Home Affairs denies mass surveillance capabilities of face-matching database

Source: Samigration, 18/02/2019

`The services enabled by the legislation are not intended to
provide agencies with mass surveillance capabilities. Indeed, the
technical design of the system could not facilitate this ... as it
requires users to input a single still image at a time to conduct
a query,` Acting First Assistant Secretary at Home Affairs`
Identity and Biometrics Division Andrew Rice told the committee on
Friday, ahead of the departmental leadership change.
`It can`t be connected directly to a live CCTV feed. Even if the
agencies attempted to circumvent this by conducting multiple
queries in close succession, the way the service operates makes it
implausible that agencies could do this to support real-time
identification of multiple individuals within a crowd, for
example.`
The comments were made following an appearance in front of the
same committee earlier that day by Human Rights Law Centre
executive director Hugh de Kretser, who raised concerns over the
ability of agencies to have real-time surveillance of crowds of
people `going about their business, going about their daily lives,
and scan faces to merge contemporaneously or almost
contemporaneously with a database of images`.
The committee was specifically reviewing the Identity-matching
Services Bill 2018 and the Australian Passports Amendment
(Identity-matching Services) Bill 2018, which were introduced by
the Australian government in February to allow for the creation of
a system to match photos against identities of citizens stored in
various federal and state agencies.
The Australia-wide identity-matching initiative will allow state
and territory law-enforcement agencies to have access to the
country`s new face-matching services to access passport, visa,
citizenship, and driver licence images from other jurisdictions.
The Face Verification Service (FVS) is a one-to-one image-based
verification service that will match a person`s photo against an
image on one of their government records; while the Face
Identification Service (FIS) is a one-to-many, image-based
identification service that can match a photo of an unknown person
against multiple government records to help establish their
identity.
`Face identification service users will receive a gallery of
possible matches in response to each query they submit. The system
does not provide a single confirmed match. It is then up to users
with appropriate facial-recognition training to consider the
gallery of possible matches returned by the system and select a
short list for further investigation,` Rice explained on Friday.
`Only at that point does the agency receive biographic information
about the short-listed candidates -- the final identity solution
decision still needs to be made by the user agency.`
He said the system has been specifically designed in such a way as
to ensure there is always a person in the loop in FIS
transactions.
`The system is designed not to rely solely on the technology for
identity resolution decisions,` he continued.
`We need to make sure -- and this is what we`re doing with the
jurisdictions and with agencies that will be prescribed under the
Bill -- to put in place a training regime to make sure that the
officers who access the service have got the right skills,
encouraging agencies ... to think about the face identification
service as being a specialist capability that a small group of
people do and do all the time. That`s what happens in our
department at the moment. The face resolution staff are a small
team, and that`s all they do. It`s about putting in the range of
controls to deal with the fact that, because of the very nature of
biometrics, there will be some probabilistic anomalies that have
to be sorted out.`
Facing the same committee in May, Rice said the department had
purchased a facial recognition algorithm from a vendor to be used
for the FIS, however Home Affairs received immunity from
disclosing who the contract was awarded to, citing mostly security
concerns.
`The FIS enlivens significantly a threat to assumed identities, so
that`s security and law enforcement covert operatives and
witnesses under protection, so we received an exemption under the
Commonwealth procurement rules to not publish the identity, the
name of the vendor that`s providing the facial recognition
service,` Rice said at the time.
`It`s just reducing the potential vectors of attack.`
Rice told the joint committee that as all of the vendors providing
biometric or facial recognition services use different algorithms,
naming the vendor employed would potentially increase the threat
of attack.
On Friday, he held firm on the department`s position, saying
knowing which vendor it is gives the potential for some kind of
intrusion against that company in order to gain access to
information relating to the algorithm.