F. Compliance mechanisms

At a high-level there are specific mechanisms already in place that would ensure a level of control in relation to privacy and electronic authentication. These include:

• At the highest level, the Privacy Act and the requirements contained therein to produce appropriate documentation prior to the use of the information

• At a more detailed level, there already exists Privacy Officers in each government agency

• The accountability documentation that mandates the actions of each government agency.

In addition to these existing mechanisms, the EGU has acknowledged the need for there to be an independent authority suitably empowered to review the functioning of the authentication solution and for individuals to approach when they wish to express their concerns about the impacts of electronic authentication. To this end views are currently being sought through the public consultation process about the type of authority or agency that could best fulfil these roles.

At a lower level, we have broadly considered the requirements for operating an authentication mechanism to reflect the need to ensure ongoing Privacy Act compliance and to provide suitable staff training.