The lack of detail in the IMS Bill has made the Committee’s review challenging. The Bill sets out a minimum framework for a regime that will allow the legal use of the identity-matching-services. The regime is supported by existing agreements and legislation and contemplated agreements and policies. These include the IGA, the Privacy Act 1988 and Participation Agreements and Access Policies.
However, a citizen should be able to read a piece of legislation and know what that legislation authorises and what rights and responsibilities the citizen has in relation to that legislation. This is especially important in the case of the IMS Bill which has the potential to affect the majority of the Australian population. It is clear that the IMS Bill does not inform the citizen reader in this way.
Likewise, the lack of detail in the Bill was a problem for submitters. Many resorted to broad analysis of the Bill and, although submitters suggested amendments where they could, submitters usually outlined broad principles that the IMS Bill should address.
Whilst the Committee supports the aims of the IMS Bill, the Bill would need a significant amount of re-drafting and not simple amending to be in a positon where the Committee could fully support the Bill itself.
It is not the Committee’s role to re-draft bills. However, to assist in this re-drafting the Committee has decided to outline a set of broad principles supported by more detailed findings in relation to the IMS Bill. These principles are:
the regime should be built around privacy and transparency,
the regime should be subject to Parliamentary oversight and reasonable, proportionate and transparent functionality, and
the regime should be one that requires reporting on the use of the identity-matching services.
These principles and finding should be used as a template for the re-drafting of the Bill but should not be considered an exhaustive listing of the serious issues the Committee has with the Bill.
The Committee recommends that the Identity-matching Services Bill 2019 be re-drafted taking into account the following principles:
the regime should be built around privacy, transparency and subject to robust safeguards,
the regime should be subject to Parliamentary oversight and reasonable, proportionate and transparent functionality,
the regime should be one that requires annual reporting on the use of the identity-matching services, and
the primary legislation should specifically require that there is a Participation Agreement that sets out the obligations of all parties participating in the identity-matching services in detail.
The Identity-matching Services Bill 2019 should be re-drafted taking into account the Committee’s findings in this report. The Committee notes that the findings alone do not set out all of the matters that would bring the Identity-matching Services Bill 2019 into line with the principles outlined above.
The Committee recommends that, following implementation of recommendation one of this report and subsequent re-introduction to the House, the Identity-matching Services Bill 2019 be referred to the Committee for further review.
Discussion of the broad principles, findings and Committee comment on matters of importance follow.
Biometric systems and privacy
The IMS Bill is the enabling legislation for a new scheme that could permit all levels of government and the private sector unprecedented access to Australian citizens’ private biometric information in the form of a facial image. This access could also be extended to any other type of biometric data. Given the significance of these measures, the Committee considers it preferable that privacy oversight and safeguards are established and set out in this enabling legislation rather than only being provided in supplementary agreements or arrangements.
The Committee accepts that it is not the Government’s intent to set up the identity-matching services scheme without privacy safeguards in place. However, few privacy safeguards are currently set out in the IMS Bill. Rather, they are detailed in the IGA, in the Explanatory Memorandum and in proposed Participation Agreement and Access Policies. None of these materials have the force or protection of legislation. At the time of finalising this report, the Committee had not had access to the proposed Participation Agreement or draft Access Policies to ensure that these deliver the Government’s stated objective.
The Committee also accepts that the Government relies on privacy protections contained within the Privacy Act 1988 and, where it exists, state and territory privacy legislation. However, these safeguards should be specifically referred to in the IMS Bill. The explicit provision of these safeguards is, in the Committee’s view, necessary to provide community assurance of the protection and maintenance of their private information.
As noted above, contemplated Participation Agreements and Access Policies will underpin the regime as envisaged in the IMS Bill. The Committee accepts that this is necessary and that, following passage of the IMS Bill, these agreements and policies may take some time to be drafted or revised and agreed to by parties. The Committee shares the concern of the Office of the Information Commissioner (Queensland) that
instruments that underpin the IMS regime – the Intergovernmental Agreement on Identity Matching Services, Participation, Agreements, Access Policies, the Training Policy, the Compliance Policy, the Charging Policy and Privacy Impact Assessments – run to hundreds of pages, and it may not be realistic to assume that all individual users of IMS will be familiar with the details of these documents. Elevating core intentions, principles and protections into law will help clarify the parameters of the regime, minimise risk of scope creep, and minimise risk of disproportionate privacy incursions.
