Arnotts Technology Lawyers

The Australian Government has introduced the Trusted Digital Identity Bill to broaden access and security to public government services.

In light of COVID-19, the Australian Government has made the decision to introduce a system that provides security, convenience, and surety as to an individual’s identity. The Digital Identity System is designed to simplify identity checks when accessing government services. This is a voluntary identification method and has already been used at a rudimentary level on the MyGov website by linking the Australian Taxation Office, Centrelink, and Medicare. However, the new Digital Identity System aims to widen identity certainty to local state and territory levels. Moreover, the legislation will permit businesses to opt-in as identity accreditors, meaning this Digital Identity certification could be used beyond government services to the private sector.

Naturally, this level of digital oversight poses serious questions of privacy and security. Without a proper transparent framework, there is no protection over consumer data. To alleviate concerns, the Australian Government has noted that this Digital Identity certification will not replace official documents. Additionally, the data will not be offloaded to third party advertisers or record key information such as location tracking. The Australian Government has not mentioned how it will protect information which raises issues over data leaks or hacks targeted by cyber criminals. It is also unclear whether this project will be developed in-house and how data security will be guaranteed.

Presently, the Australian Government is combing through public consultations over governance arrangements and the operation of the regulatory regime. Many parties emphasised the concerns listed above and some even called upon blockchain technology and decentralised applications to encrypt user data. But the biggest question raised in the public consultation of whether this overarching government oversight was even necessary. Is it truly in the publics best interest to have their data monitored by the government and how blindly should we trust the government with sensitive information?