The government must fix the flaw in its digital identity plan
Sir Keir Starmer has announced plans for a compulsory UK-wide digital ID scheme for the right to work.
Whatever your position on mandatory or voluntary digital identification, one thing is certain: it only has one job to do. If any digital identity system is going to work, it must enable people to prove who they are, and prevent them from falsely proving that they are someone else.
Sex Matters has been sounding the alarm about a flaw in the system since 2022: identifying individuals reliably is not compatible with allowing people to disappear from their old life in one sex and reappear with a new life and a new identity in the opposite sex.
During the passage of the Data (Use and Access) Bill, together with Lord Arbuthnot of Edrom, Sex Matters called on the government to solve the problem and explained how. It’s really not difficult: you just need to keep sex data accurate and stop letting people change their records.
Lord Arbuthnot, who spoke out about the problems for post office subpostmasters and the Horizon IT system for years before the scandal broke, sees the risk of history repeating itself. He has said:
“I fear the country is sleepwalking into another high-cost computer-system scandal.”
But the government hasn’t acted to solve the problem with the sex data. Ministers and government officials just keep repeating the same line to us: the government’s plans for digital identity “do not create or prescribe new ways to determine a person’s sex or gender”.
That is exactly the problem. A person’s sex is something that cannot change. But public bodies allow people to change their records. The NHS does this by giving a person a new NHS number. The Passport Office and Driver and Vehicle Licensing Agency simply change the person’s records from “M” to “F” or vice versa.
A system of digital identity needs to be able to verify who someone is over time. It is fine that someone called John Smith can change his name to Joan Smith. But a digital identity system needs to keep track of the fact that John Smith and Joan Smith are the same person.
This issue isn’t solved by taking “sex” off identity altogether, or by changing it for self-identified “gender”, because the fundamental problem is that the goal of providing a reliable, enduring identity system is not compatible with allowing people to disappear from their old life and reinvent themselves as someone else altogether.
And sometimes a person’s sex is a fact about them that they need to be able to share reliably with others – for example in sports, healthcare and safeguarding. It is also a protected characteristic in the Equality Act. And as the Supreme Court judged this year, the provisions to protect against sex discrimination and provide for single-sex services are “incoherent and unworkable unless woman and man have their biological meaning”.
When peers in the House of Lords introduced amendments to the Data Bill last year that would have fixed this flaw, the then Secretary of State in the Department of Science, Innovation and Technology, Peter Kyle, said that they would breach Article 8 of the European Convention on Human Rights:
“Passing on an excessive amount of personal data. Sharing such changes by default would be an unjustifiable invasion of people’s privacy.”
But if the government is going to make any headway with its plan for digital identity, it is going to have to make the argument that it is not an unjustifiable breach of people’s privacy to have a system that reliably knows who they are. Nor is it an unjustified invasion of people’s privacy to record their sex accurately and to share that data when it is needed, or to record a person’s information linked to a single enduring identity, even if they have changed their name or their title.
There is already a Supreme Court case from 2017 on this. It involved a transgender person who didn’t want the Department for Work and Pensions to be able to keep data that showed their change of name and gender marker, as it could “out” them. The Supreme Court found that although keeping this data was an interference in the person’s privacy, it was justified as a proportionate means to the legitimate aim of having a robust overall system for recording identities in order to calculate benefits and prevent fraud.
The same is true for the government’s plan for digital identity.