Biometric scans at Aussie bars spark privacy law controversy

But first...fingerprint, please // Source: 4bars.com.au

Bars and nightclubs in Australia are implementing more stringent verification procedures by requiring prospective patrons to submit to fingerprint scans, photos, and ID inspections.

Government officials are concerned with the new trend and are amending existing privacy laws to ensure that the private sector safeguards this sensitive information.

According to the Sydney Morning Herald, biometric scanning technology is “flooding the pub market as the fix-all solution to violence.” Several bars throughout Australia have begun implementing local biometric solution firm ID Tect’s fingerprint scanning system in addition to standard ID checks. Individuals seeking to enter a bar must first be photographed, have their ID scanned, and fingerprint stored in a database. Upon returning to the bar, the individual’s identity can be determined by scanning their fingerprint once more.

The company stores an individual’s data for twenty-eight days before removing it, and upon request the data can be removed earlier. But if someone is identified as a troublemaker, the individual’s information cannot be removed and is held indefinitely.

On their website, ID Tect advertises that its national database includes “a banned list of troublemakers - whether that listing is local, statewide or national.”

This increasing practice by bars and nightclubs is causing government officials to take notice.

Australian Federal Privacy Commissioner Tim Pilgrim says that he lacks the authority to audit the system and that there are no regulations in the industry that govern how the data is collected, stored, used, or shared.

Price cautioned that, ”Anyone using this technology should be aware that under the Privacy Act, organizations must provide individuals with notice of what will happen to the collected information. It cannot be automatically shared with other venues, even if the purpose for sharing it is the same across all the organizations.”

Other Australian biometrics companies as well as the Biometrics Institute of Australia have begun advocating for more stringent laws.

The Biometrics Institute of Australia, the industry’s main group, has called for changes in the Privacy Act including mandatory privacy impact assessments, audits with no exemptions for any group, and a unified national privacy system.

David Wallace, fingerprint scanning system director at NightKey, an Australian firm that supplies bars and nightclubs with biometric systems, has urged for more clearly defined regulations and laws to protect data because “’anything bad in the industry reflects back on everybody.”

NightKey undergoes annual audits and is working with local police to comply with security and licensing laws.

Criminologists at Australia’s Deakin University say that biometric screening devices have “slipped” into widespread use in Australia with “little public awareness, no policy consideration and questionable claims concerning their effectiveness in enhancing safety and reducing crime.”

Ben Davies, a fraud investigator, visited the Coogee Bay Hotel, which employs ID Tect’s fingerprint scanning system, and was “shocked by the willingness of so many people to hand over their entire lives in this way.”

Davies urged patrons to be “careful with identification details” because “if someone breaks into the system, that means someone could be walking around with a fake version of my driver’s license.”