Both major parties, the LNP and the Labor Party, waived through new laws in Queensland Parliament this week that will digitise the personal details, including identification photos and signatures, and make the information available to a variety of government and non-government organisations. And the process will be undertaken by a foreign-owned company.
Most Queenslanders would be very concerned about that, which is probably why the facts were buried in the legislation’s explanatory notes and glossed over by LNP and Labor speakers. It was, however, exposed by State Member for Mirani, Stephen Andrew:
Speech on the Transport Legislation (Road Safety, Technology and Other Matters Amendment Bill)
14 July 2020
I want to confine my comments today to another area of the bill, the implementation and operation of a digital licence app in Queensland.
The fact is that I do not think the government is being at all transparent in relation to this new app scheme or its real purpose. The app is described in the explanatory notes as little more than a matter of public utility for the general convenience and welfare of Queenslanders. The notes further reassure us that the current bill’s power to keep and use information will be exercised in limited circumstances only and states on page 21 that information shared under part 5 of the bill will not include a digital photo or digitised signature. A careful reading of the relevant sections of the bill, however, show just the opposite will be the case.
The issue of what information is shared with outside parties will be dealt with by the provisions of the Photo Identification Card Act 2008, which the current bill amends. Under the provisions of the newly amended Photo Identification Card Act, the chief executive will be authorised to retain and release information obtained through the digital licence app.
Moreover, under the amended Photo Identification Card Act’s definition, information is inclusive of a digital photo and digitised signature. The explanatory notes reassurances on this point are highly misleading. This lack of transparency can hardly be accidental since the Commonwealth government recently revealed that the Queensland government has already undertaken to share the new digital licence app’s photos and information.
In answer to a question in senate estimates last month, the Department of Home Affairs confirmed Queensland had fully committed to the uploading of digital licence app data to the National Driver Licence Facial Recognition Solution, NDLFRS. The current driver’s licence system lacks the high-definition facial imaging required for the Commonwealth’s new NDLFRS system.
The new digital licence app, however, solves this problem. This is the real purpose of the new app. The app’s high definition facial imaging data will be shared with the Commonwealth government and the biometric templates created from these images stored indefinitely.
Ultimately the plan is to allow law enforcement, intelligence agencies and even NGOs to share and access Australian citizens’ identity information in real time. I am also concerned with a comment in the explanatory notes that says the new app will initially include digital driver’s licences, photo identification cards and recreational licences.
That word ‘initially’ bothers me a lot. Exactly what other information is the government planning to include under this system? Health information? Tax and Insurance information? DNA data? The list of possibilities is endless and none of them very good.
Another question I have is: Why is the app being designed in partnership with a foreign-owned global military-industrial company with close ties to the US military, NASA and military grade hardware companies like Raytheon?
Thales is a company that not only boasts close ties with the US Army, US Navy, US Pacific Command and NATO, but one which describes itself as a leading provider of combat management systems and electronic warfare. According to its website, the Norwegian owned Thales leads the world in surveillance, detection and intelligence systems. Its motto is ‘Whatever it takes’—as long as it is not taking our privacy. That is not a very comforting resume for a non-state party being given unparalleled access and control to the sensitive biometric data of all Queenslanders.
That brings up the other situation in a digital world of being hacked and the situation of being open to be hacked. We put a lot of effort and time into our digital processes and there is always that situation. This bill relates to a whole area of governance that is rife with known and unknown risks to the citizen and about which there is a distinct lack of transparency or legislated control provisions. In a speech to the UN last year, the British Prime Minister warned about the dangers we face with new technologies of surveillance and control. He concluded his speech by saying that digital authoritarianism has become an emerging reality and unless we ensure that new technology reflects human rights and democratic freedoms, the Universal Declaration of Human Rights will mean nothing.
In Queensland we urgently need increased oversight and regulation by independent statutory commissioners, particularly around the areas of consent, retention, sharing and use of people’s biometric information. Until that happens, all bills like this should be rejected.