Carol Brown (Tasmania, Australian Labor Party, Shadow Parliamentary Secretary for Families and Payments) Share this | Link to this | Hansard source

I rise to speak on the Migration Amendment (Strengthening Biometrics Integrity) Bill 2015. Labor does not oppose this bill, but we have concerns about some of its provisions and we have circulated amendments that aim to address these concerns.

Biometrics are personal identifiers based on individual physical characteristics such as finger and hand prints, facial images, iris scans and signatures. Any of these identifiers may be digitised and stored in a database. Although these characteristics are unique to individuals, a biometric does not by itself provide exclusive proof of identity. Biometrics are, however, more accurate than documentary checks because they are relatively stable over time, at least for adults, and much more difficult to forge.

In conjunction with documentary evidence, therefore, the collection of biometric data makes the task of those who conduct identity checks at Australia's air and sea ports considerably easier. Accordingly, biometrics have been collected for immigration purposes since 2004 for noncitizens. And since the foreign fighters act became law in 2014, they have been collected for citizens as well.

At present, the Migration Act authorises the collection of biometric data in eight circumstances. The bill now before the Senate consolidates seven of these into a single broad collection power. The eighth circumstance, concerning collection of biometrics from noncitizens in immigration detention, is not affected by the bill.

Most Australians who pass through routine immigration screening are not currently required to provide biometric data. It is not envisaged that this will change as a result of this bill. Nonetheless, the collection and retention of biometric data for immigration checks is reasonable—and, for security and law enforcement checks, it is both reasonable and, in most circumstances, appropriate.

Because of the nature of such data, however, issues of privacy and respect for individuals arise concerning the kind of biometric collected, the age of the person from whom it is collected and the consequences of any misuse of the information. Those issues become more acute for this bill because of the broad power of collection that it authorises.

These issues were canvassed by the Parliamentary Joint Committee on Human Rights and by many submissions to the Senate inquiry on the bill. The joint committee pointed out that creation of a broad discretionary power of collection necessarily limits the right to privacy, the right to equality and nondiscrimination, the right to equality before the law and the rights of the child.

At present, the Migration Act requires that collection of biometric data must be carried out in circumstances affording reasonable privacy to the person, must not be carried out in the presence of a person whose presence is not necessary for the purposes of the test or required by another provision of the act, must not involve the removal of more clothing than is necessary for carrying out the test and must not involve more visual inspection than is necessary for carrying out the test. The bill does not remove these requirements, but it does provide a new power for the minister and authorised officers to require that identifiers be provided in 'another way'—that is, in a way different from the rules set out in the act.

According to the explanatory memorandum, this new power will allow for quick live scanning of a person's fingers. It is not proposed to collect facial images under tests permitted by this new power and no clothing would be removed. However, as the Human Rights Committee has pointed out, the bill itself contains no such restriction. The government has given only a statement of its present intention. There is no guarantee that in future the new power could not be used in a way that contravenes the safeguards in the act.

Under the act, children can only be required to provide an identifier consisting of height and weight measurements or a facial image. The consent of a parent or a guardian must be given, and a parent or a guardian must be present while the test is carried out. However, this bill removes these restrictions. The explanatory memorandum offers several reasons for their removal. The first is that it is a child protection measure, responding to cases in which children have been trafficked or smuggled to Australia, sometimes with parental consent, as part of a family that is not their own. The second is that it is also a response to terrorism incidents in the Middle East and Africa that have involved children. The third is that it provides greater consistency with the practice of other Five Eyes countries. Some of these countries do not set age limits for the collection of biometric data and some do so only as policy.

Clearly, no-one can condone the trafficking of children or the unconscionable conduct of terrorists who manipulate children into becoming their accomplices. The Department of Immigration and Border Protection has stated that it would still be normal practice, as a matter of policy, to obtain the consent of parents or guardians for the collection of biometric data and to have them present while tests are carried out. Nonetheless, it is not surprising that the removal of a legal requirement for this practice to be observed has caused deep unease. The intention may be to prevent the exploitation and abuse of children, but it is not inconceivable that, in the absence of these requirements, circumstances may arise in which they are abused.

