The UK Digital Identity Consultation is Here

The UK Government’s consultation document, Making public services work for you with your digital identity, proposes a national digital identity system “to modernise public services and support economic innovation”.

The Executive Summary within the consultation explicitly states: “The government intends to introduce a national digital identity document system. This will sit at the heart of next-generation digital public services in the UK and support innovation in the wider economy. It will help unlock entirely new ways to offer goods and services and be key to making people’s interactions with the state as efficient and useful as those they are accustomed to in the private sector, like online banking”.

“At its heart, this system is about making people’s everyday lives easier by modernising old-fashioned processes. The new digital ID will:

• be a convenient way for people to prove who they are
• be secure and put people more in control of their data
• offer everyone eligible access to an inclusive ID, without up-front charges
• help government to reduce bureaucracy and build the intuitive, efficient, and responsive public services the UK deserves”

It all sounds so fluffy, kind, safe and brilliant for the public doesn’t it? Despite the fact that such proposals were never in the Labour manifesto (or any other party’s manifesto come to that), haven’t been voted on as desired or required by the UK public, are deeply unpopular, are unwanted, and represent the scope for the most egregious state overreach we have ever seen in our lifetimes.

Included in the executive summary is also the following “The digital identity will primarily be stored as a digital document on someone’s device, such as compatible smartphone or tablet. We expect it to include their full name, date of birth, a photo and nationality”. “To deliver the new system in the most cost-effective way possible, we will be expanding on existing government systems which are already successfully proving and verifying people’s identities”

Cross-referencing the document, it is repeatedly stated that the proposed digital identity system will build directly on GOV.UK One Login (for identity verification and account linkage) and GOV.UK Wallet (for storage and presentation of verifiable credentials) as well as other existing services (see – “the solution will build on existing secure infrastructure, including the passport service, the eVisa service, GOV One Login and the GOV Wallet. This means the new digital ID will be saved securely on a person’s phone…)”

So, “expanding on existing systems” means leveraging and extending these platforms (already more then 122 government “services” are in use via GOV One Login), rather than building from scratch.

GOV Wallet will be the primary mechanism for storing the digital identity credential on a user’s device whereas Gov One Login wil be used as the central authentication and account‑management service that underpins access to government systems and links the user to their verified identity.

Gov One Login has, of course, an already well documented track record of security failures to date. Hence, building future digital identity infrastructure within this platform is, erm, worrying to say the least. Whistleblower evidence and independent tests have revealed systemic vulnerabilities associated with GOV One Login. In 2025, red-team exercises showed attackers gaining privileged access without triggering monitoring tools; development was offshored to unsecured Romanian workstations without NCSC approval; the system has failed mandatory “Secure by Design” standards and lost trust-framework certification in 2025. Senior civil servants have warned of risks including “large-scale theft of personal data, identity fraud… and possible exposure of individuals such as witnesses under protection.” The infrastructure therefore already fails the very security benchmarks the “new digital identity system” explained in the consultation document, claims to exceed.

Embedding a national biometric credential atop this shaky foundation is, of course, extremely reckless. But the UK government does not care. Because a push for an interoperable national digital identity system is not about security of your data, your convenience, or anything else that they say. It is about control, pure and simple.

Examining the Consultation Document for In-Built Powers of Expansion and Mission Creep

The first thing that I need to draw to your attention within the consultation is the following:

The UK Digital Identity and Attributes Trust Framework (DIATF), (increasingly rebadged as the Digital Verification Services framework) is NOT legislation. It is a government‑owned set of rules, standards, and operational guidance for digital identity services. Crucially, nothing in UK law requires primary legislation, parliamentary votes, or new statutory instruments to amend the content of this framework. It is updated administratively, exactly as the government has been doing. I have written before about the risks this creates, particularly when combined with the sweeping data access powers in the Data Use and Access Act 2025, and you can access my article on this below.

It is worth revisiting some of the issues with the DIATF because GOV Wallet and GOV One Login are architecturally tied to it. This means that they must remain certified against whatever version exists at any given time, and as such any ministerial alteration to the DIATF will cascade directly into, and affect, the operation of a national digital identity system, all without parliamentary scrutiny. No debate. No vote.

This design choice creates several obvious vectors for overreach in itself:

1. Silent expansion of data collection and attributes

The DIATF defines the “standards… for what a good Digital Verification Service looks like.” However, government can revise these standards at will. This allows them to add new “core” or “recommended” attributes (for example, verified address, employment status, or other categories of personal data) or tighten verification rules under the banner of “best practice.” Because certification depends on meeting the current version of the framework, any national digital identity system must adopt these changes to remain compliant.

