UK.gov digital boss defends ID assurance scheme

The Cabinet Office's newly installed digital captain has robustly defended the department's plans to beef up an identity assurance scheme with the help of banks and internet companies.

Mike Bracken, skirting over the fact that a new law will almost certainly be needed to be pushed through Parliament to make such a proposal a reality, is championing the cause.

In a puff piece on the Government Digital Service blog, the ex-Guardianista defended the "federated identity assurance model" by proclaiming that it was "essential for the 'digital by default' initiative".

The main crux of his argument is that anonymous online transactions need to be flushed out to help build trust between taxpayers, the government and corporations.

Indeed, as highlighted yesterday with the launch of Google-backed Midata, the Cabinet Office is very keen to create a new digital biz sector with a scheme that, at its heart, is about offloading identity-handling to the private sector while being gift-wrapped in tantalising 'open data' goo.

"Many people have described this subject as ‘identity management’," said Bracken. "That is an organisation-centric phrase: a notion that organisations hold data about people and have the responsibility for maintaining it.

"We have to reset the subject around the user and recognise that in the digital age people assert identity in many different ways and contexts."

But, don't be entirely fooled, here's the money shot:

The days of creating different user names and passwords for every new website are numbered, thank goodness. There is a strong desire to work collaboratively across the public and private sectors to develop solutions that meet users differing needs.

Bracken then cites various examples of why this ID-dealing game isn't isolated to British shores. It's an international effort, and the Cabinet Office wants to play.

Many readers of these pages have questioned why Maude's department is spending £10m and counting on ID assurance, given that there is already a federated model. Government Gateway was created in the New Labour Directgov era as one-login-to-rule-them-all for taxpayers to access gov-related services.

"[A] lot has moved on in the dozen years since Government Gateway was developed and we have a lot of work to do to develop solutions that work for users in the many contexts that they’ll need them," said Bracken.

Comment

This appears to ultimately mean bridging the gap between taxpayers' usernames and, for example, banks and internet companies - and yes, we're talking Google, Facebook and other big players in the ID arena.

But can such a vision truly be a reality? Let's repeat Bracken's words again: "The days of creating different user names and passwords for every new website are numbered, thank goodness."

Labour, now in opposition and still battle-scarred from its fight for the hated and now-abolished National ID card scheme, is silent about identity assurance for now. Perhaps that's because it's an idea dreamed up in the Cabinet Office that is yet to be tested thoroughly even by other government departments within Whitehall.

It's going to cost Maude's dept £10m to school the likes of the Departments for Work and Pensions and Business, Innovation and Skills in ID assurance. But what price to the British public if a cluster of "trusted private sector identity service providers" becomes the source of authenticating individuals who want to access gov services online? ®