Establishing trust in digital services
Monday was a big day for the Identity Assurance Programme. The Minister for the Cabinet Office, Francis Maude, explained to a packed Technology Strategy Board event why a federated identity assurance model is essential for the ‘digital by default’ initiative and how important this digital policy is, not just for public services but for the wider economy.
Identity assurance is a complex subject and a controversial one, not just in the UK. But we need to address it if we are going to take advantage of digital channels. We can transact anonymously in some contexts, but not all. When we disclose personal data we need to do it securely. And we need better ways to protect people from transacting with fraudsters. If we don’t address these problems then people will lose confidence in digital channels.
But most of all we need to develop identity services around the needs of users – if we don’t then people will not trust or use them. Many people have described this subject as ‘identity management’. That is an organisation centric phrase: a notion that organisations hold data about people and have the responsibility for maintaining it. We have to reset the subject around the user and recognise that in the digital age people assert identity in many different ways and contexts.
Thankfully, there is a lot to be optimistic amount as the 24 winners of the TSB ‘Trusted Services’ competition demonstrated at the event. The days of creating different user names and passwords for every new website are numbered, thank goodness. There is a strong desire to work collaboratively across the public and private sectors to develop solutions that meet users differing needs. That desire is international. The USA’s National Strategy for Trusted Identities in Cyberspace and the EU Project STORK pilots testify to the opportunities.
As was pointed out several times during the day, the federated model for identity assurance isn’t new. Indeed, the UK assumed the federated model in the Electronic Communication Act (2000) and built the Government Gateway accordingly. But a lot has moved on in the dozen years since Government Gateway was developed and we have a lot of work to do to develop solutions that work for users in the many contexts that they’ll need them.
Speakers from a number of Government Departments (including DWP, HMRC and BIS) described their programmes and their differing identity assurance requirements. We intend to work collectively through the new Government Digital Service to deliver identity solutions. The £10 million funding for the programme that Francis Maude announced will enable us to do that.
You can read more about Monday’s event and the competition winners showcased. Over the next weeks we will be posting more information about the Identity Assurance Programme on this website. We look forward to your contributions.