Note: Where available, the PDF/Word icon below is provided to view the complete and fully formatted document
Parliamentary Joint Committee on Law Enforcement
21/09/2012
Gathering and use of criminal intelligence

DIEDRICKS, Mrs Jane, Senior Legal and Policy Adviser, CrimTrac

SMITH, Mr Doug, Chief Executive Officer, CrimTrac

[10:38]

CHAIR: Welcome. We have received your submission and it has been marked submission No. 4. I invite you to make a short opening statement, and following that I and my colleagues will ask you some questions.

Mr Smith : Just having sat in the committee room while some of the other witnesses have given evidence, it strikes me that probably the most important opening remarks that I can make is that there is a very clear distinction between the role of CrimTrac and the role of the Crime Commission with respect to information and intelligence. CrimTrac's role, if you like, is a data warehouse, a library, of operational information. CrimTrac does not value-add that information in the way in which you would if you were an intelligence gathering body. The Crime Commission, under Mr Lawler, has spent a fair bit of time and effort in making it very clear that the national intelligence role for criminal intelligence that they have is complementary to but quite distinct from the role that CrimTrac has.

If you were to look at the datasets that CrimTrac houses and potentially could house, none of those particular datasets of themselves contain information that value-add to what police do as a collective group of data. If you look at the fingerprints, for example, every day the fingerprint library provides very good operational results but it is by the use of that information by the 60,000 police that are in the country that it has value.

Intelligence is a very different activity and, from intelligence, you will find whether you have got investigative leads or operational requirements that come from that. The other thing that strikes me as important, I think, to make a comment about is the way that information is used by police in this country—and I will focus mainly on police rather than other agencies. As a young police officer in Western Queensland in Roma, I would know who has come into town, who has left town, who has been in trouble when they have gone to Brisbane or whatever. I would know what was happening. I did not need a large information or intelligence holding to understand what was happening in my area of responsibility.

When you look at the national and the international ramifications of the way that we live our lives and the fact that we have got 60,000 police in a country of 23-odd million people, what you try to do is replicate the country town in a national or an international setting. If, as a police officer, someone arrived in Roma, out of curiosity I would make it my job to say hello. What we do with information and intelligence is to satisfy that curiosity at a national and perhaps an international level. Just to repeat: CrimTrac is the library of information; other agencies, such as the Crime Commission, are those which use and value-add that information to make it capable of targeting activity or whatever.

CHAIR: You house a library of information, and I understand that you do not take ownership of that information.

Mr Smith : That is very correct. One of the important things when other witnesses have spoken about privacy and security of data, as the CEO of CrimTrac, I cannot access the data housed by CrimTrac. I have no access to our fingerprint holding. I have no access to our NPRS—the National Police Reference System. As an agency, the information is not any information that we operationally look at. We own the system. We provide the capability but we do not do anything with the data itself. It is put there by the members of the various police forces and it is accessed by those police forces.

CHAIR: What do you say about the allegation that we are heading towards a duplication of criminal intelligence data with the Australian Crime Commission and others?

Mr Smith : Firstly, with respect to duplication or overlap between CrimTrac and the Crime Commission, I do not believe that that is correct. As I said, we are the reference library for operational information. The Crime Commission has a very specific and complementary role, and I do not believe there is any duplication in that regard. With respect to other information types and other information holdings, there is what we have today and what potentially CrimTrac could do to value-add information that could be gathered at a national level. If you look at what we actually collect today, it is a reasonably small compass. We look at the information, for example, around fingerprints, DNA, the National Police Reference System, which has some pretty significant but very limited operational information. Those particular holdings are agreed to by our board. They are accessible, depending on the user rights of the members of the police force. What we could potentially house—that is always a very good operational question: where would we add more value? It is a balancing act on the part of our board.

