In this video, Ash Smith Deputy Director, Digital Identity, GDS, Cheryl Stevens–Digital Director, Shared Channels Experience– DWP, and Mike Crockart, Identity Platform Service Owner, The Scottish Government, discuss “Digital Identity in Government”, organized by Scott Logic.
With Government Digital Service GDS leading towards ‘One Login for Government’ and The Scottish Government boarding on the phase of its Digital Identity Scotland program, a new system of identity assurance for public services is being designed.
The main purpose of this system is to provide people ‘One Login for Government services’ which is easy and safe to use, and in access to everyone; making it easier to find and use government services for people. The aim is to allow citizens to prove their identity only once if they agree to share their data between services and departments and to protect people’s privacy.
To explore this topic, Scott Logic gathered an expert panel:
- Ash Smith – Deputy Director, Digital Identity – Government Digital Service GDS.
- Cheryl Stevens – Digital Director, Shared Channels Experience – Department for Work and Pensions.
- Mike Crockart – Identity Platform Service Owner – The Scottish Government
In this talk facilitated by Scott Logic Principal Consultant Nick Betts, they discuss their approach to identity assurance, including opportunities to improve the user experience and potential obstacles to overcome along the way.
Welcome
At 00:00, Claire Cox worked for the technology consultancy scot logic welcome and introduce the panel who are going to have a brief discussion on today’s topic “Digital Identity in Government”, which is facilitated by Nick Betts, the principal consultant at Scott logic.
At 2:00, Nick starts the discussion by saying that digital identity in government isn’t a new concept, as back in 2001 government implemented the government gateway as an early web portal that allows citizens to register and access online government services. In 2016, UK launches and established one trusted login system, across all online services provided by the British government.
Introductions
At 3:06, the panel gave their brief introduction starting from Sheryl Steven, working as Director in digital at the department of work and pensions, followed by Mike Crockart who is Identity Platform Service Owner at The Scottish Government for about five years and last Ash Smith, Deputy Director, Digital Identity, Government Digital Service for about 18 months.
DWP approach to digital identity
At 4:33, Nick starts the discussion by asking Cheryl the history of digital identity at the department of works and pensions DWP and the approach that they are taking to digital identity with the new dynamic trust hub and specifically the impact of the pandemic on their approach, as in this digital age many claimants prefer to self-serve online for public services, so having a digital identity to those services becomes critical.
At 5:23, Cheryl told that most of DWP services were analog and not digital, and in the beginning, there was a real almost misconception that those same analog identity solutions could be almost translated into a digital world. DWP has got over 20 million customers, many of whom are in complex needs.
She describes that starting with gov.uk verify, DWP is the largest department that uses gov.uk and verify it’s well documented. But it does not work perfectly because of that diverse range of customers in the mainstream and many of them could not use this system and only 25% of DWP’s entire customers are successful in using this. So, one needs to orchestrate lots of bits of information that become onerous for services to do and even more onerous for customers to do effectively.
Although, DWP proved their own plans and will be able to accelerate them soon and will work for hand in glove with GDS in terms of that balance between verifying confirm your identity.
GDS approach to digital identity
At 9:18, Nick asks to provide and give a positive history of the work GDS led in this space and what’s next in terms of future identity initiatives such as the one login for the government.
At 9:58, Ash started his discussion by answering and telling that GDS is working extremely close together with DWP and this all will be done very soon, in a very collaborative spirit. GDS has been leading work across government for quite some time to improve the ability for people to prove who they are online as part of accessing public services.
He describes further that right now GDS is actually forging some stronger relationships between public and private sector partners and third third-party identity providers so he thinks in some ways it was a bit ahead of its time but definitely as changing technology has changed the picture and that there certainly has been some fragmentation of authentication identity systems in government over the last few years driven by the needs to meet user needs as said by Cheryl.
GDS is trying to rebuild momentum around that original vision and there is quite a lot of similarity that we’ve been grappling with this for quite some time to provide that single access point for people to access all government services. That’s a bold ambition GDS should be aiming for and to deliver the sort of transformative benefits that we’ve been talking about and to make that as simple and easy to use by customers.
He also tells that GDS has got some funding from the treasury also to do some initial work on that new one login system. GDS team is totally committed to making this a real collaborative endeavor and also make it sure that other government departments and services requirements are fully fulfilled and develop the program in a properly agile way.
Scottish Government approach to digital identity
At 16:53, Nick asks Mike how the Scottish government is approaching digital identity and how are you putting security and public confidence first?
Mike answer this important question as yes digital identity has many problems in the past and unsuccessful public consultation in Scotland. So the first couple of things that we did was set up an expert group with individuals with strong expertise in privacy human rights and data policy to guide us through some of the challenges which we knew.
