available but otherwise limited resources. Thus they are always claiming shortages, add to this employment policies built around keeping the building industry active. Except now claiming we have a shortage of skilled trades people in the building industry.

So it becomes questionable has to whether we want migrants to build the houses, or create a pressure for more houses to keep the building industry active.

I would argue we do not need more people in the building industry. We may need new people to replace those that retire, but we don't need more. Also we do not need to be releasing more land and do not need to be building more family houses. We already have water rationing, the severity of the restrictions vary on an as needs basis. There has to come a point when we say "enough is enough, no more expansion of our cities, this is as big as it gets". The current push is to increase population density of the inner city areas, however, it is still around population growth.

If we still have average household occupancy of 3 persons per household then we still have on average one person in each house not coupled, and if their coupling is creating demand for more housing, then we push towards 2 people per household. To do this we need to construct new houses equal to half the existing housing stock. To expand the radial reach of the city by releasing more land, typically agricultural land, for housing is ridiculous. Expand population and reduce food production land, how is that sensible?

Allotment Size and Building Size

Most of the existing housing stock comprises of 3 bedroom family houses, that is housing suitable for 4 people. Large numbers of these houses are already occupied by one person. The smallest housing site permitted in the old development plans was 81 sq.m in a caravan park, that is a block 9m x 9m. One requirement for fire safety in caravan parks is 3m between caravans/dwellings on neighbouring sites. So would need a site boundary offset of 1.5m, leaving room for a building 6m x 6m. An old reference indicates minimum area for a sole occupancy dwelling to be 25 sq.m, this can be provided by a 5m x 5m dwelling. This in turn can be divided into 2 strip modules 2.5m x 5m. Comparing against shipping container of 2.4m x 6m, the strip modules are transportable: preferably with width reduced from 2.5m to 2.4, even though 2.5m is compatible with vehicle design rules (Australian Design Rules (ADR)).

Given older housing blocks are larger than in new developments, it is possible to subdivide these blocks, for example a block 32m x 21m, can be divided into two blocks. Allowing for a 9m wide access road, each block would be 16m x 12m, having an area of 192 sq.m, excluding the access road. Each dwelling could be suitable for a couple, thus retaining a limit of 4 persons on the block of land. Though even if such block of land has a 4 bedroom house on it, it is still feasible to locate a 9m x 9m site on the block for a sole occupancy unit, which is otherwise suitable for a couple. Assuming existing house occupied by 5 people, and allow another 2 in the added dwelling, then total site occupancy increased to 7.

Population Density

Though blocks of land typically have 3 bedroom houses which may get extended to have more bedrooms. A 3 bedroom house typically for two parents and two children, but may extend to four children sharing bedrooms. If the resource demand of two children taken to be equal to one adult, then have an equivalent household of 3 adults, for typical family of 4, but for family of 6, then equivalent to 4 adults. However, if have more than two children in such house then places extra demand on schools and other childhood services. However, the demand for some of these services can be reduced by added residence used by part-time caretaker.

Also if housing in the vicinity of schools restricted use, and rent only, then need can be concentrated around available services, and housing density can be further increased in these areas by use of 2 to 4 storey apartment blocks. Such apartments being used by older students and teachers. The teachers using such apartments being at either end of the age spectrum, young single teachers, and older couples with no children at home. People raising families, including teachers being in larger detached houses with gardens. Though with school facilities accessible 24 hours per day, the need for gardens can be reduced.

In short we don't need more family dwellings, we need to better manage the housing stock we already have. It seems most of the industrialised world has average occupancy rate less than 3, with some extremely close to 2.

Here in Australia, most of our houses are detached single storey dwellings, and until recently on relatively large blocks of land. Houses are getting bigger and land sizes smaller. Many of these large houses are not practical, and do not meet the long term needs of the occupants, they are also of increasing distance from available services.

If averaging 3 people per household, then constructing a sole occupancy dwelling in the back garden, maintains the allotment occupancy at 3 people, no increase in population density, or increase in demand on services in the area. Rather the third person in each household moves into own dwelling, either at current address or elsewhere. In effect we double the number of dwellings, and average household occupancy drops to 1.5 people per dwelling.

Also hopefully the people constructing these sole occupancy units own the land, and therefore rents can be less, than provided by property speculators who expect others to pay off their mortgage and provide them with a profit.

Production of Modules

As indicated above a single vehicle assembly plant can produce 100,000 vehicles per year, some produce even more. By comparison buildings are trite, most especially in the form of strip modules, or flat panels.

The largest shipping container manufacturer builds 2 million shipping containers per year in 11 factories. That is around 181,818 units per year per factory. A strip module for a dwelling is more complicated than a shipping container, but not has complicated as a vehicle.

As indicated above a sole occupancy dwelling can be provided by 2 strip modules: 2.5m x 5m, or 2.4m x 6m. One strip module being for wet areas containing bathroom, kitchen and laundry. The other providing lounge, dining and sleeping space. If two people couple up, there is no need to replicate the wet area module. Thus two people as a couple only need 3 modules, compared to 4 modules as individuals. A single strip module would be adequate for 2 bedrooms for children. So 4 strip modules can provide a family home. The width of modules can be increased on site with joiner modules and or plain panels.

Also looking at video's of shipping container manufacturing, some of the operations are cumbersome, especially transfer between work stations. Also looking at videos of house manufacturing facilities again some cumbersome operating procedures. A basic strip module is just empty space, with some electrical fixtures (lights/gpo's). The more complicated module is the wet area module with plumbing and electrical fixtures.

So base assumption would be one facility with two production lines can produce 200,000 basic modules per year, and 100,000 wet area modules per year. Which suggests can supply 100,000 dwellings per year, each comprising of 3 strip modules: that is a dwelling suitable for a couple. Alternatively one production line which produces 200,000 basic modules, half of which are converted into wet area modules. So 100,000 dwellings per year comprising of two strip modules.

Now if one vehicle leaves an assembly line at the rate of one every 2 minutes, then in a 480 minute day, produce 240 vehicles, and for 250 productive days in a year, can produce 60,000 units per year. Operating at full capacity is 3 shifts per  day, so 180,000 units per year. 

Such production does not require a large army of skilled trades people. It does not require electricians or plumbers. If it does then the electrical systems and plumbing systems are poorly designed, and an hinderance to productivity. The electricians and plumbers are needed on site to connect to the mains, and even this can be eliminated with better design of the system connections.

Similarly the assembly of panels and or frames and fabric is not carpentry. Skills maybe required but not the skill sets of people currently in the building industry: their skill set is required for on-site renovation.

Now for a unit of production to leave an assembly line at the rate of 1 unit every 2 minutes, then no operation can take longer than 2 minutes. A roll-forming machine for cold-formed steel can produce at the rate of 5m/minute. That means the bearers along the length of a strip module can be produced in 1 minute.

Dynamic Steel frame video indicates they can assemble the framing for a tiny house on a trailer in 30 minutes. Whilst a video tour of Bailey caravans Part 1 and Part 2, indicates assembly of caravan takes around 16 hours. No indication of rate at which leave the assembly line, which is a different issue.

Starting with the 200,000 units per year, then need 66,667 units for each of 3 shifts, and 266 per day, and 0.55 units/minute, or 1.8 minutes per unit. So no operation can take more than 1.8 minutes, that is no operation on the assembly line.

So if have two roll forming machines, producing the needed 2 bearers, in one minute, and takes 30 minutes to assemble framing, have a problem. Roll forming all the framing components, takes around  1 hour at rough estimate, so this has to be done aside from the main assembly line. So the 30 minutes assembly time as shown in the video, is manually assembly and not optimised, this video show the process more clearly. The workers are running all over the place, no mechanical handling for the wall panels, whilst mechanical handling for roof panels comes from elsewhere in factory, and working at height provided by temporary means. In a factory optimised for such production, timing is likely to be faster, additionally, wouldn't just install wall framing, would have fully clad wall frame panels, and roof panels. So can do more in the 30 minutes than simply assemble a bare skeleton. Whilst the 16 hours for a caravan includes full interior fitout, cabinets, beds, kitchen, bathroom, electrical and plumbing.

One thing noticed with videos of manufactured housing is that the use of "vacuum lifts" is a clumsy and cumbersome process, with time wasted on alignment. Better mechanical handling systems would reduce production time at each workstation.