I think committee members are aware that we have a board which is largely the commissioners of police of Australia. What we could add to those datasets is constantly being examined by the board and we are having conversations—I think they are reasonably public—around information with respect to firearms. Again, any information with respect to firearms that could potentially be housed by CrimTrac would be in the nature of reference data as opposed to value added intelligence. I hope that answers you.

CHAIR: That would allow your partner police forces or the Australian Crime Commission to access that data.

Mr Smith : It is then, Chair, for others to look at the data and see what that data does to their particular intelligence-gathering and value-adding activities.

CHAIR: Each police force has its own intelligence holdings. Is any ongoing work being done about the interoperability of information that is stored with state and territory police together with using the resources of CrimTrac?

Mr Smith : Today in Adelaide there is a meeting of all the chief information officers from around the police forces in the country. One of the items they are actually talking about is the connectedness of the various systems and the potential connectedness of the various systems around the country. This is a very fundamental point, I think, for the terms of reference of the committee. When we talk about interoperability, that does not necessarily mean information sharing. I think a very important distinction needs to be drawn here. When I make a telephone call to relatives in the Netherlands it is because we have got interoperability between Australia and the Netherlands. When I talk to the family in the Netherlands, that does not guarantee information sharing, because my Dutch is not real good and their English is not real good! So interoperability allows you to connect but it does not guarantee information sharing.

The conversations that we are largely having inside the police forces in Australia are two quite distinct conversations. We must draw that distinction, because one does not guarantee the other. You can have information sharing without interoperability; you can have interoperability without information sharing. We have to be very clear on those distinctions. When you talk about information sharing, the sovereignty of data and the purposes of its collection within a jurisdiction are just as complicated within that jurisdiction as between jurisdictions. So there will be privacy implications in one jurisdiction that are not relevant in another. There will be operational considerations in one jurisdiction that will not be relevant to the other. They are two very distinct conversations. But, yes, there are ongoing conversations on both topics.

CHAIR: Thank you, Mr Smith. Senator Nash?

Senator NASH: That is very interesting and useful; thank you very much. You used the analogy of talking to your family in Holland. You were saying that you can have information sharing without the interoperability. If the interoperability is the connectivity, if you like, how do you information share without the connectivity?

Mr Smith : Email, written reports—we have been doing it for years—verbal conversations and meetings.

Senator NASH: Sorry, just for the new kid on the committee, what connectivity is the interoperability that is not those other things you were just talking about?

Mr Smith : It can be quite a broad spectrum when you talk about a conversation, if you can pardon the pun. With respect to interoperability, when we build something in information management terms, there are many considerations—historical, contemporary and future—that need to be considered. If you look at the information management systems in a police force, for example, they are based on a lot of historical decisions that we have to live with today.

If I can give you two very distinct examples, Senator, that may assist. In the early part of the last century, most police forces in the world agreed on a data standard, for want of a better phrase, with respect to fingerprints. So every police officer in this country that has got a bit of age about them knows how to take inked fingerprints: you just roll the 10 prints out. It is done the same way in nearly every country in the world. What that allowed us to do was to share that inked print, on paper, with someone anywhere in the world. We used to take up to 10 copies, depending on which police force you were in, and that did not guarantee you got 10 good sets of prints.

Basically, that is a data standard.

In 1942, as a result of black marketeers during World War II, commissioners of police agreed to have one library of fingerprints, which was housed at the central fingerprint bureau at New South Wales Police because they had the largest library to combine. So in one sense we have had since 1942 in Australia interoperability and information sharing around fingerprints. When we went digital in the 1980s all we did was take what was already capable of being shared and put it into a different format. That changed the conversation around interoperability. At the end of the day, we have the same net outcome, which is the fact that we can share fingerprints which are used for operational information with people throughout Australia and potentially anywhere in the world.

