一卡走天下?──國民卡引發爭議

:::

1998 / 10月

文‧陳妙鈴



身分證、健保卡、駕照、儲值卡,盡在一卡的時代來臨了?經過激烈競標,「中華國民卡經營團隊」日前標得國民卡委外專案,不過部分專家學者卻強烈質疑相關的資訊防護措施尚未完善,未來個人隱私將被輕易竊取。到底我國目前是否適合推展國民卡,產官學界仍爭議不休。

行政院研考會八月怳擃聽活A以力霸集團為首的「中華國民卡經營團隊」取得國民卡業務的建置、營運和擁有權。雙方隨即展開議約,預計九怳悀漣髡乖閉龤C若是順利簽約,第一張國民卡可望在明年發出,於民國九怞~六月完成全面換發,全國國民將邁入一卡通行的時代。

這張國民卡初步將具有身分證和健保卡的功能,目前稱為「國民身分健保合一智慧卡」,卡面具有顯性的姓名、身分證字號、出生日期及照片等四種資料,卡上的晶片則記錄有性別、戶籍地址、出生地、父母配偶姓名與兩枚指紋等隱性資料,必須靠讀卡機才能讀取。健保的部分,則完全屬於隱性資料,包括保險對象身分註記、重大傷病註記、怳G筆最近就醫紀錄(不包含病歷)等。

研考會主委楊朝祥指出,一卡多功能的國民卡將使民眾享有卡證簡化、戶政單一窗口全程服務、健保一卡到底等便利,也可以免去填寫書表的麻煩。由於國民卡上的晶片擁有16KB的記憶空間,未來除了有可能擴展到做為交易認證機制、電子簽名、電子錢包,甚至建立起龐大的國民基本資料庫,可供給民意調查或是銷售情報與商品流動資訊之用。卡上的空白空間也可以依個人和各單位的需求,增加門禁、停車管制、公共交通工具儲值票等用途。

正由於功能強大,未來一卡幾乎能夠涵蓋所有個人背景,許多專家學者質疑,若是卡片遭到盜用、濫用,後果將不堪設想。包括澄社、綠黨、台灣人權利促進會、台北市律師公會等團體,已組成「反國民卡聯盟」,希望政府暫緩發行國民卡。 

中央研究院研究員瞿海源認為,國民卡實施後,每個人在政府面前都將成為透明人,隱私權受到嚴重侵害。中研院資訊科學研究所教授何建明也說,過去國人習慣將私章與身分證分開保管,以避免同時失竊,現在卻無疑強迫國人將兩者放在一起。律師邱晃泉則認為,依「電腦處理個人資料保護法」規定,公務機關蒐集處理個人資料,必須經當事人書面同意,但是國民卡卻強行將個人身分、指紋等資料納於一卡,有違法之嫌。

除了必須防範政府侵犯個人隱私,對於商業機制,學者也認為不可掉以輕心。何建明指出,國民卡採整體委外方式,如果業者保留一道解密技術的後門,或是在讀卡機上動手腳,都將造成嚴重後果。目前網路技術尚未能夠保證完全安全,也有可能遭網路駭客或是相關人士盜用、竄改個人資料。而且「電子簽章法」、「通訊監察法」都還未通過,因此民眾權益很難獲得法律保障。

由於質疑聲浪高漲,中研院院長李遠哲特別寫了一封信給行政院長蕭萬長,以反映多位研究員的意見。李遠哲認為,推動國民卡的立意甚佳,不過台灣目前還不適宜推行「一卡多用」,若先由「專卡專用」著手,應屬較穩當的做法。

事實上,行政院研考會多次重申,國民卡將會以「保護民眾隱私」、「保障系統安全」、「尊重民眾選擇」為優先原則,在現有法律和技術許可下,循序推動。

研考會資訊管理處處長李雪津指出,國民卡上的顯性與隱性資料的存放,僅限定戶籍法及全民健保法等法令授權者為限,當民眾進行申請或更改,才會由戶政人員當場以讀卡機讀取隱性部分,其他政府機構並不能獲取這些資料。至於更詳細的個人戶政與健保資料,並不記載在晶片上。關於技術上的安全控管,研考會資訊管理處高級分析師宋餘俠指出,由於要求廠商公布IC卡資料存取的原始程式及軟體,廠商很難在讀卡機上動手腳。

未來,民眾雖然被強制換卡,不過電子簽章認證、電子錢包等功能是由民眾自行選擇使用與否,而政府未來也將朝識別、金融、交通不同目的「多卡多用途」方式運作,而非一卡走天下。

「中華國民卡經營團隊」總經理張公僕也說,國民卡公司只提供軟硬體的系統服務,完全不會接觸民眾個人資料,也會在系統安全方面特別設計防盜密碼。

國民卡業務已箭在弦上,但是儘管研考會一再聲明,而且國民卡也尚未發展出強大功能,民間的反對聲浪仍然不歇,未來這張國民卡會擴展出哪些功能,將會產生哪些問題,需要政府當局謹慎以對。

相關文章

近期文章

EN

A Card for All Occasions? --The National Card Stirs Controversy

Marlene Chen /tr. by Scott Williams


Is the era of one card which functions as identification card, insurance card, drivers' license and stored-value card upon us? After heated competition, the China Citizen Card Consortium won the bidding for the National Card project. But a number of scholars and experts have serious doubts about the security measures to be taken to protect the information encoded on the cards. They worry that private information concerning individuals could be stolen. Whether or not Taiwan is ready to introduce such a "National Card" is now the subject of heated debate between industry, scholars and the government.