It noted that many of South Australia's builders of transportable homes, simply construct them outside in a yard in same manner as construct on site. Whilst this avoids the trade people running all over the state, it is still a low quality production process. The building industry does not fully design anything. Full design involves design of product and process. With the design of process involving the design of tooling, jigs and fixtures, minimising handling, minimising process delays and waiting time between processes.

As indicated above the electrical and plumbing systems are poorly designed. For example there should be no stripping of wires and wrapping around terminals: industrial product design would replace these with moulded plugs and sockets and lockable couplings. When it comes to houses, on site electricians and plumbers are largely responsible for design, and that design is dependent on the components available to them. Full system design changes the components, and if components are changed then production processes can be changed.

The building industry is largely based on "standard industry practice", which equates to no one knowing what any one does, but what ever it is it'll be good enough. To increase productivity this is not acceptable. Just look at video's of builders and the time they waste on site, working things out, which should have been worked out before they got to site, preferably by the designers and then checked.

And the its "one-off", customised to the site. Even if the product is designed for the site, it is most likely a concept adapted to fit the site, rather than starting with the site. Either way though, the production process is the same. Whilst builders may manage the process, they don't design the process, the process is left to individual trades. So electricians and plumbers may have to turn up at the site twice, the so called first fix and second fix processes. For example first electrician puts wiring in the wall framing and ceiling space, then when clad, they return and attach fixtures to the wall and ceiling faces. This is imposed by the product design, modify the product, and can modify the process. For example wall cladding panels can be cut out by CNC machines, and then inserted over installed electrical and plumbing fixtures. So only one fix for electrical, though plumbing may still require two fixes.

So consider a box, one floor panel to which 4 wall panels attached and a single roof panel. There are 4 base joints at bottom of walls, 4 joints at top of walls, and 4 corner joints. A total of 12 joints.  Assume 12 workstations and 1 minute for the longest joint, then boxes leave line at rate of one every minute. However, that requires 12 partially completed boxes in the production line, and it takes 12 minutes to produce one box.

Consider 3 work stations, one installs two side walls, with temporary bracing. It takes one minute for each wall. If done sequentially it takes two minutes at the work station, if done in parallel then it only takes one minute. Next station, two end walls installed, each wall has one base connection and two corner connections. These are shorter joints so should take less than 1 minute to complete, but assume 1 minute is the limit. So if each wall installed sequentially it takes 6 minutes, if in parallel then 3 minutes. The last work station install the roof, for which have 4 joints, so time is 4 minutes.

So 3 stations with sequential times have [2,6,4] or parallel times [1,3,4]. So if done sequentially the boxes exit the line at the rate of one every 6 minutes, not 4 minutes. The last workstation after completing its 4 minute task has to wait 2 minutes for preceding workstation to complete its task 6 minute task. If have parallel tasks at each workstation then time can drop to 4 minutes.

But also note that total production time for sequential is 12 minutes, but with parallel times it is 8 minutes. The 3 work stations is preferable has have less inventory tied up in the line, but not achieving the rate of one unit per minute. However it is possible to install the roof with all joints in parallel. The two side wall joints in one operation and the two end wall joints in one operation, and these two operations simultaneously. So total time at end station is reduced from 4 minutes to 1 minute, the second work station now has the longest time at 3 minutes.

The two corner joints can be completed in parallel. So 1 minute for corner joints and 1 minute for base joint, drops to 2 minutes. If can do the base joint in parallel with wall corners, then dropped to 1 minute. The station times become [1,1,1]  and total time for box is 3 minutes. With boxes exiting the production line at the rate of one every minute.

Assuming bolted joints and maximum length is 6000mm and spacing minimum of 200mm, then have 30 spaces or 31 bolts. The objective is thus installing such bolts in less than 1 minute, so would need to install each bolt in less than 1.91 seconds. Assuming not possible, then increase bolt size and install at 600mm to say 1200mm centres, thus reducing number of bolts and allowing more time per bolt. Thus 5 spaces, requires 6 bolts, so 10 seconds per bolt. Introduce multiple spindle drivers, and can install all bolts along a line in one operation.

Also note with modular construction, that 2 modules 6m long placed end to end, create a 12m wide building, made from 2.4m wide segments. Though 12m long modules can be transported, though may have manoeuvrability problems in some suburban streets, and then at driveways. However if feasible then end to end have 24m wide building. In Australia our timber framing code (AS1684) and simplified wind classification system limits building widths to 16m. So would want to replicate this using other materials and systems. So would need 8m long modules.  Assume maximum site width 21m and length 32m. So in width can get maximum length of 2400*8 = 19200, or in length allowing 6m offsets from boundaries, then also limited to 8 modules. So total of 16 modules in one building. Assuming it takes 30 minutes to install a module on site, then will take 480 minutes to install whole building: 16*19.2 = 307.2 sq.m. Which is larger than typical single storey house. Earlier versions of timber framing code had 12m limit on width, however few buildings have such widths let alone the now permitted 16m. Maximum length is 5 times the width, so at 16m can make 80m long, and unlikely to find a block of land suitable for such length. Also development plans typically have large offsets from the front boundary and from the rear boundary, offsets from side boundaries typically around 900mm to 1000mm. 

So consider a 3m square grid, and 12 x 12m dwelling. Then have 16 potential rooms. But only need around 8 rooms: kitchen, laundry, bathroom, lounge, dining, 3 bedrooms. So such a dwelling potentially has 8 rooms surplus to requirements. Though some rooms may want larger than 3m x 3m, whilst others are smaller.

Consider 3.6m wide broad loom carpet. So two side by strips and 1.2m hallway between, gives 3.6*2+1.2 = 8.4m width, and put 4 rooms on each side, at say 3.6m long, so 14.4m long, which would require 6 modules, in length, whilst width provide by single module, so total of 6 modules at installation of 30 minutes each, is 180 minutes or 3 hours.

Or consider a popular 4 bedroom floor plan, L-shaped dwelling, 15m legs and each leg 7.5m wide. So one leg take to be 15m, the other 7.5m, so 6.25 modules one leg and 3.125 modules the other leg. So we could round the number of modules down, or up, alternatively change the width to something less than 2.4m. For example adopt 8 modules and 4 modules for each leg, and width of 1875mm. So total of 12 modules at 30 minutes installation each, so 360 minutes or 6 hours.

So assuming modules arrive on schedule then expect the typical house can be assembled in one working day. Also expecting need less than 16 modules, and expecting fabrication of module is less than 30 minutes. So expect all modules fabricated in one day, and delivered and assembled on site the next day. Or for some distant site, the modules all arrive in sequence on the same day.

If expect to roll of the production line at the rate of one every minute, then expecting can produce 480 modules per day, per shift, and if using 16 modules per dwelling then providing 30 dwellings per day.

One example of the potential is BOXABL, so 300,000 sq.ft of factory space (so a 547 ft square, or around 167m square), building a home every 4 hours, aiming for home every 30 to 40 minutes, producing around 6000 and 7000 homes per year and currently with order book for 120,000 homes. Aiming for new factory, with production capacity of home every 10 to 15 minutes. Part of problem here is what is their timing referring to, total production time, or time flowing from the line.

They are no where near 200,000 units per year from one factory. But like the caravan company above, they are producing a fully fitted out box: wet areas, kitchens, bathrooms, and cabinets. Also they are not producing two strip modules, but one expandable unit. So separate the empty box from the fit out, and also consider wet area modules from basic empty box. Then it does seem like there is potential for modular production to hit 200,000 empty units per year.



Related Posts

Revisions:
[3/01/2024] : Original

Thursday, April 13, 2023

IDENTITY VERIFICATION WITHOUT COPYING

Introduction

The verification of identity seems to be a highly flawed process, which every organisation appears to believe involves copying, including the Australian Tax Office. Yet no copying is needed, nor sighting, further more if the selected documents are used for identification purposes it hinders their proper use. The processes are also contradictory, as they require the same data to be both public and private at the same time. Everyone needs to stop building repositories of identity data, which are ripe for harvesting by thieves. The need is to verify identity, not acquire a copy of identity data. Not the least of which is, more traditionally, copying of such documents was considered illegal.

Security Key

To me the Australian Tax Office MyGovID application is fundamentally flawed. I don't have an issue with its use as a security key, other than a mobile phone, the purpose of which is spoken communications, is an overly expensive security key. Which item is treated with more care, house keys or mobile phone? A low priced USB security key on keyring with house keys likely more secure than a phone. The phone is only more secure assuming its security features used to prevent anyone else accessing. These features have tendency to interfere with use as a phone the primary purpose of the device. A smart phones security features may make it good in theory, but not in practice, it is not a quality robust design solution. Given such may as well make other options available: it is poor design if there is no alternative or backup technology.

