We've been asked to comment on an academic paper - 'Toward mending two nation scale brokered identity systems'. The paper explores some interesting issues about how federated identity assurance systems like GOV.UK Verify work, and how users' privacy can best be protected.
We welcome the paper, and its contribution to the developing pool of knowledge and ideas about digital identity assurance.
GOV.UK Verify offers people a convenient, secure way to prove their identity when accessing digital government services. It does not have any other connection with or ability to monitor people or their data.
Only minimal data passes through the GOV.UK Verify hub. The person’s name, address and date of birth (and gender, if the user has chosen to state it) is sent through the hub to a government department the person is trying to access. This only happens when the person accesses a service through GOV.UK Verify - the data is sent through the hub for the purposes of matching the person to the record that is already held about them in that department. No data about the person’s interactions or activities within certified companies or government departments passes through the hub.
We are working with the author of the paper to clarify this aspect and provide assurance on the issues raised. We have invited one of the authors, Dr Danezis, to join our privacy and consumer advisory group (and we are pleased he has accepted the invitation), so that we can continue to consult a range of experts and privacy and consumer groups on our approach to these important issues.