Australia’s proposed digital identity bill should include safeguards against “mission creep,” legal researchers suggest.
Independent scholars based at the UNSW Allens Hub have raised potential issues with “voluntary co-option” into the digital identity system.
Australians can already voluntarily opt into a digital ID to connect with MyGov, Centrelink, and the Australian Tax Office (ATO).
However, the legislation broadens this scope so the service extends to other federal departments, state and territory governments, and eventually, the private sector.
“The law must provide additional future-proof safeguards around actual practices surrounding the national DI system, voluntary or otherwise, to protect against any mission creep,” the researchers said.
The Growth of the Digital ID Will Force People To Adopt It
The UNSW Allens Hub noted that over time an ecosystem could be created where digital identity becomes the de facto system of use, despite it being “voluntary.”This has been seen in other countries, including India, the group highlighted, despite the system starting as a purely voluntary system.
“Soon [it] witnessed public-sector oil marketing companies and financial institutions including banks and fintech providers beginning to heavily rely on it for [electronic Know-Your-Customer] authentication, expanding eventually to income tax filing, transfer of government subsidies, mobile phone connections, and government scholarships and welfare programs,” the submission said.
They said the murky nature of the system has raised “serious questions about civil liberties and democratic practices, mirrored in other countries like China, Kenya, and Jamaica.”
The Allens Hub pointed to issues with the current Australian proposal that could lead to similar issues, noting that exemptions were available for the Digital ID needing to be voluntary.
“While the provision has safeguards against arbitrary grant of exemptions, a creeping expansion of businesses that superficially satisfy the prescriptive requirements of the law may lead to a slow expansion of the exemption clause,” they said.
“This can, over time, create an ecosystem where despite claims of voluntariness, digital identity becomes both the de facto and de jure DI system, creating anxieties of recognition and sometimes exclusion of people.”
Senate Committee Investigating the Digital ID
The Senate Economics Legislation Committee is inquiring into Australia’s digital ID after legislation was brought to the Parliament by the Labor government on the final sitting day of the year.The committee is holding a hearing on Feb.9 and will report back on the legislation on Feb. 28. The committee received 97 submissions, despite closing the inquiry on Jan. 18.
Woolworths and major banks including National Australia Bank (NAB) and Westpac are among major corporations who have expressed support for the digital ID in submissions.
However, non-profit advocacy group Digital Rights Watch has warned the digital ID system should never be remodelled for surveillance or law enforcement purposes.
Digital ID is Not Mandatory: Minister
Australian federal Finance Minister Senator Katy Gallagher told Parliament (pdf) in November the bill was about streamlining government operations and reducing cyber risks.“That information is currently being held in a number of places. Every time you have to prove your ID, where you provide information to different organisations—this is about reducing that,” Ms. Gallagher said.
“This is in response to Optus. It’s in response to Medibank. The private sector wants it in place. They want it regulated. We have the system in place now, and we have private-sector ID providers who are unregulated.
“There’s no regulator. The ACCC is going to be put in place. This is a system that’s operating now. If people choose to get a digital identity—whether it be a public identity through myGovID or through one of the private sector ones—they are operating in it now. This is about enshrining it in legislation and making sure we’ve got an accreditation system in place.”
However, One Nation Senator Malcolm Roberts said the digital identity bill will tie every Australian to a digital identity that unlocks services necessary for life.
He said the Digital Identity Bill may be the most significant piece of legislation this 47th Parliament will introduce.
“This bill does not make identifying oneself online easier. It will facilitate making a digital identity check mandatory. That onerous measure comes at the price of putting identifying information for every Australian in one spot and emits a giant, flashing, neon sign above everyone, saying, ‘Hack me.’”
Mr. Roberts tried to extend the Senate Committee reporting time frame to May. 14, but this motion was defeated by the Senate.
Ms. Gallagher said the digital identity was voluntary, safe, and people will be able to control what information they provide to entities.
“It’s safe. People get to control the information that they provide to verify their identity. It’s about personal control.”
