Pushback over data localisation for digital ID scheme


Digital ID is shaping up as the next data localisation battleground, with the Tech Council of Australia arguing proposed rules requiring onshore hosting for the scheme will do nothing to improve security.

In a submission to the parliamentary inquiry into the Digital ID Bill, the industry body for Australia’s tech sector said that while it supports the passage of the legislation in its current form, the underpinning rules should be tweaked.

“We believe these matters may be appropriate for the Committee to consider in its report, but importantly, do not affect the content of the primary legislation,” it said this week, adding that the bill is “crucial to realising the benefits of digital IDs”.

Do you know more? Contact James Riley via Email.

1 Comment
  1. lyria@bennettmoses.com 9 months ago

    I question the statement “Data localisation is based on the misconception that cybersecurity risk is dependent on physical location. However, the main determinants of cyber-resilience are technical, such as strong encryption measures and infrastructure protection, and governance-related”. It surely depends on what threat one is guarding against. If the threat is a cyber crime conglomerate then I agree that data location is not a primary lever for security. However, we cannot ignore the threat of foreign governments who can use legal / quasi-legal processes to access “local” data. There are countries where I would not be comfortable having my data stored lest it be used for election manipulation, sham criminal investigations or foreign influence (if not over me, then over politicians whose data may also be stored there). Even in the context of legitimate criminal investigations by “trusted” countries, there are questions about the loss of sovereignty over decisions by foreign law enforcement agencies.

Leave a Comment