Is identity assurance fully operational in the UK today?
1 March 2013
Six weeks ago, 16 January 2013, the Department for Work and Pensions (DWP) published the details of a contract they had awarded in connection with Universal Credit.
There are 21 million claimants on DWP's services, they all have to be identified and the contract appoints eight official so-called "identity providers" for the UK. The description of the contract includes this:
That's today, 1 March 2013, and the question is, are these UK identity assurance systems now fully operational as stipulated?
In supporting the digital by default policy in general and the Government’s welfare reform agenda in particular, cabinet office have produced guidance for all major public service provider departments relating to the need for identity assurance of members of the public when accessing government services ...
To support the rollout of universal credit and personal independence payments providers will be selected by June 2012 and systems will need to be fully operational from March 2013 [emphasis added].
If so, we live in something of a new world.
If not, we need to know if the identity assurance programme, like the ID cards scheme before it, is going to linger on for years and then be cancelled with nothing to show for the hundreds of millions of pounds of taxpayers' money spent on it.
Notes to editors
1. Although it's nominally a DWP contract the organisation really in charge of UK identity assurance is the Government Digital Service (GDS), part of the Cabinet Office, please see Universal Credit and the December putsch: "The revised DWP OJEU notice is effectively an HMG-wide framework being delivered initially using DWP as the vehicle ... This approach ensures that, ultimately, HMG-wide Identity Assurance is supplied across central departments via a common procurement portal ... and governed by the Cabinet Office".
2. The UK's eight official so-called "identity providers" are: The Post Office, Cassidian, Digidentity, Experian, Ingeus, Mydex, PayPal and Verizon. C.f. The identity of the UK's eighth identity provider has now been provided, reluctantly.
3. Digital-by-default is normally described as the Whitehall policy to make all transactions with the government take place over the web, please see Amazon, Google, Facebook et al – the latter-day pied pipers of Hamelin. GDS's model for the UK is Estonia, please see Francis Maude seeks future in Estonia.
4. What digital-by-default involves is re-constructing Whitehall with power centralised in GDS, please see Martha Lane Fox – https://www.gov.uk/machiavelli and OBITUARY: Whitehall 1947-2012 and A Whitehall death foretold – soul control and Whitehall governance, and GDS's fantasy strategy.
5. Identity assurance is not limited to Universal Credit. Its proposed scope includes all transactions with the government ...
6. ... and the compilation of the electoral register, please see Identity assurance – shall we vote on it?.
7. ... and the compilation of the census, please see Alan Travis – Whitehall, the Guardian newspaper and Lord Leveson.
8. The Department for Business Innovation and Skills claim that consumers will be "empowered" if we adopt their midata plan and use Personal Data Stores, which are virtual ID cards stored on the web, in the cloud, please see Identity assurance. Only the future is certain – doom 4 and last (William Heath, Mydex, midata, BIS, GDS and ID cards) – which takes us into areas of transactions supposedly not involving the government.
9. According to its Whitehall advocates, digital-by-default is modern, fit for the 21st century, inevitable and energy-efficient, and will result in high quality, trusted public services. In fact it is a re-hash of Tony Blair's call in 2005 for joined up government which led to Whitehall's failed Transformational Government initiative. Transformational Government depended on ID cards (please see para.39(7), p.13) and digital-by-default depends on identity assurance.
10. According to its advocates, digital-by-default will save money. Given the history of Whitehall IT projects, that claim must evoke a certain scepticism, please see It's all John's fault.
11. If it does save money, GDS say that it will be by making public servants redundant, please see The savings to be expected from digital-by-default – a clarification. They promise a minimum of 40,000 redundancies, and many more if the constraints on data-sharing can be lifted. They propose in their Digital Efficiency Report that Whitehall should keep the savings rather than pass them back to the public.
It is important to discover whether identity assurance is, as promised, fully operational in the UK today.
"Fully operational" is defined in DWP's description of the contract and involves identity verification, credential management, identity correction services, identity authentication, the use of a standardised data description of identity, the inclusion of attributes like bank account details, the implementation of secure organisational procedures, support for a proper privacy model and a proper consent model, multi-channel delivery, geographical reach and demographic reach.
Tick all those boxes and perhaps we have fully operational identity assurance in the UK today. Otherwise, we haven't.
About David Moss
David Moss has worked as an IT consultant since 1981. The past 9 years have been spent campaigning against the Home Office's plans to introduce government ID cards into the UK. It must now be admitted that the Home Office are much better at convincing people that these plans are a bad idea than anyone else, including David Moss.
Press contacts: David Moss, BCSL@blueyonder.co.uk