from the Washington Post 

The FBI is embarking on a $1 billion effort to build the world's largest computer database of peoples' physical characteristics, a project that would give the government unprecedented abilities to identify individuals in the United States and abroad.  

Digital images of faces, fingerprints and palm patterns are already flowing into FBI systems in a climate-controlled, secure basement here.

Next month, the FBI intends to award a 10-year contract that would significantly expand the amount and kinds of biometric information it receives.  

And in the coming years, law enforcement authorities around the world will be able to rely on iris patterns, face-shape data, scars and perhaps even the unique ways people walk and talk, to solve crimes and identify criminals and terrorists.

The FBI will also retain, upon request by employers, the fingerprints of employees who have undergone criminal background checks so the employers can be notified if employees have brushes with the law.  "Bigger. Faster. Better.

That's the bottom line," said Thomas E. Bush III, assistant director of the FBI's Criminal Justice Information Services Division, which operates the database from its headquarters in the Appalachian foothills.  

The increasing use of biometrics for identification is raising questions about the ability of Americans to avoid unwanted scrutiny.

It is drawing criticism from those who worry that people's bodies will become de facto national identification cards. Critics say that such government initiatives should not proceed without proof that the technology really can pick a criminal out of a crowd.  

The use of biometric data is increasing throughout the government. For the past two years, the Defense Department has been storing in a database images of fingerprints, irises and faces of more than 1.5 million Iraqi and Afghan detainees, Iraqi citizens and foreigners who need access to U.S. military bases.

The Pentagon also collects DNA samples from some Iraqi detainees, which are stored separately.  

The Department of Homeland Security has been using iris scans at some airports to verify the identity of travelers who have passed background checks and who want to move through lines quickly. The department is also looking to apply iris- and face-recognition techniques to other programs.

The DHS already has a database of millions of sets of fingerprints, which includes records collected from U.S. and foreign travelers stopped at borders for criminal violations, from U.S. citizens adopting children overseas, and from visa applicants abroad.

There could be multiple records of one person's prints.  "It's going to be an essential component of tracking," said Barry Steinhardt, director of the Technology and Liberty Project of the American Civil Liberties Union. "It's enabling the Always On Surveillance Society."  

If successful, the system planned by the FBI, called Next Generation Identification, will collect a wide variety of biometric information in one place for identification and forensic purposes.  

In an underground facility the size of two football fields, a request reaches an FBI server every second from somewhere in the United States or Canada, comparing a set of digital fingerprints against the FBI's database of 55 million sets of electronic fingerprints. A possible match is made -- or ruled out--as many as 100,000 times a day.  Soon, the server at CJIS headquarters will also compare palm prints and, eventually, iris images and face-shape data such as the shape of an earlobe.

If all goes as planned, a police officer making a traffic stop or a border agent at an airport could run a 10-fingerprint check on a suspect and within seconds know if the person is on a database of the most wanted criminals and terrorists. An analyst could take palm prints lifted from a crime scene and run them against the expanded database. Intelligence agents could exchange biometric information worldwide.  

More than 55 percent of the search requests now are made for background checks on civilians in sensitive positions in the federal government, and jobs that involve children and the elderly, Bush said. Currently those prints are destroyed or returned when the checks are completed.

But the FBI is planning a "rap-back" service, under which employers could ask the FBI to keep employees' fingerprints in the database, subject to state privacy laws, so that if that employees are ever arrested or charged with a crime, the employers would be notified.  

Advocates say bringing together information from a wide variety of sources and making it available to multiple agencies increases the chances to catch criminals. The Pentagon has already matched several Iraqi suspects against the FBI's criminal fingerprint database.

The FBI intends to make both criminal and civilian data available to authorized users, officials said. There are 900,000 federal, state and local law enforcement officers who can query the fingerprint database today The FBI's biometric database, which includes criminal history records, communicates with the Terrorist Screening Center's database of suspects and the National Crime Information Center database, which is the FBI's master criminal database of felons, fugitives and terrorism suspects.  

