Chapter 1Introduction
1.1On 14 September 2023, the Senate referred the provisions of the IdentityVerification Services Bill 2023 (IVS bill) and the Identity Verification Services (Consequential Amendments) Bill 2023 (Consequential Amendments bill) (collectively the bills) to the Legal and Constitutional Affairs Legislation Committee (the committee) for inquiry and report by 9 November 2023.
1.2The referral followed a recommendation of the Senate Standing Committee for the Selection of Bills (Selection of Bills Committee). Appendix 2 to that committee's report suggested an inquiry would '[p]rovide stakeholders an opportunity to speak to the measures in the Bills'. The Selection of Bills Committee further suggested that an inquiry could focus on matters relating to privacy, security, and the collection of and access to personal information and data.
Conduct of the inquiry
1.3In accordance with its usual practice, the committee advertised the inquiry on its website and wrote to relevant organisations and individuals inviting submissions by 2 October 2023. The committee received 17 submissions, which are listed at Appendix 1 and are available on the committee's website.
1.4The committee held a public hearing in Brisbane on 30 October 2023. A list of witnesses is provided at Appendix 2.
1.5Answers to questions on notice and other material received by the committee are listed at Appendix 1. Submissions and the Hansard transcript of evidence may be accessed through the committee website.
1.6The committee thanks the organisations and individuals who gave evidence at the public hearing as well as those who made written submissions.
Structure of the report
1.7The report comprises two chapters as follows:
Chapter 1 outlines the administrative details of the inquiry, background to the inquiry, and the key provisions of the bills.
Chapter 2 explores the key issues raised in evidence and provides the committee's views and recommendations in relation to the bills.
Purpose of the bills
1.8The bills would provide a legislative framework for the operation of three approved identity verification facilities, and provide privacy and security protections for those using them.
Background
Council of Australian Government agreement on identity matching services
1.9On 27 September 2005, the Council of Australian Governments (COAG) recognised that there was an 'operational need for a national capability to support identity verification'. It was agreed that there was a need for 'a national document verification service to combat identity theft and fraudulent use of stolen and assumed identities'.
1.10On 13 April 2017, COAG agreed to the Intergovernmental Agreement to a National Identity Security Strategy(NISS).
1.11The NISS assists the Commonwealth, states and territories:
…to work collaboratively to enhance national security, combat crime and increase service delivery opportunities through nationally consistent processes for enrolling, securing, verifying and authenticating identities and identity credentials. The Document Verification Service [DVS] is a key initiative of the NISS that provides a practical means of promoting identity security across the Australian community.
1.12On 5 October 2017, COAG entered into the Intergovernmental Agreement on Identity Matching Services (Intergovernmental Agreement). Under that agreement, jurisdictions agreed 'to share and match identity information, with robust privacy safeguards, to prevent identity crime and promote law enforcement, national security, road safety, community safety and service delivery outcomes'.
1.13The parties to the Intergovernmental Agreement agreed to participate in the National Driver Licence Facial Recognition Service (NDLFRS). They agreed that the NDLFRS would be hosted, operated, and managed by the Commonwealth. The NDLFRS would 'contain identity information contributed by state and territory Data Holding Agencies and the biometric templates generated from that identity information'.
1.14The Explanatory Memorandum (EM) to the bills notes that the IVS bill 'reflects and seeks to implement aspects of the Commonwealth's commitments under the [Intergovernmental Agreement]'.
1.15The EM suggests that, under the Intergovernmental Agreement, 'jurisdictions would share and match biographic and biometric information, with robust privacy safeguards, through the identity verification services'.
The inquiry into the Identity-matching Services Bill 2019
1.16In October 2019, the Parliamentary Joint Committee on Intelligence and Security (PJCIS) completed its inquiry into the Identity-matching Services Bill 2019.
1.17The Attorney-General's Department (AGD) stated that '[t]he IVS Bill addresses the recommendations made by [the PJCIS]'. In the view of the AGD, the IVS bill 'aligns with the following principles' recommended by the PJCIS:
the regime is built around privacy, transparency and subject to robust safeguards
privacy obligations and safeguards are required by the IVS Bill and will be implemented in practice through a participation agreement
the regime is subject to Parliamentary oversight and reasonable, proportionate and transparent functionality, and
annual reporting requirements for the identity verification services are included.
