IAAC's IdA Programme Concluding Report - September 2008
Having worked on aspects of Identity Assurance for over two years, in the second half of 2008 IAAC decided it was time to bring its work to a close. This was not to say that there was no more Identity Assurance work that needed to be conducted but that it was time to allow others to take the lead in taking developments forward.
At this point, IAAC stood back and took stock of the progress that had been made since the release of its June 2006 Identity Assurance Roadmap and identified what it considered to be the most important barrier that still stood in the way of the UK making further progress. IAAC then developed its recommendations for the key actions that it believed needed to be taken forward within the UK.
Its review, findings, conclusions and recommendations were all brought together in a major report, IAAC’s Identity Assurance Concluding Report, which was subsequently launched at an event hosted by ‘Demos’ (www.demos.co.uk) in early February 2009.
In summary, IAAC concluded that the UK public and private sectors needed to work together under Government leadership to articulate a vision that described the function and uses which will be made of electronic citizen identities in a 21st century UK society. The lack of such a vision was, in IAAC’s view, the most important barrier that stood in the way of the UK making further progress.
Also, that the UK Government still needed to drive forward work on a number of topics essential to the design of successful national infrastructure. These included the development of an Identity Governance Framework (IGF), the definition of the protections, safeguards and support needed to make Citizen Control effective, and the development of effective safety nets for national Identity Management systems.
Looking forward, IAAC believed there were a number of important areas of activity on which the UK should focus attention as the operation of national identity infrastructures expanded. These included:
- Engaging with the public in an informative and educational dialogue;
- Improving the maturity of the key processes on which the effectiveness of national infrastructures would rely;
- Developing a strong information management culture with robust information management practices across the whole of the UK.
IAAC made a large number of recommendations within its Concluding Report. The recommendations were primarily for the UK Government to address or for the UK Government to facilitate and co-ordinate by providing leadership at a national level. However, IAAC believes its recommendations will also be of great interest to other parties active in the Identity field, including technology providers, digital identity service providers, and subject matter experts. Its recommendations are of most significance, however, to the citizen who is, in all of this, not just the principal subject at the centre of the digital society and the main recipient of the benefits, but also the main bearer of the risks.