While the Committee accepts that it is necessary to develop Participation Agreements and Access Policies, the Committee considers that the IMS Bill itself should set out a requirement that the Participation Agreements and Access Policies prescribe (among other things) the roles, rights and minimum obligations of agencies and organisations in relation to their use of identity-matching services. Necessarily, the terms of any Participation Agreement or Access Policy would have to be consistent with the roles, rights and minimum obligations prescribed by the Bill.
Accordingly, the Committee expects that, to ensure transparency, the underlying broad principles of these agreements should be set out in the Bill.
Principle 1 – a regime built around privacy and transparency
It should be a principle of the IMS Bill that the Bill itself:
explicitly sets out a requirement that the Participation Agreements and Access Policies prescribe the roles, rights and minimum obligations of all agencies and organisations in relation to their participation in, access to, and use of, identity-matching services;
require that the terms of any Participation Agreement or Access Policy be consistent with the roles, rights and minimum obligations of users set out in the Bill;
expressly provide that State and Territory governments are not precluded from imposing more stringent access requirements to identity-matching services by State and Territory enforcement agencies than those set out in the IMS Bill; and
require that all Participation Agreements and Access Policies be made public.
Privacy protections should be specified in the Bill
The Committee finds that the IMS Bill should set out and ensure that Australian Government, State and Territory government and non-government users of the identity-matching services are subject to:
the Privacy Act 1988(Cth) and to the Australian Privacy Principles, where these entities are subject to that Act, or
for entities that are not subject to the Privacy Act 1988 (Cth), a written law or agreement providing:
protects personal information in accordance with the Australian Privacy Principles,
is monitored for compliance, and
has a means for an individual to seek recourse if his or her personal information is dealt with in a way contrary to the law or agreement.
The Committee notes that South Australia and Western Australia do not have existing privacy legislation. However, given concerns expressed by some submitters in respect of the adequacy of privacy protections in the IMS Bill, the Committee considers that all users of the identity-matching services should be subject to a law or legally enforceable agreement that protects personal information in accordance with the Australian Privacy Principles – even if that means that some State and Territory jurisdictions may have to enact new privacy legislation in order to satisfy such a requirement. As a matter of principle, the IMS Bill should not enable personal information held by an agency in a jurisdiction with strong, legislated privacy safeguards to be shared with an agency in another jurisdiction where such safeguards may not exist.”
Minimum access requirements should be included in the Bill
The Committee also notes that although it is the Government’s intent that access to identity‑matching services will be subject to Participation Agreements and Access Policies (as stated in the IGA), the IMS Bill is silent on this matter.
The Committee therefore finds that the IMS Bill should be amended to clearly state that access to identity‑matching services is subject to signature of Participation Agreements and Access Policies. The Committee is of the view that this would provide greater clarity of the Commonwealth’s intent in the development and operation of the interoperability hub and the National Driver Licence Facial Recognition Solution.
Further, the Committee finds that the IMS Bill should:
include a requirement that the Participation Agreements set out the roles, rights and minimum obligations of all agencies and organisations in relation to their participation in, access to, and use of, identity-matching services,
require that the terms of any Participation Agreement or Access Policy be consistent with the roles, rights and minimum obligations of users set out in the Bill,
expressly provide that State and Territory governments are not precluded from imposing more stringent access requirements to identity-matching services by State and Territory enforcement agencies than those set out in the IMS Bill, and
require that all Participation Agreements and Access Policies may be made public.
These amendments would provide greater assurance and clarity to the Australian public that any agency or organisation that uses an identity-matching service must satisfy minimum privacy benchmarks as set out in the primary legislation.
Appropriately funded oversight
In considering whether there should be a separate biometrics commissioner in Australia, the Committee noted evidence from the OAIC that the ‘identification information’ captured by the proposed identity-matching services may be classified as either ‘personal information’ or ‘sensitive information’ under the Privacy Act. The Committee notes that many of the entities who will have access to the proposed identity-matching services come under the remit of the Privacy Act, the APPs and the OAIC.
The Department of Home Affairs submitted that it does not support the establishment of a new biometrics commissioner on the ground that the IMS Bill ‘is not seeking to expand the circumstances in which police can collect information from individuals, or govern their use or retention of biometric information’. However, the Committee does not think that the National Driver Licence Facial Recognition Solution and the identity-matching services in the IMS Bill should be considered in isolation from existing biometric databases, such as the National Criminal Investigation DNA Database and the National Automated Fingerprint Identification System. In the Committee’s view, the development of new and existing biometric matching services points to the need for a new oversight mechanism. To that end, the Committee believes that the government should consider the establishment of appropriate oversight to oversee the collection and use of biometric data under Commonwealth legislation. Numerous submitters cited the UK Biometrics Commissioner as a possible model.
