Australian digital ID bill faces more challenges in its open consultation phase
This innovative project aims to create a singular, government-operated identification platform, marking a significant step toward a more efficient and secure identification system – although this may be coming into question.
Following the government’s introduction of draft legislation and opening public consultations in September, Australia’s eagerly awaited nationwide digital identity system has met yet another set of pushbacks. Experts have raised concerns about several aspects of the proposed Digital ID Bill, and the digital identity project is expected to confront security challenges.
The draft bill aims to bring together multiple identification systems in Australia, such as the (aptly named) MyGov from 2013, MyGovID from 2019, and a NSW Digital ID from earlier this year. Experts warn that consolidating these services into a government-run programme without the appropriate security could create an easy target for hackers.
The existing privacy legislation in the nation contains a gap permitting select state and governmental entities to be exempt from mandatory data breach disclosure. Additionally, Australian lawmakers have been implementing incremental adjustments to the legal framework, as demonstrated by the Surveillance Legislation Amendment (Identify and Disrupt) Act of 2021 under the Morrison government. This may enable government monitoring of individuals’ whereabouts and interactions with public and private institutions.
Why does it matter?
In June, the Australian federal government unveiled its National Strategy for Identity Resilience, outlining plans to enhance security by promoting the expanded use of biometrics (full strategy here). The initiative’s objective is to strengthen the management of digital identities, with the ultimate goal of bolstering Australia’s digital economy and achieving the highest level of safety by 2030. However, this draft bill, which is meant to be finalised by mid-2024, may succumb to the same criticism from researchers and digital rights activists that its predecessors have been subjected to. It certainly doesn’t bode well for the country’s plans for the end of the decade and public opinion on long-term securitisation.