1.18Ms Tara Inverarity, Acting Deputy Secretary, National Security and CriminalJustice Group, AGD, stated:
The design of the bill has been informed by the principles and recommendations from the previous [PJCIS] inquiry into the IdentityMatching Services Bill 2019. Those principles were that the regime should be built around privacy and transparency and be subject to robust safeguards; the regime should be subject to parliamentary oversight and reasonable, proportionate and transparent functionality; the regime should be one that requires annual reporting on the use of identity-matching services; and the primary legislation should specifically require that there is a participation agreement that sets out the obligations of all parties participating in the identity-matching services in detail.
Identity verification services
1.19The EM defines the identity verification services as:
…a series of automated national services offered by the Commonwealth to allow government agencies and industry to efficiently compare or verify personal information on identity documents against existing government records, such as passports, driver licences and birth certificates.
1.20The Attorney-General, the Hon Mark Dreyfus KC MP, explained:
Secure and efficient identity verification that protects the privacy of Australians is vital to the digital economy. It ensures Australians can access the services they need without exposing them to identity crime.
1.21He noted that the Document Verification Service (DVS) and Face Verification Service (FVS) 'are the only national capability that can be used by industry and government to securely verify the identity of their customers'.
1.22Identity verification services are used by government agencies, banks, and telecommunications providers to authenticate identity documents. The EM explains that they are used by '[g]overnment agencies when providing services, disaster relief and welfare payments, and Commonwealth, state and territory government agencies verifying identity in order to provide or change credentials'. They are also used by 'financial service providers…when seeking to verify the identity of their customers and to meet the "know your customer" obligation under the Anti-Money Laundering and Counter-Terrorism Financing Act2006'.
1.23The DVS 'was used over 140 million times by approximately 2,700 government agencies and industry organisations' in 2022. During 'the 2022–23 financial year, there were approximately 2.6 million [FVS] transactions'.
1.24The DVS has been used to create 'more than 11.3 million myGovID accounts that people can use to authenticate their identity for government websites and services'. The FVS has been used to verify one-third of those myGovID accounts. A myGovID account 'provides access to Centrelink, the Australian tax office and other critical services'.
1.25The Attorney-General stated that '[t]he government is committed to supporting the effective ongoing operation of identity verification services, and ensuring they provide appropriate privacy protections and security safeguards'.
1.26He explained that the IVS bill:
…will provide clear legislative authority to ensure the continued operation of identity verification services. It will limit the purposes for which requests can be made using the services, providing increased certainty and transparency for Australians about how the services can be used.
1.27In addition to that legislative authority, the Attorney-General also pointed out that the IVS bill contains 'robust privacy safeguards'. Those safeguards would 'give the Australian community confidence that the government is protecting their personal information'.
1.28Some of the proposed privacy safeguards include:
a requirement for organisations that request information from identification verification services to be subject to privacy laws or the Australian Privacy Principles;
when a request is made for the verification of a person's identity, informed consent from that person is required;
a requirement that agencies or organisations that request information from identification verification services 'have appropriate complaint-handling processes, and [that] data breaches must be reported';
imposing limitations on 'the purposes for which information may be collected, used or disclosed'; and
making it 'an offence to prevent unauthorised recording, disclosure, or access to information by departmental officers'.
1.29The privacy safeguards would 'be implemented through participation agreements between the department and the requesting agencies and organisations, which can be suspended or terminated if terms are breached'. The participation agreements would also be available to the public, 'to ensure transparency'.
1.30The Attorney-General also explained that the IVS bill includes measures to secure and protect the communications to and from the identity verification services, and the information stored in the NDLFRS.
1.31The Attorney-General's Department would be required to implement measures to 'protect information from unauthorised interference or unauthorised access'.
1.32The Attorney-General stated that there are 'transparency, accountability and oversight measures [in the IVS bill] to ensure privacy standards are upheld'. Those measures include:
the requirement to publish participation agreements, access policies and other relevant documents;
provision for entrusted persons to disclose protected information to the Inspector-General of Intelligence and Security or the Commonwealth Ombudsman, to assist either agency to exercise their oversight functions; mandatory annual assessments by the Information Commissioner of the operation and management of identity verification services; and
annual reporting requirements, including providing information about data breaches and security incidents, and the accuracy of facial recognition systems.
1.33He observed that a statutory review of the IVS bill would be required within two years of its commencement.