With respect to information systems, however, we do not have the legacy if you like of those good decisions. The way some police forces do their operational work is often dictated by the systems they have. The systems they have in most police jurisdictions in Australia are showing the legacy of decisions taken decades ago. If you look at the New South Wales police information system for example, the foundation for those was created back in the 1980s. Their investment, which has been replicated and added to over time, means that they do things in a particular way. Another important conversation around interoperability and information sharing in systems is that systems are usually built for the practices they are created for. If I conduct an investigation in the Queensland police, where I have worked, the things that are taken into account when building the system will be the Police Powers and Responsibilities Act and the Criminal Code of Queensland, which will not be the same as in other jurisdictions. So the way the Queensland police collect and add data to their system will be very different from the Northern Territory police force, for example, because their legislation is different and therefore their systems will have been built differently. So you have issues around the way you do the business, because of legislation and practices, and you have legacy decisions around information systems. When you try to bring that together in a national sense it is not just a case of crunching it all together into one big database, which I have heard mentioned a couple of times today.

What you need to identify to get value out of interoperability and this information sharing is a fundamental agreement about where you get the value—you sit down and say: 'What is the most important thing that we need to share?' Obviously, the identity of a person is a primary thing, because policing and national security is a people business. The most important thing is the identity of the individual, so commissioners of police in Australia have said historically: 'We want to know about potential offenders. Fingerprints is a pretty good way of doing it.' Therefore we have a really good fingerprint library based on a decision that goes back to 1942. We made very good decisions in the early part of this century with respect to DNA. We said: 'That is a really good thing to share nationally.' Other things that you may think useful to share may not be as precise as that, so then you have a question about the cost, the value and whether it really is something that is worth doing. When I appeared before this committee previously, we spoke about national case management. There is a conversation to be had there, but is that the most important thing to share information on? I hope I have helped there.

Senator NASH: You have, definitely. I am still trying to get my head around the interoperability. Is that the ability to be able to share information if you choose to?

Mr Smith : Yes, definitely. It is a very complex question. That is why I spoke so much before.

Senator NASH: Which did help, by the way.

Mr Smith : When I have information it is possible to gain the vehicle to share in a number of different ways. When you go and put your card into an ATM there is a standard that means that the ANZ bank can talk to the database owned by Westpac. That took a long time to create, but there was a real, commercial imperative to make that happen. When we look at police information—

Senator NASH: So that is the interoperability between the two?

Mr Smith : That is interoperability. But it is also information sharing, because they needed both. If you want to share the information you need good information standards, you need a desire to do it, there has to be a cost benefit that says it is worthwhile doing and then you need the interoperability.

If we are looking at police information and issues around sharing information, it really is the same as with the ATM: each has their disparate databases, they need to talk to each other and they will create the environment to both share and operate. When we look at police databases, they are all different and there are a number of ways to create both interoperability and information sharing and we have tried to outline those in our paper.

One way is the great big database, so everyone goes to the centre and draws from the centre. That is exactly what we have got with our fingerprint system, but that is not replicating the ATM bank example. Another system is the DNA system, where each jurisdiction houses its own database and we have a central database. To create both interoperability and information sharing we can communicate to the centre and we do share the information into a central database. That is the second way that you create this capability of both interoperability and information sharing. The third way, which we do not do a lot of in Australia but the FBI in the United States is a good example of it, is where you leave the data alone in the jurisdiction and you get what I term a 'great big google' for police where you agree on the capability to look at the data which is made available for you to look at.

So there are three different ways that you can achieve this particular outcome and we have tried to put that in our paper. But what is important is that you understand the questions of sovereignty of data: what they will share from the jurisdictions is what they want to share and that they can legally share. There are cost benefits that need to be taken into account and of course there are the jurisdictional questions of desire or whatever.

Senator NASH: That is really useful, thank you very much. In your submission you say:

… it is increasingly likely that a centralised approach is not the solution that will be acceptable to the information owners. A distributed or federated access model is more likely to suit the need.

Are you saying that just having one central data point is not the answer—that it is more a silo and access to silo arrangement that you prefer?

