Australian Face Verification Service starts with citizenship imagery

Australia's descent into a federal government-backed biometric future began on Wednesday, with the first three agencies to be on board the Department of Foreign Affairs and Trade (DFAT), the Australian Federal Police (AFP), and the Department of Immigration and Border Protection (DIBP).

The first tranche of data to be swapped by the new Face Verification Service will be citizenship images, with visa, passport, and driver licence photos to follow. In August last year, the Attorney-General's Department (AGD) said access would be expanded to include the Australian Security Intelligence Organisation, Defence, and the AGD.

The AU$18.5 million system is designed to replace existing manual, ad-hoc facial image sharing arrangements between agencies to verify identities, and avoids the creation of a centralised database by agencies receiving queries running image searches against their own databases, an AGD fact sheet [PDF] claims.

"Often, this response will be a simple 'yes' or 'no' to indicate whether two images are of the same person," AGD said. "The hub will not conduct any matching, and it will not store any personal information. It will only retain the de-identified transaction data that is necessary for effective auditing and oversight of the system."

In a statement on Wednesday, Justice Minister Michael Keenan said Canberra is negotiating with the states to access driver licence images.

"This will further help to prevent organised crime and terrorists from using fraudulent identities, while protecting everyday Australians from identity theft and making it easier to prove their identities when transacting with government online," he said.

Keenan said the Face Identification Service, which will attempt to match a photo of an unknown person against government records, would commence next year and be used for serious offences. The minister said access to this system would be limited to a number of users in "specialist areas".

The face matching systems will be extended to handle images from closed-circuit TV, surveillance photography, and off the internet, AGD said. The department had previously ruled out the addition of directly feeding licence plate cameras or closed-circuit TV into the system.

Keenan said in September 2015 that the system would have strong privacy safeguards.

In recent years, DIBP has found itself in a number of privacy snafus.

During March 2015, the personal details of the world's G20 leaders, including passport numbers, visa details, and dates of birth, were accidentally emailed to the organisers of the Asian Cup by a staff member of the Department of Immigration and Border Protection (DIBP), which chose to avoid notifying the affected leaders.

In February 2014, DIBP published the details of approximately 9,250 asylum seekers. A report from the Office of the Australian Information Commissioner found the DIBP to be in violation of the Privacy Act.