Failed ACIC facial recognition project ‘premature’, ‘poorly scoped’: Inquiry

A bungled biometrics project that cost the government at least $26 million was “premature” and “poorly scoped,” a parliamentary inquiry has concluded.

The Australian Criminal Intelligence Commission (ACIC) in June 2018 revealed that it had terminated a contract with NEC Australia to implement the Biometric Identification Services (BIS) project. CrimTrac, which is now part of ACIC, in 2016 awarded NEC the contract for the $52 million project.

BIS was intended to replace the aging National Automated Fingerprint Identification System (NAFIS), offering both fingerprint and facial recognition capabilities.

ACIC CEO Michael Phelan said the decision to dump the BIS project was a result of delays in implementing the new system.

The Australian National Audit Office (ANAO) found that CrimTrac and ACIC management of the project had been “deficient in almost every significant respect”. 

An inquiry by the Parliamentary Joint Committee on Law Enforcement (PJCLE) examining the ACIC’s annual report concluded that the “management of the project appears to have been deeply flawed, at significant financial cost to the Commonwealth, including the loss of approximately $26 million which will not be recouped and the need to renegotiate the NAFIS contract at an additional $3 million per year.”

The PJCLE report was completed in April but tabled in parliament last week.

Phelan told a hearing of the PJCLE’s inquiry in November that the ACIC had an annual budget of $9 million a year to keep NAFIS running and was in negotiations to have a “longer-term relationship with the existing system that we have, depending on what enhancements they're able to do to the system”.

The NAFIS contract is due to expire in May 2020.

The ACIC CEO said that the agency would “explore opportunities” to “go forward with other biometrics, including facial recognition, to fuse them with the national fingerprint system.” However, Phelan cautioned that the use of facial recognition by law enforcement was still in its infancy.

“To be quite frank, we want to be able to walk before we can run, and also, in terms of law enforcement doctrine for facial recognition, it’s important that we work out how we're going to use facial recognition before we go out and spend a whole heap of money on integrating it with other systems, so we’re going through that process as well,” the CEO said.

In Australian courts, DNA, fingerprints and eyewitness testimony are accepted for the purposes of identifying someone.

“Facial recognition is not at that stage, so it's important that we actually have a doctrine about how you're going to use facial recognition — whether it's going to be used for forensic purposes, whether it's going to be used by police officers at the coalface, whether it's going to be used by detectives, whether it's going to be used in the intelligence area,” Phelan said.

Developing that doctrine should be the role of the Australia New Zealand Policing Advisory Agency, the ACIC chief said.

“The committee recognises the significant benefit to law enforcement from new and emerging technologies, including facial recognition,” the PJCLE report said.

“The committee supports adoption of these technologies for clearly articulated purposes and following rigorous assessment of law enforcement needs.”

The reported added: “In this instance, the committee is left to conclude that the justifications for the BIS project were only partially developed and/or were poorly articulated at the time the contract was negotiated with NEC and that these issues were neither identified nor appropriately addressed as the project progressed.”

The committee said it “will monitor the ACIC's response to the ANAO audit report, and looks forward to the ACIC keeping the committee apprised of future projects to implement facial recognition technology for use by Australian law enforcement agencies.”