The FBI is building its system according to standards shared by Britain, Canada, Australia and New Zealand.  At the West Virginia University Center for Identification Technology Research (CITeR), 45 minutes north of the FBI's biometric facility in Clarksburg, researchers are working on capturing images of people's irises at distances of up to 15 feet, and of faces from as far away as 200 yards. Soon, those researchers will do biometric research for the FBI.  

Covert iris- and face-image capture is several years away, but it is of great interest to government agencies.  Think of a Navy ship approaching a foreign vessel, said Bojan Cukic, CITeR's co-director. "It would help to know before you go on board whether the people on that ship that you can image from a distance, whether they are foreign warfighters, and run them against a database of known or suspected terrorists," he said.  

Skeptics say that such projects are proceeding before there is evidence that they reliably match suspects against a huge database.  In the world's first large-scale, scientific study on how well face recognition works in a crowd, the German government this year found that the technology, while promising, was not yet effective enough to allow its use by police.

The study was conducted from October 2006 through January at a train station in Mainz, Germany, which draws 23,000 passengers daily.

The study found that the technology was able to match travelers' faces against a database of volunteers more than 60 percent of the time during the day, when the lighting was best. But the rate fell to 10 to 20 percent at night.  

To achieve those rates, the German police agency said it would tolerate a false positive rate of 0.1 percent, or the erroneous identification of 23 people a day. In real life, those 23 people would be subjected to further screening measures, the report said.  Accuracy improves as techniques are combined, said Kimberly Del Greco, the FBI's biometric services section chief.

The Next Generation database is intended to "fuse" fingerprint, face, iris and palm matching capabilities by 2013, she said.  

To safeguard privacy, audit trails are kept on everyone who has access to a record in the fingerprint database, Del Greco said. People may request copies of their records, and the FBI audits all agencies that have access to the database every three years, she said.  "We have very stringent laws that control who can go in there and to secure the data," Bush said.  

Marc Rotenberg, executive director of the Electronic Privacy Information Center, said the ability to share data across systems is problematic. "You're giving the federal government access to an extraordinary amount of information linked to biometric identifiers that is becoming increasingly inaccurate," he said.  

In 2004, the Electronic Privacy Information Center objected to the FBI's exemption of the National Crime Information Center database from the Privacy Act requirement that records be accurate. The group noted that the Bureau of Justice Statistics in 2001 found that information in the system was "not fully reliable" and that files "may be incomplete or inaccurate."

FBI officials justified that exemption by claiming that in law enforcement data collection, "it is impossible to determine in advance what information is accurate, relevant, timely and complete."  

Privacy advocates worry about the ability of people to correct false information. "Unlike say, a credit card number, biometric data is forever," said Paul Saffo, a Silicon Valley technology forecaster. He said he feared that the FBI, whose computer technology record has been marred by expensive failures, could not guarantee the data's security. "If someone steals and spoofs your iris image, you can't just get a new eyeball," Saffo said.  In the future, said CITeR director Lawrence A. Hornak, devices will be able to "recognize us and adapt to us."  

"The long-term goal," Hornak said, is "ubiquitous use" of biometrics. A traveller may walk down an airport corridor and allow his face and iris images to be captured without ever stepping up to a kiosk and looking into a camera, he said.  "That's the key," he said.

"You've chosen it. You have chosen to say, 'Yeah, I want this place to recognize me.' "

An update on the UK ID card proposals, from Fortress Blair - PM bets on biometric ring of steel to 'fix' immigration in The Register:

... So how did they get in anyway? Um, we gave them a visa - in fact, in many cases we were really, really keen to give them a visa. In addition to being extremely keen to (albeit not particularly constructively) get a lid on illegal immigration, we're absolutely mustard-keen for the UK to be a prime location for overseas students. Every year we grant hundreds of thousands of educational visas, salivate over the fees and preen ourselves over the wonderful hearts and minds job we're doing on the world's best and brightest. A thriving cottage industry of dodgy language schools exists, to the point where there are schools where you don't have to show up for classes, even schools that are frankly puzzled when students who didn't grasp the point ask them when the classes start. Classes? You want classes? Haven't you got a cleaning job to do? ...

