Civic Engagement Platform

An official website of the OECD.
Created by the Public Governance Directorate This website was created by the OECD Observatory of Public Sector Innovation (OPSI) and Observatory of Civic Space, both within the Public Governance Directorate (GOV).
How to validate authenticity Validation that this is an official OECD website can be found on the Civic Space page of the corporate OECD website.
Go back

Draft Recommendation on the Governance of Digital Identity

More information and context

Commments for version

updated at 21 Mar 2023
  How I can comment this document?
Comments about See in context
II. 2 Use service design methodologies to ensure that digital identity systems respond to the needs of users and achieve accessible, ethical, and equitable outcomes, particularly by:
1 comment
Comments about See in context
IV. 6. Establish a national trust framework, or align with relevant regional trust frameworks, to set out common requirements against different Levels of Assurance (LoA) that digital identity solution providers can follow to facilitate trust within the digital identity ecosystem;
1 comment
Comments about See in context
IV. 5. Promote collaboration between the public and private sectors and support the development of a healthy market for digital identity solutions, as appropriate, to encourage innovation and explore the potential value of alternative models and technologies;
1 comment
Comments about See in context
IV. 7. Establish clear responsibilities for the regulation and oversight of digital identity systems, such that the rights of users are protected and that adequate mechanisms for dispute resolution, redress and recovery are in place.
1 comment
Comments about See in context
V. 2. Treat privacy and data protection as fundamental tenets of digital identity systems, and encourage the adoption of privacy-by-design and privacy-by-default approaches that include informed consent, selective disclosure and collection, as well as purpose and use limitations regarding personal data;
1 comment
Comments about See in context
RECOGNISING that trust between the different actors of the digital identity ecosystem is critical for the proper functioning of digital identity and should be promoted by domestically appropriate policies and solutions;
1 comment
Comments about See in context
II. 2. c. measuring operational performance in order to iterate the digital identity system and solutions, as appropriate;
1 comment
Comments about See in context
VIII. 3. Ensure that the cross-border interoperability of digital identity is not used to discriminate against foreign users in their access to essential services or commercial transactions;
1 comment
Comments about See in context
I. AGREES that, for the purposes of the present Recommendation, the following definitionsare used:
1 comment
Comments about See in context
Digital identity ecosystem
1 comment
Comments about See in context
Credential issuer refers to any entity, public or private, that issues credentials to users;
1 comment
Comments about See in context
V. 1. Recognise security as foundational to the design of trusted digital identity systems and ensure that digital identity solution providers comply with all relevant requirements to prevent harms to users, service providers, and societies;
1 comment
Comments about See in context
III. 2. Take steps to ensure that access to essential services, including those in the public and private sector is not restricted or denied to natural persons who, for whatever reason, cannot access or use a digital identity solution;
2 comments
Comments about See in context
VI. 3. Provide access to a catalogue of resources intended to support service providers onboard with the digital identity system such as common technical components, documentation or relevant technical support as appropriate;
1 comment
Comments about See in context
II. 4. Encourage the development of digital identity solutions that empower users to easily and securely control what attributes and credentials they share, when, and with whom.
1 comment
Comments about See in context
VII. 1. Identify the priority use cases for cross-border interoperability of digital identity systems according to their context and the experience of their users by identifying the activities that require the sharing of attributes and/or credentials in a different jurisdiction;
1 comment
Comments about See in context
IV. RECOMMENDS that Adherents take a strategic approach to digital identity and define roles and responsibilities across the digital identity ecosystem. To this effect, Adherents should:
1 comment
Comments about See in context
RECOGNISING the value of trust services such as electronic signatures, electronic time-stamps, and electronic seals to support the usability of digital identity solutions;
1 comment
Comments about See in context
V. 2. Treat privacy and data protection as fundamental tenets of digital identity systems, and encourage the adoption of privacy-by-design and privacy-by-default approaches that include informed consent, selective disclosure and collection, as well as purpose and use limitations regarding personal data;
1 comment
Comments about See in context
III. 4. Raise awareness of the benefits and secure uses of digital identity, the way in which the digital identity system protects users and mitigates potential harms, and identify opportunities to build the skills and capabilities of users;
1 comment
Comments about See in context
