Proposed Australian facial recognition system faces criticism over mission creep, vague limitations
Critics of the Australian government’s proposed facial recognition legislation have suggested limitations to the law, such as warrants and a minimum standard for offences it can be applied to. Representatives from the Department of Home Affairs argued against the measures, and rejected the suggestion that the bill exceeds the agreement with state governments on the system’s scope, The Guardian reports.
The Law Council of Australia told a hearing of the Parliamentary Joint Committee on Intelligence and Security that the law could enable facial recognition to be used to prosecute crimes such as jaywalking and littering, which fall outside of its stated purpose. The Council of Australian Governments had agreed to use the technology to investigate crimes punishable by three years or more in prison, the Council said, and asked why the limitation did not appear in the draft legislation. Assistant Secretary for Identity and Biometrics at Home Affairs Andrew Rice responded that the measure would have left out serious offences, including some related to child exploitation.
Human Rights Commissioner Ed Santow said that agency access to the service should require a warrant, but Rice objected that the requirement would slow down agencies that need to be able to respond rapidly to security threats, according to The Guardian. Home Affairs submitted a position to the committee hearing last month that the privacy benefits of requiring warrants would be outweighed by decreased functionality of the system.
Labor senator Jenny McAllister noted that a written submission from Home Affairs said that facial recognition could be used to detect and prosecute traffic offences, Victoria’s state government threatened to pull out of the system altogether, noting that its own laws may prevent it from full participation.
Law Council president Morry Bailes said the current bill should not be supported, as it does not clearly identify what the system will do. The Law Council’s privacy law committee chair Olga Ganopolsky suggested mandatory breach reporting requirements should be included in the law, and expressed concerns that citizen consent for data use would not be valid without more specific information about what they would be consenting to.
Concerns about the expansion of the program beyond its originally stated purpose and parameters have dogged the “Identity-matching services Bill 2018” since it was introduced in parliament.