Ah, good one! 

From a contribution at Slashdot, on the topic of

Former Health Secretary Pushes for VeriChip Implants

While the UK Government admits overselling ID cards "it has pledged to push on with the idea, saying it will still "help" in situations where fraud and identity abuse are factors."

But, for EU partner Norway - Majority favours new ID cards
A majority in the Norwegian Parliament (Storting) favours the introduction of new ID cards which would make it easier to expose terrorism. The cards could contain information on DNA and fingerprints. The cards could become an important contribution towards the fight against terrorism, says head of the Justice Committee, Trond Helleland (Cons.) to Aftenposten. Theadvanced ID cards could contain a lot of biometric information. They would also become important in uncovering the misuse of social security benefits and illegal residence. Some EU member nations have already voted to make such cards mandatory for their citizens.

The UK National Identity database will have to contain results of DNA analysis, as well as less invasive biometrics, if only to be technologically consistent with the National DNA Database (NDNAB).

From Wikipedia entry for British national identity card :
Currently, the closest parallel to the National Identity Register is the requirement for convicted offenders to register on the Violent and Sex Offender Register. However, the UK National DNA Database, with around 3 million profiles, is a larger database, and expected to grow at a much faster rate. All suspects arrested for an arrestable offence must give DNA samples that are permanently stored, and under the Serious Organised Crime and Police Act 2005, all offences (including, eg speeding) are arrestable.

In Australia, the convergence of DNA identification and a more general national ID scheme, is being promoted through highly publicised gaps in the missing persons registers, and advances in identification of victims of disaster.

From National database 'missing in action'
CrimTrac initially focused on national DNA and fingerprint systems in planning for the 2000 Olympics and, later, in responding to the September 11, 2001 terror attacks on the US. The technology proved very effective in the aftermath of the Bali bombings and the Indian Ocean tsunami. But as a consequence of looking at crime and terrorism, the issue of missing persons went AWOL. The Cornelia Rau affair revealed that even a major department such as immigration, which deals with identity matters every day, did not realise that if a person is reported missing to one state or territory police agency they are not reported to all police agencies through a seamless national system. Mr Palmer found in his report there was an urgent need for a national missing persons database.

In the UK, the government is moving ahead on several fronts. The Home Office was quick to produce a response to the London School of Economics 'ID Cards Costs Estimates and Alternative Blueprint' -  Home Office Response to LSE Alternative Blueprint ( File size 627kb)

The management of the UK's Forensic Science Service has important lessons for the Australian public. The UK government went down a path, determined to outsource FS services, under a Public Private Partnership (PPP) model. The protracted negotiations are summarised in

Forensic Science on Trial  29 March 2005 HC 96-I  (PDF version )
and
Government Response to Forensic Science on Trial   25 July 2005  HC 427 (PDF version )

This battle for the public interest resulted in Home Office commits to public sector future for forensic science on 12 January 2005.
Prospect, the union for the UK's scientists, has welcomed the Home Office announcement that the Forensic Science Service (FSS) is to remain in the public sector as a government-owned company (GovCo).
Prospect general secretary, Paul Noon, said the decision marked the end of the immediate threat of government plans to privatise a highly effective public service.

We need to keep a watchful eye on the Attorney-General's Department, in the case of our national identification databases. It is highly likely that soul-less wonks and bureaucrats will try to create kudos and bonuses for themselves, by pushing the government to divest itself of the mammoth costs of setting up and maintaining complex information infrastructure. The public needs to be told, over and over, that it will always cost them less to make the government accept its responsibilities.

As predicted (ahem!) - First-Class Fast Lanes Return

The Registered Traveler program, which allows handpicked frequent fliers to register a fingerprint and iris scan at some airports in exchange for a pass to the front of the line, has been stalled at the agency for more than a year. Airports, airlines and the TSA have been unable to agree on a way to expand the program. Airline and airport executives said they have been able to set up the new lines, in some cases, by working with airports and the federal government to expand security checkpoints. In Los Angeles, for example, American Airlines spent $1 million to reconfigure the terminal it leases so that the Transportation Security Administration could add a few more security lanes. The extra lanes afforded the airline some extra space for its new line for first-class travelers. American's first-class line begins with its own escalator on the opposite side of the other security line.