Verification of Identity

However, the major  flaw with MyGovID, is the process of verifying identity to use with the security key. The process involves copying, creating pristine digital images of identity documents. Pointing a camera on a phone at an identity document may be convenient, but it is also foolish and irresponsible. Around two or more years before MyGovID was introduced, I refused to give Paypal such copy of my identity documents, and I am surprised that the government is following such path of collecting copies. Especially surprised as I'm reasonably certain it was corrupt government employees during 80/90's who first exploited colour photocopiers to forge identity documents. To now give them pristine digital copies is insane.

Token Evidence of Identity Check

Maybe in the first instance as a consequence of World War 2 , and the cold war and the iron curtain, it was apparent employees could be corrupted and false identity documents created. So taking black and white photocopies of documents introduced, along with stamping these as copies, with the date and the signature of the agent taking the copy. Such copy providing token evidence of having viewed something resembling an identity document. If originals need sighting then these copies clearly not suitable substitutes. But as copying technology has improved, such copying no longer acceptable and should have been abandoned during the 1990's. For such copying to be continued using digital technologies is unacceptable.

The Optus breach would be less significant, if identity data had not been collected. It seems "as a tax office requirement", businesses are building repositories of identity data littered all over the place. Would expect the government to take the lead and demonstrate that do not need to copy identity documents or sight them, to verify identity.

Privacy Policies

Such copying is unacceptable and unnecessary. Whilst it is nice that the tax office and other businesses have privacy policies. Such policies are unfortunately no consolation to people who have their identity stolen. Most especially when the verification system is poorly designed and contributing to the theft of identity, due to predictable design flaws.

Identity Tasks

I'm aware of  at least  two different identity tasks. The first is verifying dealing with a real person, and real address, and opening an account and issuing an on going unique customer number (ID1) for the name and address. And attempting to connect an actual person (ID0) to that identity. The second issue is ensuring all future transactions (ID*) are with this same person (ID0), Most organisations issue plastic membership cards, with the unique membership number on it. These membership cards are not proof of identity, they simply allow transactions against the membership number: that is transaction ID* connected to ID1, not to ID0. One  problem is ID1 can be stolen, but everything still points to ID0, as they are the one at the address or a previous address if the thief (IDx) has changed the address. If a problem occurs then seeking to find an actual person at an address. Not checking validity of addresses, and not checking occupation of the address, in the first place is a major defect.

Public Facing and Private Data

We can consider there is public facing data and non-public facing (private) . By  public facing I mean the information is shared with a multitude of people: friends, relatives, businesses and government departments. Information on membership and identity cards have to be public facing to operate: the data cannot be private. Name and address are public facing but their association with other things is private.

Government Registers

All special documents/cards issued by the government are associated with a register and for a specific purpose. Use for any other purpose has the potential to hinder the proper use of the document. Presence on the register is based on a name, which may not be unique, but is made unique by an assigned number, and other data placed in the register. For on going transactions a physical address is typically required, where if we chose to look, expect to find the person inside the house at the address.

Interrogating Legitimacy of Documents

The government typically chooses to keep other information collected by each department, private and confidential to that department, unless there is good reason to share. Therefore all interrogation of the legitimacy of a document should only occur between the department which issued it and the person claiming the benefit conferred by the document. Exchange of data with any other party puts information where it does not belong. Collecting the data simply because do not have the imagination to consider how verification can be done otherwise, is not acceptable.

If a person does not have an original document, then they need to apply to the keeper of the register for a transcript. This transcript and copies should never be passed onto anyone else. It is clear that the keepers of the registers have to be able to interrogate an individual to the extent necessary to be convinced the person can uniquely identify themselves on the register: That is connect ID1 to ID0. However, possession of an original or transcript provides little evidence of anything useful: it is not proof of ID1 connected to ID0.

Therefore the registers and the keepers of the registers are important to defining identity (ID1), but have a problem connecting to the person (ID0). Keeping ID1 connected to ID0 is thus part of the problem to be dealt with.

Associating ID0 Activity with ID1

Our primary concern is that ID1 is unique within the community and all transactions by that identity are those desired by ID0. Therefore an important task is to get ID0 to associate all their activity with ID1, and will typically involve reference to transactions ID*.

Presence of Name on Available Registers

Since a name is on all the registers, it is clear that all the registers can be checked for presence and uniqueness of a name on the available registers, without disclosing any other information. If address is available then it can be checked, if and only if  the name is not unique. As knowledge of presence on some registers may be a matter of privacy in itself., an individual needs to grant permission to check all the registers, When granting permission to check the register the person can also identify whether they expect to be on the register or not. For example not on Australian registers of births or deaths: because alive and born overseas.

Having checked multiple registers we know the name is in common use, but not that all uses are by the same person, or by the person (ID0) currently being checked. We therefore need the person (ID0) to get confirmation from the keeper of each register that they are able to defend their unique presence on the register. Also if necessary demonstrate they are not the person on a register.

For any organisation to get more information from the person to check against the registers would be unacceptable. The keeper of the register has to exchange the information. The keeper of the register has access to the information, the information is private to that register. It should be kept private to that register. There is no value to the data for identity and security purposes if it is littered all over the place.

Identity Confirmation Tokens

The individual therefore needs to apply to the keeper of each register and get a confirmation token of some description that they are able to defend their unique presence on the register. The collection of tokens are then linked to a single identity token. This token ultimately being a public facing identity card, potentially eliminating need for 100 point identity check as the identity represented by the card is routinely updated by an increasing number of checks against the use of the identity. 

An identity card being created as it is a time consuming and inconvenient activity for all parties involved therefore only want to pursue the activity once.

Identity Check

So notionally defined an identity and assigned to a single identity card, and whilst built on checks against multiple registers, the card can be stolen or faked. It can contain a photo and a data strip, and a personal identification number(PIN) can also be associated with the card. The data strip contains information about all the checks made, the more checks made the more robust the identity. For person to person transactions, an 100 point ID card is likely good enough. Multiple organisations can be involved issuing ID cards complying to common standards, on condition no organisation ever takes a copy of identity documents. The only general purpose public facing identity data is that  made available on the 100 point ID card. All other data is kept private, only shared with those organisations which issue the documents.

No Computers

A system could be designed which does not require computers or smart phones. The system needs either paper confirmation certificates or could use plastic/metal confirmation tokens/coins. However, the registers can be searched faster by computer, and restricted access to the data better enforced. Digital tokens also have potential to be more secure.

Remote Transactions

Remote transactions pose a problem as cannot see a plastic ID card, though it could have a built-in USB key, employ or employ NFC technology as in smart cards and stickers and tags. However, unlike face to face transactions cannot check face against the ID card: not that this is helpful if the card is fake. So problem is that ID1 is not permanently attached to ID0 and no one really wants the world of Cyborg 2087 and implanted trackers.

It seems drivers licences, and other identity documents are being used for over the phone verification. This is not sensible, it is a contradiction. Either the information is private or it is public, it cannot be both at the same time. If every business is making copies, then it is public. The original purpose of most of the documents also makes them public facing.

For traffic control purposes, it is likely that people will communicate required exchange of information by way of their drivers licences. Therefore one way to get information is through a minor car accident: the thief already using a fake identity. Such information is therefore not suitable for remote identification purposes.

Biometrics

Biometrics instead of implanting a tracker, make use of data already nautrally embodied in a person. However in the world  of 3D printers it is questionable as to how robust these systems are. Furthermore there is still the issue of the data being collected and littered all over the place. So copying a persons features is no more acceptable than copying their personal identity documents. There is a difference between fallible human memory connected to multiple sensors, and a permanent machine record based on a myopic perception from limited sensors.

Using biometrics stored on single device belonging to the owner, and used as a key for multiple devices and systems is more acceptable. In this manner identity/biometric data is not scattered amongst multiple organisations nor on multiple devices. The one device is unlocked and activates a key to unlock other systems.

Transaction History

As indicated above if an organisation has a history with a client, there are therefore multiple ID* transactions which can be used to verify a person remotely. Most recent transactions not necessarily the best transactions to use as the use of such maybe the cause of a recent identity theft. Unfortunately historical transactions may not be readily available to individuals, consequently may take a few days to dig old information out and verify. The purpose being to determine a history of interaction between ID1 and an organisation, as recognised by ID0 and the organisation.

