​Home Affairs denies mass surveillance capabilities of face-matching database

The technical specifications of the system 'would not allow it', the department has claimed.

The Department of Home Affairs has told a Parliamentary Joint Committee on Intelligence and Security that the government's identity-matching capability could not be used for mass surveillance, as its technical specs simply would not allow for it.

"The services enabled by the legislation are not intended to provide agencies with mass surveillance capabilities. Indeed, the technical design of the system could not facilitate this ... as it requires users to input a single still image at a time to conduct a query," Acting First Assistant Secretary at Home Affairs' Identity and Biometrics Division Andrew Rice told the committee on Friday, ahead of the departmental leadership change.

"It can't be connected directly to a live CCTV feed. Even if the agencies attempted to circumvent this by conducting multiple queries in close succession, the way the service operates makes it implausible that agencies could do this to support real-time identification of multiple individuals within a crowd, for example."

The comments were made following an appearance in front of the same committee earlier that day by Human Rights Law Centre executive director Hugh de Kretser, who raised concerns over the ability of agencies to have real-time surveillance of crowds of people "going about their business, going about their daily lives, and scan faces to merge contemporaneously or almost contemporaneously with a database of images".

See also: Australia called out as willing to undermine human rights for digital agenda

The committee was specifically reviewing the Identity-matching Services Bill 2018 and the Australian Passports Amendment (Identity-matching Services) Bill 2018, which were introduced by the Australian government in February to allow for the creation of a system to match photos against identities of citizens stored in various federal and state agencies.

The Australia-wide identity-matching initiative will allow state and territory law-enforcement agencies to have access to the country's new face-matching services to access passport, visa, citizenship, and driver licence images from other jurisdictions.

The Face Verification Service (FVS) is a one-to-one image-based verification service that will match a person's photo against an image on one of their government records; while the Face Identification Service (FIS) is a one-to-many, image-based identification service that can match a photo of an unknown person against multiple government records to help establish their identity.

"Face identification service users will receive a gallery of possible matches in response to each query they submit. The system does not provide a single confirmed match. It is then up to users with appropriate facial-recognition training to consider the gallery of possible matches returned by the system and select a short list for further investigation," Rice explained on Friday.

"Only at that point does the agency receive biographic information about the short-listed candidates -- the final identity solution decision still needs to be made by the user agency."

He said the system has been specifically designed in such a way as to ensure there is always a person in the loop in FIS transactions.

"The system is designed not to rely solely on the technology for identity resolution decisions," he continued.

"We need to make sure -- and this is what we're doing with the jurisdictions and with agencies that will be prescribed under the Bill -- to put in place a training regime to make sure that the officers who access the service have got the right skills, encouraging agencies ... to think about the face identification service as being a specialist capability that a small group of people do and do all the time. That's what happens in our department at the moment. The face resolution staff are a small team, and that's all they do. It's about putting in the range of controls to deal with the fact that, because of the very nature of biometrics, there will be some probabilistic anomalies that have to be sorted out."

Facing the same committee in May, Rice said the department had purchased a facial recognition algorithm from a vendor to be used for the FIS, however Home Affairs received immunity from disclosing who the contract was awarded to, citing mostly security concerns.

"The FIS enlivens significantly a threat to assumed identities, so that's security and law enforcement covert operatives and witnesses under protection, so we received an exemption under the Commonwealth procurement rules to not publish the identity, the name of the vendor that's providing the facial recognition service," Rice said at the time.

"It's just reducing the potential vectors of attack."

Rice told the joint committee that as all of the vendors providing biometric or facial recognition services use different algorithms, naming the vendor employed would potentially increase the threat of attack.

On Friday, he held firm on the department's position, saying knowing which vendor it is gives the potential for some kind of intrusion against that company in order to gain access to information relating to the algorithm.

PREVIOUS AND RELATED COVERAGE