Daily Bulletin

The Conversation

  • Written by Paul Henman, Associate Professor, Digital Sociology and Social Policy, The University of Queensland

Governments seem to think that the only way to protect national security is to own as much data about the public as possible, but this is not the case.

The push in Australia to create a national registry of driving licence photographs has been criticised for breaching privacy principles and creating data security risks.

Read More: Ten questions you should ask before sharing data about your customers

By truly adopting “privacy by design” principles, it could still achieve its aims while addressing some of these concerns. Instead of creating a new mega-database, matching algorithms in each of the federal, state and territory’s existing databases could be used to provide a similar function.

Computer design principles exist to protect individual privacy and enhance data protection. This can be designed into the system itself, rather than being treated as an afterthought.

The “Capability”

In early October, the Council of Australian Governments agreed to establish a National Facial Biometric Matching Capability, claiming:

This will help to protect Australians by making it easier for security and law enforcement agencies to identify people who are suspects or victims of terrorist or other criminal activity.

The aim is to create a new national driving licence registry that sits alongside similar sources for passport and immigration photos and documents.

Its Face Verification Service (FVS) allows law enforcement or other agencies to supply the image and name of a person and check if they match data held in the federal government’s databases. It already operates with passport, visa and citizenship images, but driving licence images would now be included.

The government will also create a new Facial Identification Service (FIS): a user submits an image of an unknown person (say, a terrorism suspect), and if there’s a match, the system will return their name and identifying information.

FIS will become operational with passport, immigration and citizenship images in early 2018, and driver’s licenses afterwards.

image The National Facial Biometric Matching Capability will include driver’s license images. EPA/OLE SPATA

Concerns about the system

The proposed extension of Facial Matching Services to driver’s licenses has been met with wide political support, but also concerns about the erosion of privacy, increased risks of data hacking and mission creep.

The creation of a large database of personal biometric information has Orwellian connotations, and the wide-scale sharing of driving licence data would breach a key privacy principle: not using data that was collected for one particular use for another without consent.

However, according to a spokesperson from the Attorney-General’s Department, the government has addressed concerns by creating a segmented database “hosted by the Commonwealth” and “replicated” from state and territory road agencies.

Driver’s license images will be stored in:

A federated database providing each state and territory Road Agency with its own partitioned data store, with individual Agency-based access controls…and common facial biometric matching software, managed centrally by the Commonwealth Data Hosting Agency.

In other words, each collection of images will be controlled by the relevant state or territory, and provided to the federal government under data sharing agreements.

But while the Commonwealth can’t automatically see the data, it’s still creating a new copy and larger database that could be hacked. That’s a key risk: as the database grows with more “valuable” personal information, it becomes a more attractive “honey pot” for hackers to target.

Privacy by design using distributed databases

There are design alternatives to creating a large central database that reduce the scope of data-sharing, infringements on privacy, and attractiveness to hackers.

By installing matching algorithms in each of the eight state and territory’s existing driver’s license databases, the government could achieve the functionality it requires.

In other words, instead of searching one large database, it would search multiple databases at once: the driver’s license databases of each state and territory, the passport database and the immigration database.

A safer design?

A truly distributed would mean that if a state or territory’s database was hacked, the scope of the data leak would be smaller.

While the federal government might argue that its centralised approach is faster and more efficient, this is unlikely to be true. Searching smaller databases simultaneously can be faster than one larger database.

Read More: Nobody reads privacy policies – here’s how to fix that

Not to mention, under the federal government’s approach, keeping the centralised database up to date would require regular transfers of new images, changes of address and so on.

A distributed database design would be more accurate and timely. When someone gets a driver’s license for the first time, or updates their image, this is immediately installed onto the state or territory’s existing system.

Building better computer systems is a necessary part of 21st century policing and national security, but it does not need to come at the expense of privacy and data protection.

Authors: Paul Henman, Associate Professor, Digital Sociology and Social Policy, The University of Queensland

Read more http://theconversation.com/good-data-bad-data-ethically-designed-databases-can-help-police-without-reducing-privacy-85466

Writers Wanted

Playing Beatie Bow is brought to thundering life in a joyous stage production

arrow_forward

I asked hundreds of people about their biggest life decisions. Here's what I learned

arrow_forward

A rare and significant win for prisoners — new limits around drug tests and strip searches

arrow_forward

The Conversation
INTERWEBS DIGITAL AGENCY

Politics

Morrison Government commits record $9B to social security safety net

The Morrison Government is enhancing our social security safety net by increasing support for unemployed Australians while strengthening their obligations to search for work.   From March the ...

Scott Morrison - avatar Scott Morrison

Ray Hadley's interview with Scott Morrison

RAY HADLEY: Prime Minister, good morning.    PRIME MINISTER: G’day Ray.   HADLEY: I was just referring to this story from the Courier Mail, which you’ve probably caught up with today about t...

Ray Hadley & Scott Morrison - avatar Ray Hadley & Scott Morrison

Prime Minister's Remarks to Joint Party Room

PRIME MINISTER: Well, it is great to be back in the party room, the joint party room. It’s great to have everybody back here. It’s great to officially welcome Garth who joins us. Welcome, Garth...

Scott Morrison - avatar Scott Morrison

Business News

6 Exciting E-Commerce Web Design Trends That Will Make Your Business Click in 2021

It has been more than a year since the pandemic has forced stores to close and kept us from leaving our homes, and it looks like the way we shop will never be the same again. If you are one of t...

News Co Media - avatar News Co Media

Why Hire First Page Agency For Digital Marketing

Digital marketing strategies are crucial in enhancing the growth and development of a firm. Lately, most potential clients can be found from various online platforms. Digital platforms are cost-...

News Co Media - avatar News Co Media

Parental support is about more than time off, says Multiplex

Premier construction company Multiplex has launched a new parental leave and support policy which aims to support parents during periods of leave, and bolster their longer-term career progression an...

The PR Partnership - avatar The PR Partnership