Digital ID remains a complex, divisive issue in the UK and in this evolving field, it’s essential to focus on data integrity, user control, and trust to move forward. These key themes - and more - were discussed in a recent roundtable organised by Progressive Britain, hosted in the House of Commons by Jake Richards MP and chaired by Progressive Britain’s Director, Emily Wallace. Speakers from the ODI, the Tony Blair Institute, and Labour Digital joined them on a panel. This blog summarises some topics discussed and the ODI’s position on key data-related aspects of the digital ID debate.
The story of digital identity in the UK goes back nearly two decades. It gained prominence as a project under Tony Blair’s Labour government in the mid-2000s, with the intention of modernising identity verification in the UK. However, the initiative faced strong public and political resistance and was ultimately scrapped by the Coalition Government in 2010. Recently, digital ID has resurfaced as a potential focus under Keir Starmer’s Labour leadership, with benefits heralded by the Tony Blair Institute, which says that “well-designed digital infrastructure would give people control of their data, make it easier and quicker to prove their eligibility for needed services and, in turn, allow those services to be personalised to individual needs.” Indeed it is often quoted that secure digital identity solutions could save the UK economy around £600 million annually, although the source of this statistic, and the methodology behind it, isn’t easy to find.
People remain sceptical, and concerns around surveillance, data privacy, and centralised control still influence public opinion. In a recent rapid response study on Digital Identity in the UK, Careful Industries revealed that there are “significant social divisions and high levels of concern from younger generations and ethnically diverse communities about the potential impacts of digital ID.”
Building trust through data transparency and user control
Public trust is essential for any digital ID system to succeed. For such systems to work, individuals must have control over who can access their data, with transparency over when and how it’s collected, used and shared. Decentralised, user-controlled models—such as personal data stores like the ODI-stewarded Solid —offer potential solutions, empowering people to manage their privacy and access to their data directly. This is especially relevant in the UK, where public trust in data privacy remains low.
Provisions in the UK’s draft Data (Use and Access) Bill aim to address some of the issues. One of the Bill’s core proposals is establishing Digital Verification Services to simplify tasks such as moving house, completing pre-employment checks, and buying age-restricted goods.
The UK has a history of challenges with digital verification efforts. Introduced in 2013, the Verify project sought to establish a reliable government-backed digital verification service but fell short. Criticised by the National Audit Office and various parliamentary committees for missing targets, Verify was ultimately deemed unsuccessful. This past experience shapes the current approach, making it essential for the new Digital Verification Services to learn from past mistakes and prioritise user control and transparency.
Under the new Data Bill, the intention is for providers - certified under a trust framework - to offer digital verification services that enable organisations to quickly be assured that a person or organisation is who they say they are. In this way, data about people and organisations can flow - with their permission - between third-party entities. The trust framework was partially implemented under the previous government and issued as a beta product, with 51 organisations already achieving certification.
It remains to be seen whether an entirely new trust framework will be developed following the passage of the Data Bill or if the current beta framework will be improved or adapted. The ODI has concerns about the framework as it currently stands, particularly its fragmented approach to data standards and the lack of adequacy with international frameworks, which would affect its utility. Furthermore, we would like to see requirements for organisations to enable individuals to access data and to prove that their services offer social and economic value. These points will be further developed in a forthcoming blog.
Privacy, security, and inclusion: essential pillars of a trusted digital ID
Digital Verification Services go some of the way towards solving the challenges of providing identity but fall short of implementing a wholesale digital ID scheme for the UK. To do so, people need to be assured that only the data necessary for specific purposes will be shared - this is a cornerstone of privacy-first digital identity solutions and essential for building public trust. Privacy-enhancing technologies, like decentralised data stores, allow users to share only the information needed, reducing the risks of excessive data collection and building trust with users who value data protection.
There is a risk that the public sees the debate over digital verification services as a mere return to the political fight over ID cards from the early 2000s, but this fails to consider that the UK digital identity and attributes trust framework may borrow significantly from work made under the previous Conservative government. It is also a natural evolution in the way we’ve come to expect identification services to be at the heart of private service provision in things like purchasing age-restricted products (such lottery tickets, cigarettes, or even energy drinks from pubs to corner shops), not to mention when setting up bank accounts, or registering for rental agreements.
Each of these cases requires different certification of differing levels of personal data. For example, a date of birth might differ from a national insurance number and address regarding privacy concerns. The new Office for Digital Identities and Attributes is going to take responsibility for determining which companies, of the 51 mentioned above - and potentially more, as firms realise the government is open to DVS more widely in the provision of its services - are capable of managing and certifying different things with the rigour required for handling sensitive data securely.
Indeed, any system introduced must tackle issues like privacy, security, and inclusivity to gain public trust. Privacy-enhancing technologies can secure data sharing while giving individuals visibility and control — and this is where the Solid protocol brings the most benefit.
The Careful Industries study supports these needs, advocating for a single, voluntary digital ID system backed by the government but designed with privacy safeguards and public consent at its core. Key recommendations - and which we support - include:
- Voluntary, privacy-first ID systems: A single, government-backed but voluntary ID system prioritising user consent.
- Transparency and public engagement: Regular consultations to ensure digital ID developments align with public needs.
- Digital literacy and access initiatives: Addressing digital exclusion so everyone can access and benefit from digital ID systems.
These principles address rising public demand for privacy-focused, inclusive identity solutions that accommodate the varied needs of UK citizens.
Decentralised digital ID models for public trust
For governments - and people - decentralising data storage can reduce security risks and address concerns around centralised data control. Decentralised systems enable individuals to manage data sharing, providing governments with a model that builds trust without compromising security. A 2022 report by the Association of National Advertisers and Cisco showed that privacy-focused companies are more trusted by consumers, and McKinsey’s 2023 survey found that over 70% of consumers expect interoperable, privacy-first services.
Meanwhile, developments within the European Union may also influence the UK’s approach. With the recent Digital Identity Regulation, every EU Member State will be required to provide at least one EU Digital Identity Wallet by 2026, allowing citizens to store and share digital credentials across borders securely. This aligns with global moves toward a universal ‘Digital Identity Wallet’ allowing people to digitally store personal information, such as passports and driving licences, eliminating the need for physical documents, except - we hope - where individuals choose to retain them.
Building public support through benefits and interoperability
Public support for digital ID will require visible benefits and practical usability across sectors and borders. Interoperable, privacy-respecting digital ID systems offer flexibility and convenience, making them more appealing to users. By addressing these expectations and prioritising privacy, transparency, and inclusivity, a UK digital identity system could enhance efficiency and reinforce social cohesion, trust, and individual rights.