Nick Ferrett posted ID cards - nothing to hide and nothing to fear? at On Line Opinion.

I'm commenting to myself here, because a comment at OLO requires another username and password.

John Howard's strategy on the ID card question stems from his pragmatism. He knows the divisions in attitudes exist in his Cabinet, so he wants to do two things, quickly. First, he wants it all out on the table, so all the ministers can see the same stuff. He also wants them to know how much an ID card will cost. But, before that, they all need to know how much the scoping study will cost. That would have to go through the Law Reform Commission.

Second, he wants to be able to plan how to put any irreconcilable division in Cabinet to his own political advantage.

If it turns into real beast with a life of its own, he will not want to leave it in the hands of Joe Hockey. An ID card would be a major political exercise. Big enough to make the next leader, or cruel enough to park a promising career in a backwater.

I wish him well, because it is a milestone issue. But here's a tip. The current model, the HealthConnect Smartcard, is being trialled in a couple of places. If the proponents can find a way to make tribal folks, in the vicinity of Katherine, carry their cards with them, and can show that general health measures are improved as a result, the card will sell itself.

An incisive commentary on the latest moves for UK's ID card plans. The Attorney-General will have read this.

Clarke's ID card cost laundry starts to break surface

[from Kable]

The London School of Economics has issued its alternative model for a "trusted identity structure" that would meet the aims of the government's ID card bill. The model, which is outlined in the LSE's Identity Project Report published on 27 June 2005, accepts that no system can be totally secure and allows for individual control of personal data. Along with the model, the LSE also presents a "median figure" of £14.5bn for the government's proposed scheme. Security is a major feature of the LSE's alternative proposal. The aim is to ensure that a "master identifier" does not become universally deployed. Academics behind the proposals are concerned that the government's scheme could actually pose a security risk.

To download the executive summary, see http://is.lse.ac.uk/idcard/identitysummary.pdf

To download the full report (approx 300 pages), see http://is.lse.ac.uk/idcard/identityreport.pdf

Two reports on the Attorney-General's decision, not to make a commitment to the ID card concept, at this stage.

Ruddock rules out national ID card
Ruddock repudiates Australia Card, central database

This announcement, no doubt factored into the government's strategies for the next two years, leaves open other 'ID card' options. I reckon there will be market pressure for the government to act as a licensing service for those providers who want to give their paying customers convenience and privilege of streamlined access to products. For example, a 'total health care' provider, an amalgam of health insurer and health manager, may be able to sell on the basis of the efficiency of an in-house electronic health record. Now that all players have agreed an EHR is necessary, for better quality and safety, it looks like the States will have to pay for it themselves, if they want it for public hospitals, now that the A-G is not going to take lead role. Smart decision. What are those GST revenues for, after all?

I think we will have a ranking of citizens, based on ability to pay for speed and frills, into at least three classes. In First Class, elites will pay for the privilege of swooping to the head of the queue, by passing through an iris or facial scanner. Second Class will require the enhanced biometric passport, already on the way, and will take in the average Bali-touring citizen, ie, people with enough free cash to afford an overseas trip. Most people will learn to avoid delays, by carrying the passport. At the bottom of the pile will be those registered for social welfare, ie, no passport. The Centrelink access card will be a de-tuned version of the biometric passport - quick to exclude the ineligible (and all those falsely declared so by second-rate, poorly maintained equipment supervised by lackadaisical staff) and slow to say Yes. An ID-less population of miscreants and opt-outs will float around, at risk of being rounded up as potential terrorists, and acting as a convenient lesson about non-compliance.

The following exchange, between Senator Mason and Mary Murnane, is an extract from the Senate Legal and Constitutional References Committee Inquiry into Privacy Act 1988

The three hearings (20/4, 19/5, 20/5) have had lot of discussion centred on HealthConnect's SmartCard. The ability of General Practice software to filter off patients' data has come under scrutiny, too. All very important.

