Privacy

man with hair in bun and beard using laptop with surfboard in background

Protecting your personal information

The Digital Identity system is designed to protect your privacy.

The Digital Identity system has a range of safeguards to stop your personal information being collected, profiled, used or sold for other purposes, such as direct marketing. These safeguards include: 

  • The system cannot create a single identifier for you that can be used across the entire system or across Government. 
  • The system rules only allow passing a small amount of your information to the service you want to prove your identity with. Usually this is limited to your:
    • name 
    • date of birth 
    • contact details. 
  • You will need to give your consent before passing your details to the service you want to prove your identity with. 
  • If the service you are trying to access requires more information, they must justify this request in writing.
    • The request will need to demonstrate that the organisation has the appropriate security, privacy and fraud control processes in place.
    • The organisation will also undergo a risk assessment before they receive additional information.
    • This additional information is only shared with your consent.
  • Information about how you use the system, like what services you access, is also protected. This information is only used to:
    • prove your identity and manage your Digital Identity 
    • manage possible fraud 
    • improve performance of the system. 

Protecting your biometric information

Your biometric information is protected by a range of safeguards: 

  • The Digital Identity system will only use your biometric information to prove your identity. 
  • The system will delete your biometric information once it proves your identity. 
  • You will need to give your consent each time biometric matching is used. 
  • The system uses strong security and encryption to protect your identity. 

Privacy Impact Assessments

There have been two independent Privacy Impact Assessments conducted on the Digital Identity system and associated policy which are available to download:

How will this be addressed in the proposed legislation?

Protecting your data and biometric information currently relies on governing bodies, policies, procedures, and the technical design of the Digital Identity system.

The government is proposing to enshrine those protections and penalties in law. This requires new legislation.

Set it up once, and then reuse it whenever you are asked to prove who you are.

How to create your Digital Identity
Hands holding a smartphone that is displaying a key on the screen
Back to top