Australia may offer facial recognition data to telecoms and banks
It's not very reassuring to privacy advocates.
The concerns over government facial recognition systems don't just revolve around the possibility of Orwellian control -- it's that they may share that data with others you don't completely trust. Australia is learning this first-hand. The Guardian has obtained documents showing that the country's Attorney General office is talking to telecoms and banks about testing private use of the Facial Verification Service in 2018. Companies would need to get your permission and would have to show that they're honoring Australia's Privacy Act, but they could otherwise use it to fight fraud or otherwise verify the identities of their customers.
The approach would be similar to the existing Document Verification Service, where companies pay a fee every time they want to verify info from documents like your driver's license or passport.
Whether or not this goes forward depends on an independent privacy assessment. However, there are already a number of outstanding concerns about how this would be implemented, even in a country where facial recognition has seen relatively widespread adoption. Will a company clearly explain what happens if you agree to use facial recognition? Will they keep the data secure, and avoid selling it? And will they force customers to use the system if they want full access to services? Permission won't mean much if your choice is to either submit to a face scan or receive sub-par treatment.
This doesn't mean that privacy could be dead in Australia. However, the government will need to show that it's holding companies' feet to the fire. If there's going to be facial recognition in the first place, it's important to know that it won't be hoarded or compromised by a data breach. And given other companies' less-than-stellar security records, achieving that kind of confidence could require a lot of work.