Daily BulletinDaily Bulletin

News

  • Written by Dr Patrick Scolyer-Gray, Research Fellow, Cyber Security, Deakin University

The Australian government’s Digital Transformation Agency (DTA) has spent more than A$200 million over the past five years developing a National Digital ID platform. If successful, the project could streamline commerce, resolve bureaucratic quagmires, and improve national security.

The emerging results of the project may give the Australian public cause for concern.

Two mobile apps built on the DTA’s Trusted Digital Identification Framework (TDIF) have recently been released to consumers. The apps, myGovID and Digital ID, were developed by the Australian Taxation Office (ATO) and Australia Post, respectively.

Both apps were released without fanfare or glossy marketing campaigns to entice users. This is in keeping with more than five years of stealthy administrative decision-making and policy development in the National Digital ID project.

Now, it seems, we are set to hear more about it. An existing digital identity scheme for businesses called AUSkey will be retired and replaced with the new National Digital ID in March, and the DTA has recently put out a contract for a “Digital Identity Communication and Engagement Strategy”.

The DTA’s renewed investment in public communications is a welcome change of pace, but instead of top-down decision-making, why not try consultation and conversation?

We fear what we don’t understand

Ever since the Hawke government’s ill-fated Australia Card proposal in the 1980s, Australians have consistently viewed national identification schemes with contempt. Some have suggested that the DTA’s silence comes from fear of a backlash.

History provides insight into some, but not all, of the numerous potential reasons for the DTA’s strategic opacity.

For example, people do not respond positively to what they do not understand. Surveys suggest that fewer than one in four Australians have a strong understanding of digital identification.

The National Digital ID project was launched more than five years ago. Why hasn’t the public become familiar with these technologies?

What is the TDIF?

Australia's National Digital ID is here, but the government's not talking about it Part of an overview of the TDIF available on the DTA website. Trusted Digital Identity Framework (TDIF)™: 02 - Overview © Commonwealth of Australia (Digital Transformation Agency) 2019., CC BY

The TDIF is what’s known as a federated digital identification system. This means it relies on multiple organisations called Identity Providers, who act as central repositories for identification.

In essence, you identify yourself to the Identity Provider, which then vouches for you to third parties in much the same way you might use a Google or Facebook account to log in to a news website.

The difference in this case is that Identity Providers will control, store and manage all user information – which is likely to include birth certificates, marriage certificates, tax returns, medical histories, and perhaps eventually biometrics and behavioural information too.

Read more: 94% of Australians do not read all privacy policies that apply to them – and that’s rational behaviour

There are currently two government organisations offering Identity Service Providers: the Australian Tax Office (ATO) and Australia Post. By their nature, Identity Providers consolidate information in one place and risk becoming a single point of failure. This exposes users to harms associated with the possibility of stolen or compromised personal information.

Another weakness of the TDIF is that it doesn’t allow for releasing only partial information about a person. For example, people might be willing to share practically all their personal information with a large bank.

However, few will voluntarily disclose such a large amount of personal information indiscriminately – and the TDIF doesn’t give the option to control what is disclosed.

Securing sovereignty over identity

It might have been reasonable to keep the National Digital ID project quiet when it launched, but a lot has changed in the past five years.

For example, some localities in Canada and Switzerland, faced with similar challenges, chose an alternative to the federated model for their Digital ID systems. Instead, they used the principles of what is called Self Sovereign Identity (SSI).

Self-sovereign systems offer the same functions and capabilities as the DTA’s federated system. And they do so without funnelling users through government-controlled Identity Providers.

Instead, self-sovereign systems let users create, manage and use multiple discrete digital identities. Each identity can be tailored to its function, with different attributes attached according to necessity.

Authentication systems like this offer control over the disclosure of personal information. This is a feature that may considerably enhance the privacy, security and usability of digital identification.

Moving forward

Based on the idea of giving control to users, self-sovereign digital identification puts its users ahead of any institution, organisation or state. Incorporating elements from the self-sovereign approach might make the Australian system more appealing by addressing public concerns.

And self-sovereign identity is just one example of many technologies already available to the DTA. The possibilities are vast.

However, those possibilities can only be explored if the DTA starts engaging directly with the general public, industry and academia. Keeping Australia’s Digital National ID scheme cloaked will only increase negative sentiment towards digital identity schemes.

Read more: Why aren't more people using the My Health Record?

Even if self-sovereign identity proved appealing to the public, there would still be plenty of need for dialogue. For example, people would need to enrol into the identification program by physically visiting a white-listed facility (such as a post office). That alone poses several technological, economic, social and political challenges.

Regardless of the direction Australia takes for the Digital National ID, there will be problems that need to be solved – and these will require dialogue and transparency.

Government and other organisations may not support a self-sovereign identity initiative, as it would give them less information about and administrative control over their constituents or clients.

Nonetheless, the implementation of a national identity scheme by stealth will only give the Australian public good reason for outrage, and it might culminate in intensified and unwanted scrutiny.

To prevent this from occurring, the DTA’s project needs to be brought out of hiding. It is only with transparency and a dialogue open to all Australians that the public’s concerns can be addressed in full.

Authors: Dr Patrick Scolyer-Gray, Research Fellow, Cyber Security, Deakin University

Read more http://theconversation.com/australias-national-digital-id-is-here-but-the-governments-not-talking-about-it-130200

Don't stand so close to me – understanding consent can help with those tricky social distancing moments

arrow_forward

For First Nations people, coronavirus has meant fewer services, separated families and over-policing: new report

arrow_forward

We need good information to make decisions, especially when things go wrong

arrow_forward

The Conversation
INTERWEBS DIGITAL AGENCY

Politics

$1.8 billion boost for local government

The Federal Liberal and Nationals Government will deliver a $1.8 billion boost for road and community projects through local governments across Australia.   The package of support will help lo...

Scott Morrison - avatar Scott Morrison

Scott Morrison press conference

PRIME MINISTER: This is a tough day for Australia, a very tough day. Almost 600,000 jobs have been lost, every one of them devastating for those Australians, for their families, for their commun...

Scott Morrison - avatar Scott Morrison

BOOST FOR BUSHFIRE RECOVERY

Local economic recovery plans will help towns and regions hit by bushfires get back on their feet as part of a new $650 million package of support from the Morrison Government.   As part of th...

Scott Morrison - avatar Scott Morrison

Business News

Office expert: Don't bring your staff back to work until you have done these things

With lockdown restrictions gradually being eased across the country, Australian workplaces are looking at the types of changes needed in order to meet new health and wellness requirements post-l...

Tess Sanders Lazarus - avatar Tess Sanders Lazarus

Major health and wellness brands sign-on to open at Yamanto Central

While COVID restrictions start to ease across the country, plans for Queensland’s newest shopping centre, Yamanto Central, ramp up. Due for completion in the first half of 2021, Yamanto Cent...

Tess Sanders Lazarus - avatar Tess Sanders Lazarus

How have live chatbots turned beneficial for online businesses?

Every business these days have come up with their online models. While some people still rely on the customer service representatives to handle the queries for their company around the clock through...

Paresh Patil - avatar Paresh Patil



News Company Media Core

Content & Technology Connecting Global Audiences

More Information - Less Opinion