We also set up a stakeholder group to have complete transparency of what we’re doing. He told that we are trying very hard to follow the spirit and practice of open government in the way that we work and hopefully builds trust with the public, by looking at public perceptions of trust.
At 20:12, He added that there are so many different aspects to digital identity that every time you think you’re getting some progress you come up against another barrier and that’s made it quite difficult. So the first stage of our beta is we need to come up with an aim to one login for Scotland and we need to look at interoperability and federalization or convergence in some way on what the GDS team in this space are doing as well. Also, he told and appreciate that we all are on the same page now.
How DWP is approaching inclusivity in the context of digital identity
At 22:38, Nick asks Cheryl about the DWP approach in the context of digital identity services to ensure that the solution doesn’t create a digital divide between the haves and the have-nots.
Cheryl starts answering this important question by giving reasons for some of the most vulnerable customers being excluded from the service and said that the digital identity piece at the beginning of every service is a really big hurdle, so do we really need that high hurdle if one is simply logging in to have a look when his next appointment is.
At 25:40, she said that if we are serious about proportionality, we need to start looking at why we’re making the customer do all the heavy lifting. She told about DWP legislation, which is very clear that before paying benefits we have to check where it’s probable or not. She told that the trust in the personal action and session is it has been a bit of a game-changer for DWP and it is something that we’re feeding into the one login program.
GDS additional thoughts on inclusivity
At 29:27, Ash responded and said obviously we’ve got a legal which provides moral requirements to provide a service that does try to work genuinely for everyone. For instance, on the digitization of its general register office, births and deaths data, marriages data, etc. can help to fill in the gaps discussed and of course, having the right kind of safeguards in place to make sure that isn’t cutting across the privacy and other requirements.
Scottish Government’s partnership model for digital identity
At 31:54, Nick asks Mike to through light on how they are approaching the Scottish Government’s partnership model for digital identity and what is the strategy for other departments being part of that wider system in Scotland. Mike responded by saying that thing to keep in mind here is that digital identity isn’t just a service, a key part of digital identity is to articulate what the value of that service is to individuals and to other public services.
For individuals, it’s slightly easier to reduce friction by reducing the risk of identity fraud and identity theft and reducing effort in accessing services. So, we need to have a clearer focus on how we provide high-quality user-focused efficient public services and digital identity is going to be a large catalyst for that.
UK Digital Identity and Attributes Trust Framework
At 38:22, Nick asks Ash about more details on UK Digital Identity and Attributes Trust Framework, new rules about identity, and how people can verify that their identity online. He responded and said, he really agrees with mike about the challenges of describing these digital identity things and GDS’s current approach anyway is to be very clear about these things.
At 41:00, Cheryl added that for her the last 18 months have been the most exciting in digital identity in terms of the new way people are thinking about it so picking up on Mike’s point, about permissions to personal data, the trusted framework for her is the holy grail which departments like DWP can go to in the knowledge, that we can still provide proportionate service that helps all their customers but above all, it should be a trusted framework for people so that they can work on it.
At 45:15, Ash added that the confidence of customers towards the service you’re providing gets great importance. He told that in February, DCM will publish an alpha of its trust framework which includes all the set of rules and standards which organizations agree to follow and it gives you that kind of kitemark that if they are signed up to the framework then you’ve got that sort of confidence and trust in them. This includes requirements in areas such as how to best create and use identities, how to handle and protect personal data security and encryption etc.
44:20 Q&A
At 44:20, as the Question and answers session start, Ash briefly answers the very important question which is how the new one-login system for government proposes to deal with verifying the identity of non-UK nationals i.e. overseas trustees, directors, corporate trustee directors, etc. He says say there are several here around the scope of one login and what do we mean by all services.
We’ve deliberately said all services and everyone to make that vision as bold as it can be but clearly, we’re not going to be able to deliver for all services across all bits of government and the public sector at the same time so our focus over the next couple of years is going to be getting through the private beta and then with an initial focus on we will describe the central government services.
At 47:50, another question is would it be better if there’s a dedicated centralized government department to build the national identity service and also be a custodian of the personal data. Mikes take this question and say no, and Ash also agrees with Mike’s opinion.
At 50:00, another question Mike is there any planned crossover between dis and di to remove frustration for Scottish users who need to use the services that don’t fall into the remit of the Scottish government. He says divergence of approaches between Scotland and the UK has changed and there is much more of convergence now in terms of you know that we’re both looking at one login and we need to have those meetings together.
At the end 52:53, the panel elaborates and shares their thoughts on whether we might see a future in which a citizen has one digital id for accessing all services across the government and private sector and the answer is big a yes from everyone.
