Australia: Digital ID Bill 2023 including cybersecurity regulation was introduced to House of Representatives

On 30 November 2023, the Digital ID Bill 2023 was introduced to the House of Representatives. The Bill introduces a voluntary Accreditation Scheme with cybersecurity and privacy requirements for accredited digital ID providers. In particular, the Bill requires accredited entities to implement preventive, detective and reactive cybersecurity measures to protect Digital ID systems from cyber threats. These entities must comply with accreditation data standards, which include testing requirements for biometric security, authentication protocols, and electronic identity verification technologies. The Bill also requires notification and management of cybersecurity incidents to ensure timely response and mitigation of risks within the Australian Government Digital ID System (AGDIS). In addition, the Digital ID Regulator has enforcement powers, including remedial orders, penalties, and suspension of accreditation, to ensure compliance with security obligations.