This report reviews the Australian Government's proposed plans for establishing a digital ID, and the ways the new system is expected to work. It explores the planned digital ID system, the key features of the approach, and the privacy and security protections that have been built into the proposals.

Australia has had a long and troubled history with national ID systems, dating back to the mid-1980 when the government failed to introduce the Australia Card. Since then, Australia has ended up with a clunky and inefficient process to identify peoples’ identities online. It has led to an oversharing and storage of sensitive personal data. As the Medibank and Optus data breaches has shown, this creates serious cybersecurity risks.

Now that Parliament has passed the Digital ID legislation, it’s critical that government gets the implementation right.

The report outlines that, although the proposed federated model for a digital ID system is commendable and a needed step-forward, there is a need to still address a range of policy issues that - if left unresolved - would jeopardise trust in the system.