I recently felt inspired by a piece from the editor of Computer Weekly, so I decided to dive into what’s really happening with the government’s digital identity plans.
We all know we need a trustworthy digital ID system. Progress has been slow, and the ongoing uncertainty is a major concern. We want to know: What’s the plan? How’s it going to work? What does it mean for us? I’ve raised these issues through various legislative amendments, including those to the Financial Services Bill in 2021 and the Financial Services and Markets Bill in 2023. My suggestions called for the government to publish their plans for a distributed digital ID within six months of passing the bill. They also included the need for public engagement and emphasized that the systems should be scalable, flexible, and inclusive. But those amendments didn’t make it through.
Since then, we’ve seen some movement. Last October, the Department for Science, Innovation and Technology (DSIT) created the Office for Digital Identities and Attributes (OfDIA) to oversee the Digital Identity and Attributes Trust Framework (DIATF). This framework is certifying private sector providers, and the latest report suggests that 58 organizations are now certified to offer digital verification for various needs, like right to work and background checks.
Meanwhile, the government is pushing forward with Gov.uk One Login, a single sign-in service for citizens to access central government services. Initially, it seemed this would stay separate from digital ID and age verification services. However, recent announcements about a Gov.uk digital wallet, a mobile driver’s license, and digitized veteran cards have muddied those lines, especially since the government indicates these IDs could be used to verify age for purchases like alcohol.
Is digital ID shifting from a competitive market to a more state-controlled effort? If the government is adopting a more active role in providing digital ID, they need to communicate that clearly. We deserve transparency about the funding for this new direction and how it might impact the private sector.
Many of us support One Login as a means to access public services like applying for an import license or renewing a passport. But if the government starts using it in more commercial contexts, we face potential issues. In December 2024, One Login received certification under the DIATF, which allows it to compete directly with private providers.
We need to ask: Are we really ready to use taxpayer money to fund a digital wallet when private-sector certified companies could handle these functions more effectively? Given the importance of trust in digital ID, blurring the lines between frameworks like the DIATF and government solutions like One Login raises concerns.
There’s also growing support, particularly among Labour MPs, for making digital ID mandatory. However, I’m not sure that’s the best way to build public trust for a system that’s vital to our success. A secure, verified digital ID could transform many aspects of our lives, from convenience to business efficiency and beyond, but it has to be built on a foundation of trust. A recent DSIT survey highlighted that people want verifiable identities, but they prioritize accountability and transparency.
The challenges are real. There’s skepticism about whether the government can be trusted with personal data, and there are valid concerns about further marginalizing vulnerable communities faced with the digital divide. It’s crucial to prioritize strong privacy protections, voluntary participation, robust security, and broad accessibility.
Public engagement is key. If citizens feel left out or think the government is trying to compete with digital ID companies, trust erodes. Without trust, uptake fades. We need an effective digital ID that’s principles-based and distributed, enabling individuals, businesses, and communities to harness the benefits of new technologies while safeguarding against potential harms.
This journey is just beginning, but it’s one we all need to actively participate in—discussing, designing, and deploying these systems together.