Home Australia How Australia’s new ‘digital ID’ could change life forever (here’s why some experts are worried)

How Australia’s new ‘digital ID’ could change life forever (here’s why some experts are worried)

0 comments
Cybersecurity expert Shara Evans has issued a series of warnings about the dangers of putting too much data in one place

The government’s proposed new digital ID, which would see a mobile phone replace physical documents, has sparked widespread concerns among security experts and non-Labour MPs.

Government Services Minister Bill Shorten on Tuesday announced an $11.4 million trial of a QR code-based mobile phone app that would replace a driver’s licence card or passport to verify a person’s identity.

The Trust Exchange, or TEx, scheme will be linked to a person’s myGov wallet, or future digital ID, to verify who that person is and provide requested information, such as proof of age to enter a pub or club.

Mr Shorten said TEx could be used to confirm a hotel booking without the customer having to hand over a licence or other form of identification, and such uses could reduce the amount of information collected by private companies.

In the event that someone needs to prove their age, TEx could show that the user is over 18 without revealing details such as their home address.

The technology could store and disclose information such as date of birth, address, citizenship, visa status, qualifications, occupational licenses or verification of working with children, and any other information held by the government.

While Shorten hailed it as a “world-leading” means of identification when he gave a speech at the National Press Club in Canberra, others fear that a person’s entire identity could be accessible on a single device.

Cybersecurity expert Shara Evans said it could be risky to put “all your eggs in one basket.”

Cybersecurity expert Shara Evans has issued a series of warnings about the dangers of putting too much data in one place

“I like the idea of ​​making it easy to verify identity without revealing sensitive personal details and having this sensitive data stored everywhere,” he said.

‘However, this should be considered very carefully and plans should be in place for a prompt and complete renewal of identity in the event of a data breach or compromise or loss of the consumer’s device.’

“I’m always a little concerned when a lot of sensitive information is stored in one place, regardless of who collects and controls it, because there are so many nefarious ways that information can be compromised.”

Others raised concerns about privacy, the relative ease of creating fake credentials on a screen rather than a physical document, and what happens to those who wish to opt out.

Mr Shorten was, however, very positive about the new digital IDs.

“A verifiable credential ID would be a very efficient and secure way for a company to be sure of someone’s identity,” he said.

‘This will save businesses money by significantly reducing their customer onboarding procedures and data storage requirements.’

Mr Shorten assured his audience it would be an “opt-in” system where “you choose what to share, you consent to what is shared and you can trust that it is shared securely”.

Government Services Minister Bill Shorten is testing a new government app that will verify identity without handing over a driver's licence or other similar documents.

Government Services Minister Bill Shorten is testing a new government app that will verify identity without handing over a driver’s licence or other similar documents.

“Whether online or in person, you choose what to share, you consent to it being shared, and you can trust that it is safe,” she said.

He said the proof of concept had already been approved with “support in principle” from the Australian Technology Council, Commonwealth Bank and employment platform SEEK.

“Once implemented, TEx will have countless applications,” Shorten said.

“It has the potential to drive innovation in our economy, creating opportunities across all sectors and for small businesses as well.”

‘We are putting this into action and it is expected to be completed by the end of 2024.

Liberal MP Russell Broadbent, who was an outspoken critic of the Albanese government’s digital ID legislation that passed parliament earlier this year, said he feared an invasion of privacy.

The Trust Exchange program, or TEx, will be linked to a person's myGov wallet or, by the end of the year, to an upcoming digital ID.

The Trust Exchange program, or TEx, will be linked to a person’s myGov wallet or, by the end of the year, to an upcoming digital ID.

“His advisers would tell him that this is the future and this is the way forward,” Broadbent said.

“Are you looking for unintended consequences? Issues related to freedom of choice, freedom of information, freedom of association?”

Broadbent was concerned that using QR codes to enter venues, as governments issuing Covid vaccine passports did during the pandemic, could lead to people being tracked against their will.

“We are being subjected to an unprecedented invasion of our privacy,” he said.

‘It will be another invasion of our privacy because they will connect all the information about an individual in one place,’ he acknowledges in his press release.

“If they have everything in one space, then all you have to do is hack that space from a scammer or hacker’s point of view and you’re all in.”

Mr Broadbent noted that despite assurances all Covid app information would not be used for anything other than case tracking, Western Australian Police had on two occasions used QR registration data in their investigations.

“It’s a complete violation of human rights,” Broadbent said.

A Liberal MP expressed concern about whether the government's new tool could be used to track movements

A Liberal MP expressed concern about whether the government’s new tool could be used to track movements

One Nation leader Senator Pauline Hanson said she was opposed to the new verification tool, which she called

One Nation leader Senator Pauline Hanson said she opposed the new verification tool, calling it a “silly idea”.

‘Has Bill Shorten taken into account all the human rights ramifications in this new process?

‘We’re not even in a pressure cooker right now.

“What if we were in a war situation? Wouldn’t they be allowed to check any data available under war conditions?”

One Nation leader Senator Pauline Hanson also told Daily Mail Australia she opposed the move.

“One Nation has always been opposed to a national digital ID system and I am also against this latest idea,” he told Daily Mail Australia on Tuesday.

‘There are no guarantees about the security of this data. This year alone there have been countless data breaches, including the Medisecure data breach which affected the personal data of almost 13 million people.

What stops a smart person from creating a convincing QR code loaded with fake data?

“What’s stopping someone from using someone else’s phone? I don’t see how this protects hospitality establishments from fake IDs or being prosecuted for serving alcohol to underage customers.”

Senator Hanson said handing over a driver’s license was “no less convenient for showing a location than holding a phone up to a QR code reader.”

“I think this is another silly idea that puts Australians’ personal data at risk and another unnecessary cost to the taxpayer,” he said.

Daniel Lewkovitz, who runs Sydney security firm Calamity, said he was “very cynical” about any claims by the government that the move would remain “voluntary”.

‘The government will continue to talk about security and protecting people, but I would prefer they do a better job of enforcing our existing laws before introducing more laws that affect law-abiding citizens.’

Mr Lewkovitz was also very sceptical about some of the measures that were supposed to be beneficial.

“The funniest thing about this is the suggestion that it will prevent underage drinking,” he said.

‘It’s much easier to fake an image on your phone than it is to fake a plastic ID card, and while there are security mechanisms that can be built in to prevent this (such as the existing Service NSW Digital Driver Licence), I have found that neither private security nor police use these tools to verify the authenticity of the licence.’

Mr Shorten said in an interview on ABC Radio National on Wednesday that to build trust in the process he had asked the agency to use “open source” encryption.

“We will allow people to see what code we have used to produce the software,” he said.

‘Services Australia will continue to do the coding, I want to be clear about that, but I think it’s important if we want to build trust and make the consumer or citizen feel that they have control.

‘The idea is that it will be open source and that people with technical knowledge will be able to look under the hood and make it clear that the system works the way we are describing it.’

(tags to translate)dailymail

You may also like