Public sector IT association Socitm has called for investment in a digital identity capability for local public services, along with local government to have a stronger voice in the development of a national solution.
It has put forward the call in a new report on its research on digital identity, in line with concerns that the sector has previously been involved in efforts run by central government at too late a stage.
It also comes out in favour of a trust framework approach – in line with work being pursued by the Department for Digital, Culture, Media and Sport – as the best way forward.
The report includes a section on the “calls from local government”, which includes the need to build a sector specific capability for local services that is interoperable with national solutions and could be aligned with other initiatives. These would include the One Login under development by the Government Digital Service, the UK identity and attributes trust framework and Digital Identity Scotland.
This is accompanied by the need for local government to be involved in the design of policies, architectures and principles for a national solution, not just consulted on the design of a prototype. It has to be “inside the tent”, the report says.
It identifies several other issues that need to be resolved, including overcoming barriers to a unified trust framework for digital identity that takes in local services, that development starts with the end user rather than the needs of central government, and that the citizen remains in control of the data once their identify reference is established.
Socitm says previous efforts to create a digital identity system for government have not gone well because of a wrong approach.
“Local government digital and IT professionals are often frustrated because they can see the problem and opportunity of digital identity solutions from the citizen perspective (and their often complex user needs), yet solutions are driven from a central government viewpoint,” it says. “This often turns out to be commercially unviable, or too narrow and limited.”
It points to the need for a clear vision of what to achieve, the creation of a flexible trust framework to address public concerns about the development of solutions and to learn from existing example.
With this in mind it proposes that any work should be underpinned by four principles:
- Operate on a distributed basis, with no central database or single log-in that could be abused or hacked.
- Place the citizen in control of access, data and linkages.
- Build on a modular basis to separate aspects of access, authentication, identity management and digital records development.
- Make provision for the digitally vulnerable.
“A trust framework approach, which allows digital identities to be used, shared and managed by an individual and by an individual organisation, with modular and reusable components offers the best way forward for complex local needs,” Socitm says.
“This requires more than just consultation and involvement from local public service organisations in national developments. It means that the framework should be designed from the outset to reflect the diversity and complexity of relational services at a local public service level, not seeking to retrofit these complex user cases in a national system designed primarily for high volume transactional areas of Whitehall departments.”
Image from iStock, Farakos