Peter Dutton’s Department of Home Affairs (DOHA) will have to rewrite proposed face-matching legislation after a Parliamentary review blocked a proposed bill that would have given government agencies China-like blanket surveillance powers.
After months of weighing evidence and more than three dozen submissions, the bipartisan Parliamentary Joint Committee on Intelligence and Security (PJCIS) review concluded that the proposed Identity-Matching Services Bill 2019 and Australian Passports Amendment (Identity-matching Services) Bill 2019 should not proceed in their current form.
Matching services would be provided by the $18.5m National Facial Biometric Matching Capability (NFBMC), an online database that was last month populated with all Victorians’ driver’s license photos and will eventually include the photo and details of every Australian driver.
The controversial system has been welcomed by the likes of ASIO, which has worked closely with DOHA to bring the NFBMC to fruition.
That intelligence agency said in its submission that Australian interests face an “unprecedented” level of foreign intelligence activity that has become “an enduring and increasingly complex feature of the security landscape in Australia.”
“The ability to clearly verify an individual’s identity or identify an unknown individual is central to being able to make an accurate assessment as to their relevance to security…. ASIO intends to use the capability… in a timely and accurate manner.”
Minister ignored well-understood risks
The potential risks of NFBMC were recognised early on.
A 2015 privacy impact assessment, commissioned by the Attorney-General’s Department (AGD) to evaluate the technological architecture for the then-proposed system, noted that it was designed “to facilitate secure, accountable sharing of facial images and other relevant information”.
“Biometric information is widely considered to be intrinsically sensitive and agencies’ use of biometric matching techniques, if not well managed, could cause significant problems for individuals through mismatches, stigmatisation and inability to gain easy redress.”
Earlier this year, the AGD signed a memorandum of understanding with the Office of the Australian Information Commissioner to conduct privacy assessments on the evolving system.
Despite these investigations, however, the PJCIS concluded that the proposed system was neither secure nor accountable – warning in its final report that the “profound” privacy implications of such a system “do not appear to have even been considered by the Minister for Home Affairs or by his department”.
The wording of the bills “includes almost no limitations or safeguards at all” to restrict the situations where the new legislation could be applied.
This would give government agencies – and certain non-government bodies – carte blanche to use increasingly pervasive biometric monitoring to identify citizens.
With Dutton recently calling for disruptive climate change activists to be jailed, publicly shamed and barred from accessing welfare benefits, the committee was concerned that an unchecked NFBMC could turn it into a tool for enforcing increasingly intrusive policies against legal activities.
Shadow attorney-general Mark Dreyfus raised concerns about the government’s “abysmal record on cybersecurity” and said in a statement that Dutton’s “authoritarian disposition” raised concerns because “as drafted, the bill would not prohibit authorities from using the proposed face-matching services to identify individuals.”
“I do not believe that the government is proposing to engage in or to facilitate the mass surveillance of Australians,” he added.
However, “given the near complete absence of legislated safeguards in the Identity-Matching Services Bill 2019, those concerns cannot simply be ignored.”
“If there is no intention for the proposed identity-matching services to be used to engage in mass surveillance activities, the government should not object to amending the bill to ensure that those services cannot, as a matter of law, be used in that manner.”
Pulling back on pervasive surveillance
The Law Council of Australia welcomed the report’s recommendations for greater safeguards that, it said, would “ensure Australia’s national security legislation is not only solid, but also proportionate and operating according to the rule of law.”
“There is an urgent need for appropriate and legislated boundaries to govern its application and ensure robust and independent oversight,” president Arthur Moses said in a statement.
“This is critical as Australia lacks human rights and data protection frameworks to act as a check and balance.”
Concerns about a lack of explicit controls are more than academic.
Technological improvements have made an Orwellian surveillance state a practical reality in recent years, with privacy advocates increasingly concerned about the ease with which citizens’ privacy can be violated.
One Briton recently sued that country’s government for violating his privacy through indiscriminate surveillance, which has been on the United Nations Human Rights Council’s radar for years.
Increasingly accurate facial-recognition algorithms are being supported by ever-better imaging technology and even Australian universities reviewing their affiliations with China’s growing surveillance culture, which has become the worst-case scenario for intrusive face recognition capabilities.
Increasingly pervasive surveillance systems allow Chinese authorities to monitor citizens’ behaviour, with artificial intelligence routines monitoring behaviour and identifying citizens to facilitate the government’s points-based Social Credit System.
A new Chinese-developed 500MP camera could take the idea to a whole new level with the ability to photograph a crowd of thousands at high enough resolution to accurately recognise every person in the gathering.