A new research paper proposes a framework to ensure the NSW government addresses risks as it rolls out digital identity, including facial analysis technology.
Digital identity refers to technology that can verify a person’s identity and credentials so they can engage in transactions with the government without face-to-face interactions, physical documents, or digital copies of sensitive information.
It can offer convenience, efficiencies, individual privacy protections and better cybersecurity for governments and business, the report released by the Human Technology Institute at UTS on Monday says.
It notes that NSW, which in April 2022 committed to establishing a digital ID in the state, has been at the forefront of the nation’s digital transformation of government services.
The NSW Digital ID will use facial verification technology and ‘liveness detection’ to verify identity.
However the report warns there are risks to privacy and human rights that must be understood and addressed as Digital ID is extended through the state.
Need for guardrails
As well as loss of trust in government, Digital ID without appropriate guardrails can result in errors and bias, aggregation of sensitive personal information, hacking and identity fraud, and denial of access to basis services and entitlements.
“Digital identity also carries significant risk,” Professor Edward Santow and co-authors write.
Digital identity also carries significant risk.
Professor Edward Santow
“Technology that enables digital identity initiatives – especially facial recognition technologies (FRT) such as facial verification, facial identification, or facial analysis – unavoidably restricts the right to privacy.
“Recent major data breaches, involving millions of Australians, remind us of the consequences of poor data practices.”
Ten supporting principles
The paper, produced in collaboration with the NSW government, sets out how law, governance and training can make digital ID systems more trustworthy.
It contains ten supporting principles for digital ID in NSW
- NSW Digital ID should be established in law
- 2.NSW Digital ID should protect and promote the privacy and data security of all users
- There should be independent monitoring and oversight of NSW Digital ID
- Legislation and policy for NSW Digital ID should ensure citizen autonomy through effective mechanisms for choice and consent
- NSW Digital ID should perform to a high standard of accuracy and be fit for purpose. Service NSW, as the responsible agency, should report publicly and periodically on relevant independent benchmarking and technical standards compliance
- NSW Digital ID should be useable for all, with the benefits enjoyed by everyone equally
- Service NSW, as the responsible agency for NSW Digital ID, should put in place robust internal monitoring and oversight mechanisms
- NSW Digital ID users should be able to access timely correction and redress
- There should be clear communication to the public about NSW Digital ID prior to its rollout
- NSW Digital ID should be developed with a view to integrating with federal and other Australian digital identity systems(source: Improving governance and training for the use of facial verification technology in NSW Digital ID, Professor Edward Santow, Sophie Farthing, Lauren Perry)
Digital government minister Jihad Dib says the government will leverage the expertise of institutions like the HTI in developing and delivering and digital ID technologies.
“As our work evolves there is great value in having an open conversation with leading experts about the way we deliver this technology,” Mr Dib said.
The release of the report also comes as the parliament considers federal digital ID legislation.
Dr Santow and Executive Director of Digital Identity at Digital.NSW Lenka Bradovkova will discuss the report at the Future of AI summit at UTS on December 18.
Leave a Reply