The process of biometric verification of passport information is currently completed manually within the Australian Department of Foreign Affairs and Trade (DFAT), and it has a number of significant drawbacks.
Writing in a submission [PDF] made public on Friday, the department said it presently responds manually to email requests from other departments to verify information. The emails contain a request form, and as a check, the department said it only accepts requests from government email domains.
If the requester asserts they have authority to send the request, and the desk-level DFAT staff member has to question to believe that assertion is incorrect, the request proceeds.
"The department does not have the specialist law enforcement expertise needed to assess the merits of the requests it receives, and does not seek information on this from other agencies," it said. "As such, its decisions about whether to disclose personal information to these agencies are, in a sense, mechanistic, based on whether requests satisfy simple business rules.
"If agencies satisfy those conditions, the department will in practice always approve their requests."
DFAT revealed it does not have a system to track the process of requests, and therefore has no logs available to audit, nor to produce statistics from.
The submission to the Parliamentary Joint Committee on Intelligence and Security review of a pair of Bills introduced in February to create an identity matching system between government agencies in Australia said that once the system is active, it expects to see thousands of requests each day, and the present system could not cope.