Digital Leaders Study 2023
Strengthening digital ID and data management
To realise their vision of seamless services wrapping around the user, countries must develop two essential capabilities: strong digital ID systems, and high-quality, cross-government data management
Our year’s research has only reinforced this finding. Asked which capabilities a digital strategy should focus on generating, survey respondents attending our Vision and Planning workshop put “a common, cross-government method of identifying individuals, and a secure way of sharing data between departments” right at the top of the wish list (see graph A). In third place came “a digital ID system, accessible to the vast majority of individuals and adopted by most civil service bodies.” Without these two capabilities in place, governments can never realise digital technologies’ potential to reshape service delivery around individuals rather than organisations.
The task of generating those capabilities, though, varies dramatically depending on one key factor: whether the country already operates a universal, national ID system. Those with such a system already have a shared way to identify individuals across government, enabling public bodies to link up datasets – and thus to coordinate their work around people’s needs. Reforms are still required to maintain accurate datasets across government (see Solution 3) but, using the ‘unique identifier’ codes underpinning their national ID systems, such countries have relatively straightforward ways to make digital ID systems available to their whole populations.
Where no national ID system exists, digital leaders face a much more complex challenge. With public bodies using different formats and definitions in their data records, they often struggle to link up their data on individuals – making it impossible to coordinate service delivery. And without an ID system covering the whole population, it’s more difficult to verify people’s identity during the sign-up process: not everyone has a bank account, passport or driving license.
As a result, countries without national ID systems – including large economies with advanced digital sectors, such as the USA, UK and Canada – are struggling to get beyond the vertical transformation of individual services and into the sweet spot: the horizontal transformation of government, with data flowing between departments to link up services around the user.
Among such countries, Scandinavian nations such as Norway and Denmark are the most advanced: their model involves working with the financial sector to accredit bank-run ID systems. This does however require a substantial banking industry: surveying participants at our online workshop for countries without a national ID system, we found nearly 40% unsure of how their nation will build out digital ID.
A further 40% were going for a basic log-in system, with the level of verification dependent on the forms of ID uploaded by users; broadly, this is the GOV.UK One Login model now being pursued by the UK. Asked to name the biggest barriers to rolling out digital ID successfully, respondents from countries without an ID system first named the difficulty of making digital ID user-friendly and accessible; second came a lack of resources for development work; third the worry that public bodies will refuse to adopt the new system (see graph D).
Nations with an existing national ID system are much further down this road. Every survey respondent in our dedicated online workshop knew how their country would develop a digital ID system, with half opting for a government-owned platform serving both public and private sector bodies – the model so successfully deployed in places such as Singapore and Estonia. These officials had few concerns about how to fund development work or get public bodies on board: these issues appear right at the bottom of their worries list (see graph E).
They did, however, fret about making their system user-friendly and accessible – and rightly so. A national ID system may ease the development of a digital ID platform, but it doesn’t guarantee success: digital ID programmes only realise their goals when widely adopted by service users – creating a large audience that attracts more service providers, making the platform ever more valuable to users. Where countries successfully build that market, they can create a virtuous circle of adoption.
Germany’s experience is illustrative. The country has operated a digital ID system for a decade – but less than 10% of the public use it, and big players such as the tax authority and regional administrations have set up their own systems. The problem, explained Magdalena Zadara – Head of Product at the country’s federal digital service unit, DigitalService des Bundes (DSB) – lies in a complex sign-up process, with “a lot of hurdles in the user journey”. Ten years ago, the hope was that private companies would build services for e-ID users; but low uptake has kept the potential market small, constraining private investment. DSB is now working to rebuild the joining process and smooth its integration into other services, with the aim of attracting more users and service providers – and finally achieving critical mass.
The story reflects a common weakness as governments build ID systems: civil service bodies have little experience of competing to attract service users. Citizens will only adopt a new digital ID system if it offers real benefits, saving them time and improving their experience of public services. Maximising adoption –among service users, public providers and, ideally, private companies – must be at the heart of your strategy (see Solution 1).
This in turn means addressing people’s concerns about data security and the surveillance state (see Solution 2), as well as the risk of digital exclusion: it is crucial that the shift to digital ID does not leave swathes of the most marginalised – often heavy users of public services – dependent on ageing and expensive legacy services.
