Is it time to stop being cynics and embrace Australia’s digital identity system?

I saw something a few months ago that could change this. In October, Guardian Australia’s Josh Taylor reported the Labor government was thinking about reviving a plan to develop a single, digital identification service. These ideas tend to get a lot of opposition (not least because they sound, well, dystopian) but I wanted to have an open mind about how technology could be used to improve our lives.

So, I thought I would hash it out with activist, writer and Digital Rights Watch’s program lead Samantha Floreani.

WEBCAM: What do you think about something like this, at least in theory?

SAMANTHA FLOREANI: I think you’ve already hinted toward the crux of it: in theory it sounds better, but crucially, the devil is in the details.

People are more aware than ever of just how dangerous it is for so many companies to be collecting and storing so much of our personal information. Often, companies will take copies of identity documents to be able to prove that they have done an identity check, even where there might not be any legal reason to keep them. It’s all about risk management, baby! In a dark irony, by doing that these businesses end up putting us all at risk.

So yeah, having an alternative process so that businesses can still verify people’s identity (only when they actually need to), without retaining the documents or the personal information contained in them, sounds like a good idea.

A lot of people flagged really valid concerns last time there was a debate about digital identity, and let’s be frank: the Australian government doesn’t have a great track record when it comes to digital projects. So even though the promise of Boost Juice not asking for your passport is alluring, people are rightfully concerned about the implementation, digital security, privacy, and how it could be misused or abused.

WC: Just to emphasise how much data is out there, I want to shout out a great piece you wrote recently looking at how much information we give to real estate agents. As if the profession wasn’t already unpopular enough, you make the point that a data breach by one of those major agencies or platforms could expose a lot of information on a lot of Australians. It’s not like you can just opt out of renting.

No offence to any agents who are subscribers but I think reading your article Joker-fied me. It’s silly to have a debate around whether or not to have a government ID system in a vacuum because it’s comparing the status quo of giving personally identifying information to many different, unaccountable companies versus one government.

That’s the promise of a government ID system. Can you tell me some more about these concerns about something like this?

SF: Aw, thanks for the hat tip, I’m stoked to play a role in your Joker-fication. Part of the challenge is that those two options you present come with different risks. If we agree that giving our personal info to heaps of unaccountable companies isn’t great, then the next question is: how can we make sure the government is actually accountable for the system they put in place?

I’m sure you’re more familiar than most with the failings of the FOI [freedom of information] system, and we need only to look at the current robodebt royal commission to get a sense of the troubling state of transparency and accountability.

As for other concerns, there’s a lot but here are the CliffNotes:

1. Privacy experts generally get very concerned about centralisation of any large amount of personal information. It makes for a juicy target for cybercriminals, and as we know, the government is not infallible when it comes to protection against data breaches.
2. Then there’s the question of choice and consent. The Australian public vehemently rejected the Australia card years ago, and many also rejected MyHealthRecord and the CovidSafe App. All that to say, digital identity needs to be genuinely optional, and that means that there has to be a real, functional alternative so that people can still access essential services if they can’t, or choose not to, use it.
3. And of course, oversight. Without going into dystopia panic mode, we need the system to proactively mitigate against abuses of power from within the government too. That means strictly limiting the reasons that ID information can be used or accessed by any participating government agency or business, not allowing law enforcement access to the system — like, actually preventing it, not just saying they can’t and then they illegally access it anyway — and making sure that biometric data isn’t stored.

The other interesting point you raise is that this doesn’t exist in a vacuum: Last year the Data Availability and Transparency Act passed despite heaps of concern from privacy advocates because it allows for public sector data (including personal information!) to be shared with the private sector, undermining some of the Privacy Act and heaps of secrecy provisions.

Some of your readers may also remember the Identity Matching Services Bill which would have established a national biometric image database, enabled one-to-many facial recognition, and made Home Affairs the “hub” of government identity verification. It was ultimately rejected on the basis of privacy and accountability issues, but the potential redraft lives in my head rent-free. The desire to create this kind of punitive system is there, and we need to be cautious about other identity systems that may usher in its existence.