Mr Smith : I do not like to use the word 'silo' because that has such negative connotations. The point I am trying to make there is based on two things. One is that if you had had this conversation with me when we set up CrimTrac back in the late 1990s I would have said, 'Let's go to the central database,' because that was the predominant technology thinking at the time. But for technology reasons the world has moved on so dramatically you do not have to have everything in an identical format to be able to look at it.

Senator NASH: Does this go back to that 'google' approach?

Mr Smith : Yes. Because technology has moved so far and the tools for searching data have changed so dramatically you really do not need to bring it all to the centre.

Senator NASH: So the data does not need to move to the centre, you can just go and access it anyway—

Mr Smith : Go to the data.

Senator NASH: regardless of where it is, but you have a centralised accessibility.

Mr Smith : Absolutely. When I am in the Netherlands and I go to the ATM in Bergen op Zoom I can put my ANZ card in the wall and get money and it does not matter that my central database is somewhere back in Australia. That is exactly what we are talking about here: you do not need to bring it to the centre to share it. So, because of the technology tools shifting, perhaps—as we have put in our paper—the conversation is not about this great big database. And the advantages of that are very, very significant. There were some questions earlier for my colleagues from the Attorney-General's Department. If it is not Commonwealth managed data, for example, all the issues of jurisdictional ownership, sovereignty, privacy or whatever do not become the centre's problem. So if the South Australian police agree that particular aspects of their data holdings can be shared you leave all those issues with that jurisdiction. If they agree to share, that is good.

The other thing that is really important is that one size does not have to fit all. With a central database the provisioning and the consumption are really problematic, and experience shows that it takes a long time to get agreement on a national thing. It does not matter if it is data on education, health—

Senator NASH: Or harmonisation of rail lines.

Mr Smith : or harmonisation of just simple traffic laws—it takes a long time. The point there is that if jurisdiction A says, 'We will only give a little bit,' and the other jurisdiction says, 'We will give access to a lot,' you do not crunch that into a central database, which is problematic.

Senator NASH: So the centralisation becomes a mindset thing rather than a physical thing.

Mr Smith : Yes, and that is the critical point: what is the objective? Is the objective to have data in a single place and manage it there—which I do not think the objective is—or is the objective to have access to useful information for operational reasons? It does not matter if it is reference data—which, as I spoke about, is what we house at CrimTrac—or if it is intelligence. What you are really talking about is the need, not the tool. If we get away from the conversation around the tool and talk about what need we are trying to satisfy, there are plenty of tools out there that can be put to the task.

Senator NASH: Thank you very much; that makes a lot of sense. I have just one last quick question. What is the standardised code directory? In your submission you say:

The absence of a standardised code directory that can operate across systems is the dependency upon which the success and absolute value of interoperability hinges.

Could you just translate that into English for me?

Mr Smith : I hope I have been reasonably fluent in English—it is better than my Dutch! The comment there goes back to experiences I had when I worked on IT projects when I was in the Queensland police service. It goes to questions such as, how do you write your name? When you fill out a form, is surname in a separate place, and then there are your given names? Or is it surname with a comma and then given names? In police forces it was often different in reports. With some police forces you would put the given names and then the surname in capitals. Other police forces would mandate that you put the surname then a comma and then the given names. To share information in a way whereby it is easy to share, you need actual data standards. In dealing with Asian names and Arabic names, there is a huge conversation that needs to be had on how you will actually gather those for official purposes. So when you talk about the creation of standards around passports, there is a conversation to be had there. The point I am trying to make is that to get greater potential from the data that is kept locally you need to make it visible in a way that is consistent—in other words, driving on the same side of the road.

Senator PARRY: I love your explanations, Mr Smith. They are very good. You are putting it in to the English that we can comprehend readily. Perhaps I could drill down now into some issues of more practicality, if you like, in relation to this. I think you were in the room when I asked some questions about which should be the lead agency—the agency that perhaps disseminates controls and the organisation of this information. My question—and I am basing this upon your answers—is (a) do we need one and (b) if we do, is CrimTrac positioned to take on that task of the control dissemination and accessibility of the information?