The particulars of the new oversight mechanism ought to be the subject of consultation – the Committee finds that the OAIC’s resourcing should be reviewed in order to account for any potential increase in workload that oversight of the identity-matching services.
Notice and consent
The Committee notes the evidence from the Department of Home Affairs that issues around consent and notice will be handled by those entities that collect information. The Committee understands the practical limitations to the Department of Home Affairs checking that each and every request by a local government authority or non-government entity for biometric information has adhered to consent and notification requirements. Given those limitations, it is critical that consent and notice requirements are more clearly defined in the IMS Bill. These requirements should extend to all, not just local, government entities.
The Committee therefore finds that the IMS Bill should include a requirement for the government or non-government entities to provide clear notice to individuals of the collection and use of their identifying information and gain consent for the use of biometric data in the interoperability hub. This would be consistent with the IGA.
It would be unfeasible for certain agencies (such as security agencies) to have to seek consent and that provisions exist in other Acts which exempt these agencies from consent. The Committee therefore finds that the above requirements should be applied unless there is an exemption, for that entity, under Commonwealth, State or Territory law that removes a requirement for consent.
Notice provided to individuals should include the following:
practices undertaken in relation to the face matching services,
the risks to the individual in the event that their biometric data is compromised,
the absence of any enforceable legal remedy if the information is lost or breached,
the jurisdiction and control over the data hosting and usage mechanisms, and
the full list and description of identity-matching systems which may be able to use this data once collected.
In addition, the Committee recommends that the IMS Bill should make clear that, where an individual does not consent for the use of their biometric data, the local government authority or non-government entity must have an alternative means for checking identity—such as a points check via various forms of identification documents—so that an individual is not disadvantaged when seeking local government authority or non-government entity services.
Publication of the Intergovernmental Agreement
The Committee notes the central importance of the IGA to the IMS Bill. The IGA provides a significant amount of additional information into how the identity-matching services will operate. That Committee finds that it is important that the IGA always be available for Australian citizens — those affected by the IMS Bill — to access. The Committee therefore finds that:
the IGA should be publicly accessible at all times (for example, by way of inclusion as a Schedule to the IMS Bill), and
any future revisions to the IMS Agreement be published on the Council of Australian Governments’ website.
Identity-matching services, the interoperability hub and the National Driver License Facial Recognition Solution
As mentioned earlier, it is important that appropriate safeguards around identity-matching services are established in this enabling legislation. The Committee notes the potential for a wide range of biometric markers that could be used for identity verification. Biometrics matching is a relatively new technology whose capability and application is growing exponentially. Therefore, proper oversight and reasonable and proportionate functionality must be the basis on which identity-matching services are provided to appropriate government and non-government entities.
Principle 2 – a regime subject to Parliamentary oversight and reasonable, proportionate and transparent functionality
It should be a principle of the IMS Bill that the regime it creates is subject to Parliamentary oversight and reasonable proportionate and transparent functionality.
New identity information and identity-matching services subject to Parliamentary scrutiny
Currently, the scope of biometrics proposed to be collected and used for the identity matching services regime proposed in the Bill is limited. However the ministerial rule making powers contained in subsections 5(1)(n) and 7(1)(f) of the Bill mean that a Minister could make rules allowing for any number of the biometric markers, such as iris scanning, to be included as identification information that form part of an identity-matching service.
The Committee notes the concerns of the AHRC and the Law Council in relation to these powers.
The Committee also notes that the Department of Home Affairs sought to distinguish the use of rules in the IMS Bill from those discussed by the Committee’s Advisory Report on the Counter-Terrorism Legislation Amendment (Foreign Fighters) Bill 2014.
In light of the evidence that it has considered to date, the Committee does not currently accept that it is appropriate to provide a mechanism for the Minister to add to the definition of identification information or identity-matching services.
The Committee notes the Law Council of Australia’s concern that clause 5(1)(n) could provide an opportunity for a future Minister to enhance the scope of the identity-matching scheme without the need for primary legislation. The Committee also notes the concern of the Victorian Government that, by giving the Minister the rule-making powers that are currently proposed, the IMS Bill provides
scope for going beyond what was agreed in the Intergovernmental Agreement on Identity Matching Services. It is possible that, because of this, a situation may arise where the Commonwealth is authorised to collect information as part of the IMS that Victoria is not authorised to disclose under its legislation or otherwise.
