IAAC's IdA Programme: Part 3, January - June 2008

In the first half of 2008, IAAC moved on to look at the nature of the safeguards and protections the UK Government should provide as part of any national identity infrastructure.

In the first of two workshops, held on the 5th March 2008, IAAC examined what it called "Citizen Control". In the second workshop, held on the 4th April 2008, it examined the components needed to make a Digital Identity Governance Framework within which Citizen Control would fit.

Until, with the passage of time, people have developed sufficient confidence in the safety of national identity infrastructures, they will want to have the ability personally to take whatever additional precautions they might feel are needed to keep themselves safe. This ability is what is meant by the term "Citizen Control". It is the citizen as identity subject having the ability to take particular additional precautions, when they feel it necessary, to ensure they are not placed in harm's way.

The interests of the citizen will not be the only interests being catered for by national identity infrastructures. The interests of the public will also need to be protected. There may be times when the public interest conflicts with the particular interests of the individual identity subject. Citizen Control then needs to be embedded within a Digital Identity Governance Framework which protects the interests of all participants in proper balance, and which ensures that when the legitimate interests of the identity subject is are overridden in the public interest, the citizen remains protected so their interest is are not harmed unnecessarily or inappropriately in the process.

The reports from the 5th March 2008 and 4th April 2008 workshops are available here and here.