The National Criminal Investigation DNA Database (NCIDD) is the first Australian DNA database that automates the destruction of profiles on the database to meet legislative and privacy requirements. Profiles are removed from the NCIDD when destruction dates are specified. No trace of the DNA profile(s) or associated matches remain, except for a record of the destruction date within audit logs.
The DNA markers held on the NCIDD have been specifically chosen for forensic use because they do not reveal any details about age, ethnicity, race, appearance or medical conditions. Researchers are not able to link a DNA profile to an individual’s medical history or conditions. They are derived from nine points of non-coding or ‘junk’ DNA and a sex determinant.
Data security is of primary importance in ensuring the protection of personal privacy. The NCIDD was designed to incorporate best practice IT security. All activities on the NCIDD are logged including any modification or deletion of data. In addition to logging changes, the system requires two authorised users to confirm changes before they are implemented. The principal activity of users on the database itself is also logged to ensure full audit/traceability of user operations to satisfy the Commonwealth Privacy Act 1988.
Data is viewed via a web browser on PCs located in each jurisdictional forensic laboratory. All users of the database must be authorised by their jurisdiction before access is granted. Each user must log in with a password before gaining access and users are logged out after a set period of inactivity. Passwords are maintained by CrimTrac. Only authorised users within each jurisdiction are able to access the records within the NCIDD.
Information on specific records can only be obtained from the jurisdiction which owns the information and enquiries relating to records held on the NCIDD are directed to the appropriate jurisdictional officer.
The period of time for which the NCIDD information is kept differs among the jurisdictions. This information can be found within the relevant jurisdictional legislation.
The NCIDD uses the following categories for DNA profiles:
The information on the NCIDD is entered by the authorised users from the laboratory that processed the sample from which the DNA profile was obtained. The contributing jurisdiction identifies each of its NCIDD records by a unique number and also controls other information related to the DNA profile.
CrimTrac itself does not enter data into the NCIDD. The NCIDD was deliberately designed to ensure that it is unable to identify individuals through the data held within the database.
The NCIDD cannot identify any individual from the information it holds. It does not contain any fields that are normally referred to as identity details such as names, addresses, dates of birth; or personal markings (tattoos, scars, eye colour, height, or weight).
Legislative Framework
The NCIDD operates within a complex federal legislative framework. This means that different Commonwealth, state and territory legislative provisions may apply at different stages of collection, storage and use of the information contained in the NCIDD. The governing legislation for the NCIDD includes:
Commonwealth (federal government) |
Crimes Act 1914 |
Australian Capital Territory |
Crimes (Forensic Procedures) Act 2000 |
New South Wales |
Crimes (Forensic Procedures) Act 2000 |
Northern Territory |
Police Administration Act |
Queensland |
Police Powers and Responsibilities Act 2000 |
South Australia |
Criminal Law (Forensic Procedures) Act 2007 |
Tasmania |
Forensic Procedures Act 2000 |
Victoria |
Crimes Act 1958 |
Western Australia |
Criminal Investigation (Identifying People) Act 2002 |
An example of jurisdictional governance is shown at Table 1.
Table 1: Indicative Jurisdictional Variation for Offenders on the NCIDD
Jurisdiction |
Collection |
Storage |
Use |
Access |
Commonwealth of Australia (federal government) |
Upon conviction |
Retain unless conviction quashed |
Full matching |
Authorised users |
Australian Capital Territory |
Upon conviction |
Retain unless conviction quashed |
Full matching |
Authorised users |
New South Wales |
Upon conviction |
Retain unless conviction quashed |
Full matching |
Authorised users |
Northern Territory |
Upon arrest |
Retain |
Full matching |
Authorised users |
Queensland |
Generally upon arrest |
Retain on conviction |
Full matching |
Authorised users |
South Australia |
Upon conviction |
Retain |
Full matching |
Authorised users |
Tasmania |
Upon conviction |
Retain unless conviction quashed |
Full matching |
Authorised users |
Victoria |
Upon conviction by Court Order |
Unless Court Order refused |
Full matching |
Authorised users |
Western Australia |
Upon conviction |
Retain unless conviction quashed |
Full matching |
Authorised users |
N.B.
Full matching excludes the volunteer (limited purposes) category; and
all jurisdictions have the ability for application to be made and considered for removal of profile from the database.