Plan for massive facial recognition database sparks privacy concerns

The Guardian

If you've had a driver's licence photo or passport photo taken in Australia in the past few years, it's likely your face will end up in a massive new national network the federal government is trying to create. Victoria and Tasmania have already begun to upload driver's licence details to state databases that will eventually be linked to a future national one. Legislation before federal parliament will allow government agencies and private businesses to access facial IDs held by state and territory traffic authorities, and passport photos held by the foreign affairs department. The justification for what would be the most significant compulsory collection of personal data since My Health Record is cracking down on identity fraud. The home affairs department estimates that the annual cost of ID fraud is $2.2bn, and says introducing a facial component to the government's document verification service would help prevent it.


Home Affairs exempt from disclosing Face Identification Service provider

ZDNet

The Department of Home Affairs has told a Parliamentary Joint Committee on Intelligence and Security that it has purchased a facial recognition algorithm from a vendor to be used for Australia's Face Identification Service (FIS). Notification on almost all goods and services procured by the Australian government is published for public consumption, but the department told the joint committee on Thursday that it will remain tight-lipped on the vendor contracted after receiving immunity. "The FIS enlivens significantly a threat to assumed identities, so that's security and law enforcement covert operatives and witnesses under protection, so we received an exemption under the Commonwealth procurement rules to not publish the identity, the name of the vendor that's providing the facial recognition service," Assistant Secretary of Identity Security Andrew Rice explained. Rice told the joint committee that as all of the vendors providing biometric or facial recognition services use different algorithms, naming the vendor employed would potentially increase the threat of attack. The Australian government in February introduced two Bills into the House of Representatives that would allow for the creation of a system to match photos against identities of citizens stored in various federal and state agencies: The Identity-matching Services Bill 2018 (IMS Bill) and the Australian Passports Amendment (Identity-matching Services) Bill 2018.


Victoria threatens to pull out of facial recognition scheme citing fears of Dutton power grab

The Guardian

Victoria has threatened to pull out of a state and federal government agreement for the home affairs department to run a facial recognition system because the bill expands Peter Dutton's powers and allows access to information by the private sector and local governments. In October the Council of Australia Governments agreed to give federal and state police real-time access to passport, visa, citizenship and driver's licence images for a wide range of criminal investigations. The identity matching services bill, introduced in February, enables the home affairs department to collect, use and disclose identification information including facial biometric matching. In a submission to the parliamentary joint committee on intelligence and security, the Victorian special minister of state, Gavin Jennings, warned that the bill provided "significant scope" for the home affairs minister to expand his powers beyond what was agreed. This includes the ability to collect new types of identification information and expand identity matching services.


DFAT backs automation of awful manual process for facial verification

ZDNet

The process of biometric verification of passport information is currently completed manually within the Australian Department of Foreign Affairs and Trade (DFAT), and it has a number of significant drawbacks. Writing in a submission [PDF] made public on Friday, the department said it presently responds manually to email requests from other departments to verify information. The emails contain a request form, and as a check, the department said it only accepts requests from government email domains. If the requester asserts they have authority to send the request, and the desk-level DFAT staff member has to question to believe that assertion is incorrect, the request proceeds. "The department does not have the specialist law enforcement expertise needed to assess the merits of the requests it receives, and does not seek information on this from other agencies," it said.


Government reveals draft digital identity framework

ZDNet

The Australian government has unveiled the public draft of its Trusted Digital Identity Framework for how citizens' digital identity information must be managed, which it said would sit alongside its Govpass digital platform.