1.34The Attorney-General stated that the IVS bill would 'ensure the continued use of strong and secure identity verification…[It also ensures] that identity verification services have extensive privacy safeguards and effective oversight and transparency requirements'.
1.35In commending the IVS bill to the House, the Attorney-General stated that it would enable 'Australians to conveniently and securely engage with the digital economy and access critical services while minimising the risk of identity fraud and theft'.
Key provisions of the bills
1.36The IVS bill would allow the Attorney-General's Department 'to develop, operate and maintain' three approved identity verification facilities. Those facilities are the:
DVS hub;
Face Matching Service Hub; and
NDLFRS.
1.37The identity verification facilities would 'provide the identity verification services. These facilities will relay electronic communications between persons and bodies for the purposes of requesting and providing identity verification services'.
1.38The DVS hub and the Face Matching Service Hub would not relay information relating to an individual's:
(i)racial or ethnic origin; or
(ii)political opinions; or
(iii)membership of a political organisation; or
(iv)religious beliefs or affiliations; or
(v)philosophical beliefs; or
(vi)membership of a professional or trade association; or
(vii)membership of a trade union; or
(viii)sexual orientation or practices; or
(ix)criminal record.
1.39Those two identity verification facilities would not relay an individual's health information or their genetic information.
1.40Each of the facilities are outlined in the following section of the report.
The Document Verification Service hub
1.41The DVS became available for government use in 2008. It was made available to industry in 2014, 'subject to privacy safeguards and protections'.
1.42The DVS hub would be a facility that relays information about DVSs electronically to persons and bodies requesting or providing that information. The information relayed by the DVS hub would be obtained from DVS documents and would not contain facial images or biometric data.
1.43A DVS document may be any of the following:
(a)a birth certificate issued by or on behalf of an authority of a State or Territory;
(b)a death certificate issued on behalf of an authority of a State or Territory;
(c)a concession card (within the meaning of the Social Security Act 1991);
(d)a notice given under section 37 of the Australian Citizenship Act 2007 stating that a person is an Australian citizen at a particular time;
(e)a certificate issued by an authority of a State or Territory indicating that an individual has changed the individual's name;
(f)a driver's licence (however described) issued by or on behalf of an authority of a State or Territory;
(g)a document issued by or on behalf of an authority of a State or Territory to assist an individual to prove the individual's age or identity;
(h)a document issued to an individual, as a person who is not an Australian citizen, by the Department administered by the Minister administering the Migration Act 1958 to assist the individual to prove the individual's identity;
(i)a certificate of marriage issued by or on behalf of an authority of a State or Territory whose function is to register marriages;
(j)a document issued by a court setting out a divorce order made under the Family Law Act 1975;
(k)an Australian travel document (within the meaning of the AustralianPassports Act 2005);
(l)a certificate signed by an officer (within the meaning of the MigrationAct1958) stating that, at a specified time, or during a specified period, a specified person was the holder of a visa that was in effect;
(m)an entry in a Roll (within the meaning of the Commonwealth Electoral Act1918) relating to a particular individual;
(n)an aviation security identification card issued under regulations made for the purposes of the Aviation Transport Security Act 2004;
(o)an MSIC issued under regulations made for the purposes of the MaritimeTransport and Offshore Facilities Security Act 2003;
(p)a medicare card (within the meaning of subsection 84(1) of the NationalHealth Act 1953).
1.44A DVS 'provides 1:1 matching to verify biographic information (such as a name or date of birth), with consent, against government issued identification documents'.
1.45A DVS electronically compares information related to an individual with a DVS document. A DVS would communicate the results of the comparison with the requesting party by stating that the compared information either did or did not match. If the compared information did not match, a DVS may provide reasons as to why.
1.46The IVS bill would require both the request and the response to it to be communicated electronically via the DVS hub or the Face Matching Service Hub.
The Face Matching Service Hub
1.47The Face Matching Service Hub would be a facility that relays electronic communications between persons and bodies that request or provide identity verification services.
1.48Those identity verification services would be provided by a Face Identification Service (FIS) or a Face Verification Service (FVS).
Face Identification Service
1.49The EM explains that '[t]he FIS is a 1:many matching service', the authorised use of which would be limited to a specific group of Commonwealth, state, and territory agencies. The IVS bill would allow a FIS request to be made by:
'a law enforcement officer or intelligence officer';
'an officer…of an agency authorised under a corresponding assumed identity law'; or
an officer of an approved authority that is permitted to participate in the National Witness Protection Program.