RECOGNISING that effective, usable, secure and trusted digital identity systems can facilitate and simplify access to a wide range of services and thereby contribute to social and economic value;
2 comments
Comments about See in context
III. 1. Promote accessibility, affordability, and usability across the digital identity lifecycle in order to increase access to a secure and trusted digital identity solution, including by vulnerable groups and minorities in accordance with their needs;
1 comment
Comments about See in context
IV. 5. Promote collaboration between the public and private sectors and support the development of a healthy market for digital identity solutions, as appropriate, to encourage innovation and explore the potential value of alternative models and technologies;
1 comment
Comments about See in context
RECOGNISING that the governance, design and implementation of digital identity systems should be rooted in democratic values and respect for human rights;
1 comment
Comments about See in context
User refers to a natural person or a legal person, or to a natural person representing a natural or legal person. In cross-border scenarios, a user should be understood as a natural or legal person from another jurisdiction;
1 comment
Comments about See in context
V. 6. Identify the specific needs concerning how to safely accommodate and protect children and vulnerable groups and minorities in the design and use of digital identity systems;
1 comment
Comments about See in context
RECOGNISING that both the public and private sector contribute to the success of digital identity systems, and that their roles and relative contributions in the digital identity ecosystem might be different across countries;
1 comment
Comments about See in context
VIII. 7. b. digital identity solutions and associated attributes and credentials from other countries to be recognised domestically.
1 comment
Comments about See in context
RECOGNISING that digital identity can transform the way service providers operate and interact with their users, both in-person and online, by providing an optional alternative to physical credentials as part of a seamless omni-channel experience;
1 comment
Comments about See in context
CONSIDERING that the governance of digital identity systems can/may be a shared responsibility across branches and levels of government, this Recommendation can/may therefore be relevant to all of them.
1 comment
Comments about See in context
III. 3. Involve the public and civil society in the development of digital identity systems to ensure that they are open and transparent;
1 comment
Comments about See in context
RECOGNISING that stakeholder engagement and consultation is essential to foster public trust in the digital identity system as a whole;
1 comment
Comments about See in context
II. 2. a. identifying the needs of users and service providers;
1 comment
Comments about See in context
III. 5. Take steps to ensure that support is provided through appropriate channel(s) for those who face challenges in accessing and using digital identity solutions;
1 comment
Comments about See in context
IV. 2. Secure national strategic leadership and delivery oversight and define and communicate domestic roles and responsibilities within the digital identity ecosystem;
1 comment
Comments about See in context
RECOGNISING the rapidly evolving technology landscape, and the need for governments to consider the longer-term implications of introducing new technologies and architectural paradigms into digital identity systems, including with an awareness of any potential unintended risks and consequences;
1 comment
Comments about See in context
VII. 2. Co-operate internationally to identify the needs of service providers in other jurisdictions for recognising, integrating and trusting a digital identity solution;
1 comment
Comments about See in context
XIII. 2. Monitor activities and emerging trends around digital identity which may impact the implementation of this Recommendation, through relevant data collection, analysis, and dissemination of results to Adherents;
1 comment
Comments about See in context
XIII. 4. Report to Council on the implementation, dissemination and continued relevance of this Recommendation no later than five years following its adoption and at least every ten years thereafter.
1 comment
Comments about See in context
IV. 8. Promote a sustainable and resilient digital identity system by taking into account the environmental impact of technology choices, and the need for ongoing investment to reflect the costs for all relevant actors throughout the digital identity lifecycle;
1 comment
Comments about See in context
VIII. 7. Produce a roadmap scoping out steps that would be needed to enable:
1 comment
Comments about See in context
VIII. 7. a. domestically recognised digital identity solutions and associated attributes and credentials to be used internationally; and
1 comment
Comments about See in context
VIII. 4. Work towards clarifying the basis for liability related to the use of digital identity in cross-border transactions;
0 comments
Comments about See in context
XIII. 1. Serve as a forum for exchanging information on the implementation of this Recommendation, fostering multi-stakeholder dialogue on user-centred and inclusive digital identity systems, the governance of digital identity systems, and cross-border use of digital identity for accessing public and private sector services;
0 comments