X
Tech

Please run Australia's facial recognition surveillance system on the ATO SAN

Only a proper Australian dose of incompetence can save us from the technology-enabled surveillance state we are running towards.
Written by Chris Duckett, Contributor
nec-facial-recognition.jpg
(Image: NEC)

There used to be a time when an Australian could fly to New York and be imbued with the power to predict the fashion and hair cuts that would appear on Sydney or Melbourne streets in the upcoming year.

Although globalism has reduced the instance of this peculiarity, the island continent appears determined to ignore the lessons of the past and run headlong into a surveillance state that threatens the privacy of all of its citizens.

On Thursday, Australia's state and territory leaders agreed to link their systems, and thereby create a national federated database of biometric passport and driver's licence photo data.

Far from protecting the electorate's civil liberties -- which, unlike many other modern nations, are not written down and only exist in feelings, vibes, and the whims of the High Court -- the state premiers piled on and were only too proud of the technological terror to be constructed.

"In my judgement, it would be unforgivable to not make changes like that when the technology is available, the competence, the know-how, and safeguards are available to effect that change," Victorian Premier Dan Andrews said.

Andrews further said that the premiers had spared the nation from the bickering that accompanies important changes -- you know, the sort of thing that parliamentary democracies are supposed to do.

Australia in 2017 is a place where the political discourse allows Parliament to abrogate and outsource responsibilities on equality, yet the final step to create a technology-driven system of constant visual surveillance is waved through as routine.

The test case for the new era will be the upcoming Gold Coast Commonwealth Games; the Courier Mail reported in July that the Australian Federal Police is looking to hook the city's CCTV cameras up with the facial recognition technology to prevent terror suspects from reaching any venues.

While it is true that the current system is merely the automation of an existing system between the states, the wide rollout and integration of CCTV networks is only a single dose of scope creep and a helpful reading of the Intergovernmental Agreement On Identity Matching Services [PDF] away.

Clauses that allow agencies to use the facial recognition system to identify individuals who are at risk of physical harm "when addressing significant risks to public health or safety" are effectively blank cheques if the government wants them to be.

Have I mentioned that terrorism is persuasive, and that if you see something, say something? And the best way to protect the population from harm is to keep a constant eye on them? Of course it is, now pass the Victory Gin.

The most stupid, or even ironic, part of the entire proposal is that it is occurring at a time when much of the world is moving away from such overreaching systems.

Ireland will tell its authorities to get a judge's approval before demanding data from its data retention system, which has a lighter touch than the Australian system; and the US is continuing the process of watering down some of its surveillance laws.

Much like the teenager who continued to believe parachute pants in 1994 was still a thing, Australia is determined to make sure muted encroachments on civil liberties remains popular somewhere.

Now, before decrying the entire state as something that East Germany could only dream of, there is something to keep in mind.

Given that the nation has showed over the past couple of years that it has an inability to create a technical system of any consequence without incurring large costs overruns or outages, and our predisposition to believe "she'll be right" while there are gaping technical flaws just waiting to be discovered, the saving grace of the entire proposal could be our ineptitude.

In order to help the Australian government with its new system to keep us all safe, may I propose that they engage HPE for the supply of storage?

The company was responsible for the SAN that failed at end of 2016, and convinced the Australian Taxation Office (ATO) to allow it to own and operate a storage solution that could not handle more than one drive or cage failure. It also failed to act on a number of alerts indicating problems with the SAN over a six-month period.

Another vendor to get in on this exciting project is IBM, which showed with its handling of the 2016 Census how a highly trafficked online destination can be taken offline with a lack of proper design.

Special Adviser to the Prime Minister on Cyber Security Alastair MacGibbon succinctly summed up the situation in October when he said there was a "fundamental failure in the logic" in the plans of IBM.

IBM was not the only target for MacGibbon's ire, with the Australian Bureau of Statistics (ABS) also in line for criticism.

"This was a failure to deliver on the contractual obligations that IBM had," he said at the time. "There was a failure on the part of ABS to sufficiently check that the contract had been delivered."

Add the Centrelink robo-debt mess from the Department of Human Services into the mix, and what emerges is a pattern of government agencies being unable to properly govern IT projects.

As Australians willingly hand over more of their rights for some promised technocratic security, the prospect of the system turning into a flaming money pile is one of the few outs. The facial recognition database is a bipartisan issue, and it is going to happen.

"[We need to] get the balance right between making sure we have strong national security, and the rights of citzens to their legitimate privacy," Labor leader Bill Shorten said in August 2014 on the issue of data retention.

"Once liberties and rights are handed away, it is very difficult to get them back."

Labor ended up happily backing the legislation, and maintains that it improved it.

That system is now used mostly for tracking drug crimes, and the facial recognition database is more likely to end up being used to battle fraud.

If that doesn't make you feel safer, there is this clause in the identity agreement signed today: "The parties do not intend any of the provisions of this agreement to be legally enforceable."

Or how about this line from the prime minister yesterday: "You can't allow the risk of hacking to prevent you from doing everything you can to keep Australians safe."

I feel safer already.

Editorial standards