In light of those considerations, the Committee agrees with the Law Council (among others) that clause 5(1)(n) should be deleted so that the definition of identification information can only be amended by primary legislation.
While the Committee accepts that the government does not intend to use the identity-matching services to carry out ‘many-to-many’ or ‘many-to-one’ checks, the Committee also shares the concern of the Office of the Information Commissioner (Queensland) that the power in clause 7(1)(f) could theoretically empower the Minister to allow for this. In the absence of a compelling justification that such a rule-making power is necessary (as opposed to expedient), the Committee considers that clause 7(1)(f) should also be deleted.
However, the Committee notes that the Government will have a further opportunity to provide the Committee with a compelling justification if it maintains that a rule-making power is necessary in this context.
The Committee notes that the deletion of the rule-making powers in clauses 5(1)(n) and 7(1)(f) would ensure any proposal to add to the definition of identification information or identity-matching services is adequately scrutinised, provide proper public assurances and ensure appropriate privacy safeguards are in place.
Reasonable and proportionate functionality
The potential for mass or blanket surveillance
The Committee also considered the concerns raised regarding the potential for using mass or blanket surveillance, such as Close Circuit Television (CCTV), for individual identification. The Committee accepts that this use of identity matching services is not intended in the Bill.
The Committee notes concerns raised throughout the review regarding the activities of ‘gathering intelligence’, ‘verifying the identity of individuals’ and ‘road safety’ and that these activities should not be authorised by the IMS Bill.
The Committee notes that these activities are part of those envisioned by the IGA and, where identity-matching services are used for activities, including verifying identity, by local government authorities or non-government entities, this will only be able to be done with the consent of the individual (see subclause 7(3)).
The inclusion of gathering intelligence, road safety and identity verification activities
Based on the additional privacy and safeguards against misuse included in findings by the Committee in this report, the Committee accepts – in principle – the inclusion of the intelligence gathering, road safety and identity verification activities contemplated by the IMS Bill.
A more proportionate definition of national security
The Committee notes that proposed section 6(4) of the IMS Bill defines the term ‘national security’ by reference to the National Security Information (Criminal and Civil Proceedings) Act 2004. This is a broad definition designed to be interpreted by a sitting judge in circumstances where evidence that may have a national security aspect is being, or is contemplated being, submitted in court. Since the introduction of the IMS Bill to Parliament the passage of the National Security Legislation Amendment (Espionage and Foreign Interference) Act 2018 has inserted a new section 90.4 into the Criminal Code which provides a more constrained definition of ‘national security’.
A constrained definition of national security is more appropriate and proportionate in circumstances where government action, such as the use of the identity-matching services, is contemplated. The Committee notes that the Department of Home Affairs offered no objection to this definition being used. The Committee therefore finds that the IMS Bill should be amended so that the definition of ‘national security’ in section 6(4) refers to section 90.4 of the Criminal Code Act 1995.
Appropriately defining the functionality of the identity-matching services
The Committee shares the concerns of submitters that the functionality of each of the identity-matching services may be included in the IGA, but are not appropriately defined in the IMS Bill itself. The Committee therefore finds that the IMS Bill should be amended to more fully define the operation and functionality of each of the identity-matching services. Such a definition should encompass:
the purpose of the service,
the technology used by the service (eg, which biometric indicators), and
the functionality of the service.
It is the Committee’s view that the use of the Face Verification Service by a non-government entity must only return a “match or no match” response.
The Face Identification Service
The Committee notes the Facial Recognition Service, Face Verification Service, Identity Data Sharing Service and the One Licence Service raised fewer concerns with submitters. These services are generally used to match biometric data for the purposes for which it was collected. The main concerns with these services as proposed in the Bill were in relation to the text of the IMS Bill not according with the intent of the text of the IGA. In addition, the Committee notes the general concern that, in relation to any use of the identity-matching services, the minimum amount of data needed should be returned and, in relation to the Face Verification Service, the Committee notes concerns that data linked to a verified identity could be on sold.
The Committee’s findings of increased privacy safeguards, referencing Access and Participation agreements in the IMS Bill, and more adequately defining the functionality of each of the identity-matching services, should alleviate many of these general concerns.
The Committee notes that the majority of specific concerns were in relation to the Face Identification Service.
The Committee notes that the Face Identification Service is a one-to-many rather than a one-to-one matching system. It is a system that, in addition to the biometric data of a potential suspect in a crime, necessarily makes use of the biometric data of a number of wholly innocent people. As such, the Face Identification Service could be considered a more significant imposition on the privacy of many Australian citizens.
