• Imraan Bashir, Author |
  • Sylvia Kingsmill, Author |
4 min read

It’s an all too familiar situation: you require a product or service online and, in exchange, you provide what seems to be harmless personal data. While you may hesitate at first, the purchase seems worth the price tag—which just so happens to include a little bit of your privacy.

Almost every online transaction, from shopping to accessing reports, requires some form of personal information. It’s no secret we’re experiencing a surge in the overcollection of data, and people are starting to wonder if there’s a safer alternative.

Not only is data overcollection unsafe, it’s also a hassle. Users are put into a position where they need to re-share the same data over and over again with different institutions. This results in sensitive information being stored in a number of different places, which then requires additional cyber security investments to protect. It also introduces privacy risks that potentially expose individuals to unnecessary profiling and tracking.

But does it have to be this way?

The missing link
To consume digital offerings, we’re often required to identify ourselves in some capacity. To verify a user’s identity, businesses are forced to ask them to share a sufficient amount of personal information to proceed with the transaction. This pattern continues with every transaction a user conducts online.

What’s missing from this equation is a trusted digital ID, a sure-fire way to identify someone electronically and confirm that they are the right person for a specific activity. It’s a better solution for both public- and private sector business and customers, as all identification can be linked back to a trusted source, rather than being dependent on multiple standalone solutions. This also allows businesses to absolve themselves of the responsibility of identity verification and focus on their area of expertise. These digital ID solutions have already been successfully rolled out in countries around the world, including Estonia and India, and they have been proven to improve data security, lower customer acquisition cost and increase efficiency, dramatically streamlining the way people access vital services and resources.

Concerns around privacy
When hearing about digital ID for the first time, many people raise privacy concerns, but digital ID can actually enhance privacy when implemented correctly. In other words, privacy needs to be deeply embedded into the solution’s foundation. Privacy-by-design requires digital IDs to be engineered and designed with built-in privacy and security protections “by default.” In this way, personal data is automatically protected, assuring the digital citizen the maximum degree of privacy protection. The principle of data minimization is critical, ensuring that a business can only ask for (and a user can only share) the minimum amount of data required for a given transaction.

A KPMG poll found that 84 per cent of consumers would take their business elsewhere if a company failed to keep their data safe. While there’s no fool-proof solution, digital ID addresses many of the issues described above, including how to limit the number of times your customer must share their data and improved privacy and security. Digital ID will help both public and private sector businesses achieve a safer and more seamless customer experience.

The Canadian privacy landscape is changing, with regulatory amendments pending at both the federal and provincial levels—namely, Bill C-11 (Canada’s Consumer Privacy Protection Act) and Bill 64 in Quebec, respectively. Both proposed bills underscore the need to minimize the collection of personal information to reduce privacy infractions and to give the digital citizen more control over the use of their information. This supports the notion of digital IDs reducing the risks associated with the overcollection of “Big Data” often being repurposed for secondary purposes.

Canada has made great headway with initiatives like the Pan-Canadian Trust Framework, the CIO Strategy Council Standard on Digital Trust and Identity and the recent establishment of the Digital Identity Laboratory of Canada. Both Alberta and British Columbia have launched digital IDs, with B.C. including a mobile card and a Verify by Video option. Quebec and Ontario are both making significant investments, and other jurisdictions are moving into the space with pilots and proofs of concept as well. While this progress is encouraging, there is still much work to be done to establish a fully interoperable national eco-system that all Canadians can trust.

Don’t get left behind
But this isn’t something any one jurisdiction can solve on its own; the public and private sectors must continue to work together to push forward the case for a national digital ID network that puts citizens in the driver’s seat.

Where does your organization sit on Canada’s digital ID journey? Let’s talk.