A Liberal MP has accused the Labor government of rushing its digital identification bill through the Australian Parliament warning it could undermine public trust in government services.
These include a document verification service (DVS) hub, a face matching service hub, and the national driver’s license facial recognition (NDLFR).
A DVS is used to check the accuracy of the biographic information of one’s identity documents, such as birth certificates or visas, while the face matching service (biometric) is used to compare one’s photo with other photos, such as passport photos.
While these services already exist, the bill would authorise the Attorney-General’s Department to develop and maintain these facilities.
However, Liberal MP Paul Fletcher criticised the bill, saying it has “no regulatory impact analysis,” which is a process of examining the pros and cons of the legislation.
He also accused the government of rushing the bill to the House without consulting the industry or giving Australians enough time to understand the bill, despite their personal information being affected.
Mr. Fletcher noted that one of the largest users of the Document Verification Service in Australia has said they didn’t know about the legislation.
“This particular organisation conducts millions of searches of the DVS every year to meet the customer due diligence requirements designed to prevent terrorism financing and money laundering, and this organisation did not know the bill existed,” he said.
Mr. Fletcher, who was the former minister for Communications and Cyber Safety, argued it was unclear what impact the bill would have on organisation’s business is or whether the legislation would disrupt the provision of ordinary financial services.
He also questioned the impact of the bill on the Australian economy, the effectiveness of the bill in protecting privacy, and the implication of the bill in practice.
The Liberal MP added that the Office of the Australian Information Commissioner (OAIC) had described the assessment revisions in clause 40 of the bill as “unusual” because they do not activate the OAIC’s assessment regulatory powers.
“The OAIC went even so far as to state, ‘The bill does not provide a clear framework for the OAIC to enforce these agreements.’ As anybody who is a student of bureaucratic language would know, that is pretty strong criticism,” he said.
“In spite of these unresolved issues, we know the Attorney-General intends to press ahead with a vote in the House even before the Senate committee holds its first hearing.”
The Bill Could Provide Further Protection: Law Firm
On the other hand, international law firm Kings and Wood Mallesons said the bill would provide new clarity and enhance protections for users of identity services.However, they also noted that it is critical not to “underplay security risks that may arise from the concentration of valuable identity information” and make sure personal information entered into the system is “used solely for narrowly defined identity verification purposes.”
“In other words, it is important that the regime does not inadvertently permit uses of biometric information for other purposes not intended or outside the scope of the relevant individual’s consent.”
“This is something that privacy interest groups will no doubt wish to keep a close eye on, in order to guard against the risk of scope creep of the relevant systems.”