Computer and Smart Phone Technology

Increasingly smart phones and computers are acquiring increased security features which restrict access to the device or an account on the device. The tax office assumes one phone one user, which is some what unreasonable and doesn't reflect the real world. Many families just have one mobile phone and a landline, there is no need for everyone in the household to have their own mobile phone. Businesses have landlines, most businesses are small business, and they didn't have one phone to one person. If anyone in the business has a mobile, it is most likely their own, and not supplied by the business. So have two issues individual not wanting their phone contaminated with business software. Business owners not having control over individuals personal devices.

Tax Office Problem

The tax office's problem appears to be that any individual can log onto a computer and onto tax office systems. This is because in many businesses, employees likely do not have their own computers, nor do they have their own computer accounts/profile on a computer. So once a person had access to a computer a person had access to the Auskey granting access to the tax offices data. Unless using an Auskey on a usb stick, in which case only the person with the USB stick should have been able to access. Of course anyone could be granted access to use the key. But had the advantage that the usb stick could be taken back and the Auskey cancelled. Thus usb sticks a visual reminder of how many Auskeys a business was using. Though I'd hazard a guess the contents of the USB stick could easily be copied, but as long as the Auskey cancelled once an employee changes roles, should not have been a problem.

However, the expectation with MyGovID is that only one person using the security features of a smart phone is able to unlock the phone and gain access to the security key provided by MyGovID. However it does seem like the security features of a computer, laptops especially, and system accounts, could equally well be used to limit access to the tax office systems.  One computer with multiple users, and each account having its own digital key. In large organisations people not always using the same computer, they can log onto any computer, and their profile follows them, therefore the digital key would have to follow, it cannot be machine dependent.

Irritating 2 Factor Authentication Using a Smart Phone

So enter the irritating 2 factor authentication either using a mobile phone and codes sent by SMS, or other methods such as using symantec VIP on a desktop or google's backup codes. At least google recognises may not have phone with you or switched on and provides an alternative. The tax office suggests that the SMS messages are not secure, and that new smart phones have improved security for the communications.

So once MyGovID is setup we supposedly have a secure digital key for remote transactions. Using a smart phone we don't need a special reader for a keycard, and unlike a simple usb key supposedly only one person can use the key. All seems reasonable for on going transactions and especially remote transactions.

MyGovID Primary Defect

The big problem however is that to set up MyGovID everyone foolish enough to do so, or otherwise coerced by the tax office, has given their identity away, and the tax office servers are now ripe for harvesting. No point harvesting them when little data there.

Copying and collecting of identity data is not verifying identity, it is not making transactions more secure, it is creating more sources of identity data and making peoples identity data easier to find and steal. So MyGovID would be good if it didn't place our futures at risk.

MyGov Primary Defect

On the other hand MyGov connects multiple government accounts to a single account, but otherwise fails to confirm and create a single secure identity. Furthermore various government departments may still ask for copies of documents to conduct a 100 point identity check. Thus creating even more repositories of identity data.

Use of MyGov to Interrogate Government Registers

Yet MyGov should be carrying out adequate interrogation to connect a government account to a single user account, and as it does so generating a firm identity for a given user. In other words MyGov needs more government accounts available for connection so that can generate a firm identity. That is so that a user of MyGov can check themselves against the various government registers, be appropriately interrogated by the keepers of the registers and receive an appropriate confirmation token against such register. The more government accounts a person can link or otherwise confirm against, the stronger their identity.

So in the first instance, simply create an account, such account is not associated with anyone. Just a user name, and/or email address and a password. Once the user provides their full name, approval can be granted to search all registers for their full name. At which point they can be notified as to their presence on the register and as to whether they are unique or not. If not unique then they can do further checks against those registers to uniquely identify themselves. Once uniquely identified on 3 or more registers then the user can proceed to the process of unlocking access to the various accounts and linking them to their one MyGov account.  {3 or more := birth/migration + electoral roll + medicare + taxfile } Those registering for services for the first time may have problems, but they likely have an education, and the education department should know they have attended school. So it maybe necessary to connect both federal and state government departments to the one account, and possibly certain private enterprises. Thus MyGov creates a confirmed identity with out ever copying or sighting issued documents. This identity then needs to be secured and usable: that is making the identity usable as a security key the way MyGovID is meant to be.

Flawed Verification Process

The tax office approach requires they, banks and various other organisations acquire copies of identity documents such as birth certificates, drivers licences, passports, citizenship certificates, Medicare cards. If they acquire copies the document is no longer unique, and the data is no longer private. And as they are now largely acquiring and checking digital copies, it is possible that no original is ever required. So the process is flawed. It may be believed that not possible to inject fake data into the communication stream, but it does seem feasible to by pass a phones camera and inject into the camera's memory. I believe a criminal organisation would only need to modify one phone, and swap sim cards to create multiple identities. If they cannot get digital images then they cannot do that. If digital images of identity documents are not used then they cannot do that. If the documents selected as identity documents are not used then they cannot do that.

The system described above is not using identity documents it interrogates the individual once to create an multi-use identity card/token. That identity card can be questioned requiring further confirmation of the connection of ID1 to ID0. But under no circumstances does the party requiring the confirmation get to see the other identity documents.

General Use Identity Card (100ID)

To clarify further the 100 point ID card (100ID) can be checked by anyone for any purpose. The police can check the drivers licence and 100ID card if they wish, or just the drivers licence. Customs can check passport and 100ID or just the passport. But no one else can check a drivers licence or a passport, as these are not general use identity documents, they are created and issued for specific control purposes, and such purpose should not be hindered by alternative uses.

So confirm identity but do not contribute to theft of identity by building repositories of identity data and passing such off as verification.

Arresting People

Who is the tax office going to arrest for failing to confirm identity or acquire an identity token. Either a person is not identified or they are. If they are not identified then cannot arrest as do not know who the person is that is to be arrested. If can arrest then have identified and confirmed the persons identity, if confirmed the persons identity then no just cause to arrest. Whilst can arrest someone, take a photo, assign a reference number and leave all other details blank. However it is not acceptable to arrest someone simply because they do not have any form of  identification. Nor is it acceptable to arrest someone because happen to be an arrogant all powerful organisation which is only capable of confirmation of identity by creating a copy of identity.



Related Posts

Revisions:
[(13/04/2023)] : Original

COPYING IDENTITY DOCUMENTS IS NOT A VERIFICATION PROCESS

I have an issue with the general copying and collecting of identity data passed off as an identity verification process, by all businesses (eg. Paypal, banks, Certsy), and especially government departments such as the Australian Tax Office (ATO), and Centrelink. The reference to its a tax office requirement could also be considered and coercion or abusive use of power. The ATO is potentially responsible for all data breaches such as the Optus breach.

Centrelink Identity Check

After an heart attack in 2018 I was advised to seek a health concession card, centrelink required my identity documents be submitted, this could be done via MyGov. I reluctantly and unwillingly submitted via MyGov, I submitted "everything but the kitchen sink", the response was not enough information. It currently indicates there is no history of my ever submitting documents. I don't trust them. As far as my memory goes, sometime back in the 1980/1990's the DSS/CES introduced A3 colour photocopiers with collation memory, that collation memory was used by corrupt employees, after hours, to produce passable replica's. This copying activity should have stopped back in the 1990's, instead it seems to have increased.

Traditional Copying

My understanding is that attempting to copy official documents issued by the government whilst not itself illegal the potential use of the documents in a fraudulent manner is illegal. The original A4 black and white (B&W) copies taken by DSS/CES, stamped in red ink with the word "COPY" , dated and signed by the representative of the DSS/CES who witnessed the original, was acceptable, as originals need be sighted and the B&W copy was not passable as an original. The copy, basically being taken because employees not trusted and the copy is token evidence of having seen something resembling an identity document.

Copying Technology

However, once copying technology had reached the stage of being able to produce passable replica's the copying of identity documents should have ceased, that is some time around the 1990's. Instead today pristine digital copies, which can be used to produce passable replica's, are being littered all over the place. {AI technology detecting fakes is irrelevant}

Paypal

Around 2 years prior to the ATO introducing MyGovID, Paypal requested digital copies of my identity documents, indicating it was a tax office requirement. I refused to provide, and provided them with explanation why and informing about the traditional B&W copies. I also explained they had already verified my account through my linked bank account, which already required a 100 point ID check in person, to get. They indicated they would verify my identity by other means. I still have two Paypal accounts, though the business account I'm not certain is fully operational, but I have little use for it, so not overly concerned at the moment. {I did have a few dollars seemingly trapped in the account, but I have recently transferred.}

ATO Secure Access

The ATO introduced MyGovID and discarded Auskey. As the application is not compatible with my phone, and to me a mobile phone is a useless piece of electronic junk running poorly written bloated software, its only purpose is spoken conversation, I have no intention of updating it simply to use as a security key. Consequently I lost access to the ATO business portal and processes became inefficient as now I need to operate via an accountant. Apparently accountants, financial advisers and tax agents are not very responsible as they appear to have mindlessly complied and verified their identities with MyGovID. Needing to use a smart phone as an over priced security key, is irritating but something I could ignore and detour around.

