90 incidents on record · 2026 Headlights Incident reports by Ellie Harris · Melbourne
10 new this week Library last updated 13 July 2026
← The incident library
HD-INC-080
Justice · Australia · 2023 · Opaque government profiling

NSW Police risk-scored people, many of them children, onto a targeting list for repeated stops, and ended the program after a watchdog inquiry

By Ellie Harris · Filed STMP in use from the early 2000s; LECC interim report February 2020

Alleged: NSW Police Force developed or deployed the AI system implicated in this incident. Details are drawn from public reports; parties are presumed innocent of any wrongdoing not established by an official finding.

NSW Police risk-scored people, many of them children, onto a targeting list for repeated stops, and ended the program after a watchdog inquiry

What happened

It was reported that in October 2023 the Law Enforcement Conduct Commission tabled the final report of Operation Tepito, its five-year investigation into the NSW Police Suspect Targeting Management Plan, and said NSW Police had agreed to discontinue the program. The Commission’s interim report described the STMP, introduced in 2000, as selecting people for sustained proactive policing, repeated stops, searches and home visits, using a risk assessment tool that ranked crime categories into numeric scores. The Commission’s interim report in 2020 examined a cohort of 429 young people placed on the plan between 2016 and 2018 and found a high proportion were recorded as possibly Aboriginal or Torres Strait Islander, that police at times used stops and searches on the basis of a person’s STMP status, in lieu, as the Commission put it, of legislative or court-ordered frameworks, that the target selection process may have introduced unacceptable risks of bias, and that the Commission could find no evidence the risk assessment tool had ever been evaluated in two decades of operation.

The Commission’s final report found the problems persisted after earlier reforms. It concluded, in the Commission’s words as reported at the time, that some police interactions with targets were, or may have been, unlawful, that the continued over-representation of Aboriginal and Torres Strait Islander young people indicated the ongoing discriminatory effect of the policy, and that the conduct amounted to agency maladministration. Two precisions matter for the record. Reportedly, the scores were applied by police officers rather than produced by an end-to-end automated system, and the tool shaped decisions officers then acted on. And the Commission withheld a formal finding against the force because NSW Police, after seeing the draft report, agreed to discontinue the plan, first for children in October 2023, then for adults in December. The program that had used a risk-scoring system to place children onto police target lists for two decades ended not with a court ruling but with a watchdog’s report the force chose not to contest in operation.

What an auditable version would have shown

The Commission’s findings pointed to two things the program had never established for itself: whether the risk scores predicted anything, and whom they were falling on. Those central findings, no evidence-based evaluation and disproportionate selection, are the kind of aggregate measures a program’s own records should have surfaced in its first years. An auditable version computes them continuously: signed aggregates of who is selected, on what score components, with what demographic distribution and what subsequent outcomes. A selection tool whose targets are disproportionately Aboriginal children is a fact the agency’s own dashboard should state plainly, in year one, to people obliged to act on it, rather than a conclusion a watchdog assembles from case files two decades in.

Where the gap was

On the Commission’s findings, the tool shaped coercive police attention for two decades with no evidence it had ever been validated. A MetricRecord makes the tool’s aggregate behaviour, selection rates, demographic skew, predictive performance, a signed and reviewable number from the start, which is the evaluation the Commission found had never happened. A ConductRecord ties each stop or visit to what prompted it, the person’s plan status, the score, the claimed legal basis, so that the lawfulness of an interaction can be assessed from the record rather than reconstructed years later from disputed recollections.

What governance should have looked like

A risk score can look like a neutral measurement, but deciding to act on one is a policy choice, and it should be held to both standards: tested to show it works, and accountable like any policy that affects people. When the people scored are children, and the consequence is repeated coercive contact with police, the bar is higher again. The reported lesson of the STMP is that an unvalidated score, applied without records that connect it to the actions it drives, can run unexamined for a generation. The tool’s makers should have to prove it works, continuously and from its own records; the people it targets should never be the ones who have to prove it does not.

Failure Pattern: an unvalidated risk score steered coercive action against people, including children, for two decades with no evaluation of accuracy or disproportionate impact.

Governance Principle: a risk score that steers coercive action must be validated before use and continuously evaluated, from its own records, for accuracy and disproportionate impact.

If this content raises issues for you, help is available. In Australia, Lifeline is on 13 11 14, and 13YARN, a crisis support line for Aboriginal and Torres Strait Islander people, is on 13 92 76.

The reference implementation of MetricRecord and ConductRecord is open source. It lives at github.com/saffronandindia/headlights-oss, Apache 2.0 licensed and free to install. The repository is public now.

Sources

The mailing list

Fresh incident reports every week. One email to match.

We add new incidents to the library regularly, and send a single short email each week with what's new. The library stays free and open; this is just how you keep up with it.

No tracking. Unsubscribe in one click.

The record

An auditable system would have produced a signed, tamper-evident record the moment this happened: what the system did, the version that did it, the basis it acted on, and the action taken, and NSW Police Force could have produced it on demand.

This is the record the system as deployed did not produce in a signed, auditable form.

What this teaches
Capture what happened when it happens
What the system did, the version that did it, the basis it acted on, and the action taken, recorded at the moment, not reconstructed after.
Sign it, so no one has to trust the record-keeper
A tamper-evident entry. Edit it later and the signature breaks. The record does not ask for the benefit of the doubt.
Make it verifiable by anyone
A court, a regulator, a customer's lawyer can check the record themselves, without taking the company, or us, at our word.

Headlights summarises publicly reported AI incidents. All summaries are independently written, attributed to their original sources, and intended for research and educational purposes. Allegations are identified as such until established through official findings.

Last reviewed June 2026. This report is based on the sources listed above and reflects information available at the time of review; later developments may not be captured. Where a person is described as charged with or alleged to have done something, that allegation is unproven unless a conviction or a court or regulatory finding is stated. Headlights publishes journalism and commentary, not legal advice.

Want to write back?

Direct to my inbox.

ellie@useheadlights.com →