Australia’s digital ID must put cybersecurity first, says Law Council

Australia’s upcoming national digital ID must represent the “gold standard” when it comes to privacy and cybersecurity, the Law Council of Australia said as the country re-examines its privacy regulation.

The organization, which represents the country’s legal professionals, submitted a set of recommendations related to digital ID and data standards to the Department of Finance at the beginning of July. Among them is implementing a consent mechanism and self-sovereign identity (SSI) structures.

Another recommendation for the digital ID framework would be allowing users to submit certain attributes instead of their full identity. A person accessing social media, for example, would only need to submit proof of age instead of their full identity.

Cybersecurity is ranking high in debates about the country’s digital ID system in the wake of the 2022 Optus data breach. The Albanese Government claims that identity protections introduced after the incident have successfully blocked over 300,000 fraud attempts in 18 months. The government also plans to spend AU$11 million (US$7.2 million) over four years to protect those whose identities have been compromised after the data breach.

The Law Council is also arguing that reforms of Australia’s Privacy Act should include the right of action for consumers affected by privacy violations.

The country has been discussing reforms of its 1988 Privacy Act in a bid to improve online safety, including identity scams and fraud as well as protecting minors online. In February 2023, the Attorney-General’s Department issued a Privacy Act Review Report with the government accepting 38 of its 116 recommendations in full. A further 68 recommendations were accepted in principle, pending more consultations.

The draft legislation is expected to be tabled by August 2024.

Australian investment in cybersecurity, digital ID faces shrinking budget

Digital identity and cybersecurity are among top government technology trends for 2024 and Australia has earmarked a significant budget for implementing them. However, despite the growth in government spending, Australia is still facing shrinking budgets, according to consulting firm Gartner.

“We are in a period of unprecedented consistency of austerity, with some of the tightest challenges at the Federal level of several cycles,” Dean Lacheca, Gartner’s vice president and research analyst for public sector and government told IT News.

Gartner estimates that departments and agencies will spend more than AU$19 billion (US$12.4 billion) on IT services in 2024, a year-on-year increase of 9.3 percent. More than half of this, or AU$11.7 billion (US$7.6 billion) will be spent on a federal level.

The federal government has earmarked AU$1.8 billion (US$1.1 billion) for making government services safer and more efficient over the next three years. According to the 2024-2025 budget, AU$206.4 million (US$135.4 million) will be allocated for upgrading the cybersecurity of regulators and registers over the next four years while AU$288.1 million (US$189 million) will go to the national digital identity program.

Article Topics

Australia  |  cybersecurity  |  data privacy  |  digital government  |  digital ID  |  identity management  |  self-sovereign identity  |  Trusted Digital Identity Framework (TDIF)