Though lost faith in accountants ability to act in the best interests of their clients. On an accountants forum all the accountants seemed to  be concerned about was updating the phone, the cost of the phone, and the security features of the phone, no thought of how the phone is used. It seems anything on a mobile phone is seen as "cool!" and convenient, rather than stupid and irresponsible.

Smart Phones and Software

The need to use a mobile phone in conjunction with a computer is getting to be annoying. Quite frankly I have little use for a phone, and consider it an unnecessary expense and have little intention of replacing when my current phone stops working. It spends the majority of the time switched off. I like computers, but I hate phones of all descriptions. When I got a smart phone, I thought it had potential as a portable computing device, it has however never demonstrated any value as a computer. Not the least of which there is generally only one way to get software onto the device. The constraints imposed by Google and Apple are unacceptable. A smart phone should be a personal computing device, and not require software from a public repository, nor require software be placed in such public repository.

The constraints on the public repositories operated by Google and Apple is the one major reason why the ATO MyGovID application is not acceptable, since if it is not compatible with your phone and cannot be installed then google play will not permit comment. But MyGovID is an imposed piece of software by a government department and its very concept and nature is flawed and needs to be discussed, criticised and interrogated, and has little to do with whether the software does or does not work. To a certain extent the ATO covertly introduced this infringement of rights: theft of data from other departments which they would otherwise not be granted access to. Copying documents is not verification.

There are other means of multifactor authentication with out need of a smart phone: such as googles backup code numbers and symantec vip access, and usb security keys.

ATO Directors ID

Then the ATO introduced the Directors ID, this requires MyGovID to "verify" identity. Now I cannot avoid  the issue. There was a voice phone option, so I was willing but reluctant to go along. I tried the phone option, and got an extension of time as phones busy. There's a telling clue. I eventually get through, and over the phone they failed to verify my identity, But they did collect data from my citizenship certificate: suspicious. Which all seems likely an highly defective process, since it suggests only need data from the document, which could come from anywhere. As failed to confirm over the phone I was sent letters requesting I send certified copies.

Copying Identity Documents & Exchange of Data

I am not placing my identity documents anywhere near a photocopier, scanner, or camera. The only scanner acceptable to me is that operated by the department which issued the documents, and only with respect to the purpose for which the document was issued. The only exchange of data acceptable to me is with the department which issued the document.

Legitimate Access to Data

The various government departments do not share data,. If the ATO had a legitimate reason for such data then they would have it already. They do not have legitimate reason for the data, and they are not getting it from me.

Verification Process

This verification of identity process is total nonsense. They are copying identities they are not confirming or verifying anything. They are simply building repositories of identity data ripe for harvesting and thus contributing to the theft of identity. {eg. Optus breach}

The 100 point ID check does not require copying or sighting any of the specified documents. Furthermore possessing the documents is not proof of anything useful. Whilst sighting of the documents by persons not involved with the intended purpose of such documents is also not proof of anything useful.

AI Technology

Customs and immigration using AI technology to detect fake passports at border crossings is a reasonable use of AI technology. This is because fake passports along with corrupt employees diminishes the value of the passport and interferes with its proper purpose. The department/s which issued and otherwise employ the document are doing the checks to fulfill the proper purpose of the document. Consequently their activity does not interfere with the proper use of the document.

Furthermore given the number of people processed daily, it is unlikely they would waste resources storing the scans long term, and have little need to do so, as they already hold the information which is on the passports they issued. They really only need to keep a check on arrivals and departures, in each direction, and keep for a short time afterwards, and only data about suspicious persons retained for longer periods.

Other organisations scanning the document is not acceptable.We have no control over their use of the digital image generated, and they do not otherwise hold the data on the document, and have no "right" to such data. The digital image generated has potential for use in producing fake documents and therefore interferes with, and hinders, the proper use of the document.

The proper use of a drivers licence is traffic control, the police scanning it for such purpose is acceptable, anyone else scanning it is unacceptable as hinders the proper use of the document. It is also to be noted that data cannot be public facing and private at the same time. During an accident the required exchange of information is likely to occur via the use of a drivers licence, the information is therefore public facing. As the data on a drivers licence is public facing it is no value for confirmation of identity over the telephone. Copying the licence with a smart phones camera is not a transient observation and is not acceptable.

Identity Cards

 If other organisations have issues with identity then they should issue their own identity cards, and security keys, to suit their purposes, not hinder the proper use of those cards issued by others.

Tax Office

If the ATO is not happy with tax file numbers (TFN) attached to just about everything, and wants a photographic identity card then it should issue one. Or simply issue a card similar to the Medicare card, with TFN on it.. Instead of useless piece of scrap paper with TFN on it.

Identity Checking

So the ATO is not in the business of identity checking. In which case why was it permitted to introduce MyGovID? Other businesses for which the 100 point identity check has been imposed are also not in the business of identity checking.

National Identity Cards

As I recollect back in the 1970's the population opposed the introduction of national identity numbers and photographic identity cards. The government got around this by having the TFN assocaited with various customer accounts with coercion of increased tax if do not do so. The state governments introduced photographic drivers licences, with explicit disclaimer on them that for traffic control purposes.

Smart Phones

It was clearly apparent with the introduction of mobile phones, that an alternative national and international ID number had been introduced (the phones number), followed by GPS tracking and audio/video surveillance of a person becoming possible. But this is not simply an invasion of privacy, it places the security and uniqueness of a persons identity at risk. All this abstraction of identity is not the person. {Biometrics is just another abstraction, and 3D printers are liable to make that unreliable.}

Secure Identity

So we need secure identity and we need an organisation to trust to create and secure such identity. But at the same time we do not want national identity cards. The issue is that certain information should be private and confidential to certain organisations and should not be shared by anyone. Only name and address are public facing: with an hopeful expectation we can find a person with the given name at the associated address inside the main dwelling.

So the 100 point ID check, and MyGovID are all hazards to the security of individuals unique identity, rather than safeguarding identity, the processes currently employed are defective and contributing to the theft of identity and these defective processes need to be stopped. That includes terminating the use of MyGovID for identity checking, its use as a security key is another matter. Similarly it is unacceptable for justices of the peace to provide certified copies. Copying is not acceptable.



Related Posts

Revisions:
[(13/04/2023)] : Original

Saturday, February 04, 2023

Proof of Identity Nonsense and Directors ID

To start with full identity is embodied in your flesh and blood, and cloning you would not be considered acceptable. Therefore if your identity is abstracted to a pile of scrap paper, it should be considered unacceptable to copy such documents, and unacceptable for information to be retrieved from those documents and stored.

The only acceptable copy and store of such information is the original register of record when the documents were created.

Documents may need to be sighted, but they should never leave your sight or be touched or handled by others. You want to be certain that the document you walk away with is the exact same document you arrived with. You should not want any kind of document swapping, copying or scanning to  take place.

Mobile Phone Apps

You should not view mobile phone apps as convenient and cool. Just point phone camera at drivers licence and get identity verified is not cool, it is irresponsible and foolish. The drivers licence is not an identity card its only purpose is traffic control, if not dealing with a traffic control issue then no one has a right to see your drivers licence or record your licence number.

National Identity Number and ID Card

During the 1970's the Australian population voted against national identity numbers, and the introduction of a national photographic identity card. I'm not sure whether it was an actual referendum or preliminary survey which indicated no point to a referendum: but the dominate view reported on the news was against the idea.

So tax file numbers became attached to just about everything financial, and identity cards covertly introduced by way of the states introducing photographic drivers licences. And whilst the drivers licence explicitly states for no other purpose other than traffic control it is increasingly being used as a general identity card. Those without a drivers licence then find themselves at a disadvantage. Though the vast majority of the identification requirements are unnecessary.