Many submissions to the Senate inquiry called for the retention of some form of legal restriction to protect children and other incapable persons. The Law Council of Australia's submission urged that guidelines be established to ensure that the collection of biometric data from children is carried out in a respectful manner and that independent guardians are appointed for unaccompanied children. Similar legislation enacted in the UK contains specific protections for vulnerable groups. Labor is moving four amendments related to this matter. The first two would see clauses incorporated in the bill to specifically require that particular care is taken to ensure that the privacy of minors and incapable people is respected and that they are treated with humanity and respect for human dignity. The third and fourth amendments would introduce legislated requirements as to who must be present when minors and incapable people are required to participate in identification tests without the consent of a parent or guardian.

A further issue that generated much debate when the UK was devising its legislation concerned the period for which biometric data should be retained. Several overseas regimes set a time limit for retention, while allowing possible extension of the limit. In Australia, there is a potential conflict between the provisions of this bill on indefinite retention of data and the recently amended Privacy Act, which requires that personal data must be retained for a reasonable purpose and only for so long as it is useful. Labor have examined this issue and we have concluded that existing provisions should be sufficient to require personal identifiers to be destroyed as soon as possible when they are no longer useful.

The government has assured us that this is certainly its intention. However, we remain concerned that there is no requirement for individuals to be notified if there is a serious privacy breach in relation to their identifying information. Our amendment defines a serious data breach as a situation where there is unauthorised access to or disclosure of identifying information and where there is a real risk of unauthorised use of the information or serious interference with the individual's privacy. Our amendment would require that, in such circumstances, the person responsible for the information would be required to notify the individual of the privacy breach and also to notify the Information Commissioner. We hope this proposed section never has to be used, but we believe this layer of protection is important.

Senators will recall that in 2014 the Department of Immigration and Border Protection was involved in a security breach where the personal details of nearly 10,000 asylum seekers were inadvertently released on the department's website, and earlier this year the department inadvertently disclosed the passport and visa details of world leaders attending the G20 summit in Brisbane. It is true that these were documentary forms of identification, but consider the problems that could arise if biometric data were hacked. Unlike passports, tax file numbers and Medicare numbers, biometric data cannot be changed.

Because of the concerns I have articulated—concerns raised by the Law Council and other informed organisations during the Senate inquiry—Labor believes that this bill requires amendment. If this bill is amended in the ways Labor has proposed, Australia's collection of biometric data for the purpose of immigration and border protection will be safer and more efficient.

Scott Ludlam (WA, Australian Greens) Share this | Link to this | Hansard source

I move the second reading amendment standing in my name:

At the end of the motion, add:

but further consideration of this bill be made an order of the day for the first sitting day after the Government has tabled the Privacy Impact Assessment conducted by the Department of Immigration and Border Protection.

I rise to add a contribution by the Australian Greens tonight. We have some quite severe concerns about the Migration Amendment (Strengthening Biometrics Integrity) Bill 2015, and I want to acknowledge that some of those have already been put on the record by Senator Brown for the Labor Party, and I also want to acknowledge those committee stage amendments that have been brought forward by the opposition. I think it is unlikely that we will get to debate them tonight, but I indicate in principle support by the Australian Greens.

One of the issues that I do not think Senator Brown went into in her contribution is that a privacy impact assessment was undertaken for this bill and the government is refusing to put that into the public domain. This goes to the second reading amendment that the Greens propose and that I have moved. It was one of the key recommendations that came out of the Parliamentary Joint Committee on Intelligence and Security, which did not oppose the use of biometric data for the purposes that the immigration department intends, as I do not think the opposition opposes it. But they did throw up a red flag around the importance of conducting a privacy impact assessment. The government appeared to have accepted that recommendation, ensured that it was undertaken but is refusing to release it to the parliament.