The Committee notes the tension between the rights of Australian citizens to their privacy and the pressures facing law enforcement when investigating crime.
However, the Committee has not been persuaded that it would be inappropriate to require an enforcement agency to obtain a warrant in order to access the Face Identification Service, and therefore requests further advice and briefings from relevant enforcement and security agencies.
The Department of Home Affairs argued against the need for a warrant. In doing so, the Department cited the Attorney-General’s Department Guide to Framing the Commonwealth Offences, Infringement Notices and Enforcement Powers of 2011 which sets out when it is appropriate to require agencies to obtain a warrant. One such circumstance is where there is entry to premises without consent.
In this context, the Committee notes the statement made by Mr John Howell, from the Australian Human Rights Commission, which argues that ‘warrant regimes can be designed, and in fact currently are designed and operated, to allow for warrants to be obtained very quickly in emergency situations and outside business hours overnight. That is quite possible and feasible, and in fact occurs.’
The Committee notes concerns with respect to the power contained in section 8(2)(q) to allow the Minister to give an additional entity the ability to request the provision of the Face Identification Service.
The Committee notes that this power is intended only to be used following a machinery of government, name or legislative change, without having to amend the Act. The Committee further notes that the IMS Bill provides that, before the Minister makes rules prescribing access to the Face Identification Service, the Minister must be satisfied that the authority has one or more of the functions that used to be functions of an authority described in any of paragraphs in proposed section 8(2).
However the Committee considers that access to biometric data amounts to a significant intrusion into privacy and as such requires significant safeguards.
The Committee notes the concerns of submitters in respect of the Minister’s discretion to allow an agency to request access to the Face Identification Service. In particular, while the Minister is required to have regard to certain matters, his or her discretion to allow an agency to request access to the Face Identification Service is not otherwise fettered on the face of the legislation.
The Committee notes the concerns of some submitters in respect of the power contained in section 8(2)(q) to allow the Minister to give an additional entity the ability to request the provision of the Face Identification Service. In the Explanatory Memorandum for the IMS Bill, the Minister stated that the power in clause 8(2)(q) is ‘solely intended’ to allow the agencies listed in clause 8(2) to continue to use the Facial Identification Service ‘following a machinery of government, name or legislative change without having to amend the Act’.
In view of the limited circumstances in which it is intended to be exercised, and having regard to the concerns expressed by submitters, the Committee considers that clause 8(2)(q) should be deleted. There should be no ‘urgent circumstances’ that would warrant an exercise of the ministerial power in clause 8(2)(q). If there is a ‘machinery of government’ legislative amendment, it is the Committee’s view that clause 8(2) ought to be amended by primary legislation at the same time.”
Further, consistent with the existing provisions of the Bill, the Minister must have regard to the factors listed in proposed section 8(3).
The Committee took specific note of the evidence given that the scope of use of the identity-matching services in relation to general law enforcement is different to that contained in the IGA. The Committee also notes the Department of Home Affairs’ inconsistent evidence on this matter.
In relation to general law enforcement, the IGA provides for:
the prevention, detection, investigation or prosecution of an offence under Commonwealth, state and/or territory laws carrying a maximum penalty of not less than three years imprisonment, and
for use by agencies within the same jurisdiction for law enforcement purposes in relation to offences with penalties of less than three years.
This distinction between cross and intra jurisdictional general law enforcement of the Face Identification Service is not reflected in the IMS Bill. The Committee finds that the IMS Bill should be amended so that general law enforcement access to the Face Identification Service is only permitted for the cross jurisdictional prevention, detection, investigation or prosecution of an offence that carries a maximum sentence of not less than three years imprisonment in the jurisdiction in which it is being investigated.
Reasonable and proportionate use of the results of identity-matching information
In addition to privacy, the Committee notes concerns regarding the weight given to identity matching results in judicial proceedings. The IGA outlines that it is not intended that results from identity‑matching services would be used as the sole basis for ascertaining an individual’s identity for evidentiary purposes. The Committee notes that this is not currently clearly established in the IMS Bill and finds that it should be set out clearly in the IMS Bill.
Collection, use, protection and disclosure of identification information and reporting, and review requirements
Clause 19 of the IMS Bill, provides that:
if a law of a State or Territory limits disclosure of some or all identification information by an authority of that State or Territory; but
exempts from that limitation a disclosure authorised by a Commonwealth law,
the relevant authority body or person may disclose to the Department identification information for inclusion in the NDLFRS.
