Bills Digest no. 116 2008–09
AusCheck Amendment Bill 2009
WARNING:
This Digest was prepared for debate. It reflects the legislation as
introduced and does not canvass subsequent amendments. This Digest
does not have any official legal status. Other sources should be
consulted to determine the subsequent official status of the
Bill.
CONTENTS
Passage history
Purpose
Background
Financial implications
Main provisions
Concluding comments
Contact officer & copyright details
Passage history
AusCheck Amendment Bill 2009
Date introduced: 12 March 2009
House: House of Representatives
Portfolio: Attorney-General
Commencement: The day of Royal Assent
Links: The
relevant links to the Bill, Explanatory Memorandum and second
reading speech can be accessed via BillsNet, which is at http://www.aph.gov.au/bills/.
When Bills have been passed they can be found at ComLaw, which is
at http://www.comlaw.gov.au/.
The Bill would amend the AusCheck Act 2007 for two
purposes:
- to expand the range of background checks that AusCheck is able
to undertake to include national security background checks
- to manage the use and disclosure of personal biometric
information for completion of AusCheck background checks.
Background
AusCheck—the Australian Background Checking
Service—is responsible for coordinating the background
criminal and security checks on applicants for Aviation Security
Identification Cards (ASIC) and Maritime Security Identification
Cards (MSIC).
In 2005, the then Australian Government agreed to establish
AusCheck, a new division in the Attorney-General’s
Department, to coordinate checks on people who are required to have
an ASIC or MSIC. The decision to set up AusCheck followed a
recommendation by Sir John Wheeler in his report, An
Independent Review of Airport Security and Policing for the
Government of Australia.[1]
AusCheck commenced operation in September 2007. It maintains a
comprehensive database of all applicants and cardholders for the
aviation and maritime industries and operates on a cost recovery
basis.[2]
The legislative basis for AusCheck is the AusCheck Act
2007. The passage of that legislation through the Parliament
is of some interest in the context of the 2009 Bill.
The AusCheck Bill 2006 was introduced into the Parliament on 7
December and referred to the Senate Standing Committee on Legal and
Constitutional Affairs for inquiry and report by 14 March 2007
(‘the 2007 Senate Committee report’).
In its report, the Senate Committee acknowledged the general
in-principle support for the Bill expressed by the majority of
submissions and witnesses. However the Senate Committee also
expressed concerns about the breadth of the Bill’s
regulation-making power, privacy issues relating to the functions
described in the Bill, and the lack of accountability mechanisms
set out in the Bill.[3] A number of Committee recommendations were accepted by
the Government and incorporated in amendments which were
subsequently passed by the Parliament.[4]
Back to top
The recommendations in the 2007 Senate Committee report relating
to the broad regulation making power are of interest in the context
of the 2009 Bill.
The original 2006 Bill would have allowed the Government to
implement by way of regulations alone, a wide range of background
checking schemes – related to any activities within a
constitutional head of power – without the authorisation of
any other primary legislation. The Senate Committee and many
submissions to the inquiry did not consider this appropriate. The
Committee was of the view that the particulars of any schemes
beyond the ASIC and MSIC schemes should ideally be set out in
primary legislation.[5] On the basis of this recommendation, the Bill was
subsequently amended so that the scope for the AusCheck scheme was
limited to background checking for the Aviation Transport
Security Act 2004 and the Maritime Transport and
Offshore Facilities Act 2003. The addition of any further
background checking functions to the AusCheck scheme could
therefore only be done through amendment to the AusCheck Act.
Given this background, it is of interest that the main purpose
of the 2009 AusCheck Bill is to allow by way of regulations,
expansion of the range of background checks that AusCheck is able
to undertake to include national security background
checks.[6] Arguably
the relevant provisions in the Bill have been drafted quite broadly
to give a wide scope to this power. The relevant sections are
described below.
The Explanatory Memorandum states that the Bill will have
negligible financial implications.[7]
The amendments proposed in the Bill fall into two categories
corresponding to the two main purposes of the Bill, namely national
security background checks and use and disclosure of biometric
information. The Digest deals with the amendments according to
these two categories rather than in item number sequence.
Under section 8 of the AusCheck Act the regulations may provide
for the establishment of background checking schemes. The scope for
the AusCheck scheme is currently limited to background checking for
the Aviation Transport Security Act 2004 and the
Maritime Transport and Offshore Facilities Act
2003. Item 7 is the central amendment. It
would amend section 8 to broaden the range of background checking
schemes to include national security background checking schemes.
Under proposed paragraph 8(c) regulations could
provide for the establishment of background checking schemes for
purposes related to:
- Australia’s national security
- the defence of Australia
- a national emergency
- the prevention of conduct to which Part 5.3 of
Chapter 5 of the Criminal Code applies (i.e.
terrorism offences)
- the executive power of the Commonwealth, or
- matters incidental to the execution of any of the legislative
powers of the Parliament or the executive power of the
Commonwealth.
The new definition of ‘national security background
check’ in relation to an individual means a background
check performed for one of these six purposes (item
2, inserted into subsection 4(1)).
Back to top
Comment
Arguably paragraph 8(c) has been drafted broadly, particularly
in relation to the phrase ‘matters incidental to the
execution of any of the legislative powers of the Parliament or the
executive power of the Commonwealth’. The Explanatory
Memorandum and Minister’s Second Reading Speech to the Bill
do not explain the need for such a broad Constitutional coverage.
Given the concern about the 2006 Bill and its broad regulation
making power, Parliament may wish to ask why this provision needs
to be drafted so broadly.
