UK ID Verification Role Shifts to DCMS
The Government Digital Service has lost responsibility for the country’s digital identity policy, with the Department for Digital, Culture, Media and Sport taking over.
The Department for Digital, Culture, Media and Sport (DCMS) has taken control of the UK’s digital identity policy from the Government Digital Service (GDS), creators of the Verify digital verification service.
GDS will still work on the Verify system, but overall policy for the UK’s digital identity policy now rests with Matt Hancock, as secretary of state at DCMS.
DCMS will now control all issues surrounding the provision of the UK’s digital ID service. According to Mr Hancock, the GDS will continue to develop the Verify service, but DCMS will assume all responsibility for the provision of a digital ID service in the UK.
The move comes on the back of a policy change in March 2018, which many observers saw as a reducing GDS’s role in digital government and moving much of it to DCMS. In the past GDS has been criticised for delays in producing a commercial framework to enable private companies to work with Verify, which has caused much frustration for vendors and public sector organisations alike.
In February 2018, Computer Weekly reported that DCMS and the Cabinet Office were engaged in a heated discussion over the future of digital identity policy. Sources said at the time that DCMS was worried that ongoing problems with Verify were becoming a major hindrance to the development of the UK’s digital identity infrastructure.
Matt Hancock MP, the Secretary of State for Digital, Culture, Media and Sport, said that moving responsibility to DCMS reflected the need for a comprehensive and consistent policy across the public and private sectors, as well as across government:
“The delivery of government services and digitisation of government services is a Cabinet Office function – because they interact with each department – rather than a policy function. The move will lead to a more coherent data policy across government and the economy as a whole.”
Mr Hancock also outlined why he believes that keeping data and digital ID made a lot of sense from a policy point of view:
“Getting a high-quality system for digital identity is incredibly important. This matters both inside government for people to access government services effectively, and in the wider economy. The more these two things are tied together the better.”
“The move of data policy including digital identity policy to DCMS was done to unite policy over data whether it’s within or outside government. We found the boundary between the two was increasingly artificial.
Competing ID Services
The Verify system uses publicly available data, such as passports, driving licences and credit histories, to prove online users are who they say they are. However, the system has run into problems with users who have less of a digital footprint, such as mortgages or credit cards. As a result, Verify finds it harder to gather enough data to prove their identity.
Despite ongoing attempts to make Verify the sole identity system for digital government services in the UK, several public sector organisations are currently developing their own alternatives. Her Majesty’s Revenue & Customs (HMRC) is working on their own system as part of its existing Government Gateway. The NHS in England is also developing its own identity system after citing security concerns.
The Department for Work and Pensions (DWP) is using Verify as part of the Universal Credit system, but is now developing its own identity system as well, after finding that hundreds of thousands of benefits applicants could be unable to register successfully on Verify.
The Scottish government is also pressing ahead with its own digital identity plans, with the aim of producing a prototype in August 2018.
GDS has been criticised for ongoing delays in producing a commercial framework, outlining how private sector identity companies can work with Verify, causing ongoing frustration across the board.
Identity experts have also called for Verify to be reviewed over performance concerns. According to Computer Weekly, currently, only 41% of user attempts to create a Verify identity are successful, and only 17 digital government services use the system, despite a target for 25 million Verify users by 2020.
Brexit to Blame
Nic Harrison, director of service design, assurance and digital identity at GDS, points towards Brexit as a major issue in the delayed roll-out of Verify across government: “[Departments are] worrying about the EU exit, so we are frankly just not going to get hundreds of new services being digitised in the next year to bring on Verify.”
Harrison also implied that Verify’s future may be as a set of standards, rather than as a product. Computer Weekly reports: the service could become: “a ubiquitous digital identity for service users both for public and private sector,” which would be ‘Verify compliant’ by following a set of standards.
“In an ideal world, they would be truly interoperable,” he said. “Interoperability and standards-based is the key for us.”