If the parliament and the senators who are expected to debate this bill are in receipt of the information that has been collected, it would probably make the committee stage of this debate much smoother when we get back to it tomorrow. In the absence of that document, the only conclusion we can draw is that it contains information that would be concerning or alarming, and these are not trivial or hypothetical matters. The Legal and Constitutional Affairs Legislation Committee that conducted the inquiry into this bill of which my colleague, Senator Hanson-Young, was a part, called for the release of that document for full inquiry. If we take this a jump back to the last time significant expansion of powers in this regard was put through this parliament—which was the foreign fighters bill—that was the instance in which the PJCIS, which again includes a majority of coalition senators, recommended that the Privacy Commissioner conduct a privacy impact assessment prior to any further legislation in this area.

The reason why it is so important that this is done is that parliament has had regard to the privacy impacts of successive pieces of legislation passing through here. Earlier in the year, obviously, there was the mandatory data retention bill, which creates very fine-grained information relating to the telecommunications devices that we use and carry around. This bill incorporates material that is much more intimate even than that traffic—fingerprints, retina scans and photographs that can be fed into facial recognition algorithms. Of course it is important to the immigration department and at airport checkpoints to know who is coming in and out of the country, but this is a department that has actually got something of a pretty sorry record of maintaining that material.

One of the privacy principles that was so cheerfully violated by the mandatory data retention bill was the concept embedded in one of the principles that was legislated and updated by this very government: that you should never collect more information than you need for the purpose that you are bringing to bear. It appears the way that this bill is drafted and the reason why stakeholders have raised such significant concerns is that the discretion for the kind of material that can be collected—and the manner in which it can be collected and the people from whom it can be collected—is extraordinarily broad and leaves enormous discretion in the hands of those who would be collecting the information. That is why it is so important that that privacy impact assessment be put on the table before this bill proceeds. It is effectively the impact of the Australian Greens proposed amendment.

A number of groups have raised very significant concern—Australian Lawyers for Human Rights, the Australian Privacy Foundation, the Refugee Council of Australia, the New South Wales Council for Civil Liberties and the Law Council of Australia. These are groups that have had cause to raise significant concerns around legislation brought through this parliament by this government for the last 18 months—in fact, for its entire term. It is becoming quite a familiar roll call of organisations—civil society and legal organisations across the country—who have raised extraordinary alarm at the nature, the thought processes and world view that underlie successive pieces of legislation. They are effectively grabs for power by the state over private individuals without equivalent protections being set up at the same time.

When you look at some of the statements that still exist with no sense of irony on the Liberal Party's webpage about how your founding principles were about protecting individuals from arbitrary power of the state, the depth of the power grabs that have been occurring is remarkable. Regrettably, in the absence of that key piece of information that is being withheld from this parliament, we have to conclude that what we see here tonight is another one of those grabs for power.

The key concerns relate to the security of the data that is collected, and that goes to ensuring that it will not be hacked, leaked and distributed. Given the extraordinary intimacy of this detail that is being collected on people—not just suspects, but everybody transiting our borders—and if this material were to fall into the wrong hands, it could lead to one very obvious scenario: identity theft. If you have this information on an individual, you can assume their identity in almost trivial ways and wreck people's lives.

The Department of Immigration and Border Protection accidentally leaked the personal details of nearly 10,000 asylum seekers in Australia via its website, and that had to be exposed by a media organisation. But, rather than apologise to those people, the department and the minister, who was responsible at the time, got quite defensive about this extraordinary act that was perpetrated on asylum seekers. The risks for Australian citizens living in a fortunate place such as this go to things like identity theft and a whole range of other nasty and adverse consequences that you could consider. But the risks for asylum seekers fleeing violent or totalitarian regimes to then find that their material has been leaked—and we know that database was accessed a number of times before that document was pulled and made no longer accessible—could be a matter of life and death. It is absolutely that serious. This is not a department that has inspired confidence in the past.

The bill appears to provide for a protracted period of retention and, if it is about identifying people who are traversing our borders, you would not expect that that was necessary. The collection of data from children and incapable persons without parents and without any kind of oversight or protection for those vulnerable individuals may run contrary to the United Nations Convention on the Rights of the Child—something that I would have thought that coalition MPs, giving them the benefit of the doubt, would care about quite a bit.

