Biometrica Compliance with Australian Privacy Laws (March 2025)

Overview

Australia’s privacy framework is governed primarily by the Privacy Act 1988 and the Australian Privacy Principles (APPs). Additional sectoral laws, including those for law enforcement and national security, apply to specialized contexts such as biometrics and surveillance. Biometrica’s design — focused on privacy-by-design, human-in-the-loop processes, and non-retention of biometric data — aligns with Australia’s regulatory expectations.

Australia: Privacy Act 1988 & Australian Privacy Principles (APPs)

Applicability

The Privacy Act 1988 applies to private sector organizations that collect, use, or disclose personal information, including biometric information when used for identification purposes. Australian law also recognizes sensitive information, which includes biometric data.

Biometrica Compliance

• Biometrica does not collect or store biometric identifiers, biometric templates, or faceprints.
• All biometric comparisons are performed externally by a NIST-approved third-party provider, operating within an isolated black box environment.
• Biometrica does not engage in mass surveillance or generalized biometric monitoring.
• The only data used is law enforcement-sourced, consisting of public safety information including booking, arrest, warrant, or missing person data.
• All alerts are subject to human verification, satisfying the APP 1.2 principle of reasonable steps to ensure accuracy and accountability.
• Biometrica systems comply with data minimization and purpose limitation principles, only processing information relevant to public safety or authorized security purposes.
• Where Biometrica systems are used in Australia, Privacy Impact Assessments (PIAs) are conducted in line with OAIC (Office of the Australian Information Commissioner) guidance.

Law Enforcement & Security Exemptions

• Biometrica’s systems are designed to work exclusively under contracts with law enforcement agencies or authorized security service providers.
• Under section 7B(2) of the Privacy Act, Biometrica’s activities may qualify for law enforcement exemptions when operating under the direction of or on behalf of law enforcement bodies.

Compliance Highlights

• Biometrica’s systems adhere to Australia’s core privacy principles:
  • Proportionality — no mass surveillance, only relevance-based, human-verified alerts.
  • Data Minimization — unmatched images are discarded instantly.
  • Transparency — audit trails and immutable logs are maintained.
  • Accountability — alerts require human review and legal justification.
• Biometrica does not operate a biometric database or gallery.
• No one outside of credentialed and trained law enforcement analysts and investigators, or vetted individuals from other public safety agencies have access to images or data in the UMbRA database. 
• Biometrica does not sell data to third-party advertisers.