In this passage, the Committee is trying to get the departmental people to disclose what they know, in language that means something. It is hard work, but at least the Senators have a go. They will pay for their impertinence. Ms Halton's factotums are not to be challenged, or questioned, or to give account to the public. Heaven forbid!

Friday, 20 May 2005 Senate—References L&C 31
LEGAL AND CONSTITUTIONAL
[11.00 am]
LYONS, Ms Margaret, First Assistant Secretary, Health Services Improvement Branch, Department of Health and Ageing
McGRATH, Mr Mike, Legal Adviser, Department of Health and Ageing
MURNANE, Ms Mary, Deputy Secretary, Department of Health and Ageing
RICHARDS, Dr Brian, National Director, e-Health Implementation Group, Department of Health and Ageing

Senator MASON—Do you believe that the federal Privacy Commissioner has sufficient powers to enforce the Privacy Act currently?

Ms Murnane—My beliefs are not really all that relevant but at the moment we have an inquiry into the Privacy Act. There has recently been tabled a review of the Privacy Act as it relates to the private sector, and that review was conducted by the Law Reform Commission and AHEC.There is always room for improvement. But I believe that the Privacy Act and the implementation of the privacy principles in the Australian government and comparable acts of state governments have engendered a culture of privacy both within the public service and within the community generally, and the application of the privacy principles to the private sector has strengthened a policy culture there.

Senator MASON—Let me explain why your belief is important. If the executive is seeking to promote these e-health initiatives and, therefore, rely perhaps increasingly on the Privacy Commissioner, if they are not currently doing a good job or if they need further powers, your belief is important, isn’t it? You are in a very senior position in the department. If you think that the Privacy Commissioner is not adequately protecting privacy, that would be relevant to a Senate committee, wouldn’t it, about whether the Privacy Commissioner should be given more powers or the executive is promoting further initiatives? Of course it is relevant.

Ms Murnane—But I did not say that; you are imputing that. I have a bit of difficulty going on. I am not saying—I did not say and I would not say it — that I am of the belief that the Privacy Commissioner is not adequately protecting privacy. I am simply saying that it is a practice now, and a good practice, that all legislation and the relevance and effectiveness of legislation are reviewed at frequent intervals, particularly in areas like this, where community attitudes are changing and both new IT discoveries and, from our point of view, medical discovery and capability impinge on the external environment. There is a constant need to ensure relevance.

Senator MASON—So do you have any concerns about the Privacy Commissioner’s protection of medical records?

Ms Murnane—No.

Senator MASON—The promotion of these new e-health initiatives and further responsibilities for the Privacy Commissioner, whether they are under a separate act or the same one, do not concern you?

Ms Murnane—That is a very broad statement. I would really want to know precisely what I was saying did not concern me. These are things that we give a lot of attention to. I am not willing or able to just give simple answers to —

Senator MASON—Let me make this clear: if you had said that currently you believed that the Privacy Commissioner was not doing an adequate job to protect medical records, the committee would be concerned to give further powers to the Privacy Commissioner if there were further e-health initiatives. All right? In other words, if they were not protecting medical records currently—if that is what you had said—the committee would be very concerned about giving the Privacy Commissioner more powers if you were seeking further initiatives. Okay? Do you follow that?

Ms Murnane—I did not say that.

Senator MASON—I know, but that is why I asked the question.

Ms Murnane—Okay; fine.

Senator MASON—Do you understand?

Ms Murnane—Yes.

CHAIR—Do you know how many complaints the Privacy Commissioner gets in the health area annually?

Ms Murnane—I do not know the answer to that.

CHAIR—I just wonder how you have come to the conclusion that there is no concern.

Ms Murnane—I think Mr McGrath knows.

CHAIR—You have made the assessment that you are not concerned about the Privacy Commissioner’s workload in this area but you do not know what it is.

Ms Murnane—I do not know exactly what it is. Mike, can you—

CHAIR—Then how do you, Ms Murnane, come to that conclusion—not how Mr McGrath may come to a conclusion? Would you like to reassess your answer and look at some of the facts?