On August 10, the Research, Development and Evaluation Commission (RDEC) of the Executive Yuan announced that the Rebar-Group-led China Citizen Card Consortium had won the bidding to "build, operate and own" the National Card. The two sides immediately began contract talks which were forecast to be completed within 90 days. If these talks go smoothly and the contracts are signed, the first National Cards could be issued in 1999. A complete changeover will have been affected by June of 2001, at which time all of the citizens of Taiwan will have entered the era of "one card for all occasions."

In the first stage, the card will have two functions, serving as both a national identification card and a National Health Insurance card. In this stage, the card will be known as the "Combined National ID and Health Insurance Smart Card." Visible on its face will be the cardholder's name, birth date, national ID number and picture. An embedded IC chip will record personal information of a private nature including the cardholder's gender, legal address, birthplace, the names of the holder's parents and spouse, and the holder's fingerprints. This information will only be accessible with the aid of a card-reading device. All of the information in the National Health Insurance portion of the card will be of a private nature and will include personal information about the cardholder (name, birth date, gender, etc.), and a record of his or her major injuries and illnesses and last 12 hospital visits (without, however, information on diagnosis and treatment). Yang Chao-hsiang, chairman of the RDEC, says that the all-in-one National Card will reduce the number of cards citizens need to carry, allow "one-window service" at the Population Administration of the Ministry of the Interior, mean that only one card is necessary when seeking medical services under the National Health Insurance system and eliminate the trouble of filling out forms. The chip on the National Card will have 16 kilobytes of memory, so in the future not only could functions such as transaction confirmation, electronic signing of documents and the storing of electronic "cash" be added, it could also even allow for the establishment of a huge national database which could be used for surveys of the public or to provide information on spending habits and the movement of goods. In accordance with the needs of the individual cardholder and the relevant institutions, unused space on the card could be utilized as an access key for restricted areas, for parking control or even for pre-paid public transport tickets.

The possibilities are endless. In the future, such a card could contain almost the whole of a person's background. But this has many scholars worried. If cards were abused by criminals or misused in some other way, there could be unforeseeable consequences. The "Anti-National Card Alliance" has thus been formed by groups including the Green Party, the Taiwan Association for the Promotion of Human Rights and the professional association of Taipei lawyers, which hope to slow the government's efforts to issue the National Card.

Chu Hai-yuan, a researcher with the Academia Sinica, feels that after the National Card is issued, the government will know everything about everyone, striking a major blow to people's right to privacy. Professor Ho Chian-ming, with the Academia Sinica's Institute of Information Science, also points out that in the past people were accustomed to keeping their personal chop and ID card in separate locations to avoid having them stolen together. By combining these functions in one card, they can now be stolen together. Chiu Huang-chuan, a lawyer, says that according to the law governing the use of computers to process data on individuals, when public institutions collect and process information on citizens, they must have written approval from the individual concerned. He thus thinks that there is some question about the legality of the government's putting personal information and fingerprints on a card without the approval of the individual concerned.

Not only do scholars feel that the government must be prevented from violating the privacy of the individual, they also feel that we must be extremely careful about dealing with the private sector. Ho Chian-ming says that with the government outsourcing this project to the private sector, there could be serious consequences if the firm designs in a "back door" to the card or tinkers with the card reader. Right now, technology is insufficient to guarantee the security of networks, so there is a real possibility of hackers or others making criminal use of or changing personal data. Moreover, laws on the electronic signing of documents and on the monitoring of communications are still in the works, making it very difficult to provide legal protection of people's rights.

With criticism at fever pitch, Lee Yuan-Tseh, President of the Academia Sinica, wrote a letter to Premier Vincent Siew expressing the opinions of a number researchers. Lee feels that although the idea behind the card is a good one, Taiwan is not yet ready for a multi-purpose card. He feels it would be more appropriate if the government first promoted specific cards for specific purposes.

In fact, the RDEC has repeatedly stated that the National Card would be created in accordance with the principles of "protection of the public's privacy," "protection of the information system" and "respect for the choices of individuals." Moreover, the actions that they have taken so far are within the scope of current laws and technology.

Lee Cher-jean, director of the Department of Information Management at the RDEC, says that the storage of information on the National Card, both visible and hidden, will only be carried out by persons authorized to do so by the census law and National Insurance law. Other government organizations will not be able to access this information. Only when a citizen applies for a card or requests that information be changed will an employee of the Population Administration be able to view the hidden data. More detailed individual census and insurance data will not be stored on the chip. With regard to the security of the technology, the RDEC says that it has asked the contracting firm to provide the storage software to experts for analysis, making it very difficult for the firm to leave a "back door" into the card readers.

Although the public will be required to change to this card in the future, the decision whether or not to include functions such as the electronic signing of documents and the carrying of electronic cash will be made by the individual cardholder. Lee says that the government is moving towards multiple cards with multiple functions, not to one all-purpose card.

Chang Kung-pu, president of the China Citizen Card Consortium, also says that the National Card Company will only provide software and hardware system services. The company will never see the public's data. Moreover, it takes system safety very seriously and will build in passwords to prevent theft of the data.

The National Card project is ready to fly, but despite repeated assurances from the RDEC and the fact that it will only combine two functions in its initial stage, the public's opposition remains strong. Government agencies must still give careful consideration to the functions that the card will later include and the potential problems that may result.

X 使用【台灣光華雜誌】APP!
更快速更方便!