Protecting your personal information
The Australian Government Digital Identity System is designed to protect your privacy.
The Australian Government Digital Identity System has a range of safeguards to stop your personal information being collected, profiled, used or sold for other purposes, such as direct marketing. These safeguards include:
- The system rules only allow passing a small amount of your information to the service you want to prove your identity with. Usually this is limited to your:
- date of birth
- contact details.
- You will need to give your consent before passing your details to the service you want to prove your identity with.
- If the service you are trying to access requires more information, they must justify this request in writing.
- The request will need to demonstrate that the organisation has the appropriate security, privacy and fraud control processes in place.
- The organisation will also undergo a risk assessment before they receive additional information.
- This additional information is only shared with your consent.
- Information about how you use the system, like what services you access, is also protected. This information is only used to:
- prove your identity and manage your Digital Identity
- manage possible fraud
- improve performance of the system.
Protecting your biometric information
Your biometric information is protected by a range of safeguards:
- The System will only use your biometric information to prove your identity.
- The System will delete your biometric information once it proves your identity.
- You will need to give your consent each time biometric matching is used.
- The System uses strong security and encryption to protect your identity.
Privacy Impact Assessments
There have been four independent Privacy Impact Assessments conducted on the Australian Government Digital Identity System and associated policy which are available to download (last updated 22 July 2022):