A mobile-first strategy can help here: the vast majority of citizens have mobile phones, supporting widespread access. Mobile provision also eases the key task of assisting people to adopt the system: countries such as Singapore and Azerbaijan have introduced service centres where officials can walk citizens through the process.
These issues around providing value, improving the user journey and addressing digital exclusion illustrate today’s agenda in digital ID. In many countries, public concerns around privacy and security are fading: the top priority is maximising convenience, offering citizens clear benefits and an easy path to realising them. And as a diverse range of approaches and platforms evolves around the world, digital leaders are turning their attention to the next challenge: international interoperability.
To support trade and an ever more globalised workforce, digital ID systems should inch towards compatibility – enabling people to use their digital identities abroad, and in international transactions. The EU’s eID framework is the most advanced cross-border system, requiring Member States to offer a certified digital identity wallet built to common standards.
This consideration should not, however, be permitted to slow nations’ progress towards developing digital ID systems. For if civil services fail to provide accessible, valuable and popular digital IDs, private providers such as the Fido Alliance will soon do so – securing that critical mass of users, and becoming the preferred platform for citizens and businesses alike.
Governments could then adopt these private systems themselves, accessing the audience but foregoing revenues, control, and ownership of the data as the tech giants occupy another swathe of economic activity. Or they could persist with their own systems, constantly struggling to recruit users already bought into a private sector rival. Both are unattractive prospects.
1/ Focus on building a customer base, not delivering a policy
For government bodies, the use of digital IDs and the exchange of data between departments bring substantial benefits: they can cut administrative costs and gather insights to improve service delivery, for example. With these advantages so obvious to public servants, some forget that citizens have different interests – and that public participation and consent is essential both if digital ID systems are to attract users, and if elected leaders are to support greater data-sharing. Unless digital ID systems recruit a high proportion of potential users, the agenda cannot succeed: maximising uptake must be a top priority for those managing digital ID programmes.
In part, the key here is ensuring that public service providers adopt the system; and digital leaders may have levers to pull here. The UK’s Central Digital and Data Office (CDDO), for example, can use ‘spend controls’ to block IT projects that don’t comply with government strategy. However, where possible it’s better to tempt providers in with a large audience and a high-quality system than to push them in against their will. “Our aspiration is to make sure that we’re on the same page from the get-go, instead of using that backstop,” commented CDDO Chief Executive Officer Megan Lee Devlin.
Ultimately, citizens are likely to adopt a digital ID system if it’s straightforward to set up, makes their lives easier and provides valuable opportunities. So digital leaders should focus on smoothing and supporting the joining process, using the system’s capabilities to improve the speed and convenience of public services, and fostering an ecosystem of private sector users that can save users time and offer new services. Asked the secret behind Estonia’s high uptake of digital ID, Heiki Loot, the country’s former Secretary of State, said simply: “Estonians are fond of convenience. It’s much more convenient to make applications, submit tax declarations, establish companies, see how your children are progressing in school, and get prescriptions electronically.”
Permitting private companies to use governments’ digital ID systems can further increase convenience for citizens, enabling them to use a single log-in to access both public and private services; and this, of course, helps to drives adoption. According to research undertaken while I was in the UK civil service, some 97% of citizens’ use of online digital IDs relates to private companies such as banks, online retailers and social media firms. So a digital ID system that only offers access to public services is always going to have one hand tied behind its back in the race to recruit users.
To capture this market, the Singaporean government opened up its Singpass digital ID to the private sector in 2019. It quickly found a market among insurance companies, which – because most customers only log in once a year, to renew their policies – deal with huge volumes of ‘forgotten password’ requests. By adopting Singpass as their login system, insurance firms both reduced their own IT costs, and saved their customers the annual hassle of resetting their passwords. Civil servants kept costs to businesses low to promote adoption – giving SMEs 5000 free transactions, for example. Nowadays, citizens can access 2000 private sector services via Singpass, while companies have access to 3.5 million customers.
To ease the joining process, governments must ensure their systems are slick and intuitive: Singaporean digital leaders keep a careful eye on the Singpass app’s ratings on Google Play and Apple’s App Store (where it scores an impressive 4.5 and 4.8 stars respectively). Civil servants aren’t used to ‘selling’ services: most people access public services because they lack other options, so officials learn to prioritise public policy goals over user experience. But in this field, government cannot require people to get on board. A mindset shift is required: public servants will only realise their policy goals if they first put them aside, focusing instead on producing a great offer for citizens.
