Log on, confirm details, click submit. How many times this week have you shared your personal information online? Chances are, at least once, and as more of our lives go digital, that’s only likely to increase.
So how can the organisations and businesses that provide you with services be sure they’re keeping your information safe while checking it’s still you who's logging on? And who decides what the standards should be?
In our blog post Trust frameworks and creating opportunities, we talked about the need for a common set of rules for sharing personal information that everyone can have confidence in — regardless of the system or technology they use. In this blog post, we’ll cover off the workshops underway to gather, check and recheck the evidence that’ll help the team produce a Trust Framework discussion document for formal public consultation.
To make sure our evidence base is as broad as possible, we’ve looked to engage individuals and organisations from across New Zealand.
Participants in the workshops are drawn from public sector agencies, universities, the private sector and interested individuals. They’ve attended in person and via audio / video link. Together they represent a diverse set of viewpoints, but all share a common interest in creating a workable, equitable and robust framework.
We understand that stakeholders may wish to share with us in different forums and so, alongside the workshops, we’re using online tools and meeting directly with interested parties to understand their perspectives.
Why they’re taking part
We asked our participants why they’re taking part, and what they hope to get out of their involvement. This is what they told us.
“From start-ups to big banks, central government to local groups, many organisations have digital identification needs and issues to address. And while there are existing regulation and policies, there is currently no overall framework to follow. Having a set of rules and guidelines for identification that anyone providing a service digitally can follow would help with this and enable people to have choice and control over their personal information.”
Emma O'Connell, Policy Standards and Regulations Lead for the Digital Identity Transition Programme, Department of Internal Affairs
“At Xero we’re seeing work going on globally around digital identity. It’s a hot topic for our local and international clients — and those with a cross-regional transient workforce. For a commercial organisation it’s more feasible to build functionality when we have consistency. Systems should be talking to each other, there needs to be a commitment to store and share information, that’s why we want to be involved at the outset.”
Helen MacGillivray, Head of Regulatory Risk and Governance, Xero
“ACC currently provides several digital channels for injured people and levy payers. These offer different ways to validate, from email to RealMe, Microsoft to Google. If we want our services to be as easy as possible for New Zealanders to interact with, it’s important we are part of this conversation. In the end we need a system that works for individuals and organisations and allows our clients to focus on getting better and back to it.”
Andy Wynes, Enterprise Architect, ACC
What we’ve asked them
Over a series of 4 workshops participants have discussed:
- draft outcomes and principles for the Digital Identity Trust Framework
- the New Zealand context for digital identity, the participants of an ecosystem and a user stories template
- the standards selection criteria and an approach to reviewing the list of standards
- the draft scope for the Trusted Digital Identity Ecosystem.
What they told us
Through a series of group activities, discussions and post-workshop online document reviews, attendees have provided feedback and observations on the digital identity trusted ecosystem and supporting trust framework. They’ve helped tighten up the language to add clarity and provided different viewpoints and examples to help us avoid siloed thinking.
What happens next
We’re using Loomio to share the outputs from the workshops, so that stakeholders can review and comment on the material developed. If you’d like to take part in this review process, please email firstname.lastname@example.org
How this information will be used
The workshops are running from June to September 2019 and will help confirm a first draft of the Trust Framework. This will be presented in a discussion document for public consultation by the end of 2019.
Find out more
Check out our other blog posts on this topic:
- An introduction to digital identity
- Trust frameworks and creating opportunities
- Collaborative digital identity experiments
Questions? Get in touch with us at email@example.com
12 July 2019