Digital ID bid to shield Australians from data breaches
The nation's digital ID system is being expanded and strengthened in an attempt to better protect the data and privacy of Australians.
Australians could open a new bank account, sign a phone contract or apply for a rental without providing sensitive documents, by using digital ID technology.
The Australian Government Digital ID system allows people to send details of documents such as passports, birth certificates and drivers licences to a provider, like the myGov app, which verifies the information and creates a digital ID.
From there, Australians can prove their identity, without directly providing sensitive documents, by sharing a digital ID - which generally only provides a name, date of birth and email.
The national digital ID system has been available since 2015 and has more than 10 million users, but it can only be used to access connected online government services.
Legislation drafted by Finance Minister Katy Gallagher's office aims to regulate the digital ID system and make the technology available to the private and public sector.
This means businesses could verify a client's identity without storing their personal information, reducing the risk of data theft and improving consumer and privacy protections.
Scams and identity crime costs Australians more than $3.1 billion a year according to the Australian Institute of Criminology.
A 2023 survey from the Australian Information Commissioner found about 75 per cent of Australians believe data breaches are one of the biggest privacy risks they face.
About one in two survey respondents were told their personal information had been involved in a data breach during the previous year and almost a third had to replace key identity documents.
In 2022, the passports, driver licences and Medicare numbers of about 10,000 Optus customers were stolen and leaked after the telecommunications giant fell victim to a cyber attack.
Similar data breaches at bookseller Dymocks, law firm HWL Ebsworth, insurance provider Medibank and other businesses have compromised millions of Australian's personal information.
Asked whether Australia was powerless to go after cyber culprits on Monday, Home Affairs Minister Clare O'Neil told ABC radio: "We probably don't have the mechanisms in place to do it just at this stage".
But corporate Australia has begun to take the threat more seriously since the Optus hack, she said.
Under Senator Gallagher's legislation, digital ID providers could apply for a voluntary government accreditation scheme which proves they adhere to privacy and protection standards and allows the government to penalise accredited providers who fall short.
It will also establish an independent digital ID regulator responsible for accreditation and investigating providers' compliance with legislation.
The government is seeking another round of public consultation that will close in October, before Senator Gallagher takes the bill to parliament at the end of the year.