Public privacy

Filed Under: Privacy

The Minister of Transport for New South Wales, David Campbell, announced at the start of this week the name of the successful bidder for Sydney's new electronic ticketing system.

The new system is supposed to deliver integrated contactless electronic ticketing on buses, trains and ferries in Sydney and the surrounding metro areas. The budget is a whopping AU$1.2 billion (800 million Euro), and Campbell bullishly claims that the system will begin operating by the end of 2012.

Of course, cynics have already noted that the NSW government first promised integrated ticketing based on smartcards back in 1996. The so-called Tcard project was eventually abandoned, unimplemented, in 2008. The government and the successful bidder are now suing and counter-suing over the failure.

Nevertheless, electronic ticketing based on smartcards is an obvious technology winner in a busy, modern public transport network. One ticket, simple interchange and fast boarding mean quicker travel and happier commuters.

There is a potential downside to electronic ticketing, however. The privacy and equitability of the system depends on how the remaining value of each ticket is managed.

Minister Campbell claims that the public transport system "will operate in a similar way to an eTag [also called E-Toll, the toll road charging system in NSW]". According to the Minister, "commuters will be able to top up their accounts online or arrange to have automatic deductions made from a linked bank account or credit card. They will also be able to load cash on the card through retail outlets."

What is not clear, however, is quite how similar to E-Toll the new public transport system will be. Although NSW toll road travel can now be paid for in cash, the E-Toll service has no stored-value component. You just can't buy a transponder (E-Toll's in-car equivalent of a smartcard) and charge it up with cash for you or others to use, as if you were filling up with fuel or buying a contemporary bus ticket.

To travel (or to pay for someone else to travel) on a toll road using cash, you need an E-Toll account. For this you need to provide your address, driver licence details, phone number and email address. You must also pay a monthly fee.

Let's hope that the Minister resists the temptation to follow the E-Toll model on public transport. As a basic minimum to safeguard the privacy of travellers, it must be possible to buy, to use and to recharge the new smartcard tickets anonymously, using cash.

Some travellers may not mind allowing the government (and, by extension, the private companies operating the ticketing infrastructure) to build a detailed record of where they – or, for that matter, their children – travelled on public transport, and when, and with whom. They may not mind signing over permission for the ticketing operator to debit their bank accounts automatically. Such travellers may choose to opt in to this sort of record-keeping against the details of their lives.

But public transport must be kept open, fair, affordable and simple. It should not operate in a way which has the potential to erode privacy and to enable surveillance. It cannot include conditions of use which cannot be met by the homeless, or those without bank accounts, or those who merely wish to travel publicly, yet privately, through pedestrian-unfriendly Sydney.

The default mode of paying for travel should be "opt-out" – cash-based and anonymous, unlike E-Toll. This won't just be fair, it will also greatly reduce the privacy risks should any sort of data spill from the new ticketing system.

, , , , , , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog