Committee recommends Australia set up biometric data security oversight body
Australia’s Parliamentary Joint Committee on Law Enforcement has recommended that the government to set up an oversight body for biometric data security, develop biometric data security breach protocols, and increase its transparency about the nature of its facial recognition program and the process for avoiding false matches.
A report (PDF) on the impact of new and emerging information and communications technology contains 15 wide-ranging recommendations over 126 pages, including an establishing an ICT task force and launching initiatives to improve tech skills and capabilities within the government. It also suggests an initiative to increase IoT security awareness, reviews of legislation to keep it up to date, and the consideration of hybrid storage facilities and advanced techniques such as artificial intelligence for handling and analysing large volumes of data.
The report notes that privacy advocates told the committee that the expansion of data collection and sharing by law enforcement and security agencies has occurred without a parallel expansion in independent oversight. To that end, a “regime to detect, audit, report on, respond to and guard against” biometric data security risks is called for. The committee also says additional technical information should be released about the facial matching scheme to inform the public and “allow informed debate about its use and future database links.”
Australia’s Home Office declined to identify the technology provider for its Face Identification Service (FIS) when it purchased the biometric algorithm last year, claiming the non-disclosure reduces “the potential vectors of attack,” as ZDNet reported at the time. Despite insisting that the system is highly accurate, Home Affairs has been forced to repeatedly defend the legislation underpinning the new system against concerns that it is overly broad.