Where they get this right, governments create a virtuous circle in which attractive markets of digital ID users pull in more private and public service providers – in turn boosting value to citizens, and driving uptake still higher. Speaking at our digital ID workshop, the head of one highly successful ID programme commented that “initially people are hesitant; but once you achieve a critical mass – when you cross that line of 50, 60% adoption – then people begin worrying that they’re missing out.” Peer pressure is a powerful thing: if people see a system “being used everywhere, they fall into line,” he concluded.
2/ Build trust by putting citizens in control of their data
There is another side to this coin: as well as providing citizens with easy access to attractive benefits, governments must address the fears and suspicions that can hamper uptake of digital ID. Many countries have experienced security breaches and data losses, fostering public concerns that personal data might be stolen or accidentally released. And people often worry about the growth of a ‘surveillance state’, in which governments expand their power over the populace by connecting up all the data they hold on individuals. Given the use of data technologies in states such as China, these fears are not unfounded.
Public bodies can be their own worst enemies here. Keenly aware of their responsibilities as data owners, departments sometimes hold their datasets so close that citizens can’t see how they’re being used – fostering public suspicion that hampers progress across the board. The most successful digital ID systems – such as those of Estonia and Singapore – are those that put control in the citizen’s hands, providing transparency on how data is being used and seeking explicit permissions before it is shared with public or private bodies.
In Estonia, for example, every time personal data is accessed – whether it’s a doctor reading medical records, or a police officer checking a vehicle registration – that action is visible to citizens in their digital ID dashboard, enabling them to challenge improper use. Estonian citizens are confident in granting permission for public bodies to share data; and in return, government can offer higher quality services.
The nature of the digital ID model can also help decide people’s willingness to get on board. In decentralised, ‘self-sovereign’ systems, data is not collated centrally: instead users control digital wallets containing their personal data, sharing information as and when they choose. The lack of a central, government-held database can address public concerns about security and privacy, and makes this a suitable approach for countries without an existing national ID system. Public sector pilots are underway, such as Catalonia’s blockchain-based system.
In India, Aadhaar’s approach offers another model. This system does not provide a gateway to a dashboard of public services, but authenticates users in response to requests by public and private sector providers. Aadhar’s administrators simply enrol people; hold and update basic demographic, biometric and contact data; and authenticate identities – leaving all other data in the hands of relevant departments across government. The public and private service providers dealing with citizens can submit individuals’ 12-digit Aadhaar numbers, along with some of this demographic, biometric or contact information, and the system replies to tell them whether or not the information matches. Keeping it simple has sacrificed some of the opportunities to easily link up public services and centralise access for users, but it’s certainly achieved volume: Aadhaar now authenticates more than 70 million transactions every day.
3/ Create a ‘single source of truth’ for key datasets
Governments with advanced digital ID systems can identify individuals with confidence, and use citizens’ ‘unique identifier’ reference codes to link up datasets around them. But what if those related datasets themselves contain misaligned, inaccurate or incompatible information? If a country’s tax collection body and its company records agency hold mismatching data on a particular business’s registered address or the identity of its directors, for example, opportunities to automate and streamline service delivery are lost as they try to reconcile their datasets; meanwhile, agencies with inaccurate information risk making errors in service delivery.
There is no easy solution here – but the problem must be addressed. In the words of Leo Yip, Head, Civil Service of Singapore, joining up data around the individual is “an essential building block of a digital government.” Yip’s government got around this “very complex challenge,” he explained at the 2022 Global Government Summit, by designating agencies as “trusted centres” for specific kinds of data.
Under this system, specific agencies are established as a ‘single source of truth’ for particular datasets: it is their responsibility to collect this data, keep it up to date, and ensure that other agencies have access as required. Singapore also bars agencies from asking citizens for data if that information is already held by a government body; they must instead approach the designated data owner. “If I want business data, I go to this particular agency – and they gather that data, organise it, and avail it to the rest of us,” said Yip.
Every nation needs an equivalent system, ensuring that agencies across government have access to accurate, compatible records. “It’s an important building block,” Yip concluded. “You can digitalise government at the front end, but until you digitalise government upstream – where all the data resides – and then organise that and make it available to the rest of government, [progress] will be constrained.”