Centralisation, consent and oversight are just some of the issues. I think at the heart of it are concerns about increasing the asymmetry of power between governments and the people, which can have terrible outcomes for human rights and democratic processes. As the saying goes: privacy for the people, transparency for the government.

WC: K, sorry to interrupt but do you have psychic powers? While we were talking, Vice Australia (and soon-to-be Crikey)’s John Buckley reported that a ransomware gang claims to have stolen data from LJ Hooker. Back to the discussion at hand, I hear all your points and I’m concerned that there are additional risks from the government having all this data given their specific powers.

I guess the question is: how many breaches from greedy, data piggy companies will it take to shift the equation so that those additional risks are worthwhile? I have grave concerns about the government’s technical ability based on past performance… but still, I reckon they’d be more secure than, say, a local credit union or little companies working with the NDIS.

It sounds like you’re very much in the “no thanks” camp. What would it take to bring you onto the “lesser of two evils” team? Or, if you want an out: is this a false dichotomy, and should we instead be focusing on encouraging these companies to simply retain less data?

SF: I try not to be absolutist about anything — especially in tech policy and digital rights. I think it’s a false dichotomy, but for the sake of the discussion:

In 2021, an exposure draft of the Trusted Digital Identity Bill was circulated for consultation, but wasn’t introduced to Parliament before the federal election. Labor didn’t say much about it except that it wanted improvements. It was really only in the wake of the Optus breach that Labor indicated an interest in bringing it back.

What I hope for is another chance to have a robust public debate about digital identity and a meaningful consultation process with security experts, academics and civil society.

I’d want to see serious reckoning with the digital security and privacy issues raised in the previous consultations, exploring decentralised approaches, strict purpose limitations (e.g. absolutely *not* used for policing and *not* used for age verification for access to online porn), dealing with accessibility issues and cultural differences in understanding of identity, and pathways for redress if (when) things go wrong.

I would also want to see mechanisms to prevent scope creep baked into the design. Legislative guardrails are important, but we’ve seen time and time again that they aren’t enough on their own.

Like, have you seen the diagrams of how the “Trusted Digital Identity Framework” is supposed to work? That shit is wild — it’s a complicated web of current and proposed internal and external relationships and information flows. And despite pages and pages of documentation, there’s alarmingly little detail about some aspects like the use of biometric data. That worries me.

And hey, while I’m here rolling out my wish list: if the ALP wants to garner the kind of public trust about privacy, digital security, and respecting people’s rights that would be helpful when developing a digital ID system, then they might also consider seriously robust reform to the Privacy Act, revisiting the DAT bill, and repealing the metadata retention scheme, Australia’s anti-encryption laws, and the Identify and Disrupt Act. Is that too much to ask?

CW: That is quite the wish list for Santa and I wouldn’t hold your breath but I have some good news: you’ve convinced me to hold off faxing my driver’s licence to Albo. Thank you Sam!

Hyperlinks

‘Complete chaos’: how an ex-Fox exec and investor buying Junkee became a shambles

Please read my investigation into what went wrong at Australia’s last major independent youth media company. (Crikey)

‘Worst-case scenario’: Local crypto exchange Swyftx lays off 40% of staff

Yet another update on how things are not going well in the world of Web 3. (SMH)

How two Australian soldiers became unwitting poster boys for Russian mercenary Wagner Group’s Ukraine recruitment drive

A classic weird internet story about how something uploaded online ends up being used in a very different way. (ABC)

The floods in central NSW are being chronicled in real-time on TikTok

TikTok is quickly replacing Twitter as the place I go for breaking news. (Vice Australia)

RIP, freedom movement 2020-22

Good riddance. (Crikey)

That’s it for WebCam this week! I’ll be back soon. In the meantime, you can find more of my writing here. And if you have any tips or story ideas, here are a few ways you can get in touch.