Frequently Asked Questions regarding the government response to the consultation on draft legislation to support identity verification
From January to March 2023, the government consulted on proposed legislation to support fast, safe and secure data sharing between departments to enable people to more easily access public services online.
The proposed legislation will enable more effective online identity verification when accessing government services. This includes allowing checks against a broader range of trusted data held by relevant public bodies. It will mean that people who currently can't access government services online will be able to do so.
The proposal will support the roll out of the new cross-government GOV.UK One Login system. GOV.UK One Login allows users to create an account, sign in, and prove they are who they say they are in order to access government services online. People will be able to ‘reuse' their proven identity, without needing to go through the identity checking process each time they use a different service.
The below fact page addresses several misconceptions about the proposed legislation which a number of responses to the consultation raised.
CLAIM: The government is creating a mandatory ID card.
FACT: The proposed legislation does not include any proposal to create either a digital or physical ID card. The government is committed to making it as easy as possible for people to prove who they are online, and access the services they need, without creating mandatory ID cards.
CLAIM: Using GOV.UK One Login will be mandatory.
FACT: No. Having a GOV.UK One Login account will not be mandatory for UK citizens. Offline and face-to-face routes will be available for individuals who do not want to use the online service.
CLAIM: This will make it easier for hackers to get hold of my data.
FACT: Cybersecurity is a critical priority for the government. We recognise how important it is to protect users and their data and have robust measures in place to ensure the security and integrity of online government services and systems. We are following industry standard processes regarding security and resilience, and additionally consulting relevant external organisations for expertise and assurance.
CLAIM: Sharing data in this way will erode my privacy rights.
FACT: The government has stringent data protection processes in place. All data sharing is compliant with data protection legislation and guidance published by the Information Commissioner's Office (ICO).
This will remain the case for any and all data sharing subsequent to the proposed legislation. Furthermore, all data sharing using Digital Economy Act 2017 powers must also adhere to the statutory underpinning Codes of Practice which includes penalties for misuse.
More information on how GOV.UK One Login is using data is available by accessing the GOV.UK One Login Data Ethics Assessment and by accessing the GOV.UK One Login privacy notice. We will be publishing further information on this topic in due course.
CLAIM: Data collected could be used for other purposes without my permission.
FACT: The proposed regulations only relate to using data for the purposes of confirming your identity so that you can access government services. It will not be used for any other purposes.
CLAIM: The proposed legislation is the beginning of a transition to a cashless society.
FACT: The proposed legislation is about enabling the required data sharing to ensure a faster, more accessible route to accessing government services. It has no impact on whether services or products can be purchased using cash.
CLAIM: The proposed legislation will make it easier for the government to implement a social credit system.
FACT: The proposed legislation is about enabling the required data sharing to ensure a faster, more accessible route to accessing government services. There are no plans to implement a social credit system.
CLAIM: This will make it easier for the government to monitor how I live my life.
FACT: The proposed legislation does not allow the government to engage in data sharing for any purposes other than identity verification when accessing government services. Any individual - including government employees, contractors and others - who accesses or shares a user's personal data, other than for the very specific purposes set out, may be breaking the law.
CLAIM: The government won't be transparent about how it's using my data.
FACT: Public authorities disclosing data under the proposed legislation are required to be open and transparent. This is underpinned by a Code of Practice.
Any sharing of data using the proposed powers will be included in the existing, searchable public register of information shares.
CLAIM: This is discriminatory against people who aren't able to use the internet.
FACT: We will continue to offer people the option to verify their identity via offline channels. Offline methods of identity verification and the ability to access many government services in-person will remain.
CLAIM: This will enable bulk data sharing across government.
FACT: The proposed legislation will not enable bulk data sharing. The proposed legislation will only enable data sharing between specified organisations for the purposes of identity verification. The specified organisations will be public sector bodies involved in supporting people to access government services.