Bills Digest no. 116 2008–09
AusCheck Amendment Bill 2009
WARNING:
This Digest was prepared for debate. It reflects the legislation as introduced
and does not canvass subsequent amendments. This Digest does not have
any official legal status. Other sources should be consulted to determine
the subsequent official status of the Bill.
CONTENTS
Passage history
Purpose
Background
Financial implications
Main provisions
Concluding comments
Contact officer & copyright details
Passage history
AusCheck
Amendment Bill 2009
Date introduced: 12 March 2009
House: House of Representatives
Portfolio: Attorney-General
Commencement: The day of Royal Assent
Links: The relevant links to the Bill, Explanatory Memorandum
and second reading speech can be accessed via BillsNet, which is at http://www.aph.gov.au/bills/. When Bills have been passed they can
be found at ComLaw, which is at http://www.comlaw.gov.au/.
The Bill would amend the AusCheck Act 2007 for two
purposes:
- to expand the range of background checks that AusCheck is able to
undertake to include national security background checks
- to manage the use and disclosure of personal biometric
information for completion of AusCheck background checks.
Background
AusCheck—the Australian Background Checking Service—is
responsible for coordinating the background criminal and security checks on
applicants for Aviation Security Identification Cards (ASIC) and Maritime
Security Identification Cards (MSIC).
In 2005, the then Australian Government agreed to establish
AusCheck, a new division in the Attorney-General’s Department, to coordinate
checks on people who are required to have an ASIC or MSIC. The decision to set
up AusCheck followed a recommendation by Sir John Wheeler in his report, An
Independent Review of Airport Security and Policing for the Government of
Australia.[1]
AusCheck commenced operation in September 2007. It maintains
a comprehensive database of all applicants and cardholders for the aviation and
maritime industries and operates on a cost recovery basis.[2]
The legislative basis for AusCheck is the AusCheck Act
2007. The passage of that legislation through the Parliament is of some
interest in the context of the 2009 Bill.
The AusCheck Bill 2006 was introduced into the Parliament on
7 December and referred to the Senate Standing Committee on Legal and
Constitutional Affairs for inquiry and report by 14 March 2007 (‘the 2007
Senate Committee report’).
In its report, the Senate Committee acknowledged the general
in-principle support for the Bill expressed by the majority of submissions and
witnesses. However the Senate Committee also expressed concerns about the
breadth of the Bill’s regulation-making power, privacy issues relating to the
functions described in the Bill, and the lack of accountability mechanisms set
out in the Bill.[3] A number of Committee recommendations were accepted by the Government and
incorporated in amendments which were subsequently passed by the Parliament.[4]
The recommendations in the 2007 Senate Committee report relating
to the broad regulation making power are of interest in the context of the 2009
Bill.
The original 2006 Bill would have allowed the Government to
implement by way of regulations alone, a wide range of background checking
schemes – related to any activities within a constitutional head of power –
without the authorisation of any other primary legislation. The Senate
Committee and many submissions to the inquiry did not consider this
appropriate. The Committee was of the view that the particulars of any schemes
beyond the ASIC and MSIC schemes should ideally be set out in primary
legislation.[5] On the basis of this recommendation, the Bill was subsequently amended so that the
scope for the AusCheck scheme was limited to background checking for the Aviation
Transport Security Act 2004 and the Maritime Transport and
Offshore Facilities Act 2003. The addition of any further background
checking functions to the AusCheck scheme could therefore only be done through amendment
to the AusCheck Act.
Given this background, it is of
interest that the main purpose of the 2009 AusCheck Bill is to allow by way of
regulations, expansion of the range of background checks that AusCheck is able
to undertake to include national security background checks.[6] Arguably the relevant provisions in the Bill have been drafted quite broadly to
give a wide scope to this power. The relevant sections are described below.
The Explanatory Memorandum
states that the Bill will have negligible financial implications.[7]
The amendments proposed in the Bill fall into two categories
corresponding to the two main purposes of the Bill, namely national security
background checks and use and disclosure of biometric information. The Digest
deals with the amendments according to these two categories rather than in item
number sequence.
Under section 8 of the AusCheck Act the regulations may provide
for the establishment of background checking schemes. The scope for the
AusCheck scheme is currently limited to background checking for the Aviation
Transport Security Act 2004 and the Maritime Transport and
Offshore Facilities Act 2003. Item 7 is the central amendment. It would
amend section 8 to broaden the range of background checking schemes to include national
security background checking schemes. Under proposed paragraph 8(c) regulations
could provide for the establishment of background checking schemes for purposes
related to:
- Australia’s national security
- the defence of Australia
- a national emergency
- the prevention of conduct to which Part 5.3 of
Chapter 5 of the Criminal Code applies (i.e. terrorism offences)
- the executive power of the Commonwealth, or
- matters incidental to the execution of any of the legislative
powers of the Parliament or the executive power of the Commonwealth.
The new definition of ‘national security background
check’ in relation to an individual means a background check performed for
one of these six purposes (item 2, inserted into subsection 4(1)).
Comment
Arguably paragraph 8(c) has been drafted broadly,
particularly in relation to the phrase ‘matters incidental to the execution of
any of the legislative powers of the Parliament or the executive power of the
Commonwealth’. The Explanatory Memorandum and Minister’s Second Reading Speech to
the Bill do not explain the need for such a broad Constitutional coverage. Given
the concern about the 2006 Bill and its broad regulation making power, Parliament
may wish to ask why this provision needs to be drafted so broadly.
