In recent weeks the Australian Government introduced legislation (the Digital ID Bill) to establish a regulatory regime for the accreditation of digital identification providers.
Overall, the Digital ID Bill aims to give Australians secure and effective ways in which to verify their identify for use in online transactions with government and business.
The Government hopes that the Digital ID Bill will help address some of the gaps exposed by the recent Optus and Medibank data breaches in that it will, among other things, make available to the private sector the Commonwealth government’s current ID authentication process.
Some notable features of the Digital ID Bill include that it:
- strengthens a voluntary accreditation scheme for digital ID service providers;
- enables expansion of the Commonwealth’s existing digital ID verification system for use by state and territory governments and private sector organisations;
- embeds strong privacy and consumer safeguards, in addition to the Privacy Act;
- establishes the Australian Competition and Consumer Commission as the Digital ID Regulator; and
- expands the role of the Australian Information Commissioner to regulate privacy protections for digital IDs.
These reforms form part of the Government’s larger National Strategy for Identity Resilience, which was released in June 2023. Under this strategy, the federal, state and territory governments will work together to protect Australians from identity crime and support any necessary recovery from a data breach.
These reforms will also be complemented by the measures included in the recently-released 2023-2030 Australian Cyber Security Strategy.
For advice on how these changes could affect your organisation, please contact us at firstname.lastname@example.org