What specific retention exceptions in the Digital ID Act and Archives Act prevent immediate deletion of myID records?
This fact-check may be outdated. Consider refreshing it to get the most current information.
Executive summary
The myID operator (ATO) says deleting or uninstalling myID does not guarantee immediate erasure because some records are kept “as required” by the Digital ID Act 2024 and the Archives Act 1983 (myID privacy notice and policy) [1] [2]. That statutory overlapping of digital‑identity rules and Commonwealth records law creates a web of specific retention exceptions — principally lawful disclosure/inspection requests, investigative and fraud‑prevention needs, and archival scheduling — that prevent wholesale, on‑demand deletion of every element of a person’s myID footprint [3] [4] [5].
1. Statutory duty to treat myID data as Commonwealth records (why deletion can be deferred)
The myID privacy statements explicitly treat information collected for myID as potentially “Commonwealth records,” and therefore subject to the Archives Act 1983’s requirement that agencies retain records until they can lawfully dispose of them under records‑management schedules; that legal duty is the baseline reason why uninstalling the app does not equate to immediate purging of all stored records [2] [6].
2. Digital ID Act exceptions: law enforcement, fraud and authorised disclosure
The Digital ID Act itself contains carve‑outs that allow accredited entities to use or disclose myID information in limited circumstances — notably for enforcement, law‑enforcement or fraud‑investigation purposes under enumerated sections (the OAIC assessment references the Act’s limited exceptions and notes the ATO must handle requests under s49 and comply with s54 safeguards) — which preserves records where those legal processes require retention or disclosure [3].
3. Operational retention linked to transactional/business needs (records supporting services)
National archives guidance for digital authentication records, while from a different jurisdiction, underscores a general records‑management principle adopted in practice by agencies: identity‑authentication and transactional records are retained for “the same length of time as the business records they support,” and must be scheduled for disposition rather than immediately destroyed; myID’s own guidance reflects that retention follows business and statutory needs rather than unilateral user deletion [4] [1].
4. Specific administrative logs and source documents that are routinely retained
Administrative artefacts — application forms, logs, registers and source documents used to establish identity — are commonly listed in government records schedules as temporary or longer‑term records (examples include registers of requesters, proof‑of‑identity documents retention rules and REAL ID–style requirements that states retain source documents); these classes of records are the kind that the Archives Act and agency schedules typically require to be held for a defined period and therefore prevent immediate deletion of corresponding myID records [5] [7].
5. Biometric‑processing exceptions and suspicious‑image retention
The OAIC assessment of myID notes the ATO does not conduct biometric matching or retain biometrics except during liveness checking and where an image is “suspicious,” indicating a narrow operational exception that may lead to retention of biometric‑related materials for investigative or quality‑assurance reasons under the Digital ID Act framework [3].
6. What this means in practice and where reporting limits exist
In practical terms, the cited authorities create three concrete retention pathways that block immediate purging: (a) statutory records‑management obligations under the Archives Act that require lawful disposition schedules before destruction [2]; (b) Digital ID Act exceptions for authorised disclosures, law‑enforcement and fraud investigations that permit holding or turning over records [3]; and (c) operational retention tied to the business records myID supports [4]. The reporting supplied does not include the full text of the Digital ID Act’s retention clauses or the ATO’s specific records‑control schedules, so it is not possible from these sources to quote exact timeframes, precise section text beyond the OAIC’s references, or a definitive list of every category of retained data and their retention periods [3] [2] [4].
7. Competing perspectives and implicit agendas
Government documents frame these rules as necessary for accountability, fraud prevention and archival preservation [1] [2] [4], while privacy advocates stress that statutory exceptions create privacy risk and may undermine voluntariness; independent oversight (OAIC) has already recommended procedural updates to how the ATO handles Act‑based requests, revealing an implicit tension between records management obligations and individual control over identity data [3].