Ms Murnane—I will have a look at the exact number, but what I do know is that there is not a vast number of privacy complaints or breaches of privacy that come to our attention that cause a significant concern with the fabric of the system to protect privacy.

CHAIR—The Privacy Commissioner reports that she gets 330 complaints. You would not know how they have been handled, if they had been completed, or whatever, I would presume, if you do not know how many complaints there are.

Ms Murnane—I did not think we were here to be questioned on our views on the administration of the Privacy Act and the thoroughness and ability of the Privacy Commissioner and the Office of the Privacy Commissioner to carry that out. We see through a very small window into the work of the Privacy Commissioner.

Senator MASON—That is all we want to know about—your little window.

CHAIR—To a lot of people it is a very big window and a very critical area, and the way it has been administered by your department in terms of your information bases and also by the Privacy Commissioner in their capacity both legislative and resource wise to protect people’s privacy is a critical part of this inquiry.

Ms Murnane—I am not sure what you are getting at. The Privacy Commissioner takes positions on what we do and put to her. We try to work with the utmost respect for the Privacy Commissioner’s responsibilities and all that they are charged with. We would not say as a department that we have found deficiencies in the way the Privacy Commissioner carries out their task.

CHAIR—Sure, but that is a critical judgment and, when you say that, we on this side of the table draw conclusions from it. I asked you what you base that judgment on, and you were not able to tell us the most basic information about the number of complaints and how they are handled. So for me that is probably a premature assessment that you made.

Senator STOTT DESPOJA—I want to make the point that this broad inquiry is looking at the adequacy or otherwise of the Privacy Act in relation to its current operations as well as contemplating the impact of new and future technologies. The department of health is in charge of arguably the biggest single technological device or change that will have an impact on the privacy rights of Australians, such as we have never seen before. The Australia card is nothing compared to what your department is in charge of. Looking at the potential consequences of this technology chills me to the bone. That is why today we need to work out whether current privacy laws are equipped to deal with this particular new technology and what steps the department and the government are taking to protect the privacy and security of Australians as a consequence of the development of this new technology. This is not airy-fairy stuff; this is happening in places around Australia, or at least being contemplated. We need to know who is involved in the process of determining these protections — so what public sector groups, what organisations, what industries have been consulted, if any. We have heard complaints about levels of consultation, particularly from the AMA. Beyond that, my concern is whether or not this is going to be limited to the information obtained by departments or health professionals in relation to the HealthConnect card or whether there is a proposal to share information with other government agencies, a la the comments of Minister Hockey on 28 April this year that it potentially could be used in dealing with Centrelink, another government agency. To me, this opens up a Pandora’s box of security implications and privacy implications, so forgive me if I am a bit startled by the notion that the department is not here to comment not necessarily on specific inquiries of the Privacy Commissioner but on the adequacy of the Privacy Commissioner’s role and responsibilities now, including the act. I would like to put some questions on notice based on comments by the productivity commissioner that relate to whether or not the benefits of this technology outweigh some of the concerns that people have. Ms Murnane, you certainly have the right to respond to my comments.

Ms Murnane—I did say earlier that there is a continuous need to review legislation, especially legislation like this that is dealing with things that are important to people and that is at an interface with massive technological change and also change in medical biological discovery. The need to reconcile those is important. I am not in a position to say where exactly I think the Privacy Act should be changed. I think that is something that you are inquiring into. At the moment, we have been concerned that everything we have been doing is fully consistent with the Privacy Act, and we have been working very closely with the Privacy Commissioner and her office on that.

Senator STOTT DESPOJA—The department and obviously the minister have had the opportunity to examine the ALRC’s comprehensive report into genetic privacy, Essentially yours. Can you advise us of what discussions, meetings or debates have taken place around that report? I am wondering if there is a time line for a response to that report. I am sure the minister is responsible for any specific dates or information, but I am just wondering what work the department has done on that comprehensive report.

Ms Murnane—The whole-of-government response is being developed. I cannot give you any more specific information than that, but we will look at that on notice.