There are insufficient safeguards around the department's use of its new powers, and certainly around the ministerial discretion and the potential for scope creep to occur with respect to the data. For example, Australian law enforcement agencies around Australia are currently collaborating on facial recognition systems—and we went into this in budget estimates a couple of weeks ago—that would allow agencies to cross-match passports, driver's licences and, presumably, a dataset such as this one that is being collected at our borders, to try and identify persons of interest. Again, that is mostly for legitimate purposes. But the only things that prevent this material being used for illegitimate purposes are legal protections, safeguards, oversight and independent assessments of the impact on privacy. That is precisely what is being withheld from this parliament and that is what the Australian Greens second reading amendment goes to.

I thank the Scrutiny of Bills Committee for doing that work behind the scenes. It probably does not appear to be all that glamorous; nonetheless, it is extraordinarily important. The committee's Alert Digest No. 3 of this year states:

Of concern, from a scrutiny perspective, is the enormous breadth of this discretionary power. … it is clear by the terms of the provision that personal identifiers can be collected for any circumstance ‘where a link to the purposes of the Migration Act or the Migration Regulations can be demonstrated’. … Given the voluminous content of the Migration Act and regulations, this approach (of not requiring collection to be linked to limited, specified legitimate purposes) represents a fundamental change in approach to the collection of this particularly sensitive category of personal information.

I do not know if there are any other speakers on the second reading list, but, when the minister is given the opportunity to sum up and we go into the committee stage, we will be very interested to know exactly why the powers that are being sought by the immigration department are this broad, what they are going to do to protect people's private information. I hope when we reconvene in the morning to continue debate on this bill there will be laid on the table by the responsible minister that privacy impact assessment. If I am reading the situation wrong, and others wrong, and that assessment has not been done, then there will be questions to be answered about that. But if that document exists, there is absolutely no conceivable reason why it should not be put before this chamber.

The Law Council, who we look to—and who I would have thought the government would also look to—as a moderating influence on power such as this has recommended that the bill not be passed until parliament and the Australian community have the opportunity to consider the results of a privacy impact statement on the bill conducted by the Privacy Commissioner. We can tick that off because there is a second reading amendment on the table. They have also proposed that an independent guardian should be appointed to an unaccompanied minor if biometric information is required to be taken from the minor under the Migration Act. They propose that guidance be provided in the bill on what criteria need to be satisfied before a person is assessed as 'incapable' and that the government consult with stakeholders in the disability and trauma sector on what criteria should be used.

Before we close, I want to acknowledge that the two linked amendments that the AFP have brought forward relate effectively to mandatory data breach notification. That is something I think should be on the statute books already; it should be unnecessary for opposition senators to bring such an amendment forward, but I acknowledge that they have done so. At the moment, you would assume that if somebody is collecting sensitive personal information on you—over which you will lose all control and have no agency over what happens to it—there are three obligations. The first obligation is to collect absolutely no more information than is necessary—and the department appears to be failing that test as the bill seems to be drafted. The second obligation is to make sure that your systems are absolutely watertight and that appropriate and very high levels of protection of that private data are put in place so that the material does not walk. The department, on a couple of very high profile occasions, has failed that test as well. The third obligation should be that if you have collected more than is necessary, if your data security has failed and that material has walked and it has been accessed by third parties who have no business looking at it, then your primary obligation is to notify the people whose privacy has been breached.

The opposition amendment, which the Australian Greens will be supporting, goes to precisely that. That is an obligation the department should owe to people. It is an obligation they owe to those asylum seekers. It is an obligation, ironically, that they owe to President Obama and those others whose material was compromised by I think quite a trivial misreading of an Excel spreadsheet or some other event not that long ago. But particularly where people's private information is at stake, if the department loses control of it their obligation should absolutely be to notify those people. Mandatory data breach notification should be on the statute books in this country not just for this narrow case but much more broadly. It was a commitment the government undertook when they passed mandatory retention a short time ago. They said they would get around to it by the end of the year. That is a measure that should pass this parliament by the end of the week. There is no excuse for delay. I look forward to putting some of these questions to the minister directly when we get to the committee stage.

Debate adjourned.