Earlier this year, the Cabinet Office launched a public consultation to seek views on proposed changes to the law. These aim to improve how government departments use the data they hold to make it easier for people to prove their identity online.
We’ve had a lot of interest in the consultation, with many respondents asking questions and providing feedback, so we wanted to talk a bit more about what the changes will and won’t mean for you.
One of the challenges of building a way for people to prove their identity online to access government services is that it has to work for everyone. Around 3.5 million adults in the UK don’t have any form of photo ID according to the Electoral Commission, and there are many who don't have a strong credit history on which they can answer questions to prove who they are. The proposed changes would strengthen the legal basis for using government held data to help someone prove who they are, as well as strengthening the legal basis for sharing the result of an identity check with another government department once it has been carried out, so that the user doesn’t have to do it again. This would help more people to be able to prove their identity online, simply and efficiently.
This consultation is about the government’s proposed new regulation to the Digital Economy Act, an Act passed in 2017 which already exists to strengthen public services through the better use of data.
Although the consultation is not about GOV.UK One Login, this digital platform being built by GDS, is expected to be the first application of the new legislation. We talked about it in the consultation to help bring to life how the legislation could work in the real-world. GOV.UK One Login is a fast and simple way for people to access government services, while maintaining stringent safeguards on user data and protecting against fraud.
GOV.UK One Login is not about replacing existing offline and face-to-face routes, which we know some users need, and neither is it about the creation of an ID card. Personal data will always be protected in the system and will only be used to support identity verification. It will enable us to confirm that “yes, this is Jaz Bloggs”, making it easier for Jaz to use the government services they need, while also ensuring that fraudsters can’t get access if they’re not who they say they are.
The new legislation won’t change GOV.UK One Login’s approach to privacy. We will continue to comply with data protection legislation and all guidance published by the Information Commissioner's Office (ICO). The principles of ‘data minimisation’ are applied as set out in UK GDPR, so that only the smallest amount of data needed to prove a user’s identity is processed. GOV.UK One Login also has very strong cyber security and counter-fraud processes in place to uphold privacy, secure data and identify and rapidly respond to threats.
This consultation ran from midday on 4 January 2023 to 11:45pm on 1 March 2023 and is now closed. The feedback is now being analysed and a response will be published once complete.