Expert urges government on digital ID review

A leading expert has accused the government of inefficiency and duplication on digital identity and called for a sweeping review and legislative reform.

A systemic branch review into how digital identity protections can be made fit for purpose in the 21st century is the only way to restore trust in a broken system, a leading expert has told Technology in Government 2019.

Digital identity was a central topic at the conference, which took place in Canberra on Tuesday and Wednesday, and saw calls for dramatic changes to government policy.

The head of the International Cyber Policy Centre at ASPI Fergus Hanson on Tuesday told delegates that the government must initiate a sweeping review into digital identity while also enshrining greater citizen protections into legislation.

“I think the government would do well to conduct a branch review of how citizen protections can be made fit for purpose for the 21st century and of opportunities to take advantage of digitisation to simplify laws created for a paper-based society,” Mr Hanson said.

The review, which would focus on GovPass and Australia Post’s Digital ID program, should ensure minimum security baseline rules for data use are maintained for both the public and private sector and citizens are given easy control of their data with the click of a finger – including a simple process to contest access.

“Clearly there is a need to bring the public along in a national conversation about this scheme, its implications and how government plans to protect citizens from its misuse,” Mr Hanson told the audience.

Fergus Hanson at the Technology in Government Conference.

As part of the review, the Privacy Act needs a dramatic rethink, he said, with dedicated legislation to govern both digital identity schemes and to strengthen citizen protections against information misuse.

“Opportunities should be explored even though we’re a long way down the track to try and avoid duplication of the schemes.”

Duplication, poor communication

Overlap between digital identity programs, secrecy and a lack of communication and weak legislation have meant that digital identity has been failing citizens, Mr Hanson said, despite the host of opportunities.

If we can “get it right,” digital identity has the potential to unlock billions in savings as a result of the reduction in transaction and fraud costs while also being potentially enhancing privacy, Mr Hanson argued.

“In an Australia with good digital identity we’re going to see a whole suite of micro conveniences that in totality make life a lot easier and quicker while at the same time reducing transaction and hopefully fraud costs and enhancing our personal privacy,” he said.

“Done well, digital identity has the potential to become the biggest micro-economic reform we’ve seen a while.”

But a lack of communication and transparency with citizens about the scheme has meant it is “falling over.”

“Instead of asking Australians if they want to opt-in to having their government ID repurposed for a new biometric scheme which would have been consistent with the Privacy Act they just did it. So from the get-go the conversations about this scheme has been wanting, leaving public largely unaware,” he said.

The GovPass and Digi ID schemes also unnecessarily overlap, Mr Hanson argued, resulting in wasted taxpayer money and inefficiencies.

A report earlier this year flagging these concerns with the Digital Transformation Agency (DTA) was shouldered by authorities, Mr Hanson said.

“What struck me from a series of engagement with the DTA was a disconnect between two different views of what the public wanted… What emerged from this process was truly bizarre. A private acknowledgement the concerns raised were real but a public pre-tense they were manufactured.”

The DTA has been contacted for comment.

Comment below to have your say on this story.

If you have a news story or tip-off, get in touch at  

Sign up to the Government News newsletter

Leave a comment:

Your email address will not be published. All fields are required