Mr Smith : Listening to some of the previous witnesses I have obviously contemplated this particular question. It is a short question, but a very complicated question. When the NCA was created we had a separate body called the Australian Bureau of Criminal Intelligence. We merged those two agencies together to create the ACC. One of the reasons for that was the question of control and where the best management of activity could take place. I know that on a number of occasions, particularly at the Commonwealth level, there has been conversation about whether CrimTrac, for example, should live within the AFP; should it live within the Crime Commission should there be some structural change in that regard?

I am conscious of the chair's words commenting on matters of policy. But the sense that I get is that commissioners are very comfortable dealing with CrimTrac and its mandate in a separate environment to that of the mandate that is given to the Crime Commission—and for very good reason, if I can not speak for them but try to articulate the sense I get from them. They look at CrimTrac as a very different entity to the Crime Commission. I believe that when they meet as members of the board of the Crime Commission their focus is on what the tasks are and what value we will get from mandating particular tasks. Managing that is a very different activity to managing what CrimTrac does, for a whole host of reasons that go back to my earlier answers.

So when they look at what happens inside the Crime Commission, it is different. It is so fundamentally different that the management of it is fundamentally different.

Senator PARRY: Could I stop you there. I comprehend what you are saying. Can we then look at CrimTrac disseminating, like you do with the three major databases you have now—I will call them that. For example, would you pick up all the registration details from every transport commission in each state and disseminate all of that information, because that could aid in criminal intelligence? It goes back to my building-block-approach question from the very beginning. Would you just start picking up discreet areas of information collation and sharing and build it that way? Then, the only thing you probably would not do is that you would not have any intelligence development capability—you would then leave that to the ACC. Is that a model that we could look at, moving forward?

Mr Smith : Yes, and I was present when my colleagues from the federation were here. There is in fact a present mandate given to CrimTrac by the board with respect to vehicle and drivers licence data. So, in our national police reference system we in fact have a mandate to make that data available. It is very much a building block.

With respect to firearms, we already have a mandate for firearms data, and there is a national conversation going on around how that—

Senator PARRY: So you have the mandate but you do not have the capability at the moment?

Mr Smith : We are building the capability with respect to vehicles. We have a mandate at the moment with respect to some further elements of firearms data. But as you are well aware from your past, they are the foundational pieces of information. I fully support that particular approach. I think it is the right approach. I think the expression used earlier was 'the low-hanging fruit': name, address and date of birth, the three key pieces of information police always want to know. What is attached to that name—if I can use that expression—is: are there warrants outstanding; are there domestic violence orders; and what motor vehicles does the person own. These are all matters of public record. They are reference pieces of information and I do think they are the things that should come to CrimTrac, as opposed to the intelligence type information that goes to the Crime Commission.

Senator PARRY: That makes sense.

CHAIR: Regarding the national number plate recognition system, it has been looked at for many years. Some states and territories are looking into it individually. Would you see that also as being something to Google, to use your analogy, or would you see it being nationally housed in CrimTrac?

Mr Smith : If I may, I think there is a conversation that needs to precede that. In the UK—in England and Wales—for example, they have a particular approach to number plate recognition. We do not have a unified approach in Australia as to how we use that tool.

Again, I need to separate the tool, and what the capability may be, from the business demand. I do not want to get into too much of an operational conversation here—I do not think it is helpful—but number plate recognition can be used overtly and covertly. Some jurisdictions would like to see it used in one way and other jurisdictions see the value in doing it another way.

Senator PARRY: Why can't it be done both ways?

Mr Smith : Well, it can. In a jurisdiction like Western Australia, for example, their real emphasis is on very overt number-plate recognition with respect to registration, drivers licences and things like that. In other parts of the country they do it for more convert surveillance purposes. So it will be static ANPR—who is coming and going from a location. They make that decision on a business need. CrimTrac's role in that, as we move forward, would be the national view of the core data that informs the activity of the jurisdiction.

