The Senate may seek changes to proposed legislation that would substantially expand the power of Australian officials to collect biometric personal identifiers from specified non-citizens.
A Senate Committee has expressed concerns about the adequacy of privacy and human rights protections in the Bill, which has just been passed in the House of Representatives. They have urged the Government to scrap provisions setting out storage, security retention and destruction requirements for the information collected, and instead consider adopting Eurodac, an automated fingerprint identification system under trial in the European Union.
Immigration Minister Philip Ruddock has denied the Bill provides insufficient privacy and human rights safeguards but says the Government will look at the concerns expressed by the Senate “at an appropriate time.”
The Migration Legislation Amendment (Identification and Authentication) Bill 2003 is designed to address the issue of identity fraud via amendments to the Migration Act that would allow numerous personal identifiers or biometric data to be forcibly collected from non-Australian citizens entering or exiting the country, whether officially or as unauthorised arrivals. The long list of identifiers include fingerprints and handprints, measurements of height and weight, audio and video recordings — including 3D photographs — iris scans and others as yet undetermined. The only identifiers specifically excluded by the legislation are those that involve intimate forensic testing, such as the taking of blood samples or DNA swabs. The biometrics could be collected by force, with some limitations.
The proposed legislation provides a framework for how this information can be collected, stored and used and would apply to non-citizens in immigration detention; non-citizens who apply for visas, or who are to be granted visas; non-citizens who enter and depart Australia, or travel on an overseas vessel from port to port in Australia; non-citizens in questioning detention; as well as persons in Australia who are known or reasonably suspected to be non-citizens.
Immigration Minister Philip Ruddock says the legislation is needed to combat identity fraud and contains a range of safeguards.
A spokesman for Shadow Immigration Minister Nicola Roxon says the ALP supports the aims of the Bill but may seek changes, while the Democrats have urged the Government to give serious consideration to the serious concerns raised in their dissenting Senate report.
Opposition parties are also upset that the Bill was introduced to the House before the Senate Legal and Constitutional Legislation Committee tabled its report. Lawyers as well as privacy and refugee advocates had urged significant changes to the Bill during the recent, rushed Senate Committee Inquiry.
The Australian Democrats in a dissenting report expressed serious concerns about the use of biometric identification technology proposed by the bill. They quote Federal Privacy Commissioner Malcolm Crompton’s comments that the Bill “enters new territory in the area of personal identification.”
The Democrats also agreed with the Public Interest Advocacy Centre that the Government had failed to demonstrate a compelling need for the legislation, and pledged to adopt a cautious approach to the legislation, given that the technology was still relatively new and involved significant intrusions into the privacy of individuals.
The Eurodac system only collects anonymous fingerprints, and all samples are destroyed after 10 years, or upon a grant of citizenship. It requires a national supervisory authority in each participating state to independently monitor the lawfulness of the processing of data. As a further safeguard, a joint (EU and participating states) supervisory authority ensures that the rights of data subjects are not violated. This body will soon be replaced by the about-to-be-established independent supervisory authority, the European Data Protection Supervisor. And as a final safeguard the European Commission will submit to the European Parliament and to the council of the EU, an annual report on the management and working of the Eurodac.
In a speech to the Parliament, Roxon expressed concerns that the Australian government was attempting to commit the Australian people to setting up its own system of collecting and formulating databases of personal identifiers despite the lack of an international framework for the establishment of such databases. She said this meant there was no guarantee that our system would be internationally compatible with systems used overseas.
“For the introduction of these measures to have any real security impact for Australia, our data would presumably need to be able to be compared against some sort of international database,” she said. “When countries that Australia may need to deal with regularly on these security issues have not implemented, or even proposed to implement, complementary systems it does seem that we might be getting ahead of ourselves.”
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.