The Committee finds that this clause should be deleted.
The Minister has explained that this is an expediency measure ‘to reduce the number of states and territories that would need to amend their own legislation before Home Affairs could develop the database’.
However, the inclusion of this provision in the Bill is inconsistent with the Intergovernmental Agreement on Identity Matching Services, which provides that legislation enacted in state and territory jurisdictions should authorise states and territories to provide facial images and related identity information to the host of the NDLFRS.
As the state and territory authorities are currently entrusted with safeguarding the identification information that they hold, it should be a matter for state and territory parliaments to expressly authorise the disclosure of that information for the purpose of developing the NDLFRS or making that information available for the purposes of an identity-matching service.
As well as being consistent with the Intergovernmental Agreement on Identity Matching Services, this amendment will serve to build public confidence in the NDLFRS and the identity matching services it facilitates, and give them greater democratic legitimacy.
The Committee received limited evidence in relation to proposed sections 26-30 of the Bill which provide for the delegation of the Secretary’s powers, annual reporting and review of the IMS Bill. However, it is the Committee’s view that clause 29 should be amended to require the Minister to cause a review of the operation of the Act and the provision of identity-matching services within two years of the Act’s commencement.
Although there was a lack of submitted evidence on the topic, the Committee considers that reporting on the use of the identity-matching services is an oversight requirement equally as important as those sections of the IMS Bill that received more attention.
Principle 3 – a regime that requires reporting on the use of the identity-matching services
It should be a principle of the IMS Bill that the regime it creates requires reporting on the use of the identity-matching services.
The Committee has considered the exemption provided to ASIO in relation to exceptions to public statistics reporting under proposed sections 28(1)(a) and (c). Given the sensitive nature of ASIO’s work, the Committee is satisfied that such an exemption is appropriate.
The Committee also notes ASIO’s annual reporting requirements as outlined in section 94 of the Australian Security Intelligence Organisation Act 1979 and finds that it is important and appropriate that ASIO include in its classified annual report statistics reporting as envisioned under proposed sections 28(1)(a) and (c) of the IMS Bill.
The Committee also notes that the Minister has agreed to seek to amend the IMS Bill to provide for annual reporting in relation to the number of instances in which an entrusted person discloses protected information to lessen or prevent a threat to life or health as provided for in section 23 of the IMS Bill.
The Committee notes the commercial confidentiality concerns raised by the Department in relation to private sector users of the identity-matching services. No further detail was provided to the Committee in relation to these concerns. The Committee notes that the general public, by consenting to the use of identity-matching services, will become aware of private sector users of identity-matching services. The Committee is therefore satisfied and finds that this information should be provided in the annual report.
The Committee notes evidence from the Human Rights Law Centre that it is possible to capture and analyse accuracy rates of facial recognition algorithms. Annual reporting of such accuracy rates will serve to give the Australian public confidence in the identity-matching services envisaged by the IMS Bill.
The Committee notes the suggestion that reporting requirements in relation to data breaches could be characterised as a ‘double up’. The Committee considers that, given the intrusive nature of the identity-matching services, people should expect that data breaches in relation to those services, even if reported elsewhere, should be included in an annual report specifically dealing with the identity-matching services.
In relation to security incidents, such as unauthorised access or unauthorised disclosure of identification information, the Committee is not convinced that providing statistical information on such incidents will create a security risk. The Committee notes the Department of Home Affairs’ evidence that this information will be captured and, therefore, should be easily reportable.
The Committee therefore finds that the following should also be included in the annual report required under proposed section 28 of the IMS Bill:
the number of instances in which an entrusted person discloses protected information to lessen or prevent a threat to life or health,
the names of private sector users of the Facial Verification Service,
the accuracy rates of the biometric facial recognition algorithms used by the identity-matching services,
any data breaches notified under the provisions in Part IIIC of the Privacy Act 1988, and
any security incidents in relation to use of the identity-matching services.
Update reporting on all Participation Agreements and Access Policies and their compliance
The Committee notes that much of the detail on the implementation of the IMS Bill will be contained in Participation Agreements and Access Policies under which specific conditions can be placed on use of a particular agency’s data by another entity.
Whilst the Committee accepts that these detailed agreements are not all currently available it finds that, one year after Royal Assent of the IMS Bill, the Department of Home Affairs should provide the Committee with a written update report on all Participation Agreements and Access Policies and their compliance. The Department of Home Affairs should also be available to provide the Parliamentary Joint Committee on Intelligence and Security with a briefing on this report.