1.50Limitations on access to the FIS ensures that it 'is only used by those government entities with an operational need to manage and protect shielded persons, and their associates'.
1.51An officer making a FIS request would need to be 'approved as a suitable person to make the request'. The head of the authority, or someone delegated by them, would need to endorse FIS requests.
1.52A FIS request would only be able to be made 'for the purpose of protecting the identity of a shielded person or someone else associated with a shielded person'. The person endorsing the FIS request would also need to be satisfied that the request is being made to protect 'the shielded person, or associate, stated in the request; and [in accordance with] the performance of the authority's functions'.
1.53The AGD highlighted the importance of this limitation as it 'provides certainty that the FIS will not be used for general law enforcement and intelligence purposes, or mass surveillance'. It also noted that the 'authorisation process will ensure requests made for a FIS are appropriate and subject to senior level oversight'.
1.54A FIS request would need to include a facial image of an individual and 'specify the kinds of government identification documents against which the face‑matching service information in the request is to be compared'.
1.55FIS requests would be communicated electronically to the Face Matching Service Hub.
1.56The FIS electronically compares a facial image of an individual and other face‑matching service information that is included in the FIS request with:
…face‑matching service information that:
(i)relates to one or more individuals; and
(ii)is contained in, or associated with, one or more government identification documents of one or more kinds specified in the request; and
(iii)is made available for the comparison by a government authority…that is a party to a participation agreement.
1.57The AGD reported that the FIS 'has been used on three occasions between 2018and 2021, in limited trials and pilot programs by state police'.
1.58The AGD explained that the FIS is required to ensure that law enforcement agencies 'can carry out their functions in protecting shielded persons'. Without the FIS:
…there is a real risk that a nefarious actor could lawfully verify the identity of a shielded person through a DVS or FVS request. This could compromise the safety and security of a shielded person and their family, and undermine a law enforcement or national security investigation.
1.59Mr Hans Koenderink, Assistant Commissioner, Australian Federal Police (AFP), similarly explained that the AFP's:
…ability to protect these people is a fundamental necessity in maintaining the trust of our community as well as domestic and foreign partners. Itenables us to successfully fulfil our role of enforcing Commonwealth law and protecting Commonwealth interests from criminal activity in Australia and overseas…The protections in this bill are essential for the critical functions of the AFP to protect our members, witnesses and operations where shielded persons are involved.
1.60He argued that without access to 'the 1:many matching service' provided in the IVS bill:
…there is a real risk that the safety and security of a shielded person and their family could be compromised…There is also a risk that, in turn, compromising the identity of a shielded person will undermine a law enforcement or national security investigation.
Face Verification Service
1.61A FVS:
…provides 1:1 matching to verify biometric information (in this case a photograph or facial image of an individual), with consent, against a Commonwealth, state or territory issued identification document (for example, passports and driver licences).
1.62A FVS request would be 'made by or on behalf of a party…to a participation agreement'. Unlike the DVS, FVS requests may not 'be provided to an authority of, or entity in, New Zealand…The FVS is solely being provided to Australian agencies and entities'.
1.63A FVS request would include 'face-matching service information that relates to the individual'.
1.64A FVS would electronically compare:
…face-matching service information that relates to the individual that is included in the request…[with] face-matching service information that:
(i)is contained in, or associated with, a government identification document of a kind specified in the request that was issued to the individual; and
(ii)is made available for the comparison by a government authority…that is a party to a participation agreement.
1.65The purpose of comparing that information would be to:
verify an individual's identity; or
protect a shielded person or someone associated with them.
1.66If the party making the request is a non-government entity, the response would either indicate 'that the comparison resulted in a match for the individual or that the comparison did not result in a match for the individual'. In that case, the response would 'not contain any other face-matching service information that relates to the individual'.
1.67Both the request and the response to it would be communicated electronically via the Face Matching Service Hub.
1.68The AGD reported that the FVS 'commenced in 2016 for transactions by government agencies only'.
National Driver Licence Facial Recognition Service
1.69The DVS and FVS would use the NDLFRS to provide identity verification services.
1.70The NDLFRS is a database of identification information that is supplied by state and territory authorities that is gathered from government identification documents issued by those authorities. The NDLFRS allows for the biometric comparison of facial images with facial images that are contained in the database.
