Protecting your personal information
The Digital Identity system is designed to protect your privacy.
The Digital Identity system has a range of safeguards to stop your personal information being collected, profiled, used or sold for other purposes, such as direct marketing. These safeguards include:
- The system cannot create a single identifier for you that can be used across the entire system or across Government.
- The system rules only allow passing a small amount of your information to the service you want to prove your identity with. Usually this is limited to your:
- date of birth
- contact details.
- You will need to give your consent before passing your details to the service you want to prove your identity with.
- If the service you are trying to access requires more information, they must justify this request in writing.
- The request will need to demonstrate that the organisation has the appropriate security, privacy and fraud control processes in place.
- The organisation will also undergo a risk assessment before they receive additional information.
- This additional information is only shared with your consent.
- Information about how you use the system, like what services you access, is also protected. This information is only used to:
- prove your identity and manage your Digital Identity
- manage possible fraud
- improve performance of the system.
Protecting your biometric information
Your biometric information is protected by a range of safeguards:
- The Digital Identity system will only use your biometric information to prove your identity.
- The system will delete your biometric information once it proves your identity.
- You will need to give your consent each time biometric matching is used.
- The system uses strong security and encryption to protect your identity.