What I am saying is that if you look at what CrimTrac would do to value-add that activity to make the activity a national activity—whose vehicle is it? So it is the vehicle record—how that reference data is then used is a matter for each jurisdiction so that they can go their own ways and put their own emphasis on it.

Where we would also add value—and this is something we are having a conversation around—is: do I attach to the vehicle record the owner's details? The answer, obviously, would be yes. Do I add outstanding warrants, traffic or otherwise, to that person? Do I add to that data the fact that the registered owner of that vehicle has domestic violence orders, of whatever nature, in a jurisdiction? So, CrimTrac's role, if you like, is really the reference data that is consumed. How it is then operationalised within a jurisdiction will be entirely their call. And it may differ from location to location within a state.

So, yes, I think CrimTrac definitely has a role. We have looked at this in the past. We have a meeting with chief information officers underway in Adelaide, and they are talking about it today.

CHAIR: For CrimTrac to house the information, it really does not matter how each state or territory jurisdiction chooses to operate on it?

Mr Smith : That is exactly my point.

Senator PARRY: So you would just need permission to access the localised databases for that information, and then you sought or processed that information in such a way as to give the outcomes that you have just indicated.

Mr Smith : At present the ANPR in WA, for example, only consumes WA records. So they only know about the vehicle in Western Australia. So, if they got their ANPR out at Kalgoorlie, and a South Australian car goes through, it cannot talk about it. But we definitely can add value—

Senator PARRY: You aim to facilitate that. So, for example, if I am an agent in the ACC and I have a particular interest in a particular person and I know their motor vehicle, eventually I should be able to punch in that number, and the way you would sort that data would be such that I would have all the discrete or static camera location pass points and everything I would need to know about the movement of that vehicle, and certain parameters that I would need to know.

Mr Smith : You have just taken this conversation a step beyond. It is a conversation that has not been had yet. In the United Kingdom they store the contacts, if you like, with a vehicle. So they can actually retrieve information such as: this vehicle was seen here, here and here, and at what dates and times. We have not had that conversation nationally, but within the ACT they have, because they have ANPR on a couple of roads here and they have very strict rules about how long that data can be kept and what use can be made of it. So, when you see a vehicle on the Tuggeranong Parkway, I think it is kept for only a limited period of time before it is deleted. We have not had a conversation or reached any agreement with respect to that second issue about data being kept.

Senator PARRY: Can you see us getting to that point?

Mr Smith : I believe we need to have the conversation, because different rules will apply in different jurisdictions. Some jurisdictions, New South Wales for example, already keep truck data when they go through static scanning points. The ACT took a different approach. So, yes, we need to have the conversation, but where it lands is something that I could not speculate on at this point in time.

Senator PARRY: Just moving into the future, could you then have an officer say, 'Well, I want this registration number flagged,' and then you get an alert every time that vehicle does something? Can we get to that capability?

Mr Smith : Yes, and in the past that has been part of the policy consideration of the commissioners. To take a hypothetical, if a target had been identified by an agency, a police force or whatever, and they were interested in know if a vehicle was seen somewhere, I do not see a philosophical difficulty between putting out an all-points broadcast nationally, 'If you see this vehicle, detain,' or making a digitised record so that if they go through ANPR in Kalgoorlie it flags for the police officer out there that that vehicle is of interest. I cannot see any policy differences between those two situations.

Senator PARRY: On a more futuristic issue, could you see a time in the future—I think the technology already exits—where, from a static camera in the CBD of Sydney, for example, or Kings Cross, which is very topical at the moment, face recognition is just punched in and comes up if there is a face on a database somewhere else that is matched with that face? The future is probably here, but from an operational perspective can you see that coming to life.

Mr Smith : I do not want to get too technical, but I do need to make a couple of points. Number plate recognition relies upon some pretty simple algorithms around character recognition. You have very distinctive number plates with high definition, which enables ANPR to work very well.