This is not hypothetical. The consultation document itself hints at scope expansion (“Part 3 – Useful”: “Being able to prove current address through the digital ID system could be a more efficient and easier option than relying on physical evidence…”). Under the current governance model, such expansions will be able to occur without returning to Parliament, enabling incremental but unchecked function creep.

2. Control over the entire private‑sector ecosystem

Only organisations that are certified under the DIATF can legally operate as digital‑identity or attribute‑verification providers. These certified providers are listed on a statutory register, which acts as the government approved whitelist for the entire identity verification market. If a provider is not on the register, it cannot legally perform regulated checks such as right‑to‑work, right‑to‑rent, or age‑verification.

Certification requirements are set by ministers and can be altered at any time through secondary rules and updates to the DIATF. This means government can require certified providers to adopt new technical integrations (such as mandatory use of government “checker services”), implement more intrusive audit and assurance processes, or meet new data‑handling obligations, all without new primary legislation.

Although any sharing of data with law‑enforcement or intelligence agencies would still require a separate lawful basis, the capability to support such access can be made a condition of certification. In other words, the framework can require certified providers to build systems that enable lawful‑access pathways, even if those pathways are triggered under separate legislation.

The result is a powerful structural lever: by controlling certification standards and the statutory register, government can shape, constrain, or effectively gatekeep the entire digital identity market through administrative rule setting alone. A system advertised as “voluntary” will therefore become a de facto state-controlled monopoly, not through explicit legislation, but through the quiet power of certification requirements.

3. Erosion of voluntariness through certification lock‑in

The consultation makes clear that the government is proposing to legislate so that right‑to‑work checks which give employers a statutory excuse, will, by the end of this Parliament, depend on DIATF certified digital services. In other words, the only legally recognised route for employers to protect themselves from penalties will be through digital checks tied to the trust framework.

If the DIATF is subsequently updated to require additional features that make non‑use impractical, for example, mandatory real time verification, or integration with welfare, immigration, or other government systems, individuals and employers will be funnelled into adoption regardless of whether Parliament ever debated such a shift.

This is a familiar UK pattern: systems that begin as “optional” become unavoidable through administrative design rather than democratic mandate.

4. Bypassing parliamentary oversight entirely

The government promises “parliamentary scrutiny” only for the primary legislation that creates the digital identity itself. Everything that follows, the standards, the lifecycle rules, the certification criteria, the technical architecture, the conditions for lawful access, sits within the DIATF. And the framework is mutable at ministerial discretion.

This is not an accident. It is an intentional governance model that allows the system to evolve indefinitely through quiet updates that the public are largely unaware of. This is precisely the architecture that enables function creep and “mandatory by stealth” implementation.

5. Future‑proofing for surveillance

The DIATF already anticipates ongoing maintenance by an executive body (currently DSIT, with the proposed Office for Digital Identities and Attributes (OfDIA) intended to take over). OfDIA does not yet exist in law, and its powers will depend entirely on its enabling Act. But the direction of travel is clear: a central authority empowered to update standards, oversee certification, and define “trust” in digital identity systems, that is outside of Parliamentary control, sitting inside the executive branch of Government, not independent, and governing the entire digital identity ecosystem.

Combined with the existing provisions for biometric matching and cross government data access in other legislation, a future update to the DIATF by such executive body could mandate technical capabilities such as centralised audit trails, automated data‑sharing pathways, and interoperability with other government databases. None of this would require new primary legislation. The legal authority for access would sit elsewhere; the DIATF would simply ensure the infrastructure is in place.

This is the essence of the risk: the DIATF is the mechanism through which surveillance‑enabling features are normalised, without Parliament ever being asked to approve them. In short, tying a national digital identity system to a government published, ministerially-updatable framework, is not a safeguard for anyone. It is a deliberate design feature that hands the executive branch a permanent, low-scrutiny lever to expand the system’s reach, data demands, and coercive power. The consultation document laughably presents this as efficiency and “trust”, when in reality it is the perfect mechanism for turning a nominally voluntary credential into a mandatory system and an evolving tool of state control.

