Biometric Data Part of Australia’s Plan to Protect Citizens’ Identity

Biometric Data Part of Australia’s Plan to Protect Citizens’ Identity
An X5 group representative demonstrates a facial recognition payment system at a self-checkout machine in in Moscow, Russia, on March 9, 2021. Dimitar Dilkoff/AFP via Getty Images
Alfred Bui
Updated:

The Australian government is pushing for the use of biometric data to fight off identity thieves amid recent waves of cyber crimes that rocked the country.

In the newly released National Strategy for Identity Resilience, the federal government outlined ten principles to protect the identities of Australians, which all state and territory governments approved.

Among the principles, the federal government proposed using biometrics (fingerprints, facial recognition, and more) with individuals’ consent to prevent criminals from stealing personal credentials.

“Combinations of biographic attributes (e.g. name, date of birth and licence number) do not adequately protect Australians from identity crime, and can be exposed in a data breach,” the strategy states.

“Passwords can be forgotten, stolen or compromised.”

The government promised that it would ensure the safety of biometric data and protect users’ personal privacy.

Facilitating Cooperation Between Federal and State Governments

Apart from biometric data, the strategy introduced a roadmap to enhance cooperation among governments in the fight against cyber crimes.

One of the principles involved states and the Commonwealth working together to ensure that different digital ID systems and credentials can be linked appropriately so that Australians can access services in any jurisdiction.

In addition, the federal government planned to establish stronger and more consistent standards for issuing physical and digital credentials, as well as allow individuals to update their information conveniently across agencies nationwide.

The strategy also pointed out the need for businesses and government agencies to collect and retain less personal information where appropriate to reduce the risks caused by data breaches.

Other principles included streamlining the process to recover compromised identity credentials for Australians falling victim to hacks and making clear who is responsible for the cost of remediating credentials in the case of a cyber attack.

While pushing for the adoption of digital identity, the federal government also promised to provide non-digital options for Australians who did not want to embrace new technologies, including older people and those from culturally and linguistically diverse communities.

Minister for Home Affairs Clare O’Neil during the Jobs and Skills Summit in Canberra, Australia, on Sept. 2, 2022. (AAP Image/Mick Tsikas)
Minister for Home Affairs Clare O’Neil during the Jobs and Skills Summit in Canberra, Australia, on Sept. 2, 2022. AAP Image/Mick Tsikas
“Our approach to identity resilience needs to keep pace with our economic and social activity and the changing nature of identity crime,” Public Service Minister Katy Gallagher and Cyber Security Minister Clare O'Neil said in a joint statement.

“It is essential we deliver a future-ready identity system.

“This starts with a nationally consistent and coordinated approach to identity and strong partnerships between Commonwealth and state and territory governments.”

The federal government has directed the Department of Home Affairs to work with states and territories to carry out the strategy.

It was estimated that Australians lost $3.1 billion (US$2.07 billion) to identity crime in 2018-2019, while the total cost of cyber crimes reached $33 billion in 2020-21.

Concerns About Risks Associated with Biometric Data

While the Australian government holds a positive view toward biometric data, there have been concerns that this kind of information can be subject to manipulation.
In a recent statement, the U.S. Federal Trade Commission (FTC) warned that criminals could hack and manipulate biometric data collected by businesses, especially with the help of artificial intelligence.
An elderly woman applies her fingerprint as she prepares to vote at a polling station in Basra, Iraq, on Oct. 10, 2021. (Hussein Faleh/AFP via Getty Images)
An elderly woman applies her fingerprint as she prepares to vote at a polling station in Basra, Iraq, on Oct. 10, 2021. Hussein Faleh/AFP via Getty Images

The FTC pointed out that some technologies can use biometric information to determine characteristics of individuals, such as age, race, gender, and personality traits, which would grant criminals access to those sensitive information.

Meanwhile, some IT experts believed that facial recognition surveillance was getting “out of control” in the UK as more public and private institutions adopted the technology.

They also warned that stalkers and predators were using the technology to target women and girls across the country.

The experts urged the UK government to introduce new legislation to reduce the use of facial recognition technology in the public.

Cyber Attacks Targeting Australia Continue

The strategy’s release comes as international hacker groups continue to target Australian public and private institutions, with many federal agencies appearing to be the latest victim.

Russian cybercriminal BlackCat, also known as AlphV, hacked into the database of law firm HWL Ebsworth in April and later posted 1.45 terabytes of sensitive information on the dark web on June 8.

Over 40 Australian government agencies and all four major banks are believed to have been impacted by the database hacking of the law firm.

Due to the significant number of government agencies involved, the federal government had to acknowledge the seriousness of the incident.

“HWL Ebsworth is a very significant incident, and the Australian government is deeply concerned about it,” O'Neil said, reported The Australian newspaper.

“I would place it in the realm of the most significant cyber incidents that we’ve experienced as a country over the last year, along with Latitude, Optus, and Medibank.”

As the government continued to investigate the cyber attack, it appointed a new national cybersecurity coordinator to help the government respond to similar data breaches.

Victoria Kelly-Clark contributed to this article.
Alfred Bui
Alfred Bui
Author
Alfred Bui is an Australian reporter based in Melbourne and focuses on local and business news. He is a former small business owner and has two master’s degrees in business and business law. Contact him at [email protected].
Related Topics