Advertisement
Politics

The UK faces a digital ID with no price and a shaky base

Ryan Brothwell 5 min read
The UK faces a digital ID with no price and a shaky base

Key Points

  • A Commons committee has warned it would be irresponsible to launch a UK digital ID on the current digital infrastructure.
  • The OBR estimates the scheme at £1.8bn over three years, but the government says it has no cost figure of its own.
  • No specific savings have been identified to fund it from existing departmental budgets.
  • The ID is to be built on One Login and the eVisa, systems with known reliability and certification problems.
  • The eVisa remains in beta eight years after launch and runs on 90-plus mostly legacy systems.
  • One Login was briefly removed as an approved provider after losing certification against the government's own trust framework.
  • MPs welcomed the decision not to make the ID mandatory and to build it in-house.
  • The committee wants full costings, an impact assessment and a Parliamentary vote on each use case before rollout.

The pitch for a national digital ID has always leaned on one soothing comparison: dealing with the state should feel as easy as online banking.

The Chief Secretary to the Prime Minister has said it plainly, that public services need to catch up. It is a good line. On the evidence of this week’s Science, Innovation and Technology Committee report, it is also a promise the government is in no position to keep.

Start with the money, because there is no figure for it. The Office for Budget Responsibility put the bill at £1.8 billion over three years back in November. The government’s plan was to swallow that out of existing departmental budgets, except the committee could find no actual savings earmarked to do so. Push on the number and it dissolves.

The Chief Secretary said he cannot follow how the OBR reached its estimate and that the government does not yet have one of its own. The minister responsible says the true cost can only be known once the consultation closes and ministers settle on what they are building.

Which is a roundabout way of saying the price will be disclosed after the spending starts. For a scheme already pencilled in for delivery by the end of this Parliament, that is not a rounding error. It is a void where the business case should be.

Then there is the ground it is meant to stand on. The digital ID is not being built from scratch; it is to be bolted onto systems the government already runs, chiefly One Login, the GOV.UK Wallet, the passport service and the eVisa. Passports, in fairness, have been a genuine success story, the kind of quiet, well-run digitisation ministers should be shouting about. The other names are the trouble.

The eVisa has been rolled out to ten million people and still wears a beta label eight years after it launched in 2018. Campaigners at the3Million told the Home Affairs Committee it produces an unacceptable rate of errors, wrong photographs, wrong statuses, on a platform cobbled together from more than ninety separate systems, a good many of them legacy.

One Login, meanwhile, was briefly struck off the government’s own register of approved identity providers after a supplier let its certification lapse against the government’s own trust framework. These are the load-bearing walls of the new scheme, and one of them recently failed an inspection it had written itself. The committee’s verdict is not subtle: it would be irresponsible to build a digital ID on foundations like these.

Advertisement

What makes the report worth reading past the headlines is that it understands what actually decides whether a scheme like this lives or dies, and it is not the technology. It is trust.

The public sector holds citizens’ data on trust, and the committee is right to insist it be held to a higher standard than a bank, because the relationship is not the same. You can leave your bank. You chose it, you can move to another, you can close the account in an afternoon. You cannot shop around for a different government. The convenience case for digital ID is real, but it is borrowed from a market that offers an exit, and the state does not.

That is also why the spectre of Palantir hangs over this part of the report. The committee draws the line itself: the public alarm over one American firm’s grip on NHS data is a preview of what happens when people stop trusting the suppliers behind a system. Layer a national identity scheme on top of shaky infrastructure and patchy data hygiene, and you are not just risking a clunky launch. You are spending down the one currency the whole project runs on.

To its credit, the government has made two of the right calls. Dropping the plan to make the ID mandatory for Right to Work checks was sensible, and so was the instinct to build the thing in-house rather than hand it to a big US contractor for a decade and a few billion pounds. The committee backs both, on grounds of cost and of trust. But good instincts are not a delivery plan.

The MPs want any final decision to arrive with full costings and a proper impact assessment, hard controls so it cannot blow through its budget or timetable, and a vote in Parliament on every new use before it is switched on. That last demand is the tell. A scheme confident in its own foundations would not need its uses rationed one parliamentary vote at a time.

The government wants this to feel like online banking. The difference, as the committee all but says, is that nobody is ever trapped with their bank. Get the price and the plumbing wrong, and a digital ID is something far harder to walk away from.

Now read: Google ordered to let UK publishers opt out of AI search features

Related Articles