One of the big-ticket items for the federal government this year is the introduction of a digital identity scheme.
Late last year, two bills were introduced to Parliament and a snap inquiry launched that will pave the way for a system that is meant to make it easier for people to prove who they are online.
The idea of introducing a digital identity system evokes painful memories of previous failed schemes like the Australia Card and the predictable feverish response from the loud, conspiracy-minded parts of the community. But a proposal for a digital ID system is likely to be viewed in a different way by Australians in 2024.
A constant hum of data breach notifications from companies like Optus, Latitude and Medibank in 2024 has turned the issue of privacy and security into a mainstream issue for Australians, even if many have become fatalistic about protecting their identity in the digital age. Many of us are already using various digital identity schemes, even if we don’t realise it.
Since most Australians are increasingly having to hand over personal identifying information, particularly online, the calculus about whether to accept such a scheme by the government has changed.
The public debate has now moved from whether the introduction of an Australian digital identity system is worthwhile to the nitty-gritty of whether this federal government’s digital ID scheme is worth the risks.
What is the Digital ID system?
One of the core problems that institutions have is, how do they prove that people are who they say they are? Whether it’s applying for Centrelink online, applying for a bank loan or getting into a bar, everyday Australians frequently have to prove their identity.
At the moment, there’s a patchwork of commonly used identification systems. These range from government-run systems like driver’s licences and MyGovID to commercially run systems like credit cards, or even logging into third-party apps and websites with your Google account.
The federal government wants to replace some of these by creating a digital identity system that would make it easier for governments and third-party organisations to prove people’s identities while also protecting people against the harms that come from this process like identity theft and fraud.
The key to this concept is that government bodies and companies don’t actually need to know if you are a registered driver or if you have a bank account to access their services. All they want to know is that you are the person you say you are, and having a driver’s licence or a bank statement is a proxy — essentially showing that a Department of Transport or bank is vouching for your identity.
A digital identity system replaces these by creating a scheme that allows the government to “vouch” for you to whoever needs it. So, instead of every institution having to ask for various documents (like the dreaded 100 points of identification documents), they could instead just use this system. In layman’s terms: you provide information to the scheme to prove you are who you say you are and, once accepted, proving your identity to the myriad other services could be as easy as logging into your email.
The federal government’s current digital ID scheme would create a legislated, voluntary system that would be accessible to both public and private sectors. Additionally, a regulator would be created to police the scheme. The federal government has priced the scheme at nearly $800 million, and the project, first put forward by the previous Coalition government, has been in the works for years.
This is an expansion of an existing scheme, MyGovID, which already millions of Australians have used to access government services. The problem with MyGovID is that it isn’t legislated, doesn’t allow cross-government verification (so the federal government can’t use the state’s driver’s licence database to use facial recognition technology to confirm someone’s identity against their photograph); and the private sector can’t use it to verify people against government documents. It’s a limited but useful proof-of-concept.
What are the benefits of the Digital ID scheme?
The Minister for the Public Service, Senator Katy Gallagher, has promoted the scheme as being “secure, convenient, voluntary, and inclusive”.
The idea is that it should reduce a lot of the friction when it comes to proving your identity online. What if instead of scanning your passport and electricity bill so you can sign up for a phone plan, you could just tap in your username and password? This would make life easier for average people, as well as the bodies and companies who have to handle and check these documents. Some put the figure of economic benefits as high as 3% of GDP.
It’s also supposed to reduce some of the risks associated with proving your identity online at the moment. What if instead of giving personal identification to every real estate agent who represents places you’re applying to rent, you just gave it to the government once and had them vouch on your behalf? By reducing the amount of people who have this important information, you reduce the risk that one of them will mishandle or misuse it.
A great example is getting into a bar: at the moment, most people would hand over their driver’s licence which, on top of information about your age and your face, also tells the bouncer your address completely unnecessarily. Digital identification systems like the federal government’s digital ID scheme restrict redundant information.
What are the risks of the Digital ID scheme?
Naturally, there is opposition to the idea of such a scheme. To dispense with one of the loudest and most predictable arguments against it, there is a broad anti-government and, quite often, conspiratorial belief that such any digital identity system will increase or facilitate further surveillance. (Like The Spectator Australia’s reaction which lazily invokes 1984, the Great Reset and other conspiracy theory boogeymen).
Such a critique overblows the significance of this system while underestimating or ignoring the real, creeping issue of surveillance that’s happening. To put it bluntly: we’re already being tracked by governments and companies in many different ways. Other governments around the world already have these schemes and they haven’t turned into technocrat-run dictatorships. The question is whether this government’s scheme’s benefits are worth the potential risks to people.
There are, however, real good-faith concerns about how the federal government will allow this information to be used. University of the Sunshine Coast’s Erica Mealy wrote in The Conversation about how the system would be a “honey pot” — tech slang for an attractive target — to hackers who know that it contains a wealth of valuable data. She also noted that governments are subject to data breaches, whether by accident or from a malicious actor, like others.
Then there’s the consideration of whether the system will be used as intended. Questions about who has access to the data and which parts will continue to be fought over. As The Mandarin’s Julian Bajkowski writes: “It was still a little ambiguous as to what the extent of authorised access from other parts of government may be, with the threshold being legal proceedings underway, the intent being law enforcement, usually criminal, proceedings; but the old chestnut questions of local council inspectors digging around had yet again slipped through.”
The devil is in the details here. Australians shouldn’t and won’t accept a system that they believe could make their information less safe or their lives harder. But the question of whether there’s public acceptance for this scheme is still unsettled. As Gallagher noted in September, most Australians still have no idea that this is even happening.