Have any Australian states or providers offered formal deletion or account portability for digital IDs?

1. How “deletion” is being framed in Australian Digital ID policy

The policy debate separates a consumer-facing promise to delete an account or withdraw consent from a broader legal “right to erase” that would force third parties to purge copies; advocacy groups say Australia still lacks a general deletion right under the Privacy Act even as digital-ID-specific rules layer additional obligations (Digital Rights Watch) ^[1]. The Digital ID Act and associated standards create governance and retention rules for accredited entities, and those instruments determine how deletion will be operationalised within the Australian Government Digital ID System (AGDIS) rather than creating a blanket deletion entitlement across all corporate data-holders ^{[4] [5]}.

2. Concrete provider commitments: myID and the promise to “delete your myID”

Services Australia’s myID documentation explicitly tells users they “can withdraw your express consent by deleting your myID at any time,” and notes that information will be retained and disposed of in accordance with the Digital ID Act 2024 and the Archives Act 1983—language that signals deletion is available but also constrained by legal retention obligations ^[2]. That phrasing amounts to a formal, provider-level deletion path for the myID app: users can uninstall or delete an account, but records may still be held as required by law or for archival reasons ^[2].

3. The legal picture: reforms, limits and the absence of a universal right to erase

Privacy advocates emphasise that Australia “does not recognise a right to delete personal data” under existing federal law and point to the need for stronger statutory protections; the Federal Government has passed some privacy reforms and promised more, but a general deletion right remains incomplete as of the reporting in these sources ^[1]. At the same time, the Digital ID Act 2024 establishes a statutory framework for AGDIS—defining accreditation, rules, and data standards—which gives the government levers to require particular deletion, retention and incident response behaviours from accredited participants even if the wider Privacy Act remains unchanged ^{[4] [5]}.

4. Account portability: plans, pilots and ambiguity

Portability is being discussed in policy circles: the Department of Finance says its next priority includes testing whether government should offer government‑issued verifiable credentials to a person’s chosen digital wallet, and a Request for Information has been signalled to explore a verifiable credential system—language that suggests future portability but falls short of a current, formal portability guarantee offered by states or all providers ^[3]. The Digital ID Rules consultations and accreditation standards are actively being revised and include redress and incident-handling proposals, but exposure drafts and rule changes to date are about governance and incident response rather than operationalising cross-provider account export as an enforceable right ^{[6] [7]}.

5. Stakes, agendas and what this means for users

Privacy advocates press for a statutory deletion right because provider-level promises can be limited by legal retention, back-ups and third-party copies ^[1], while the government frames AGDIS as “voluntary, secure and convenient” and is moving cautiously toward expanding participation and technical options that could enable wallets and portability ^{[8] [3]}. The practical reality from the sources is mixed: at least one government provider (myID) offers a deletion/withdrawal mechanism, the law creates industry-specific obligations under the Digital ID Act, but there is no broad, state‑by‑state or provider‑wide legal guarantee of universal deletion or mandated account portability yet—only consultations, pilots and draft rule changes that could produce those rights if regulators choose to embed them ^{[2] [4] [6] [3]}.