When you look at the numberplate KHR966 it comes up very well and the chance of false-positives is very low.

One of the difficulties—and I think it will be a difficulty for quite some time with facial recognition—is that it is very useful in a spacial sense. Where it works well is if you have very clear definition around the use. You will see great technology on television or whatever—and I am talking about non-fiction TV shows. You will get very good results if you have facial recognition in your workplace and therefore the camera will say, 'Is this person someone that I know about in this database?' As you walk into the building, it will say: 'Good morning, Mr Smith,' because it is very constrained about who is going to be there and therefore the chance of a false-positive is very low.

If I were to have a library of faces that I could access, the first problem you have is the quality of the originating image. The second problem you have is the quality of the matching image. The third problem you have is the number of false-positives that you will get. It works very well. In the UK we have seen examples in investigations. But there you are bringing your parameters to such a finite number that you say, 'I want you to see if in greater Manchester in the middle of the city someone looking like that is going down that street.' You will not get the NCIS-type statement that they have just searched the libraries of the faces of the world and they think this is your person. You would literally get thousands, and you get gender crossovers and all sorts of things because the technology is not that good. Will it become that good? In my lifetime in policing things have changed dramatically and it may well, but I do not think we are at that point yet.

Senator PARRY: You have raised a very good point about the public perception that that is a realistic notion. The public seem to think that we have all this information about everyone that we share with every agency every minute of the day, so when we punch in 'Stephen Parry' everything about me comes up instantly for everyone to see. That is what I think the public think happens, whereas we know that that is not the case.

Mr Smith : With respect you would get better results on Google than you would from the databases that we have.

Senator PARRY: Do we need CrimTrac at all—or just use Google! That is very good, thank you.

Senator NASH: Thank you for the explanation of interoperability. What are the impediments to that interoperability to work as well as you would like it to or better? Currently when you are looking at interoperability, what are the barriers or impediments to it not working as well, efficiently or appropriately as you would like? There may not be any.

Mr Smith : It is a good question. Interoperability as a capability is a technology question. Technology is like drag racing: you want to go faster, spend more money. The interoperability question therefore is: is your desire matched by your ability to invest? With respect to CrimTrac, for example, when I meet with the board the question they want to consider if we are going to look at additional data is whether it will provide operational benefit. They also want to know if that operational benefit is going to be arrived at with a good value for money case. I can take you to one system we have not spoken about, the Child Exploitation Tracking System. We have an ability to match images that come from potential offenders and compare those with known images to try and identify pedophile activity. When I took that case to the board, the board first wanted to know that it would provide good operational benefits. They then had to consider whether those operational benefits would be arrived at by a good business case. You have to balance those two things.

I mentioned earlier the chair of our national case management. When we talk about national case management, do the potential benefits get arrived at by a good investment proposition or one that cannot stand up?

So you look at national case management: will the investment provide the return that makes it worth while? Sometimes you just have to say, 'We just have to suck it up and cop the fact that we haven't got good interoperability, because it will just cost too much.' I think the board always assume great maturity—if I cannot be too patronising to the board—in having that conversation.

With respect to number plate recognition, the board has in fact considered that in the past. The board determined at that particular time that the business case was far too expensive for the return on the particular investment at the time. But, as technology changes, as the costs of the technology change, as public acceptance changes they will revisit those decisions. So, with firearms, for example, we are now revisiting decisions with respect to firearms licensing and the systems that support that. We go back and ask: why did we make this decision in 1996? Did we look at it in 2003? Now we are having another look at it in 2012 because things have changed. When you talk about interoperability, it is not a point in time question. We have to keep cycling it through to see whether the benefits and the costs have changed.

Senator NASH: Thank you.

CHAIR: Doug Smith and Jane Diedricks, thank you very much for coming in. We appreciate your contribution. There may be a couple of things about which we need to get back to you in the course of our inquiry, but we will do that by correspondence.