The government is developing a new digital ID system. It must first gain the public’s trust
- Written by Toby Murray, Associate Professor of Cybersecurity, School of Computing and Information Systems, The University of Melbourne
On Tuesday, Australia’s minister for government services, Bill Shorten, announced the federal government is developing a new digital identity and credential system. Known as the Trust Exchange (TEx), Shorten said the new system will be “world leading” and represents an “exciting step forward for Australia’s digital infrastructure”.
But details about the system are scarce. Shorten admitted it is still something of an “abstract concept” at this point. However, we know it will allow people to prove things about themselves (for example, who they are or whether they are over 18) to organisations, while controlling how much information they share.
The system could make it much easier for people to access government and business services while keeping better control of their sensitive information.
However, its success will depend on a crucial factor: public trust.
And right now, with the ghost of the Robodebt royal commission findings still very much alive, the public has every right to be distrustful of government technology.
So, how should the government address the potential trust and privacy concerns surrounding its new digital identity system?
Why do we need a new digital ID system?
The Trust Exchange system is related to two other existing government systems: MyGov and MyGovID.
MyGov is the central online portal for accessing Australian government services. It includes the MyGov mobile phone app, which has a wallet feature allowing people to show digital versions of their Centrelink concession or Medicare cards.
MyGovID is the government’s current online digital identity system. It allows you to prove who you are to several online services, including MyGov and a range of other government organisations and agencies. You can, for example, log in to MyGov online using your MyGovID.
The new Trust Exchange system is designed to give people much greater control over what personal digital information they share with organisations.
At present, you can show your digital driver’s license if you are requested to prove your identity when entering a sports club. However, that requires you to share not only your age but also your name and street address with club staff.
The new system would allow you to prove that you are over 18 by using your mobile phone, without having to share any other information about yourself.
If successful, the new system could reduce the need for companies to collect and store so much sensitive identity information about their customers.
It therefore holds significant promise in an age in which sensitive data breaches, like those that hit Optus and Medibank in 2022, seem to be an almost everyday occurrence.
Public trust is vital
However, for the Trust Exchange system to succeed, the public will need to have trust in the security and privacy of the system.
The minister has said businesses will be able to trust the information in the system because it will be backed by existing systems like MyGovID.
This makes sense; to create a standard strength MyGovID, you need to upload your valid driver’s license and passport into the MyGovID system. Any business can therefore trust the information you share with it via TEx really is genuine.
However, this raises the obvious concern about how the new system itself will be secured.
At the moment, MyGovID is used by relatively few organisations. However, the Trust Exchange system looks to have much more ambitious goals: to become the de facto method for Australians to prove things about themselves to companies, venues and government agencies.
If that happens, accounts will be exposed to far higher risk of hacking than MyGovID currently is.
Less obvious are potential privacy concerns.
Will MyGov wallets contain a record of each time we prove our age to purchase alcohol? What about to enter adult establishments? Will the government have access to that information? And if so, what will that information be used for?
Finally, it’s not clear whether the government sees the new digital identity system as a means to provide age verification to prevent children from accessing online pornography.
From the government’s perspective, doing so might seem attractive. However, that would raise significant privacy concerns if the system records online interactions.
Jono Searle/AAPWhat can the government do to build public trust?
In the wake of Robodebt, it’s up to the government to assure Australians the Trust Exchange system can be trusted and will keep their sensitive information secure.
This is doubly important given Shorten said the system will be opt-in rather than mandatory.
The government should act now to reassure the public it will protect their privacy and security.
This will require carefully explaining what information the system will and will not collect about individuals, who will have access to that information and how it will be secured.
Crucially, the Trust Exchange system should be designed to limit how much information it records about the organisations individuals interact with. Ideally, it would record none at all. If this information is recorded, the government must carefully explain why that collection is necessary.
In the absence of this kind of careful consideration and explanation, the public will have every right to remain sceptical of this technology.
Authors: Toby Murray, Associate Professor of Cybersecurity, School of Computing and Information Systems, The University of Melbourne