This latest guidance from the UK government makes interesting reading – plus comment is invited on the shaping of new digital ID legislation.
It has become increasingly important in this digital age to be able to establish trust, particularly online, says Matt Warman MP, Minister For Digital Infrastructure. This is extracted from the UK gov website statement published recently;
Having an agreed digital identity that you can use easily and universally will be the cornerstone of future economies. There are times in day-to-day life when you may be asked to prove something about yourself to access a service or product. When buying alcohol you may need to prove you are over 18. When opening a bank account you need to certify who you are and where you live. When starting a new job you need to clear pre-employment screening.
This government is committed to solving these problems digitally and without the need for a national identity card.
In response to last year’s Digital Identity Call for Evidence, we committed to:
- creating a clear framework of rules which show what ‘good’ digital identities look like — this will enable business to innovate, and help you to access products and services with ease, confident that there are standards in place to protect you from fraud and safeguard your privacy
- establishing a governance and oversight function to own these rules, keep them up to date, and make sure they are followed
- developing proposals to remove legislative and regulatory blockers to the use of secure digital identities and establish safeguards for citizens
This document, the first ‘working’ version of the UK digital identity and attributes trust framework, is an important step to meeting these commitments.
I want the trust framework to help facilitate a clear understanding between people using identity products, the organisations relying on the service and the service providers, letting each party know data is being used appropriately and kept safe.
The trust framework is being published now as a first stage industry prototype (or ‘alpha’) so that we can test it with services, industries, organisations and potential users. My department is taking this collaborative approach to make sure that when the final version is published it meets the needs of those who will rely on it.
Publishing an ‘alpha’ version allows these key stakeholders to continue to provide feedback as the document is iterated. It also gives service providers and relying parties early insight into the rules of the road and gives you, the user, confidence your digital identity and attributes will only be shared in a controlled and protected way. My department will actively seek feedback from across industry, civil society, other government departments, and the public sector over the coming months to develop the document further. All the trust framework joining requirements in the ‘alpha’ are subject to change in line with the feedback we receive.
NO ONE-SIZE-FITS-ALL APPROACH
It is not my department’s intention to provide any new or ready made solutions for actual products — we will be relying on the creative and innovative drive of industry to build these and the services that meet the needs of consumers from all walks of life. The trust framework is intended to set out the rules for these services, to provide the playing field on which business can operate. More detailed rules which are specific to their sector — what we call schemes — can develop within this framework.
The trust framework is also central to the Government Digital Service’s work with other government departments to develop a new cross-government single sign-on and identity assurance solution. This will ensure interoperability of identities and associated attributes between sectors in the longer term.
This document is just the beginning of building a trusted digital identity system for the UK. As detailed in the trust framework itself, we have further work to do on the governance structure to protect consumers and make sure the trust framework delivers on its intended benefits. We also need to clarify how liability is managed throughout the process. My department will underpin this structure in legislation and will consult privacy groups, industry and stakeholders in due course.
We are excited to work together with industry, with civil society, and with you – the public – to iterate and improve the trust framework to make sure it works for everyone.
You can help us with this by reading this document and sending your feedback. Please provide your comments via the survey by 12pm on Thursday 11 March 2021.