The long road of digital identity
Caveat: This blog post most definitely reflects my personal views only and not that of the Government of Canada.
This blog is largely in response to Sean Boots’ piece from April 21, 2022, which I think is a good set of hopes for where credentials can be, but I also think falls quite short of what we need from a digital ID in Canada. I’m going to pick up from where Sean left off so it’s best trying to start there. In short, we have over 60 federal accounts with separate log-ins alone, and a strong digital ID can help with that. But focusing on that problem will continue to starve digital ID of the resources it needs to succeed equitably. Digital identity is about your interaction with online society, not your access to government services.
There is still a very analogue element to living in Canada. Some government services require that you show up in person, or send you an access code in the mail. Some banking services require in-person or phone verification. Same with buying a smartphone from a new provider. One rare silver lining of the pandemic has shown the proliferation of what you can do using digital signatures (though the access issues are still there), but there are still some things holding us back from being a fully digital society, and so you might still need snail mail. For better or worse.
One of those things is identity verification: proving who you are. Perhaps it’s more accurate to say “proving who the state acknowledges you to be.” Historically we’ve relied on state-issued documents to do that, but documents don’t do well in the virtual world.
For the first time, digital identity has become a federal government priority at the highest level. It has been included in the mandate letter of the President of Treasury Board, and so now will draw attention and resources to making it happen. Success means transforming society as we know it. In a way, failure does too.
Working towards a common and secure approach for a trusted digital identity platform to support seamless service delivery to Canadians across the country. — 2021 mandate letter to the President of the Treasury Board.
There’s over fifteen years of policy and technical work done by hundreds of people across the country that led to this moment. It all drove to answering a simple question: can we make the process of proving who you are easier? Can we build a more privacy-protective identity ecosystem, where an age check for buying alcohol doesn’t mean exposing all of the identity information on a government ID? How do governments make it easier for people to show their identity — or part of their identity — without needing a document and in a way that is more secure than a document?
I worked on digital identity almost ten years ago. It was my introduction to digital policy issues. Since that time, the degree of momentum has waxed and waned in cycles, and whether a truly national identity system will be in place is not guaranteed. It turns out this is a very complex ecosystem with incentives and externalities that are difficult to navigate, something I would become all too familiar with.
A magnanimous failure
From 2013 to 2015 I was a policy advisor on a product team called Canada’s Digital Interchange, which was meant to deliver on the promise of digital identity. The idea was to create commonly-owned infrastructure and governance that would be used as a clearinghouse of sorts to help validate identity information. Validating is an important piece of the puzzle; it ensures that information about you is checked against an authoritative source. But validation is also not the whole picture, because it doesn’t solve the problem of whether the information belongs to a real human being behind a phone or keyboard.
Identity information management is complicated in Canada. We have no national identity program so different orders of government have to share information about you regularly. If you were born in Canada, the authority of your identity information is the province of your birth. If you’re born outside of Canada, it’s the federal government via the information you provided during your immigration process. Provinces and territories share information between them as well; after all, many people don’t live in the province of their birth. The premise at the time was to replace a muddled series of ministry-to-ministry bilateral data connections with a single, commonly-owned system with multilateral governance and decision-making about access, privacy, and security. It was technically elegant and much more transparent than the existing system. An obvious no-brainer.
Nope, it was a spectacular failure, though we learned a lot. We underestimated the complexity among our stakeholders, didn’t listen to technical advice, had no UX research or design talent on the team, were wedded to a solution before having a thorough understanding of the problem, were caught in interdepartmental political dynamics, and presented an absurdly condensed product timetable to the country’s most senior decision-makers before a single line of code had been written. Direction was set by senior management hunches uninformed by any user data or stories. It was a classic who’s who of public sector product mistakes and as a result we got very little off the ground.
It took me years to recover emotionally from that failure and more still to internalize my own contributions to that failure. We spent nights and weekends throwing effort into a program that had no chance of success. Part of my own blunder was to follow my very traditional strategic policy training, which included advocating that we raise the profile of what we were planning before even really understanding what we needed to do.
In hindsight however, I’m grateful for it, because had we succeeded, we probably would have done harm. What we didn’t really understand at the time was the social and economic implications of us rushing and getting it wrong. What we learned from our failure will hopefully inform future implementations.