The Consultation Document Lays the Groundwork for Expansion

The consultation document outlines a series of proposed structural powers that would allow the digital identity system to expand over time without returning to Parliament for new primary legislation. These include:

• Additional attributes such as a verified address, which the consultation says “could be a more efficient… option” than physical documents
• A universal unique identifier for cross‑government data matching. This will be invisible to users but enable lifelong linkage of records. So tracked and linked for life
• A legal duty on individuals to notify changes to their identity documentation, backed by an “appropriate form of enforcement”. So potential fines or criminal penalties for not updating your digital records
• “Derived credentials” issued by third‑party providers, extending the ecosystem beyond government control
• Phased legislation empowering government to “administer relevant identity and eligibility information on an ongoing basis” and “manage the digital identity throughout its lifecycle”. This is one of the most consequential elements in the entire consultation in my opinion. These phrases sound bureaucratic and harmless, but give government a permanent mandate to maintain, expand, and update a person’s identity record indefinitely, meaning someone’s digital identity is turned into a living, evolving state‑managed identity system that can grow in scope without Parliament ever voting on any changes. It is the “legal” foundation for lifelong identity surveillance.
• A proposed digital‑only right‑to‑work regime, with age‑verification and online‑safety expansions already signposted (see above)

Each of these elements is presented as incremental, but together they create a flexible legal and technical scaffold for continuous expansion of the digital identity system through government set rules rather than parliamentary oversight.

Mechanisms Proposed in the Consultation That Would Enable State Overreach and Control

• Biometric centralisation risk

The consultation document explicitly confirms that the high‑resolution facial image required for a national digital identity will be accessible to police and intelligence agencies under existing legislation (including the Police and Criminal Evidence Act 1984 and the Investigatory Powers Act 2016) for “crime prevention and national‑security purposes” – “there is a legal basis for police use of facial recognition, which may include access to biometric data held by government”

Although the document reassures readers that “the police will not have new powers to request an individual’s digital ID for stop and search,” the crucial point is this: the biometric photo itself – for every individual enrolled – would not exist without the national digital identity scheme. Once created, it becomes available for facial‑recognition matching under existing police powers.

This enables mugshot‑style matching and population‑level biometric surveillance without any new primary legislation. The national digital identity will create the dataset, whilst existing law will provide the access, all without an individual ever having been suspected of, or involved in, any criminal activity.

• Revocation and retention

The government may suspend or revoke a digital identity for “fraud”, “misuse”, or “security concerns”. Crucially, it is the government itself that defines what counts as security concerns or misuse, through secondary rules and DIATF standards rather than through Parliament. These definitions can be broadened or tightened administratively and there is no legal barrier in the consultation or current DIATF that prevents a future government from expanding “misuse” to include categories of behaviour that are not criminal today. This creates a structural risk: this or future governments could expand these categories to include forms of behaviour, including online activity, that are NOT criminal today. The danger lies not in what the consultation says now, but in the discretionary powers it creates.

On the flip side, if a user decides to delete their digital identity, the underlying identity and eligibility data remains fully stored in the departmental systems that supplied it (Home Office, HM Passport Office, DVLA, DWP, HMRC). This is because the digital identity for an individual’s use is only a front‑end credential; the real identity records actually sit behind it and are retained under each department’s statutory powers. What this means is that an individual CAN NEVER fully withdraw from the system once enrolled. Deleting the digital identity will only remove the user interface, NOT the identity data itself. Revocation therefore becomes a mechanism that can lock people out of services, whilst their data continues to exist and continues to be accessible within the state’s identity infrastructure.

• Third‑party, private‑sector and employment integration

Certified Digital Verification Services (DVS) providers can issue derived credentials and interact with the GOV Wallet. This extends identity verification into the private sector, creating a state‑regulated identity ecosystem.

At the same time, and as noted above, the government is proposing to legislate so that right‑to‑work checks must be digital, removing paper alternatives. This means: No compliant digital identity document – no lawful employment. This forces employers, and therefore workers, into digital identity channels. This is not voluntariness. It is mandatory by stealth as it leaves people with no option but to comply if they wish to retain access to lawful employment, which of course is necessary in order that they can house and feed themselves and their families.

• National security and lawful‑access overrides

The consultation explicitly acknowledges that intelligence agencies and police may access personal data, including biometrics, under existing statutory powers. These are not new powers, however, a new national digital identity scheme will create a new, richer dataset that falls within their scope. This is, in fact, how surveillance capability expands without new legislation: always the powers already exist at “law”; it is just the datasets that are new.

• Surveillance potential via usage monitoring and interoperability

Digital identity interactions generate audit trails such as timestamps, verification events, service‑access logs, and records of which organisations requested checks. The consultation references audit trails for right‑to‑work checks and repeatedly emphasises the need for “joined‑up services”, which rely on interoperability between government systems.