Back of Drivers Licence


PAYPAL

A few years back Paypal requested I send them digital copies of my identity documents to verify identity, as it was a requirement imposed by the tax office. I refused, I still have my paypal accounts (personal and business). Amongst other things  I pointed out that they had already verified my bank account, credit card, and I had already done the identity check in person at the bank, and therefore why does such linked facility require additional identity check. I also declared that they did not have a right to a digital copy of my identity documents and that receipt of a digital copy was not confirmation of identity.

TAX OFFICE AND MYGOVID

Then a few years later the tax office introduces this MyGovID garbage. This mobile phone app, is apparently defective, and people are complaining that their documents are not getting verified, and the response is typicallly that they need to submit pristine copies of the identity documents. The MyGovID app is not compatible with all phones, so to use people would need to get a new mobile phone.

At the time I checked out an accountants forum, expecting that this app to be criticised as a seriously defective concept. Instead these idiot accountants were arguing about looking after clients best interests and updating mobile phone to get latest and greatest security fixes. If these imbeciles were truly concerned about their clients privacy and security, they wouldn't be jumping on the bandwagon of the latest piece of mobile phone junk. Instead they would put brain in gear and avoid using mobile phone junk. Software which is updated, daily, weekly, monthly and yearly is poorly written junk, it is not minimum viable product (MVP), and the security updates are a joke. The software is typically written using bloated libraries, and that bloat of unnecessary features makes it both a privacy and security hazard.

MYGOVID : DEFECTIVE IN CONCEPT

But putting the defective software aside, the MyGOVID concept itself is defective. First it is only available on google play, where only people who are able to download and use can comment. So no opportunity to criticise the concept: this is completely unacceptable for software imposed by the government. This is not optional software, there is no alternative.

No one, absolutely no one, should be providing a digital copy or even paper copy of their identify documents to any organisation, not even under the coercive cloud of tax office powers. Using your mobile phone may be convenient, but it is not proof of identity.

All the digital copies uploaded elsewhere can be stolen and used to create false identities, as only digital copies are being used for verification. I should imagine a criminal organisation would only need to hack one mobile phone, to create a device which bypasses the camera, and injects a digital image into camera memory. The sim cards are used to identify the caller, and these can be replaced as needed to create as many identities are desired from the one phone.

PAST PROOF OF IDENTITY

In the past, identity documents were photocopied using A4 black and white (B&W) photocopiers, the DSS/CES for example took such copies and then stamped in red ink with the word "COPY" and the current date, these were then signed by the agent processing the information. It seemed innocent and acceptable, but why did they need the copy? Well the past indicates that such employees can be corrupted, and so the B&W copy was token evidence that something resembling an identity document had been seen.

PHOTOCOPIERS AND MEMORY

However,  sometime during the 1980/1990's colour A3 photocopiers with collation memory were introduced. Few people understood the advanced collation features of the copiers and also little actual need for such features. Corruptible employees used the collation memory to store copies of identity documents then after hours printed off replica documents. The situation became worst when, the photocopiers became combined, copiers, printers and scanners attached to computer networks and desktop publishing software. Now they went beyond cloning to more fully forging documents. Then came wireless networking.

So by the 1990's it was no longer sensible to trust identity documents anywhere near a photocopier. Problem is that the number of organisations required to conduct identity checks increased, and the number of people wanting to copy identity documents increased, and everyone seems to have nonchalantly and compliantly fallen into line, allowing such copying. Yet we should have opposed from the beginning.

VERIFYING VERSUS COPYING IDENTITY

Not one of these organisations has any reason or need to hold a copy or record information from your identity documents. There should be no copies of the documents or copies of the information floating around anywhere.

Verification of identity is a process, and is transient. It basically requires checking transient data against a read only database. A database which cannot be copied. So search data can be passed to the database, be checked and discarded. The only data stored being the response from the register which has been checked. The register keeping track of all enquiries made and the source of such enquiry. So the only data being permitted to be recorded is with the original register of such information.

The only information any organisation should need to store is your name and address and the unique client number they assign to you. Most organisations don't even need this information, they just need to check one piece of data to make a decision. For example check age to allow into a venue, who you are is irrelevant. For other situations, the organisation simply assigns an identity number to you, and again who you are is irrelevant. So no name, rank and serial number requirements : all that is relevant is the serial number. Think about that, we are being imposed on to provide more information than a soldier would be required to supply during war.

Now take the directors ID, what value is it? I didn't need one last year, and I doubt it will be any use next year or any time in the future. I'm also fairly certain that the tax office will be held accountable in a few years time for making it easier to masquerade as a director, as they have turned complex identity into a simple number which can be easily stolen. But not to worry because the tax office puts the burden of protecting this worthless and dangerous number on the people they assign the number too. Ok! So have a responsibility to protect identity, no problem. So Dear Tax Office you are not getting copies of my identity documents: verify identity yes, receive a copy of my identity, no #$@!% way.

EXAMPLE SITUATIONS

So you go to the bank to open a new bank account or to the post office to organise a passport. So what happens? You need the 100 point identity check. Two major identity documents are Australian birth certificate or Australian citizenship certificate. Obviously if taking out Australian citizenship don't have such certificate nor Australian birth certificate, however expect department responsible for this to be capable of processing foreign birth certificates.

Now the bank should not need a copy of your identity document, nor need to record information from it. Your account is opened based on a name and current address. There are thus two bits of data to verify: the name and the current address. The address can be verified by visiting the address and talking to the person inside the house, not someone in the garden. The name is part verified by sighting identity documents: such as birth certificate and citizenship certificates. However additionally a collection of documents with their name and address also gives some evidence to their use of such name and address: a problem if they have recently moved however. Changing address seems to be a problem. But again address can be verified by visiting the address.

Now passports are a problem because the Australian Post Office doesn't do anything other than take a photo, collect copies and pass onto the appropriate government department. So it maybe seems reasonable to provide copies, however it is not. Again the primary issue is to verify use of name and address

The Tax office doesn't trust email, or paper post, but seems to believe telephones are secure, and that the piece of electronic junk that is a mobile phone is exceptionally secure.

I recollect during the 1970's the government indicated it would decentralise and make services more local, instead it centralised everything at the end of a telephone in another state, and for all we know these days it could be outsourced to another country entirely. The car, telephones and internet are putting services more and more distant, and thus generating a need for remote identification.

BUYING MOBILE PHONES

To buy a mobile phone in Australia you need to provide a name and address, for the most part this is for on going billing purposes. Not everyone has a personal mobile phone, nor do they have a desire for one, it is therefore unacceptable to create systems dependent on such electronic junk. Further more I don't recollect a requirement for a 100 point ID check to buy a phone, so a mobile phone number is not a verified identity. I do recollect opposition to the idea that retailers should become responsible for such identity checks, before selling phones. So I believe no such system has been implemented.

Secondly if buying a phone with prepaid credit, why do you need to provide name and address? There is no on going billing, and simply a number on the network. Do we care who is using the number? For the most part the answer should be no, there is no public telephone directory for mobile phones as there is with landlines. Mobile phone numbers seem to be more private than private landlines: though doesn't stop unwanted phone calls from salespeople and scammers on either.

Also whilst some people do not have mobile phones, others have more than one mobile phone. Further whilst some people seem to think they need 24 hour access to the world and always have their phone on, others switch their phones off and do not consider it acceptable for others to have 24 hour access to their life. Needing to switch a mobile phone on for two factor authentication is annoying.

However using a mobile phone is probably more convenient than a separate device for identity checks. But if the mobile phone is to be used for identity check, then the identity of the user needs to be verified and that is a problem.


THE OPTUS BREACH

Just back tracking. As I indicated earlier, the population voted against national identity number and identity card. This same population has adopted mobile phones for just about everything. They have essentially accepted a national and international identity number. The phones have camera's and gps tracking. People plaster their faces and activities all over social networks. Someone asks for identity check and they go cool phone app and give their identity away.

The most concerning issue with the Optus data breach isn't that the servers were hacked and that data was stolen, the real issue is the number of people who were so willing to give data to organisations in the first place. To organisations which had no need or right to collect or store such data. The only organisation which needs to know your drivers license number is the government department which issued the licence and responsible for traffic control. The only organisations which need to know your Medicare number is the government department which issued the number and the organisations providing health services. These organisations have an on going use for the number.

Other organisations do not need to record these numbers or store them, all they need do is use to confirm your name. In the main this can be achieved by sighting the document. Taking a photo with phone camera is not sighting the document. Giving the number over the phone is not sighting the document.

