Australian Information Commissioners call for stronger governance for proposed biometrics programs
The Information Commissioner’s offices for both Victoria and Queensland have expressed concerns about potential scope creep and the need for increased checks and balances with a pair of bills before Australia’s parliament, ITNEWS reports.
The concerns with the government’s Identity-matching Services Bill and the Australian Passports Amendment (Identity Matching Services) Bill were presented to a parliamentary committee reviewing the proposed legislation, though both bodies expressed support for the use of identity matching services in principle. The new laws would formalize the agreement between federal, state, and territory governments to create a system for sharing biometric information, but the Office of the Victorian Information Commissioner (OVIC) and Queensland’s Office of the Information Commissioner (OIC) called for safeguards to be built into the legislation to reduce its reliance on that agreement for allaying governance and privacy concerns, according to iTnews.
The Victorian commissioner said that the proposed laws manage risks to governance processes through the agreements between the parties, and questioned the enforceability of such arrangements. The Victorian commissioner expressed concern about the use of identity-matching services by the private sector and local governments, due to the varied quality of governance and security, and also the “breadth of discretion” the laws would give to a single government minister. “The ability for fundamental controls to be amended without parliamentary oversight may also be problematic,” OVIC said in a submission.
“Elevating core intentions, principles and protections into law will help clarify the parameters of the regime, minimise risk of scope creep, and minimise risk of disproportionate privacy incursions,” the OIC submission says.
The OVIC also said the legislation falls short of transparency standards, and recommended the inclusion of a mechanism for reporting data breaches and system misuse.
Australia’s Digital Transformation Agency recently published a request for tender as it builds it Govpass program for online identity verification and service access.