Digital transformation in the truest sense
Digital identity is not a credential problem; it is a problem of how to give users meaningful and accessible control over identity attributes so they can share these attributes with whomever they need. I can’t imagine in practice how hard that is. Digital identity will be the foundational architecture for how you interact not only with government, but with many private-sector services as well. There is no keeping that cat in the bag. It might be how you access banking services, your credit history, telecommunications, start a business, obtain a marriage license, you name it.
On this bedrock, anything is potentially conceivable with enough imagination. Think age check verifications for social platforms or for buying cannabis, registering digital property in an augmented reality world, holding a professional license or certification. If you can verifiably prove your identity online — or attributes of it — and have some degree of control in how it’s used, it could unlock a massive socioeconomic ecosystem and allow people to more fully participate in society online, safely and with more control over their data.
Of course, this is all hypothetical. Even if these plans don’t exist today, there is a very real possibility that in the future, digital identity is the key to your entire digital life. It will be precious; imagine your passport combined with your password manager. And while today that may certainly not be the founding vision, it is important to look on the horizon about what’s possible with digital identity. If we establish a publicly-owned foundation with clear rules and accountability, we can realistically ask the private sector to use this service and not more dubious private options that have no authoritative information about you. I’m submediuming here.
I want to very clearly state that this is not at all bad. Somehow the day-to-day life got very complicated. There is paperwork for everything. Taxes, banking, insurance, credit scoring, even getting a phone is an exercise in navigating dark design patterns. Your life is slathered in paperwork and punctuated by small print. It’s worse if you have a disability or are a newcomer to Canada. Interacting with the primary institutions of society can be like waltzing with sandpaper, even when they’re trying their best. Reducing the cognitive load of daily life should be the primary goal for digital ID and the program that surrounds it.
This is an extraordinary amount of work. Undertaking digital identity successfully will mean undertaking what will probably be the country’s greatest user research campaign in its history. We’ll need the best of the best on this. The edge cases will be as plentiful as they will be harrowing, as evidenced by experiences internationally. The government will need to sit down with people with cognitive disabilities, victims of identity theft, Indigenous peoples, transgender and non-binary people, incarcerated people, and everyone else that has been subject to coercion or victimization by government. Perhaps most difficult will be the public servants that will need to understand that they are undertaking a multi-generational project, one whose impact will be felt by many communities less fortunate than them.
When things go wrong
The flip side of digital ID is its potential for exclusion and for abuse by the state, deliberate or not. There is a very real threat of people being locked out of essential services because of an error that is entirely not their fault. There is a real possibility that this system would be abused by future governments looking to restrain rights. Human rights activists have sounded alarms internationally on bad implementations. We should be humble enough to realize our imperfections and understand where things have gone right and wrong.
So my advice is to design to thwart our evil twins. This is what I want from digital ID:
- There has to be a helpdesk mechanism available 24 hours every single day of the year without exception.
- There should be an log audit mechanism that allows any user to see a history of who used their identity information and why.
- There should be an ombudsperson with adequate technical resources to attack different problems.
- The entire code base and technical documentation should be open source and belong to Canadians entirely.
- Ideally — let me dream — there isn’t a single government controlling your digital ID but a multilateral institution owned by all governments in Canada and including board membership that has Indigenous representation. There are examples to this form of governance such as the Canadian Institute for Health Information to riff from. One Privacy Commissioner will need to be provided with clear authority and resources to manage this.
This is not an ordinary IT implementation, it’s a socioeconomic shift digitally. It can have a positive impact on people’s lives but if these things happen without a solid human right base to them, it will cause harm that our generationally difficult to undo. This is one of the greatest digital policy challenges for the next 10 years (as it was the last 10) and it has to be undertaken with humility, openness, and empathy.
In hindsight, though my product team managed only to produce vaporware and vast volumes of PowerPoint, I’m actually no longer viewing it as a failure. We weren’t ready. We weren’t mature. We didn’t realize quite what was at stake. Today, digital identity is front-and-centre among digital policy voices, spoken of regularly at Rightscon, and has been subject to a substantially higher amount of scrutiny by academia and civil society. It’s featured in elections. This is a different world than ten years ago, and so I’m more confident that we can do it better than we did a decade ago.