If all that is required is to give numbers over the phone, then anyone who has collected the information, is able to masquerade and use the identities they have collected. Which is why it is acceptable for them to sight the document but not copy or record information from the document.

IN PERSON

So want to do things remotely over the phone or the internet or maybe even in person. Say change bank details. So go into a bank to change details of existing bank account. To do that need details of the bank account, which could be stolen from a letter box. The real owner therefore won't have the most recent communications from the bank, but they should have plenty of previous communications. Changing the name of the account would require 100 point ID check on new identity, changing the address would require verifying the new address. Again visiting the address is preferable, but admittedly they may not want to travel 150km to do so.

Now a change of address likely results in a change of landline, whilst email addresses and mobile phone numbers are likely to remain unchanged. Addresses, email addresses and phone numbers are for the purposes of communication, so passing these onto people wish to communicate with is not a major issue. Using these numbers and addresses for security purposes is thus not sensible. However there is potential to use communication channels to check that the person seeking the change is actually present in the office or is actually elsewhere.

If the request to make a change is by post, email or phone, then a response can be to check other channels of communication and request visit the office. Again travelling 150km is not desirable for either client or supplier. Therefore need to rely on the channels of communication.


CHANNELS OF COMMUNICATION

Now the channels of communication are a problem because they can be intercepted or redirected, on the other hand websites and email can be provided with some protection, via SSL. In the main however websites are protected by SSL, and I hazard a guess if SSL is used for email it is only on one side of the communication namely the supplier. So websites and browsers the preferred approach.

GOVID CONCEPT


So MyGov versus MyGovID. So MyGov is not considered secure. But why not? So anyone can create an account with any organisation, using any unique name. So say we have website GOVID, we create an account user name disenchanted2023. We now have a user name and a password to connect to an account, the account has no information attached to it. We provide a phone number for 2 factor authentication. We further make use of something like Symantec VIP access to go from 2 factor to multifactor authentication. So hopefully only the person who created the account has access to the account.

But as far as the computer system is concerned we are a nonentity, a nobody a nothing. But this nobody would find it difficult to exist within the nation without having interacted with some government department. So birth certificates, citizenship certificates, immigration visas and passports just to name a few documents at entry to the nation, and then there are tax file numbers.

So want to link tax account to the nobody account, so all really need is the tax file number as the tax file has all the associated information. But anyone could have the tax file number. On the other hand we don't want to waste time keep typing the same information into the system. So we setup the account with relevant information: name and address. To link to the tax account, the tax file number is provided to access and check, but not saved, and the other information is also checked against the tax account. If verified then the tax account has the potential to be linked to the nobody account but such is not automatic. Additional questions can be generated from the tax accounts which the user maybe able to check using their past communications with the tax office, such as returns. After this verification still not connected, it is simply pending.

The user goes through this process with various other state and federal government departments, with all the accounts left pending. All these accounts being verified against the same name and address details registered in the nobody account, that is they weren't changed between linking accounts. With 3 or more pending accounts all the accounts are checked once again in one batch to confirm all are based on the same name and address details. As each is verified, identification progresses, when all are verified then each accounts accepts verification of identity and all accounts are connected.

The basic accounts being, concerned with register of births and deaths, register of migration and citizenship, tax office, electoral register and Medicare. No information from these registers is stored in the nobody account, but all the registers have a record of the nobody account accessing and searching the register. Once the accounts are verified and linked, then the nobody account is a somebody account. From this point on other accounts can be added based on the already verified identity: which may include checking all existing and new accounts as a batch.

TAX OFFICE AND COMPUTERS

For the tax office to scrap the computer based Auskey and replace solely with a piece of junk which only works on a mobile phone is not acceptable. Mobile phones are poor computing devices, whilst they can run accounting software, it is unlikely to be acceptable for book-keepers and accountants to spend all day working on a mobile phone: they will do their real work with a computer having a decent sized screen and keyboard. Whilst the phone is only being used for registration and log in purposes, it is questionable as to why the system is not also available via computer. If computers lack security then that suggests we should be doing the work on the phone, and I've already suggested that mobile phones are an unsuitable piece of junk. {NB: May have noticed I hate phones and I really hate mobile phones. Mobile phones are not personal computers and are barely programmable to suit the users needs, and the operating system is generally a hindrance to accessing the phones content. The software on phones is typically bloated and poorly written: junk.}

As for hi-tech nonsense: biometrics, such as facial recognition, finger prints, voice prints. So your face has to be scanned and compared against something right. The something is stored data. Is it sensible to allow such data to be stored everywhere and anywhere? I suggest not. However, assuming that the data is stored on the mobile phone and only your face can unlock the phone, then maybe the data is secure, if you exclude future access to the data from concept of security. Personally if I can't access my own data then its not secure, and anything which poses an hindrance to such future access is not acceptable.

Any case the security features are used to access the phone, and then the phone is used to access other services. The other services are only concerned with their own access codes, do not make use of biometrics of store any other unnecessary and unacceptable data on their systems.

So newer phones have enhanced security features and encryption, whilst anyone can potentially access a computer at work as not all businesses create user accounts. But not all phone users enable available protections on their mobile phone. So phones are no more secure than computers. So use a computer to access the government services, but log on identity verified by the users mobile phone. Seems reasonable but why does the initial identity verification need to occur using a mobile phone, with a piece of junk software which only operates on the newest phones? I will hazard a guess it does not have anything to do with security. It is purely do do with incompetents using bloated software libraries which only operate on the newest phones. The bloat is a security hazard. If they, the developers, could actually program then the bloat would disappear, and the software would operate on vastly more systems, would be faster and likely more secure. {NB: Consider security updates are mainly patches to block things which shouldn't be there in the first place. With real security update software would get smaller and smaller until it only comprises of the code for the task at hand, no surplus code for capability not apparent to the user.}

There is thus need to verify identity without copying or recording of such identity information. It should also be possible to do so without something as expensive as a mobile phone and also without the on going expense of operating such mobile phone. The tax office believes MYGOVID acceptable because cheap mobile phones available for the purpose. So business can get new phones for the purpose. But this neglects the cost of operating the phone solely for the purpose of tax office needs. People have no need to update their mobile phones. Sure new phones have more features, supposedly improved capability and improved security, with increasingly different user interfaces (UI) which serve no benefit over the UI that you already have and likely provide a more irritating user experience (UX). Also people are not buying new phones because they want new phones, but because their current phone made inoperable by the software developers keep automatically pushing increasingly bloated updates. Create addiction, dependency, make a product like water which your life depends on, keep them hooked into buying again and again.

So cheap mobile phone and service, which solely has the purpose of a security device is not cheap enough. Whilst replacement for actual phone, is too expensive. Further why is my phone suitable for 2 factor authentication with every other organisation, but not the tax office? I'd want my bank account more secure than dealings with the tax office. To me the annual tax returns are a waste of time for employees: either you paid the right tax during the year or you didn't. If didn't then adjust and bring into alignment next year. For business, either do tax annually or more frequently, with computers it is potentially possible daily. Tax office systems seem obsolete immediately they are implemented.

PRIVACY AND SECURITY

The government and society have now had some thirty years to find a way of verifying identity with out the need to copy identity.

As indicated above in the past it was apparent that people assessing identities, may lie about the validity of identity information or having sighted identity documents. So taking a black and white photocopy of identity documents providing token evidence of having sighted a document resembling an identity document was adopted. So the person doing the assessment gets a defence, but such copying poses a hazard to the owner of the identity. This hazard was realised when colour photocopiers with collation memory introduced, and started being used to copy identity documents. Copying identity documents should have stopped.

But simply preventing copying documents is not enough. No information should be collected from identity documents and stored. If identity is to be abstracted to a pile of scrap paper, then that scrap paper needs to be protected. If identity is to be abstracted to a chunk of data, then that chunk of data needs to be protected. We need to retain sovereignty over our identities. 

Now identity cards were opposed in the first instance because it gave impressions of a police state and restrictions on doing anything. The current problem is that there are already restrictions and identity is becoming increasingly easy to steal.

But a major part of the problem is that the 100 point identity check involves organisations across the country collecting and storing identities, when there is no need to. These identity stores provide a source of identity information which can be stolen. No need to steal from the owners address, can steal from any organisation.

The legal requirement is to verify your identity not take a copy of your identity. Verification does not require a copy of your identity. However the next problem is that the organisations need evidence that they have verified identities.

