There’s a real prize for the UK to lead when it comes to distributed digital ID
Crypto AM Parliamentary Special with Lord Holmes of Richmond MBE
Financial Services Bill: Time to Act
Part Four of Five
Thursday, I have pleasure in penning day four’s thoughts on the Financial Services Bill, currently making its way through the House of Lords. Today, I want to set out my hopes for a distributed digital ID for the UK. I know, child’s play right?
I put forward my amendment to this end yesterday evening. The amendment requires the Secretary of State, within six months of the passage of the bill to publish the government’s plans for the development and deployment of a distributed digital identification (“Digital ID”) for individuals and corporate entities in the financial services sector.
In the subsequent debate it was cheering that my colleague, Lucy Neville Rolfe, argued that I had not been tough enough. Six months, she thought, was far too lenient and action was required much sooner. I agree, and was delighted to have such wholehearted support for the proposition.
Further, my amendment states that such ID must be scalable, flexible and inclusive, capable of deployment and take-up across the entire UK, and capable of adapting to change – not least in new technologies such as quantum computing. B inclusive I mean not just inclusion concerning protected characteristics as set out in equality legislation, but wider – a guarantee that a digital ID will enable and empower everyone across the piece.
It was more than piquant irony that shortly before joining the debate I got an email asking me to verify my driving licence details. Clearly a fraud, and one that helps make the argument for why we need a distributed digital ID, right now. It was my guide dog that finally persuaded me my driving licence wasn’t in fact up for renewal!
Antipathy and scepticism
Finally, the amendment requires the Secretary of State to undertake a public engagement campaign around digital IDs to raise awareness and participation in the process. Why should any of us feel anything other than antipathy and scepticism if something is put forward which we have had nothing to do with, heard anything about or been able to influence, interrogate or even see close up?
The greatest example of when this worked so well was my colleague, Baroness Warnock, when she did such excellent work in the area of IVF. The Warnock Commission’s rational, reasonable and measured debate entered the fold of a confused and passionate debate, and IVF is now an accepted part of our lives.
I think a real problem driving distrust of digital ID is that we don’t exactly have that strong means of ID in the non-digital world. Stop asking me for that utility bill, increasingly difficult as billing moves online, largely pointless in any event. And apparently there are pubs where you can pick up a passport, tweezers to slip out that pic and pop in your own.
Even without any of that, with your own, so called ‘ID’ docs – a real problem if you don’t drive or fly – but what does a small book of paper pages with a thin leather cover really tell anyone about you? Does it tell anyone what they want – or need – to know about you, crucially, in real time. It’s all just so disappointingly papery.
It is this which has to be the start point for our distributed digital ID, it’s not a document, even if digital, it’s not a card, even if digital, it must be something far more specific and far more sophisticated. The only occasion anyone should ever hear “where are your papers?” is as a legitimate enquiry to the newsagent.
The twelve guiding principles of self-sovereign identity [SSI] help to explain how a distributed digital ID could work in all our interests; secure, decentralised, transparent, embedding equity and inclusion and protecting our privacy. A practical, functional solution.
The twelve principles in full:
1. Representation. An SSI ecosystem shall provide the means for any entity—human, legal, natural, physical or digital—to be represented by any number of digital identities.
2. Interoperability. An SSI ecosystem shall enable digital identity data for an entity to be represented, exchanged, secured, protected, and verified interoperably using open, public, and royalty-free standards.
3. Decentralisation. An SSI ecosystem shall not require reliance on a centralised system to represent, control, or verify an entity’s digital identity data.
4. Control & Agency. An SSI ecosystem shall empower entities who have natural, human, or legal rights in relation to their identity (“Identity Rights Holders”) to control usage of their digital identity data and exert this control by employing and/or delegating to agents and guardians of their choice, including individuals, organizations, devices, and software.
5. Participation. An SSI ecosystem shall not require an identity rights holder to participate.
6. Equity and Inclusion. An SSI ecosystem shall not exclude or discriminate against identity rights holders within its governance scope.
7. Usability, Accessibility, and Consistency. An SSI ecosystem shall maximise usability and accessibility of agents and other SSI components for identity rights holders, including consistency of user experience.
8. Portability. An SSI ecosystem shall not restrict the ability of identity rights holders to move or transfer a copy of their digital identity data to the agents or systems of their choice.
9. Security. An SSI ecosystem shall empower identity rights holders to secure their digital identity data at rest and in motion, to control their own identifiers and encryption keys, and to employ end-to-end encryption for all interactions.
10. Verifiability and Authenticity. An SSI ecosystem shall empower identity rights holders to provide verifiable proof of the authenticity of their digital identity data.
11. Privacy and Minimal Disclosure. An SSI ecosystem shall empower identity rights holders to protect the privacy of their digital identity data and to share the minimum digital identity data required for any particular interaction.
12. Transparency. An SSI ecosystem shall empower identity rights holders and all other stakeholders to easily access and verify information necessary to understand the incentives, rules, policies, and algorithms under which agents and other components of SSI ecosystems operate.
So, we know what we don’t want: centralised and cumbersome systems, risking censorship or at best, a single point of failure and gross costs. The track and trace system could have looked very different with a trusted distributed digital ID.
There is a real prize for the UK here, for us as individuals, corporate and all entities, to trade, to trust, to claim and verify, to lead when it comes to distributed digital ID.
The time is now, and I look forward to further discussions with DCMS to enable this to become realised for the benefit of us all.
Lord Chris Holmes is Vice Chair of the Parliamentary Groups on: FinTech, AI, Block Chain and 4IR. He has co-authored Lords Select Committee reports on: Digital Skills, Social Mobility, Financial Inclusion, AI, Intergenerational Fairness and, last year, Democracy and Digital Technologies. He also authored a report on ‘Distributed Ledger Technology for public good: leadership, collaboration, innovation.’
Further detail about amendments to the Financial Services Bill can be found on Chris’s Blog: https://lordchrisholmes.com/