Section 9 of the AusCheck Act allows regulations to provide for
the details of the AusCheck scheme of background checking. In
particular paragraph 9(1)(i) provides that the scheme can deal with
matters relating to the establishment and provision of an online
verification service. The online verification service is currently
restricted to verifying aviation security identification cards and
maritime security identification cards. Item 8
would amend the description of the online verification service so
that it could include verification that an individual has undergone
a national security background check (paragraphs
9(1)(iii) and (iv)).
Paragraph 13(c) deals amongst other things with the
establishment of an online verification service. Item
12 is a consequential amendment resulting from the
inclusion of the national security background check capacity. It
would amend paragraph 13(c) allowing that the online verification
service could be used in relation to verification of a national
security background check.
Item 9 makes an amendment to section 9
clarifying the meaning of ‘consent’ in the context of
background checks. An individual is taken to have given consent to
another person making an application for a background check if the
individual has applied for a particular card, licence, permit or
authorisation and before making the application has been advised
that a background check was a precondition to the issuing of the
card, licence, permit or authorisation.[8]
The Bill sets up a new regime for use and disclosure of
biometric data, or, as it is called ‘identity
verification information’.
Item 1 inserts a definition of
‘identity verification information’ to mean
AusCheck scheme personal information consisting of the
individual’s fingerprints or other biometric data about the
individual, but does not include a photograph of the individual.
The rationale for the exclusion of photographs is that it is
necessary for the operation of the online verification service. The
Explanatory Memorandum states:
For example, an authorised user may need to use
the online verification service in order to visually compare the
photograph of an individual recorded on the databases as holding an
ASIC and the individual who is presenting that ASIC.[9]
Biometric data is not defined in the Bill and will therefore
take on its ordinary meaning.[10]
Section 13 of the Act authorises, for the purposes of the
Privacy Act, the collection, use and disclosure of personal
information for specified purposes related to the operation of the
AusCheck scheme. The use of personal information that is authorised
by section 13 is for purposes:
- directly related to conducting a background check, or advising
on the outcome of a background check in relation to the person to
whom the personal information applies, and for updating information
about that person, and
- of providing online verification services.
Item 13 would add a new
subsection 13(2) providing that the collection, use and
disclosure of identity verification information is
authorised for the purposes of the Privacy Act if:
- it is directly necessary for the purpose of verifying the
identity of an individual who is undergoing a background check
under the AusCheck scheme, and
- where the information is only used or disclosed to the extent
necessary for this purpose.
Items 14 to 19 amend section
14. This section allows AusCheck to establish and maintain a
database of information relating to background checks and also sets
out the purposes for which information in the database may be used
or disclosed. The amendments in items 14 to
19 would provide two separate use and disclosure
regimes— one for ‘identity verification
information’ and one for all other personal information. The
amendments provide that ‘identity verification
information’ (i.e. finger prints and other biometric data) is
given a different and enhanced protection to other personal
information. In short identity verification information
may only be used or disclosed for the purpose of verifying the
identity of an individual for a further background check under the
AusCheck scheme (item 17, proposed subsection
14(2AB). In contrast, AusCheck personal information
other than identity verification information may be used
for a wider range of purposes including responding to an incident
that poses a threat to national security or the collection,
correlation analysis or dissemination of criminal intelligence by
the Commonwealth, or by a law enforcement or national security
Commonwealth authority for law enforcement or national security
purposes (item 14, proposed subsections 14(2) and
14(2A)). Note that these purposes are not new and
exist in the current Act at existing paragraph 14(2)(b).[11]
Subsection 14(3) authorises the use of de-identification of
information derived from the AusCheck database for the purposes of
research, government and/or industry planning. Item
19 ensures that ‘identity verification
information’ may not be de-identified for such purposes.
Back to top
Concluding Comments
The Bill is short, although not necessarily insignificant. As
indicated above, it is introducing a broader regulation making
power in relation to setting up new background checking schemes.
This particular power had previously caused some concern to the
Senate Committee inquiring into the original AusCheck Bill of 2006
and resulted in quite significant amendment to that Bill. While the
current 2009 Bill and its explanatory materials suggest that this
regulation making power is to be extended only to national security
background checks, Parliament may wish to ask for further
explanation on the broad drafting of the new provision.
In relation to the authority to collect, use and disclose
biometric data, that too is a significant change. The Bill does
provide a separate regime regarding protection of biometric data
and Parliament should ensure that this protection is adequate. The
Australian Law Reform, in a discussion paper on privacy, recently
quoted the Council of Europe who has cautioned that biometric
systems should not be implemented for the mere sake of convenience.
The Council has recommended that before introducing a biometric
system
The controller should balance the possible
advantages and disadvantages for the data subject’s private
life on the one hand and the envisaged purposes on the other hand,
and consider possible alternatives that are less intrusive for
private life.[12]
[5].
The Committee therefore recommended
that subclause 5(d), paragraph 8(1)(c) and clause 10 of the 2006
Bill be removed. Report, paragraph 3.93.
Mary Anne Neilsen
18 March 2009
Bills Digest Service
Parliamentary Library
© Commonwealth of Australia
This work is copyright. Except to the extent of uses permitted
by the Copyright Act 1968, no person may reproduce or transmit any
part of this work by any process without the prior written consent
of the Parliamentary Librarian. This requirement does not apply to
members of the Parliament of Australia acting in the course of
their official duties.
This work has been prepared to support the work of the Australian
Parliament using information available at the time of production.
The views expressed do not reflect an official position of the
Parliamentary Library, nor do they constitute professional legal
opinion.
Feedback is welcome and may be provided to: web.library@aph.gov.au. Any
concerns or complaints should be directed to the Parliamentary
Librarian. Parliamentary Library staff are available to discuss the
contents of publications with Senators and Members and their staff.
To access this service, clients may contact the author or the
Library’s Central Entry Point for referral.
Back to top