Previous Politech message: "Japan's networked national ID system will go live on Aug. 8" http://www.politechbot.com/p-03502.html --- Date: Wed, 31 Jul 2002 10:29:15 -0700 To: declanat_private From: gtat_private (Gohsuke Takama) Subject: Japan's national ID network has gone live already Hi, another FYI. I thought some of Politech readers may be interested to know an update. gt --------------------- Lies and Secrets Japan's national ID network has gone live already by Gohsuke Takama Tokyo, Jul 31, 2002 It's Up and Running Already Rhetorics and politics are good friends. Almost everyone in Japan including politician has been believing that Japan's national ID network system, the Basic Residents Registers Network, would go live on Aug 5 of this year. But the truth is that it is already live since more than a week ago, technically. And it has gone without privacy protection laws which left behind in Japan's diet for more discussions after summer. A news appeared on Jul 19 said that the Ministry of Public Management, Home Affairs, Posts and Telecommunications would start testing of the network from Jul 22, using actual Basic Resident Registry's record update data including newly issued Resident Number. It also noted that transfer of the Resident Registry data from local government owned computers to the National server and the Prefectural servers would be completed by Jul 20. This clearly means that all the residents in Japan already numbered and huge databases that holding whole Japan's 125 million residents' data are already up and running. If so, what the difference between before and after Aug 5? A: Deleting the data of moving out people from the record. That's all. And that sounds more likely just a little change in Local Government staff's operation procedure at the request counter than launch of nation wide computer networks. Now this is the beginning of activation for Japan's national ID systems: 11 digit number national ID, networked resident record system based on the ID numbers, and national ID card that based on contactless radio transaction smartcard, with 32 bit CPU and co-processor supposed to handle crypto and digital signature, which will be issued from 2003. This status makes computer security specialists worried. If organized crimes or foreign spy agents get access to one of these, that could be a disaster. Clear and present danger is here now. World class crackers might be difficult to ignore temptations to try their penetration skills on this network because it is built on Windows NT/2000 servers and possibly MS SQL. You got the idea? Databases and National ID Networks Japan has nearly 3300 cities, towns and villages and until a few month ago their residents' records were all separated. But now the Basic Residents Registers Network connected them all. But this network has strange design structure. Data of residents' records at cities, towns and villages in a prefecture are copied to the Prefectural server. Then data of whole Japan's 125 million residents' records are copied to the National server. So the records of Japan's every resident - name, birth date, address, gender and ID number - are sitting in these servers. Also there is another strange structure. the National server which is locating at Local Authorities Systems DEvelop Center, LASDEC for short, has an additional offers residents' data for the administrative bodies of central government. A funny thing is that the data once transferred to administrative bodies would not be covered by Basic Residents Registry Law which regulates the residents registry. Japan's Privacy Bills Japan would be having two privacy laws, the Personal Data Protection Law and the Law Concerning Access to Information Held by Administrative Organs. However, both are still in discussions and far from passing the diet, because the diet ended today, Jul 31, even with 40 days extension to normal schedule. Many pointed out both bills have problems. For the Personal Data Protection bill, which originally designed as EU/OECD style protection of personal information bill. But it had too many modification. And all the news media are now opposing to strong consent requirement with data subjects and punitive provisions of the bill. More problematic is another. The bill for Law Concerning Access to Information Held by Administrative Organs. This bill is supposed to be for protection of personal information collected and held by government administrative organs. However, many words set in the bill already crippling the law itself. The bill does not have clear set of rules on "collection limitation" of personal information. It also permits the government to use anyone's personal information if needed and "Change of Use Purpose" without notifying to data subject person. Plus, no penalty for government stuff upon duty violations. If this bill was passed, the government can use anyone's personal information for almost in any way, any purpose, legally. Missing Information and Secrecy Lovers What do Japanese people have in mind about this national ID network? That is another side of the problems. A poll done by Kyodo Communications on June 30 brought up that 83.2% of Japanese did not know about this Basic Residents Registers Network and they would be given numbers. Is this a result of secrecy or just a lack of PR? Since that time, news media started having more reporting. On Jul 22, Asahi Newspaper did another poll and the result was drastically different. 59% answered they heard the name of Basic Residents Registers Network, 86% showed concern on privacy information leaks, and 76% answered that they prefer to postpone the launch of the network. The allies of four minority parties brought a bill to the diet that repeal the Basic Residents Registers Network. (Japan has seven political parties.) But it dead in a water without a discussion. A group of politicians in leading conservative majority the Liberal Democratic Party tried to make up another bill that postpone the launch. But it also dead even before proposed on the last day of the diet by time constraint and their slow action. And on Jul 31, the Prime Minister Junichiro Koizumi is still saying the launch date is Aug 5 and go ahead. Ministry of Public Management, Home Affairs, Posts and Telecommunications http://www.soumu.go.jp/english/index.html Prime Minister's office http://www.kantei.go.jp/foreign/index-e.html LASDEC http://www.lasdec.nippon-net.ne.jp/ ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ Declan McCullagh's photographs are at http://www.mccullagh.org/ ------------------------------------------------------------------------- Like Politech? Make a donation here: http://www.politechbot.com/donate/ -------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Thu Aug 01 2002 - 00:45:03 PDT