Usagi
identity Security Your Privacy Politics

My Number and Privacy: Requirements for Identifiers

Nat 2012-08-09 Comment

Recently, it seems that My Number has been getting more coverage in various media outlets. [1] Putting aside the possibility that it may be too late, I think it’s better than no coverage at all.

Ideally, I would point out any points I find concerning each provision, but unfortunately I am very busy and don't have the time. Therefore, I would like to write down some general points that I would like those who discuss these issues to keep in mind.

Defining Identifiers

A combination of attributes that can uniquely distinguish (identify) an individual (or thing) from others in a group is called a "identifier"It's called.

The so-called My Number is also a type of identifier.

Judging from the names My Number and Personal Number, there seems to be an assumption that a string of numbers will be used to identify an individual, but the identifier does not have to be numbers, nor does it have to be a single string of characters.

For example, a typical example of an identifier is the so-called basic four pieces of information: address + name + date of birth + gender. With some exceptions, this functions adequately as an identifier. (However, using this as an identifier is not desirable from a privacy standpoint, as it unnecessarily discloses other information.)

The four basic pieces of information are often thought of as contact information, and in most cases are not explicitly thought of as identifiers; however, when using them, it is essential to be conscious of whether you are using them as a contact or an identifier.

It is also important to recognize that the My Number will not function as an identifier unless it is used in conjunction with the information that it is a My Number and the population is limited to those individuals to whom My Numbers were issued at that time.

Desirable properties of identifiers

Different identifiers have different desirable properties depending on their intended use.

For example, when it comes to things used by humans,

  • It must be an easy-to-remember string.
  • Ability to read aloud
Most email addresses meet this requirement.
These requirements are varied. For example, they might include:
  • [Requirement 1] Stable for a certain period of time
  • [Requirement 2] Stability among data processors with a certain purpose of use
  • [Requirement 3] These uses do not result in unwanted extraction of personal information
And so on. Requirements 1 and 2 are necessary to carry out the business. Requirement 3, on the other hand, is a privacy requirement. The balance between these will vary depending on the purpose of use. For example, in the case of pensions, the "certain period of time" in requirement 1 may be longer than a person's lifetime. On the other hand, a message board accepting political opinions, for example, will require anonymity, so the "certain period of time" would be extremely short, such as until the browser is closed.
Therefore, when designing an identifier, it is essential to clarify what it will be used for.

Privacy Perspective: The Law of Data Minimization

From the perspective of protecting privacy, it is generally required to keep "a certain period of time" and "between processors with a certain purpose" as small as possible. This corresponds to the "data minimization" requirement in the US FIPPS and the European Data Protection Directive when applied to identifiers. This principle is so widely accepted that the only people who would complain about it would likely be those who reject liberalism. (Although there are quite a few people in Japan who reject this. After all, this may be because liberalism was simply given to us, rather than something we acquired ourselves.)

Requirements for various "numbers"

Now that we're prepared, let's consider various number requirements.

bank account number

Bank account numbers are used to accurately manage the balance of a bank account through transfers and withdrawals. The "period" here is from the opening of the account to the closure of the account. Also, "persons/institutions sharing the same purpose of use" would be "people who make deposits and withdrawals to the account." It is not recommended to take this definition too broadly.

Basic pension number

The basic pension number is used to manage a person's pension contributions and pension. Therefore, it is required to remain stable throughout the person's life. In other words, the period is "for life". On the other hand, the people who handle it are limited to employers who have an employment relationship with the Pension Service that lasts for a certain period of time.

Taxpayer Identification Number

The taxpayer number is a number used to accurately grasp a person's income and to appropriately tax them. It also serves the purpose of reducing the administrative burden on tax collectors. Since progressive taxation is adopted, it is necessary to be able to widely cover assets such as balances at financial institutions and real estate, as well as salary and other sources of income, and to make the list. Therefore, if done simply, the scope of sharing would be all payers to that person. In order to grasp income, costs must also be grasped, so expenses such as expenditures also become co-owners. In other words, the scope of co-owners is quite broad.
On the other hand, since taxation is a single-year matter, the period can be a few years either side of the tax. Therefore, the period can be relatively short.

A common number for taxes and social security (including pensions) is not logical

Next, as a hypothetical example, let's consider a common number for tax and social security (including pensions). This would need to meet the requirements of both the basic pension number and the taxpayer number. In other words, it would require the multiplication of the "long term" required by pension management and the "wide range" required by taxes. In other words, an identifier that is "stable over a long period of time and over a wide range" would be required. This does not meet requirement 3, so it is a bad combination. Typical examples are the US Social Security Number (SSN) and the Korean Resident Registration Number, which have caused many problems. These were designed when there was only a paper world, and that is why they ended up like this. However, now that we can use computers, this can be avoided. The Austrian sectoral model is a typical example.

On the other hand, what about My Number?

So, I have briefly introduced some of the requirements for identifiers. With the above in mind, I hope that readers will take a closer look at the so-called My Number Bill (Law concerning the use of numbers to identify specific individuals in administrative procedures ) and think carefully about whether the current situation is acceptable or what should be revised and how, and then make your comments[2].
For your reference, we have provided links to the documents submitted to the Diet below.
Bill on the Use of Numbers to Identify Specific Individuals in Administrative Procedures (My Number Bill)
H24.02.14
 Social Security Reform Office Overview
Outline
Bill and Reasons
References
A bill on the development of relevant laws in conjunction with the enforcement of the bill on the use of numbers to identify specific individuals in administrative procedures
H24.02.14
 Social Security Reform Office Overview
Outline
Bill and Reasons
Old and new comparison table
References
(Source) Bill submitted to the Diet http://www.cas.go.jp/jp/houan/index.html 2012/8/9

[1] Example:The bloated My Number system and the inclusion of unnecessary functions make it a “foolish policy” Norio Murakami’s Global Compass (44) 2012/7/31 7:00 Nihon Keizai Shimbun

[2] Me? I don't have time. Also, since many experts seem to be taking up this issue, I would like to focus on the more fundamental aspects (e.g., international standards for identity verification, development of technical international standard protocols, etc.). If a common number is created, I would like to change my number about every five years, if permitted. I would also recommend this to my acquaintances. It is the minimum self-defense. National and local governments will also need to estimate the costs, keeping in mind that such a movement will spread.

Pin

1 Reply to "My Number and Privacy: Requirements for Identifiers"

  1. Pingback: My Number and Privacy: Identifiers and Excess Risk: .Nat Zone

Leave a comment

This site uses Akismet to reduce spam.For details of how to process comment data, please click here.