Share this article on:
The Australian Strategic Policy Institute has a raft of policy recommendations it wants to see the federal government implement.
While there are many who rail against the government’s plans to introduce a federated digital ID system – you see them in social media comment threads, decrying “cabals” of politicians demanding oversight into their private data – the Australian Strategic Policy Institute (ASPI) is broadly supportive of the plan and the benefits it will bring to the Australian community.
It will make establishing identity easier across a wide range of use cases, from opening a new bank account to proving your age to get into a club.
As the Australian Strategic Policy Institute admits in a recent policy brief on the subject, “Australia needs a secure, legislated ‘digital ID’ that enables digital service providers to confirm their customers’ identities for legal, regulatory, contractual and security reasons”.
At the same time, however, ASPI does have some policy concerns and recommendations, which it outlined in the recently released brief, “Australia’s new digital ID system: Finding the right way to implement it”, written by Rajiv Shah.
Shah believes that while the government’s aims are laudable, it still has much work to do to make a case for the system and make sure that all stakeholders buy into it – and trust it.
“The Australian government proposes a federated digital ID system, which should reduce the friction of digital transactions, increase assurance of identity attributes for entities that request them, and minimise the volumes of sensitive data stored and transmitted between different entities,” Shah said in ASPI’s policy brief.
“That’s a commendable and needed step forward in Australia’s digital ID journey.
“However, the system’s success will depend on public acceptance and take‑up, which, in turn, will depend on users getting the benefits of adoption, trusting that their privacy is protected and having confidence in the cyber security of the system.”
With that in mind, Shah and ASPI have eight policy recommendations, and number one is a proper cost-benefit analysis of the project and its implementation by the Department of Finance, which will “help to inform current and future decision making and allow the government to better prepare for and track implementation”.
The department should also start a public education campaign to get people engaged in the digital ID discussion while also overhauling how it consults with other governments and industries to introduce more “contestability” into the project.
The Minister for Finance also needs to consider replacing the Data Standards Chair with a mechanism that allows for greater stakeholder engagement, especially on a technical level.
ASPI also recommends that the digital ID system should have a single entity responsible for it.
“The Australian government should simplify the regulatory and administrative arrangements so that there’s a single point of responsibility, such as the Digital Transformation Agency, for all aspects of the digital ID system,” Shah said.
“That centralised function should also ensure appropriate responsibility for the system-level cyber security of all digital ID infrastructure in Australia.”
And speaking of cyber security – which is a concern among many – ASPI believes that policy experts from the Department of Home Affairs and technical experts from the Australian Cyber Security Centre should perform a comprehensive review of the project’s cyber security requirements.
ASPI is also calling for greater work to align the regulations and standards to match what other governments are doing in the space in order to support future economic and trade needs. This could, Shah noted, also help bring down the cost of implementation.
Finally, ASPI addresses the friction between private and public sector entities working on digital ID systems.
“The government should establish a task force that includes private‑sector companies to identify how the integration and interoperability of public and private digital ID systems can be accelerated to avoid fragmentation in the market,” Shah said.
You can read the full brief here.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.