Passports in the cloud? What could possibly go wrong?

The wonderful thing about the cloud is, or at least was, that it's magic. Five years ago, merely saying that you were doing something in the cloud made you sound like you were from the future. Who needs technical details, right? Just accelerate your journey to the cloud!

Cloud magic doesn't work any more, though. We've learned that cloud magic is really just web services under another name, and that the cloud is just other people's computers, somewhere ... stop asking me questions.

There isn't actually any cloud magic at all. We still need to make the same old decisions about trust, security, and risk management, just with a different technical architecture. And a different billing cycle.

Except politicians.

Cloud magic still works for politicians, as illustrated by Thursday's news that Australia is considering putting passports in the cloud.

"Under a cloud passport, a traveller's identity and biometrics data would be stored in a cloud, so passengers would no longer need to carry their passports and risk having them lost or stolen," reported the Sydney Morning Herald's Latika Bourke in a story marked "EXCLUSIVE".

"The idea of cloud passports is the result of a hipster-style-hackathon held at the Department of Foreign Affairs, which culminated in an X-Factor style audition before the secretary Peter Varghese, Foreign Affairs Minister Julie Bishop, Assistant Minister Steve Ciobo and Chris Vein from the World Bank."

I'm not quite sure why this story is exclusive, because public policy news site The Mandarin reported on cloud passports back in June. I guess that's why the Sydney Morning Herald was a bit vague about when the hipster-style-hackathon actually happened.

Only two things seem to have happened with the cloud passport idea in the intervening four months.

One, cloud passports have moved from hackathon thought-bubble, to Australia and New Zealand being "in discussions about trialling" the idea. What that means in concrete terms is anyone's guess.

Two, foreign minister Bishop has started talking up the idea. "We think it will go global," she's reported as saying. When you think about it, that isn't such a bad thing for a passport system.

Another not-bad thing for a passport system is security, so it's good to see security being mentioned. The problem is, a mention is all it gets.

"Ms Bishop acknowledged there were security requirements which would have to be met in order to store biometrics in the cloud," the SMH reports.

When Bishop was subsequently questioned by reporters, she reinforced the security message with a few more vague statements. She also watered down her enthusiasm for cloud passports.

"We're in discussions with New Zealand and if we're able to put in place the appropriate requirements, including security, then it's something we'd like to trial and implement," Bishop is reported by SBS News/AAP as having said.

"Australia prides itself on having one of the most secure passports in the world, but by embracing and harnessing new technologies, we might be able to do better."

Australians would be assured of "absolute security", apparently -- words which could well come back to haunt the foreign minister -- and that passport-less travel might happen "one day".

Suddenly everything is a little less definite than the SMH's "EXCLUSIVE".

Policy hackathons are the Contiki tours of policy development. Whether it's 11 countries in 15 days, or 10 policy ideas on a fun-filled Saturday, there's no depth to it -- no real understanding of a society, or of social issues, or of anything, really. It's just loud, pumped-up superficiality, with the resulting mess left for someone else to clean up.

"The minister spruiked the idea [of cloud passports] as part of the Turnbull government's innovation push," that AAP report said. Yes. Yes, she did.

Information security professionals have been telling us for years that security isn't something you add as an afterthought, but something you have to consider as an integral part of your system design from the very beginning.

But Foreign Minister Julie Bishop would seem to prefer to skip all that. She'd prefer to announce a change to the passport system -- a core component of "border security", remember -- as part of the Turnbull government's we-are-hip-with-the-tech spin, and leave security as something for someone else to address later.

Thanks, Minister Julie 'Contiki' Bishop. Thanks a bunch.