Info Gov

The Government has published detailed proposals for a statutory Digital ID framework that would establish a legally recognised identity credential for use across public services and, in time, regulated private sector transactions.

The Digital ID would be free and available initially from age 16, though the consultation seeks views on lowering eligibility to 13 or introducing credentials from birth. While the use of Digital ID is planned to be voluntary for individuals, the plans anticipate statutory changes to make digital right to work checks mandatory, replacing manual document checks. The Digital ID, the consultation says, is also intended to streamline interactions across public services, reducing duplicated identity verification, enabling “proactive” service delivery models, and improving data quality.

The plans, outlined in a newly released consultation summary, set out the legal, technical and governance architecture required to deliver a secure, inclusive and decentralised system.

Under the proposals, ministers will introduce primary legislation to define the Digital ID, create statutory processes for issuing, updating and revoking credentials, and establish rules governing verification, data sharing and retention. The framework will be underpinned by UK GDPR, the Data Protection Act 2018, and privacy by design requirements, with no expansion of police or intelligence access powers beyond existing statutory gateways.

Ministers intend to bring forward a legislative package that will:
• Define the Digital ID credential and its legal status.
• Establish statutory rules for issuing, updating and revoking an ID.
• Provide a legal basis for authentication checks through a new Government Checker service.
• Enshrine privacy by design duties, data minimisation, and compliance with UK GDPR and the Data Protection Act 2018.
• Clarify that no new police or intelligence powers to demand an ID will be created; access will remain subject to existing statutory gateways.

The Government also proposes “transparent redress mechanisms”, drawing parallels with the HM Passport Office’s four stage complaints process, and says it is considering independent oversight bodies to reinforce parliamentary scrutiny and public trust.

Technically, the system will rely on decentralised storage, with users holding their credentials in the GOV.UK Wallet or certified third party digital wallets. Identity proofing will be carried out through GOV.UK One Login or authoritative sources such as HM Passport Office and UK Visas and Immigration.

Credentials will incorporate cryptographic protections, selective disclosure capabilities and interoperability standards aligned with the UK Digital Identity and Attributes Trust Framework.

Verification will be delivered through certified Digital Verification Service (DVS) providers, supported by a new Government Checker service capable of confirming validity, revocation status and authenticity with user consent. A low cost or free version may be made available for low volume users. All checks will require user consent and involve only “minimal necessary” data sharing.

The consultation emphasises the benefits of the scheme as being enhanced cyber security, fraud prevention and protected routes for vulnerable users. Mandatory digital right to work checks are envisaged, alongside wider public service integration. The Government claims potential long term savings of £10bn annually across the public sector and £1.8bn for households, though full impact assessments are ongoing.

Legislation is expected to follow further stakeholder engagement, with all government services due to be onboarded to GOV.UK One Login by 2027.

The government said that it would particularly welcome input from a wide range of stakeholders, from businesses to trade unions, technologists and civil society, as well as leaders in the public and private sectors who can use the digital ID to improve services for people in the UK.
The consultation is open until 5th May 2026 and can be accessed here: https://assets.publishing.service.gov.uk/media/69afe396c78869bf8eb8a5ab/Making_public_services_work_for_you_with_your_digital_identity.pdf

Also in this section

Jul 16, 2026

Scattered Spider pair jailed over TfL hack

Two members of the Scattered Spider hacking collective have each been jailed for five and a half years at Woolwich Crown Court on 16 July over a 2024 cyber attack on Transport for London that compromised the personal data of millions of customers and cost the transport authority £39 million.
Jul 15, 2026

Government introduces mandatory data breach reporting protocol

The Cabinet Office has published a Model Action Plan setting out a single cross-government framework that all departments and arms-length bodies must follow when responding to significant personal data breaches, introducing mandatory central reporting of such incidents for the first time.
Jun 29, 2026

"Five eyes" warn on accelerating cyber security threat from AI

The National Cyber Security has called on organisational leaders to treat cyber resilience as a core business and governance responsibility rather than a technical matter in the light of a report by the Five Eyes intelligence alliance on the "fundamental" impact of AI on the speed and scale of cyber threats.
Jun 15, 2026

Government AI hackathons uncover 407 vulnerabilities across nine departments, including critical remote code execution flaw

A pilot programme using frontier AI models to scan public-sector code repositories has identified 407 security findings across nine government organisations, including a critical vulnerability that could have allowed an external attacker to execute arbitrary code on a key digital service, the Department for Science, Innovation and Technology (DSIT) and the National Cyber Security Centre (NCSC)…

InfoGov Masthead Newsletter 800