Interoperability means that different departments and services can share, match, and reuse identity data and verification events across the public sector and, through certified providers, into the private sector as well. This creates a technical environment where audit logs from one service can be linked to logs from another, forming a behavioural record of a person’s interactions with both government and commercial services.

Because these logs can be analysed, cross‑referenced, and retained under existing departmental powers, interoperability turns routine identity checks into a networked surveillance capability. It enables:

• cross‑departmental tracking of service use
• profiling based on frequency, timing, or patterns of checks
• linking private‑sector interactions to government records
• automated risk scoring or fraud‑flagging
• reconstruction of an individual’s movements through digital services

The consultation frames interoperability as a convenience feature, but in practice this is what creates the infrastructure for continuous behavioural monitoring across the state and regulated private‑sector services.

• Data minimisation promises vs. broad exceptions

The consultation document promises selective disclosure and data minimisation. However, it repeatedly creates broad exceptions for:

• fraud prevention
• enforcement
• national security
• “joined‑up services”
• future service integration

These exceptions structurally undermine the data minimisation principle. Because each exception is framed as necessary for “efficient services” or “public protection,” they create open‑ended gateways through which additional data can be shared, linked, or reused across government and certified private‑sector providers.

In practice, this means the scope of data sharing can expand over time without new primary legislation, simply by invoking one of these exception categories. The result is a system where minimisation is the stated principle, but interoperability, enforcement, and cross‑government integration are the on the ground operational reality.

Each of the mechanisms discussed above is presented as harmless or technical within the consultation document, but together they create a digital identity system that is centralised, permanent, interoperable, and accessible under existing law‑enforcement powers. The consultation builds the infrastructure; the DIATF governs its evolution; and Parliament is largely bypassed. This is how a system described as “voluntary” is really mandatory and a tool of state control.

There are undoubtedly further matters within the consultation document that merit scrutiny but given the scope of this analysis I have focused on those I consider most consequential and most alarming to me, in terms of their long‑term implications for personal rights. I am sure that many more individuals and organisations will examine the consultation in greater depth and highlight additional areas that deserve careful attention, over the coming weeks.

And Finally: The Absurdity of the Narrative Shift

Much emphasis in the consultation document is placed on digital identity being: “a convenient way for people to prove who they are,” “secure and putting people more in control of their data,” “offering everyone eligible access to an inclusive digital identity, without up-front charges,” and “helping government to reduce bureaucracy and build the intuitive, efficient, and responsive public services the UK deserves”. This is, perhaps, one of the most insidious things about the consultation document – the reframing of the need for a national digital identity system.

Previously discussions tied national digital identity and verification systems heavily to immigration enforcement and “stopping the boats.” This consultation erases that context entirely. “Stopping the boats” is absent; (too divisive), and illegal working is now reframed as employer compliance and labour market fairness. The entire document has, in fact, pivoted the narrative about the need for a national digital identity system, and it is now about “convenience,” “modern public services,” and “making people’s everyday lives easier”. This is classic manufacturing of consent through the carrot-based approach: offer a shiny, free, “inclusive” carrot such as proactive benefits notifications, no more paperwork, banking-level security, whilst at the same time constructing a panoptic infrastructure of lifelong biometric tracking and data linkage. Such a pivot enables the public to be nudged into voluntary adoption through “convenience”, only to discover later that non-participation excludes them from work, services, and society.

This psychological carrot tactic is deliberate: the government have realised due to previous pushback that re-writing the narrative to “seamless convenience and improvement of public services”, is something that a lot of people can get on board with. They clearly hope through this to manufacture broad consent for a surveillance state that earlier generations would have rejected outright.

In real terms, this whole exercise is not digital modernisation. It is the construction of a digital identity infrastructure built for authoritarianism. It is voluntary in government speak only, but compulsory in practice, and expandable at ministerial discretion.

The Making public services work for you with your digital identity consultation closes 5 May 2026. You may wish to respond, (for all the good it may do), not with commentary about technocratic tweaks, but with fundamental and outright rejection of the premise: a national biometric digital identity system is neither necessary nor safe in a free society. The consultation document itself provides the evidence for this.

Thank you for taking the time to read this article. It required many hours of research, writing and editing. This is a complex subject and I have done my best to simplify it and present it in plain English so that readers can better understand the risks involved and make informed decisions.

If you found this article valuable or learned something new, you can support my work by buying me a coffee – if you wish to and can afford it. The link is Buy Me a Coffee, or you can copy and paste the URL directly: https://buymeacoffee.com/claredwillb

You can also subscribe to this Substack for free to access all my previous and future work.

See you all again soon!

---