Australia’s revised digital ID system – what it is, how it will work and the expected (and potentially unexpected) benefits

Tuesday
 
26
 
November
3:50 pm
 - 
4:30 pm
Topic
Policy / Legislation
Agenda
Sign in to add this session to your agenda
Add to My AgendaAdded to My Agenda
Location
Room 212
Theme
Leadership & Governance in Cyber Security

Speakers

Simone Herbert-Lowe
Simone Herbert-Lowe

Simone Herbert-Lowe

Simone Herbert-Lowe

Principal
Law & Cyber

Synopsis

Following successive years of larger and larger data breaches that have led to the compromise of huge troves of identity documents that have exposed Australians to financial crime, the Australian government has responded by announcing a range of legislative measures designed to better protect individuals engaging with the digital economy. One of these involves the strengthening and expansion of Australia's Digital ID System.

The Digital ID Bill 2024, together with the Digital ID (Transitional and Consequential Provisions) Bill 2024, have now passed Parliament and are expected to commence operation from November this year. The legislation is designed to provide individuals with secure, convenient, voluntary and inclusive ways to verify their identity for use in online transactions with government and businesses by avoiding the need to share copies of valuable identity documents.

Key aspects of the revised scheme involve regulatory oversight by and expanded powers for the Australian Competition and Consumer Commission (ACCC) and the Office of the Australian Information Commissioner (OAIC). The ACCC will be responsible for accrediting Digital Identity Services, approving which services can participate in the scheme, and using its investigative and compliance services to keep individuals’ information safe. The OAIC will regulate privacy-related aspects of the Digital ID accreditation scheme to protect individuals who choose to use an accredited Digital ID provider, such as the use and collection of biometric data.

This session will explain how the Trusted Digital Identity Framework (TDIF) works and the TDIF accreditation process, and how contravention of relevant safeguards by any accredited entity will constitute an interference with the privacy of an individual for the purposes of the Privacy Act 1988.

It will examine how the legislation is expected to operate, how it designed to assist in reducing cybercrime by avoiding the creation of honeypots of data that lead to incidents like the Optus and Latitude breaches, and whether it might also assist in solving other social problems connected with Australians’ use of technology, such as simplifying proof of identity processes and enhanced age verification for online products and services not suitable for children. 

Back to Program

Acknowledgement of Country

We acknowledge the traditional owners and custodians of country throughout Australia and acknowledge their continuing connection to land, waters and community. We pay our respects to the people, the cultures and the elders past, present and emerging.

Acknowledgement of Country