ORGANISATIONS NEED EVIDENCE OF IDENTITY CHECKS

It is imposed on various organisations that they conduct identity checks on customers, and further that they have proof of identity checks. They transform this need for proof into a need to copy identities. This copying of identities poses a hazard to the legitimate use of such identity.

So lets do this with paper. Fill a form in with information to search a given register. No carbon copy or other copy is taken of this form. It has a tear off strips which identifies the unique number of the form, these tear off strips are sent to various people, the purported owner of the identity gets one, the organisation keeps one.

One is sent to the government department with the register, the register is checked. Another tear off strip is returned with the response: reject or accept. The government department keeps the form, which only contains information the department already has. The other organisation has token evidence of having made an identity check. Every receipt can be verified with the associated government department. The transmission slip could be faked, but not interested in transmission, only that the transmitted data was verified or rejected. With paper this is likely to take a few weeks. With a computer a few seconds to minutes.

Now the problem is who filled the form in? It would be preferable that only the person needing their identity verified fill the form in and posts them off to the departments with the appropriate registers. So the organisation with need to verify identity never sees the identity information. They just receive slips with the accept or rejection of the register check.

So essentially a person requests the keepers of the registers to send verification tokens to the organisations seeking verification of their identity. The keepers of the records keep a record of the requests. So information is only passed to organisations which already have such information. As it is paper based, all postage is by registered mail and secure courier. Special envelopes can be used for the purpose, resulting in the mail being handled by a more secure system than normal post.

This can all be made faster with computer systems and encrypted data, and no other person ever needs to see any of the data.

PEOPLE IN UNIFORMS, WITH LICENCES OR ID CARDS

The vast majority of us have no need to carry out identity checks on anyone, our primary concern isn't who someone is, but if they genuinely represent the organisation they purport to represent.

Say a person with a builders licence for example. So you are expecting to employ a licensed builder, they give you their business card and it has a licence number on in. In the past if you had a phone and knew who to phone you could check the licence number and who it was assigned to. But how do you know the person before you is that person. For the most part probably don't care, because if anything goes wrong, the only issue of matter is the person before you. That is the person you need to find, the person you need to track, the person to be made accountable. For the most part that would just involve visiting their business premises, confirming others in the business are aware of your project, and contract. If they work from home, then may be need to confirm their home address. If they are a mobile service and have a vehicle then can get their vehicle registration number. Information as necessary to track the person, if there is a possibility they take your money and not provide the goods and services. Since contract should be based on work done and progress payments, there shouldn't be a problem. So don't care if they have a licence or not, and if concerned about the quality of their work, then split project into small steps with low cost, and put them on probation, and increase the size of the steps when satisfied they are capable. {NB: As I've said else where licences are worthless and make false claims}

Now people in uniform. Generally we trust people in uniforms: police, fire brigade, ambulance personnel, soldiers, other defence force personnel, nurses. But our trust is really with the uniform and the authority of the organisation they represent, not the person. So again don't really care who they are, but that they genuinely represent the organisation they purport to represent. 

Problem is most likely we will buckle at the knees and our spines turn to jelly, when confronted by a person in authority. Depending on how they exercise their power and authority. If they annoy and irritate us, then our knees will straighten and spines turn to steel. Authority becomes irrelevant and only power matters. The distinct between power and authority is important, in most organisations it is the informal power structures which determine decisions and actions, not the formal authority. For example a person may have the authority to sack someone, but they don't have the power to do so. A person or group may not have the authority to dismiss someone, but they may have the power to force them out. So not only does responsibility have to be backed by the authority to complete required actions, but also the real power to do so. It's where a lot of promotions go wrong, because the person promoted doesn't have any real power. Authority comes from the organisation, power is with the person.

So a member of the police turns up. The first thing is not to be scared of questioning them, they're just ordinary people in uniform. For the most part you will not have the power to keep them out off your home, if required they will have turned up with all the resources necessary to force entry. If they are criminals they will also have the power to force entry. If they are genuine then they won't mind the delay and won't mind the questions, and no power will need to be exercised by anyone.

The police have a uniform and a number on that uniform. All of which can be faked. Plains clothes may have a warrant card, badge or something, again it can be faked. However they supposedly come from a police station. So you can phone and check with that police station, which requires you know the number of the police station.

Of course uniforms, numbers and warrant cards can be stolen and telephone calls can be intercepted. For most of us no one is going to go to that much trouble. Secondly your local police station may only have one person, or one person who is changed on a regular basis. In such situation need to know the police station responsible for assignments to the local station. Or better hopefully there is a transition period where the old and new do the rounds of the local area and the new is introduced. This doesn't require introduction to everyone, mostly just businesses in the area. So then have an independent check on who the local police constable is. So there are some people we expect to be known locally and to have local knowledge. Which is a problem because the typical Australian police constable on the beat is sat in a car and is known to no one.

So do photographic identity cards help? Lots of organisations seem to issue identity cards to their employees, especially those doing door to door sales, or have need to visit your home. So the people who check you gas, electricity and water meters, these days are likely to have photographic identity cards. Though given that for the most part you never really see them, it doesn't really matter. But if there is a situation where they do need to go into your house to read meters, you can view the card of who is supposedly visiting. I believe that builders licensing these days also involves photographic identity cards.

Now information on an identity card should be public, therefore should not allow employer to place unnecessary information on such card. You have to show such card, and the person viewing the card should be permitted to record the information. The card therefore has to be relevant to the task at hand. A photographic drivers licence is not acceptable form of identification for water meter readers, as not concerned with traffic control issues and therefore the parties to a transaction have no need to know the drivers licence number or any other information which may be on a drivers licence. The identity card should just be relevant to the task, the name and/or employee number of the employee and the organisation they represent with contact details for the organisation (including a physical address).

Having matched a face to the identity card that is not proof of anything. It doesn't work for international passports, so why would it work for anything else. An organisation having received a pristine digital copy of your identity document, for example drivers licence, how difficult would it be to replace your photo with theirs, and otherwise forge a drivers licence in your name? There would be no point stealing all this identity information, if there wasn't  a market for fake identities and if it was impossible to produce a reasonable forgery of identity documents.

CONCLUSION

On the one hand identity data is nothing, on the other hand a large number of useless organisations with useless people turn this useless data into something. Think about it: a loan is taken out in your name with out your consent: how? The only time the bank turns up at your address is to throw you out. I would suggest the bank is negligent if it didn't visit your address in the first place, before granting you the loan {refer above}. May consider the bank doesn't care as its your house they are going to get and it is probably worth more than the loan. Then again when they turn up to take your house, they have to prove you are the one who took out the loan, that you gained the benefit of the loan. Chances are they cannot so prove. Therefore it should be important for them to properly check that they can recover the money from the person they are actually conducting a transaction with: not some useless name, but the actual flesh and blood individual.

Our faces are already plastered all over security camera's in supermarkets, so may be should permit our photo's to be used for identity purposes. In other words, we don't care what your name is, just that this face entered this store and conducted business. For most businesses, this is routine, and the record and facial recognition is in human memory, as flawed as that may be. For other situations, like the bank, this face has this customer number, and this customer purports this address. Go check if the face is at the address.

It may not help with online transactions, but which transactions should be permitted online without person to person interaction. It should be noted that telephone transactions are also flawed and should be limited in scope.

As for photo's well you don't want your photo used on an identity card, which isn't yours, but then what use is such? More important that you identity card is not modified and and the photo replaced by someone else's. Real issue for photos, is don't want your photo attached to activity which is not your activity. So plastering your photo all over the internet is not a good idea: and that includes putting you photo on LinkedIn: a foreign website, subject to foreign laws.

Putting your photo on a resume is also not a good idea: the business can take a photo once you are an employee, they have no need for one before hand. Whilst it may help for them to know who you are when you turn up for an interview the majority of the time you won't get an interview, nor will you know what the employer looks like.

Another issue is employers increasing requests for police checks in their job advertisements. If the employer doesn't trust you, don't trust the employer or any of their employees. If you have to provide a police check to them, then they should provide their police checks to you. This isn't about situation where there is a legal requirement for police checks. If there is a legal requirement, then assumption is that all employees and the people you are dealing with have had a police check: and therefore assumption is they can be trusted. No! I'm referring to foolish employers demanding police checks when no legal requirement for such, and no real value in such.

This is not a police state. People are innocent until proven guilty. People are trusted until proven untrustworthy.


Notes:



References & Further Reading

Related Posts

Revisions:
[4/2/2023] : Original/Draft
[5/2/2023] : described more situations, and added references