Do we really want a single digital identity system to access government services?
Is the UK government about to make a new announcement on its plans for a single digital identity for citizens to access online public services?
On 22 September, two seemingly coordinated presentations are due to take place as part of London Tech Week. First, at TechUK’s Building the Smarter State event, the Cabinet Office is sending a minister to talk to tech industry leaders about digital identity – we can’t be sure who at the moment, though. It was originally going to be Julia Lopez, who was responsible for digital government policy, but she’s just been reshuffled and it’s not clear who is taking over her former portfolio.
Nonetheless, at the same time the new director for digital identity at the Government Digital Service (GDS), Natalie Jones, is down to speak at the Identity Week event – her first public appearance since starting the job earlier this month – in a session titled “Identity: building one safe and easy way for the public to access all government services”.
Rumour has it that the announcement could be related to a possible digital identity app. For many years, GDS was very anti-apps, preferring to make the Gov.uk website adaptable to mobile browsers. But the success – in terms of downloads, at least – of the NHS App and the Covid-19 contact tracing app may have convinced some in government that apps are the way forward for this project too.
The illustrations used on the latest GDS blog about its One Login programme certainly look somewhat app-like.
Only this week, there’s been controversy about the NHS App using a commercial third-party, iProov, to collect and store facial biometric data – which highlights the privacy concerns that already exist in this area.
A wider question
But there’s a wider question here, that doesn’t seem to be receiving any public discussion. Do we really want a single system to be used for signing in to all Gov.uk services? GDS is expected to ask for up to £400m budget to develop the system – but is that going to be money wisely spent? And by that question, I don’t mean whether or not this programme will be a success where its troubled predecessor, Gov.uk Verify, failed at a cost approaching £250m.
GDS’s explanation for why we need One Login is sensible and logical. We all expect to use a single sign-on for commercial websites, such as Amazon – so citizens should receive the same level of service and usability when dealing with government.
We’re all comfortable – mostly – with the personalisation offered by the likes of Amazon, remembering who we are and what we did on our previous visits. Why shouldn’t that be the same with public services? It’s a compelling argument.
But there’s one significant difference between One Login and Verify that should make us discuss these issues more closely.
ID cards by stealth
Verify had a specific objective of avoiding the creation of a central digital identity register – remember that this wasn’t long after the new Coalition government had scrapped Labour’s ID cards scheme (yes, Verify has been going that long). The concept of identity cards delivered by digital stealth was, and to many still is, politically toxic.
By using private sector identity providers, Verify was a “double-blind” system – those commercial providers wouldn’t know what government services their users were accessing, while the government departments wouldn’t have access to the personal data those users provided to validate their identity.
One Login, however, does away with all that. Its express objective is to gather users’ identity data and their behavioural data – where they go and what they do across Gov.uk. For the clever web geeks at GDS, this makes perfect sense in building the best user experience (UX).
Without wishing to sound too cynical, it will look great on a CV – “I helped develop a whole new approach to UX and personalisation on the biggest public website in the UK” – which I don’t mean negatively; many people join GDS specifically for a few years’ high-profile experience before moving back to the commercial world. For example, Jen Allum, the former head of Gov.uk, has left GDS to join X, Google’s “moonshot factory” in California. It’s perfectly fair if they think like this – they’re pretty much encouraged to do so.
But someone, somewhere, needs to ask: do we really want to build a huge, centralised database that maps our personal identity verification data (potentially including passports, driving licence, credit ratings, mobile phone records, biometrics) onto the public services we’re using, such as taxes, benefits, DBS (disclosure and barring service) checks, pensions and more.
Government is not Amazon
Sure, on paper, the idea of a Gov.uk that’s as personalised and functional as Amazon sounds appealing. But Gov.uk is not Amazon. The privacy and data protection issues are, surely, obvious.
Add in the prospect of a One Login digital identity app on the smartphones of millions of people and… Well, it won’t be mandatory, but it’s a pathway to an official government digital identity being carried around in our pockets.
While One Login isn’t being developed for commercial use, it will conform to the new Digital Identity Trust Framework being developed by the Department for Digital, Culture, Media and Sport (DCMS) to regulate the use of digital identities across the UK economy. It wouldn’t take much for a major company – a supermarket, say, or an airline – to allow customers to use a government One Login app to prove their identity.
GDS would no doubt say that is not the intention – and today, that is true. But 10 years from now, with a very different government attitude perhaps? The current government is already talking about weakening the data protection provided by GDPR. The attraction of adding private sector transactions to that central database of identity and behavioural data might just become overwhelming – especially if a reformed law makes it easier to do so.
One Login has come about because of the failure of Verify. But it should not be described as its replacement – the architectural approach is too different, and brushes over the wider implications.
When Computer Weekly interviewed the new GDS CEO Tom Read back in June, he acknowledged the sensitivity around One Login. He said: “The key thing is, because we’re a monopoly service provider, this kind of data integration is going to be optional. One of the key features we’re building in right at the beginning is that if you don’t want those data items to be connected, you will be able to disconnect and just do it the way you currently do. If you don’t want to use digital channels at all, we will always have ways that people can do that. So if your fundamental concern is privacy, and perhaps a distrust in government, we will make sure that everything still works smoothly.”
A debate we need
But clearly, the aim will be to have the vast majority of Gov.uk users signing in through One Login – and even more so if there’s an app. And as we see every day with users blithely clicking to approve the terms and conditions of an app, very few people are going to explore options allowing them a degree of control over how their data is used. Maybe there’s even an opportunity here for GDS, to also develop a system that allows users that control over their data, in a user-friendly way.
Don’t get me wrong – I’m not trying to be critical of GDS. They are doing what good web developers would do – they aren’t responsible for policy. (You could be critical of spending up to £400m on the project, but that’s a debate for another blog post).
If there is a digital identity app being developed, it will be interesting to see if this is enough to attract the attention of privacy campaigners and start a wider debate. But if the government is soon to commit hundreds of millions of pounds to this project, that’s a debate we really need to have.