Section 9 of the AusCheck Act allows regulations to provide
for the details of the AusCheck scheme of background checking. In particular
paragraph 9(1)(i) provides that the scheme can deal with matters relating to
the establishment and provision of an online verification service. The online
verification service is currently restricted to verifying aviation security
identification cards and maritime security identification cards. Item 8 would amend the description of the online verification service so that it could
include verification that an individual has undergone a national security
background check (paragraphs 9(1)(iii) and (iv)).
Paragraph 13(c) deals amongst other things with the
establishment of an online verification service. Item 12 is a
consequential amendment resulting from the inclusion of the national security background
check capacity. It would amend paragraph 13(c) allowing that the online
verification service could be used in relation to verification of a national
security background check.
Item 9 makes an amendment to section 9 clarifying the
meaning of ‘consent’ in the context of background checks. An individual is
taken to have given consent to another person making an application for a
background check if the individual has applied for a particular card, licence,
permit or authorisation and before making the application has been advised that
a background check was a precondition to the issuing of the card, licence,
permit or authorisation.[8]
The Bill sets up a new regime for use and disclosure of biometric
data, or, as it is called ‘identity verification information’.
Item 1 inserts a definition of ‘identity
verification information’ to mean AusCheck scheme personal information
consisting of the individual’s fingerprints or other biometric data about the
individual, but does not include a photograph of the individual. The rationale
for the exclusion of photographs is that it is necessary for the operation of
the online verification service. The Explanatory Memorandum states:
For example, an authorised user may need to use the online
verification service in order to visually compare the photograph of an
individual recorded on the databases as holding an ASIC and the individual who
is presenting that ASIC.[9]
Biometric data is not defined in the Bill and will therefore
take on its ordinary meaning.[10]
Section 13 of the Act authorises, for the purposes of the
Privacy Act, the collection, use and disclosure of personal information for
specified purposes related to the operation of the AusCheck scheme. The use of
personal information that is authorised by section 13 is for purposes:
- directly related to conducting a background check, or advising on
the outcome of a background check in relation to the person to whom the
personal information applies, and for updating information about that person,
and
- of providing online verification services.
Item 13 would add
a new subsection 13(2) providing that the collection, use and disclosure
of identity verification information is authorised for the purposes of
the Privacy Act if:
- it is directly necessary for the purpose of verifying the
identity of an individual who is undergoing a background check under the
AusCheck scheme, and
- where the information is only used or disclosed to the extent
necessary for this purpose.
Items 14 to 19 amend section 14. This section allows
AusCheck to establish and maintain a database of information relating to
background checks and also sets out the purposes for which information in the
database may be used or disclosed. The amendments in items 14 to 19 would provide two separate use and disclosure regimes— one for ‘identity
verification information’ and one for all other personal information. The
amendments provide that ‘identity verification information’ (i.e. finger prints
and other biometric data) is given a different and enhanced protection to other
personal information. In short identity verification information may
only be used or disclosed for the purpose of verifying the identity of an
individual for a further background check under the AusCheck scheme (item
17, proposed subsection 14(2AB). In contrast, AusCheck personal information other than identity verification information may be used for a wider
range of purposes including responding to an incident that poses a threat to
national security or the collection, correlation analysis or dissemination of
criminal intelligence by the Commonwealth, or by a law enforcement or national
security Commonwealth authority for law enforcement or national security
purposes (item 14, proposed subsections 14(2) and 14(2A)). Note
that these purposes are not new and exist in the current Act at existing paragraph
14(2)(b).[11]
Subsection 14(3) authorises the use of de-identification of
information derived from the AusCheck database for the purposes of research,
government and/or industry planning. Item 19 ensures that ‘identity
verification information’ may not be de-identified for such purposes.
Concluding
Comments
The Bill is short, although not necessarily insignificant.
As indicated above, it is introducing a broader regulation making power in
relation to setting up new background checking schemes. This particular power had
previously caused some concern to the Senate Committee inquiring into the
original AusCheck Bill of 2006 and resulted in quite significant amendment to
that Bill. While the current 2009 Bill and its explanatory materials suggest
that this regulation making power is to be extended only to national security
background checks, Parliament may wish to ask for further explanation on the
broad drafting of the new provision.
In relation to the authority to collect, use and disclose
biometric data, that too is a significant change. The Bill does provide a
separate regime regarding protection of biometric data and Parliament should ensure
that this protection is adequate. The Australian Law Reform, in a discussion
paper on privacy, recently quoted the Council of Europe who has cautioned that
biometric systems should not be implemented for the mere sake of convenience.
The Council has recommended that before introducing a biometric system
The controller should balance the possible advantages and
disadvantages for the data subject’s private life on the one hand and the
envisaged purposes on the other hand, and consider possible alternatives that
are less intrusive for private life.[12]
[5]. The Committee therefore recommended that
subclause 5(d), paragraph 8(1)(c) and clause 10 of the 2006 Bill be removed.
Report, paragraph 3.93.
Mary Anne Neilsen
18 March 2009
Bills Digest Service
Parliamentary Library
© Commonwealth of Australia
This work is copyright. Except to the extent of uses permitted by the
Copyright Act 1968, no person may reproduce or transmit any part of this
work by any process without the prior written consent of the Parliamentary
Librarian. This requirement does not apply to members of the Parliament
of Australia acting in the course of their official duties.
This work has been prepared to support the work of the Australian Parliament
using information available at the time of production. The views expressed
do not reflect an official position of the Parliamentary Library, nor
do they constitute professional legal opinion.
Feedback is welcome and may be provided to: web.library@aph.gov.au.
Any concerns or complaints should be directed to the Parliamentary Librarian.
Parliamentary Library staff are available to discuss the contents of publications
with Senators and Members and their staff. To access this service, clients
may contact the author or the Library’s Central Entry Point for
referral.
|
