The UK government has opened a consultation on draft legislation to support its new identity verification platform One Login. As part of the consultation, the Cabinet Office has set out its proposal to enable greater data sharing between specified public authorities.
One Login will enable users to sign in to government services online with a single login, replacing the 40+ logins currently required for all services. The Government Digital Service (GDS), part of the Cabinet Office, is working with two private sector service providers, Deloitte and Experian, on identity verification.
One Login will be supported by new Government legislation
According to a government announcement, the consultation paper sets out a proposed objective for the draft Digital Government Regulations 2023 to support One Login. It will also allow select public authorities to check and share several types of government-held personal data with the platform to verify citizen identities.
The government is proposing adding additional departments and agencies to this list of those allowed to undertake data sharing for identity verification and public service delivery objectives. These include the Cabinet Office, Department for Transport, Department for Food, Environment and Rural Affairs (DEFRA) and the Disclosure and Barring Service (DBS).
“One Login and the proposed legislation will ensure the government continues to drive inclusive digital transformation, to level up opportunities across all corners of the UK, and deliver brilliant public services,” says Alex Burghart, parliamentary secretary for the Cabinet Office.
The consultation runs until 1 March, with the government scheduled to publish its response by 24 May.
What type of personal data do government departments require for identity verification?
Under the Digital Economy Act 2017, only named public authorities listed in the legislation can process data to support identity verification services. These currently include the Home Office, Department of Work and Pensions (DWP), HM Revenue and Customs, councils in England, schools and academies in England and Wales and Police and Fire authorities are allowed to share certain types of information.
These departments hold personal data about citizens, including full names, date of birth, home address, photographic images, passport number or driving licence number, the outcome of identity checks previously performed, income, and attributes deemed necessary for government departments to verify identities. Health and adult social care organisations are not currently in scope.
Departments such as DBS are already using One Login. It became the first government service to deploy the service earlier this year.
However, government departments have come under scrutiny in the past for use of personal data. The Department for Education was warned by the Information Commissioner’s Office (ICO) in November 2022 after it shared data on 28 million children to gambling sites.
Government departments and agencies continue to seek private digital identity solutions
While things are progressing with One Login, government departments are still going to market for their digital identity solutions for the near to mid-term.a.
“Back in October 2022, Companies House tendered for a partner with expert knowledge and skills of digital authentication standards, as well as issuing an request for information the same month for providers offering products and services to capture and manage identity information,” explains Robert Stoneman, service director for UK public sector at GlobalData.
He says that in the same month, the Pensions Dashboards Programme (PDP) also signalled its intent to go to market in the future for its own digital identity service. But he says this disjointed approach to identity systems does not necessarily preclude greater data sharing. “Opportunities related to this topic are making mention of the importance of bulk data sharing with government departments and supporting digital identity verification for access to online government services,” he explains.
Stoneman adds that data sharing across government has never been “more vital”. He adds: “Citizens expect joined-up digital services from public sector organisations and the experience of the pandemic has only reinforced this.”
The government’s digital identity call for evidence for 2020 highlighted the demand from the public for digital identities for accessing citizens products and services, says the Cabinet Office. Key issues raised included privacy concerns, complex delivery models and a lack of clear definition for digital identity.
Greater data sharing will require a culture change at Whitehall
But despite the progress of One Login and a desire for greater data sharing, a siloed culture in government is proving difficult to move away from. Speaking at Tech Monitor’s Public Sector Technology Symposium last year, Lord Chris Holmes, who is part of the House of Lords science and technology committee, told a panel on digital identity that the UK is still yet to realise true cross-department working in Whitehall.
“There’s probably only two occasions when we’ve had anything which looks like cross-Whitehall working – Covid-19 and when we had the Olympic Games and Paralympic Games,” he said, adding that a more open way of working was required to harness the power of data for citizens. “It’s about doing things in a different, more efficient, more effective and more empowering way as a result of this,” he added.