Senator STOTT DESPOJA—I notice that in response to questions of mine in the parliament last week, Minister Ellison talked about specific aspects of that report being referred to the Standing Committee of Attorneys-General. I am just wondering if there is a comparable committee within the health department that may have been examining the report.

Ms Murnane—Not to my knowledge, but I will check on that.

CHAIR—Thank you very much, Ms Murnane and staff.

Mary Murnane is deputy to Jane Halton - Executive.

QUESTIONS WITHOUT NOTICE: National Smartcard > Fawcett, David, MP; Hockey, Joe, MP; Howard, John, MP > 15:24:00

Mr FAWCETT (3.24 p.m.)—My question is addressed to the Minister for Human Services. Would the minister advise the House of initiatives to improve service delivery infrastructure for Australians?

Mr HOCKEY—I thank the member for Wakefield for his question—and isn’t it great to have a Liberal representing Elizabeth in South Australia? It is great news for the people of Elizabeth and South Australia. This government is determined to improve service delivery to all Australians. Australian families are generally fed up with having to fill in government forms, particularly when they claim Medicare, and also going into Centrelink offices in order to claim the benefits that they are entitled to. The financial services industry moved away from banking passbooks and limited trading hours in the 1980s, but the government still pursues a process of asking people to fill out forms and go into offices.

I can advise the House that the government is now developing a detailed proposal for the introduction of a national smartcard and that technology is going to provide easy access to welfare as well as health services. Current legislation ensures vigorous privacy and security standards are part of a citizen’s private information protection. The microchip in a smartcard will add additional security to the protection of individuals’ information. We are going to work closely with the Privacy Commissioner to ensure that any improvement in service delivery using new technology will safeguard every Australian’s legitimate right to privacy.

We are developing this proposal as a whole-of-government proposal. I can advise the House that the Prime Minister raised this with the premiers at COAG two weeks ago and the premiers are right on board and have embraced the Australian government’s approach to have a single standard and single protocol for the development of smartcard technology in Australia. I know that the Queensland government is developing a $300 million smartcard for public transport in Queensland. However, there is a danger to all of us that we are going to end up with different ‘rail gauge’ technology across Australia during the introduction of the smartcard. We are going to avert that, because we are going to deliver, in partnership with the states and in partnership with the private sector, common standards and common protocols that ensure that Australians are going to receive the sorts of services that they should get in the 21st century with 21st century technology.

As addendum to ID Cards, CrimTrac is the agency set up in 2000 to be the central point for collecting all data on offenders, like fingerprints and DNA profiles. It seems reasonable to suppose that whatever criteria DIMIA uses for identification, the scheme will be compatible with CrimTrac's, and all other agencies that have to get identity correct.

Hansard for May 12 2005 shows the Attorney-General replied in writing to a question from Rob McClelland about the "operating deficit of $10.5 million for his department in 3003-04". The figures supplied show CrimTrac underspent by $6.3m, the reason given that "the Minimum Nationwide Person Profile had been expected to be completed in 2003-04 but is now expected to be completed in July 2005".

From CrimTrac's timeline:

"1998 The Australian Federal Government commits $50m to establish CrimTrac, with a national DNA database as a central element."

From CrimTrac Annual Report 2003-4:

CrimTrac’s National Criminal Investigation DNA Database (NCIDD) contains profiles from samples collected from unsolved crime scenes, serious crime offenders, suspects, volunteers, missing persons, and unknown deceased persons.

NCIDD operated 39 per cent under budget due to lower than expected use of NCIDD/SQL*Lims.

Records on NCIDD as at 30 June 2004
Category and Number of Records in NCIDD
Crime Scene 6231
Offenders/Serious Offenders 18 101
Suspects 23 758
Volunteers (unlimited purpose) 2898
Total 50 988

CrimTrac had estimated for the 2003–04 year that more than 100 000 DNA records would be uploaded onto the system during the year, this figure fell short due to legislative complexities and delays. The estimated figure for uploaded DNA records in the 2004–05 year is expected to be over 200,000.