1.71As 'approximately 80 per cent of Australians have a driver licence', the NDLFRS would ensure that a broad range of people can utilise identity verification services to create a 'strong' MyGovID. A 'strong' MyGovID is required 'toaccess certain government services, such as those provided by Centrelink and the Australian Tax Office'.
1.72The EM notes that approximately 50 per cent of the population hold an Australian passport, which is the only other identity document permitted to create a 'strong' MyGovID. It indicates that without the NDLFRS, approximately half of the Australian population would not be able to create a 'strong' MyGovID.
Privacy provisions
1.73The IVS bill contains provisions that are designed to protect the privacy of individuals whose identification information is collected, used, and disclosed by the department.
1.74In operating the identity verification facilities, the AGD may collect identification information for purposes relating to:
verifying an individual's identity using a DVS or FVS; or
protecting a shielded person or someone associated with that shielded person using an FVS or FIS; or
developing identity verification services, or facilities that provide those services, for the purpose of verifying an individual's identity, or protecting a shielded person or someone associated with that shielded person; or
the development, operation, or maintenance of the NDLFRS.
1.75In operating and maintaining the identity verification facilities, the AGD must ensure that electronic communications to and from those facilities are secure, 'including by encrypting the information'. It must also 'protect the information from unauthorised interference or unauthorised access'.
1.76The identity verification services would operate as either a 1:1 or 1:many matching service. The difference between those two kinds of identity verification services is explained as follows:
A 1:1 matching service matches particular biometric information (such as a photograph) or biographic information (such as a name or date of birth) against a particular record. A 1:many matching service compares a facial image (such as a photograph) against other facial images.
1.77The FVS and DVS operate as 1:1 matching services and the FIS operates as a '1:many matching service'.
1.78There are two types of agreements that would 'govern the requesting and provision of identity verification services':
participation agreements; and
the NDLFRS hosting agreement.
1.79Those agreements are outlined in the following section of the report.
Participation agreements
1.80An entity requesting an identity verification service would need to be party to a participation agreement. Identification information would only be provided to an entity that is party to a participation agreement.
1.81A participation agreement would be a written agreement between the department and other parties that outlines the roles, rights, and obligations of each party to the agreement.
1.82Parties to a participation agreement would need to:
'be subject to the Privacy Act 1988'; or
be subject to a state or territory privacy law that is prescribed by the rules;or
agree to comply with the Australian Privacy Principles; or
'be a government authority prescribed by the rules'; or
be subject to the Privacy Act 1993 of New Zealand if the agreement only deals with the requesting of DVSs by, and provision of DVSs to, an authority of New Zealand or the party operates in New Zealand.
1.83A participation agreement would need to provide for:
privacy impact assessments of requesting identity verification services; and
each party to have arrangements for dealing with complaints by individuals whose identification information is held by the party; and
an agreement that parties (except the department) will report breaches of security to the department; and
that the department inform the Information Commissioner of a breach of security that is reasonably likely to cause serious harm to an individual who has provided identification information involved in the breach.
1.84Participation agreements would also include provisions that allow for 'the obtaining of an individual's consent to the collection, use and disclosure' of their identification information. An individual's consent would not be required if the request for that information:
…is made by or on behalf of a government authority…[and the] collection, use and disclosure of that information for the purposes of protecting a shielded person, or someone else associated with a shielded person, are implicit in functions conferred by law on the authority.
1.85Participation agreements would contain provisions that allow individuals from whom identification information is being sought to be provided with details about:
(a)how the party seeking consent uses identity verification services;
(b)how any facial images of the individual collected by the party from the individual for requesting an identity verification service or from a response to a request for an identity verification service will be used and disposed of;
(c)whether any such facial images will be retained or used for purposes other than those for which the identity verification is to be requested;
(d)what legal obligations the party seeking to collect the identification information has in relation to that collection;
(e)what rights the individual has in relation to the collection of the identification information;
(f)the consequences of the individual declining to consent;
(g)where the individual can get information about making complaints relating to the collection, use and disclosure of the identification information for the purposes of requesting and provision of identity verification services;
(h)where the individual can get information about the operation and management of the approved identity verification facilities by the Department in connection with the requesting and provision of identity verification services.
