Consultation on the exposure draft of the Trusted Digital Identity Bill and related legislative instruments
Consultation on Phase 3 of Australia’s Digital Identity legislation took place between 1 and 27 October 2021 (5.00pm AEDT).
Visit our About Digital Identity webpage to understand some key points about Digital Identity. We also address some common misconceptions about it.
On 1 October 2021, the Hon. Stuart Robert MP, Minister for Employment, Workforce, Skills, Small and Family Business released the exposure draft of the Trusted Digital Identity Bill and related legislative instruments for public consultation.
The purposes of the legislation are to:
- enable the expansion of the Australian Government Digital Identity System, specifically to enable greater participation by state and territory governments and the private sector
- enshrine in law various privacy and consumer protections, so that Australians can have confidence in the System and know that their personal information is safe and secure
- establish permanent governance arrangements and a strong regulatory regime.
Thank you to everyone who provided feedback on the proposed legislation. We are currently reviewing the feedback we received and will publish further information about the submissions before the legislation is introduced to Parliament.
Information relating to this phase of the public consultation is below. We aim to provide documents in an accessible format. If you require a more accessible format, please contact us.
- Your guide to the Digital Identity legislation
- Trusted Digital Identity Bill 2021 exposure draft
- Trusted Digital Identity Framework (TDIF) Accreditation Rules
- Trusted Digital Identity Rules
- Regulation Impact Statement (RIS)
Exposure draft webinar
During the consultation period, we hosted a webinar for stakeholders about the draft legislation. In this webinar we explain what the legislation covers, and why it is needed. In particular, we explain how it will protect the privacy and security of your personal information, if you choose to get a Digital Identity.
We heard from a range of Australians, including individuals and small businesses during consultation on the exposure draft.
Much of the feedback we received highlighted just how important privacy, security, personal control and choice are to Australians. Australians are opposed to any legislation which impinges on their privacy or choice and control of their identity information.
Responses focused on the following themes:
- Choice: creating and using a Digital Identity should be a choice, now and in the future
- Access: some people don’t have access to devices, don’t want devices, or can’t use devices, so non-digital ways of interacting with Australian Government services should be provided
- Privacy: your data and personal information remains private
- Security: your data should be secure and safe from hackers, especially when it comes to biometric information
- Single identifiers: making sure Digital Identity isn’t, and won’t, become a system used to track and link your activity
Many of the themes raised are addressed directly by the Bill (as well as existing legislation including the Privacy Act), including:
- creating and using a Digital Identity is, and will remain, a choice
- you will still be able to access Australian Government services in person or over the phone
- your data and personal information can only be shared with government, businesses and other services if you say it’s okay
- prohibitions on profiling (including from law enforcement) and ensuring data can’t be sold
- prohibitions on single identifiers (so it can’t be used to track your online activity)
- not having one single database where data is stored.
For more information see Chapter 4, Part 2, Division 2 - Additional privacy safeguards and Chapter 2, Part 2, Division 4 - Other matters relating to the trusted digital identity system.
The DTA also received 71 submissions from industry, government, advocacy bodies and peak bodies.
Their feedback centred on ensuring the harmonisation of the Bill with other legislation and regulatory requirements, as well as clarity of obligations for accredited participants versus those onboarded to the system.
Of these, the authors of the following 50 submissions agreed to make their feedback public:
- Access Now.pdf
- ACT Government.pdf
- Australian Banking Association.pdf
- Australian Christian Lobby.pdf
- Australian Financial Markets Association.pdf
- Australian Information Security Association.pdf
- Australian Payments Network Limited.pdf
- Australian Privacy Foundation.pdf
- Australian Retail Credit Association.pdf
- Australian Registrars' National Electronic Conveyancing Council.pdf
- Catholic Women's League Australia Inc.pdf
- Centre for Inclusive Design.pdf
- Cohesion Consulting Pty Ltd.pdf
- Commonwealth Bank of Australia.pdf
- Concerned Lawyers Network.pdf
- Court Tecnics.pdf
- CPA Australia.pdf
- Digital Law Association.pdf
- FamilyVoice Australia.pdf
- Five 25 Law Pty Ltd.pdf
- IIS Partners.pdf
- Informed Medical Options Party.pdf
- Law Council of Australia.pdf
- Lockstep Consulting.pdf
- Microsoft Australia.pdf
- Nautilus Cyberneering CmbH.pdf
- NEC Australia.pdf
- Office of the Australian Information Commissioner.pdf
- Office of the Information Commissioner Queensland.pdf
- Office of the Victorian Information Commissioner.pdf
- Real Estate Institute of Australia.pdf
- Tech Council of Australia.pdf
- The UNSW Allens Hub for Technology, Law and Innovation.pdf
The legislation aims to further protect Australians and their privacy and data, above and beyond what is in place today.
The legislation underpins a whole-of-economy Australian Government Digital Identity System that Australians can trust and have confidence in.