UK Officials Reveal Proposals for Digital Identity Framework

By Robert Bateman

The U.K. government is developing a nationwide “digital identity” framework that would enable it to identify individuals across various public services.

Several news outlets have characterized the scheme as a plan to assign a so-called “digital ID card” to every citizen, a move that would concern many privacy advocates.

The U.K.’s proposals are still unclear, but they do not appear to involve a physical ID card. The government claims the framework would reduce fraud and check individual identities more easily.

“We want to make it easier for people to prove their identity securely online.”

Matt Warman, U.K. digital infrastructure minister.

“Digital technology is helping us through the pandemic and continues to improve the way we live, work and access vital services,” said Matt Warman, the U.K.’s digital infrastructure minister, in a Sept. 1 post on the government’s website. 

“We want to make it easier for people to prove their identity securely online, so transactions can become even quicker — it has the potential to add billions to our economy.”

Governments around the world are turning to digital solutions to help identify citizens, in some cases spawning great concern among citizens and privacy advocates.

This includes, for instance, the “smart ID card” system recently announced in Hong Kong as part of China’s sweeping new national security law, which would require citizens to carry a card containing a trackable RFID chip.

Failed 2006 Attempt

The U.K. government previously tried to introduce a national ID card in 2006 under Prime Minister Tony Blair, but the plans faced fierce resistance from privacy campaigners and opposition parties.

Guy Herbert, director of the campaign group NO2ID, fought against the U.K.’s previous ID card proposals, and was highly critical of the new plans.

“Single, centralized identity is not a good idea.”

Guy Herbert, NO2ID campaign group.

“People think the government knows all about them. Well, it doesn’t,” Herbert told Digital Privacy News. “Single, centralized identity is not a good idea.

“The system becomes a means by which you are effectively locked out of everything until you provide the relevant credential,” he added, “which is a problem if anything goes wrong.” 

‘Single Source of Truth’

While accepting that various government departments hold data about most citizens, Herbert said he was concerned about the state having a “single source of truth” about each person.

“The sorts of things that different departments know about sometimes conflict — for perfectly good reasons,” he said. 

“Apart from the additional power that gives the government to surveil us — even with the government behaving impeccably — the conflicts and dirtiness of that data are still going to create problems.”

“The COVID-19 pandemic has accentuated the demand for trustworthy digital identity.”

Ana Beduschi, University of Exeter.

Others, however, are tentatively supportive of the government’s proposals. Ana Beduschi, associate professor of law at the University of Exeter, said she believed the government was right to be developing a digital identity framework.

“The COVID-19 pandemic has accentuated the demand for trustworthy digital identity,” she told Digital Privacy News. “In this sense, it is good that the U.K. government is considering driving forward legislation, standards and achieving international interoperability for digital identity.” 

Beduschi envisioned “a more effective, data privacy and human rights-compliant, cyber-secure framework for digital identity.”

To achieve this, however, she argued that three conditions must be present:

  • First, a digital identity framework must respect and protect data privacy, whatever type of architecture or technology is chosen.
  • The framework, she said, also must “factor in the broader legal and societal impacts, including on human rights — beyond the sector in which the technologies are deployed.” 
  • The technology chosen for the digital identity framework must “adopt and follow standards and certification,” Beduschi said.

A digital identity system that meets these standards could bring about societal benefits, she told Digital Privacy News.

‘A Bureaucratic Hiccup’

But Herbert and other observers argued that — even if the privacy and security of personal data were guaranteed — the state could not be trusted to maintain a single record about every individual. 

“Anybody who has been on the end of the most minor bureaucratic hiccup should be aware of what happens when your entire life is hijacked by a bureaucratic hiccup,” Herbert said.

“Should we be more terrified of an arbitrarily and accidentally oppressive all-knowing state, or a state that thinks it knows everything — but, in fact, is subject to endless error and disturbance?”

Robert Bateman is a writer in Brighton, U.K.

Sources (some external links):