1.86A participation agreement would require each party to:
outline which identity verification service it is requesting;
'comply with the access policy for each service' it requests;
not use information obtained from an identity verification service 'as the only evidence of the individual's identity in criminal or civil proceedings to which the individual is a party;
not disclose information obtained from an identity verification service unless required to by law or in circumstances permitted by the terms of the participation agreement; and
stipulate that officers, staff, employees, or contractors of government authorities are not permitted to make a request to an identity verification service that could result in the service providing that person with a facial image, unless they are 'trained in facial recognition and image comparison'.
NDLFRS hosting agreement
1.87The department would be required to enter into a written NDLFRS hosting agreement with each state or territory authority that 'supplies or proposes to supply identification information to the Department for inclusion in a database in the NDLFRS'.
1.88Each state or territory that would be party to the NDLFRS hosting agreement must also be subject to a state or territory privacy law, the Privacy Act1988 (Privacy Act), or agree to comply with the Australian Privacy Principles.
1.89The NDLFRS hosting agreement would need to include provisions for the state or territory to:
inform individuals that their identification information is, or is intended to be, included in the NDLFRS;
provide individuals whose identification information is in the NDLFRS with the means to find out what that information is and to have any errors corrected;
inform individuals of any data breach that involves their identification information in the NDLFRS and is likely to pose serious harm to them;
have appropriate complaint handling procedures for individuals with identification information in the NDLFRS; and
report annually to the AGD on its compliance with the NDLFRS hosting agreement.
1.90The NDLFRS hosting agreement would be required to include provisions for the department to:
ensure the security of the information in the NDLFRS, including through the encryption of that information; and
inform other parties to the NDLFRS hosting agreement and the InformationCommissioner of data breaches that involve information in the NDLFRS.
1.91There would also be a requirement to include a provision in the NDLFRS hosting agreement for the suspension or termination of the ability of a party to request NDLFRS identity verification services if they do not comply with the terms of the agreement.
The Consequential Amendments bill
1.92The Consequential Amendments bill would amend the Australian Passports Act2005 to enable the minister to, on request, disclose the personal information of individuals participating in the DVS, FVS, or 'any other service specified, or of a kind specified, in the Minister's determination'. That disclosure would allow for the sharing or matching of information related to an individual's identity.
1.93That information may be provided to an identity verification service 'before being disclosed to the person participating in the service'.
1.94The information may be disclosed using computer programs.
1.95The EM explains that the Consequential Amendments bill would:
…allow for automated disclosures of personal information to a specified person via the DVS or the FVS…this comprehensively authorises the operation of the DVS and FVS in relation to Australian travel documents regulated by the Australian Passports Act.
1.96The Department of Foreign Affairs and Trade (DFAT) uses the DVS to issue passports. That identity verification service allows it 'to securely validate biographical information contained in Australian state/territory government‑issued identity credentials, such as driver's licences or birth certificates'.
1.97DFAT explained that the DVS plays a critical role in ensuring that the Australian passport retains 'its National Identity Proofing Guidelines (NIPG) level of assurance of four — Very High ("Gold standard")'. The retention of that standard 'gives other government agencies a high level of confidence when verifying biometric information through the [FVS]'.
Consideration by other parliamentary committees
1.98When examining a bill, the committee takes into account any relevant comments published by other parliamentary committees.
Senate Scrutiny of Bills Committee
1.99The Senate Scrutiny of Bills Committee (Scrutiny Committee) considered the bills in its report of 18October 2023.
1.100The Scrutiny Committee raised issues regarding the disclosure of personal information that would occur as a result of the amendments contained in the Consequential Amendments bill.
1.101In relation to the IVS bill, the Scrutiny Committee welcomed the inclusion of a range of oversight measures and left it:
…to the Senate as a whole [to determine] the appropriateness of enabling the extensive sharing of personal information for a broad range of purposes, and to a broad range of agencies.
Parliamentary Joint Committee on Human Rights
1.102The Parliamentary Joint Committee on Human Rights (PJCHR) considered the bills in its report of 18 October 2023.
1.103The PJCHR noted that the IVS bill engages the rights to privacy, social security, equality and non-discrimination, and effective remedy.
1.104The PJCHR sought further information from the Attorney-General in relation to the identity verification facilities and services with the rights to privacy, social security, equality and non-discrimination and effective remedy.
1.105At the time of tabling this report, the Attorney-General had not provided his response.
Note on references
1.106In this report, references to Committee Hansard are to the proof transcript. Page numbers may vary between proof and official transcripts.