Technology

Digital ID in the UK: what it is, what it is not, and why people worry

Digital ID UK explained in plain English, including what it is, what it is not and the privacy questions people should check before using it.

Digital ID sounds simple until you ask what problem it is meant to solve. It can mean a login, a wallet, an age check, a right-to-work check, or a full national identity system. The useful question is not whether digital ID is good or bad in the abstract, but what data it uses, who can ask for it and what choices people still have.

The Short Version

Digital ID is a way to prove who you are, or prove a fact about yourself, using a digital credential instead of repeatedly showing paper documents. The UK already has private digital verification services, GOV.UK One Login and GOV.UK Wallet, but the proposed national digital ID would go further. The government says it wants a system that is useful, inclusive and trusted, while privacy groups worry about breaches, exclusion, tracking and function creep. The practical answer is to understand the difference between a secure identity check and a system that asks for more information than it needs.

What Digital ID Actually Means

A digital ID is not just a photo of your passport on a phone. In policy terms, it is a digital representation of a person that can be used to verify identity or facts about them. Those facts might include name, date of birth, age, nationality, residency status or whether a document has already been checked by a trusted provider.

That distinction matters. A good digital ID system should not always need to reveal everything about you. For example, an age check should be able to say that you are over 18 without giving the shop, website or service your full date of birth. The House of Commons Library briefing on Digital ID in the UK describes this as one of the possible privacy benefits of reusable digital credentials: you can prove a specific claim without handing over the underlying document each time.

That is the sensible version. The risk comes when a narrow proof becomes a broad permission, or when the same identifier follows you across too many services.

What The UK Already Has

The UK is not starting from zero. There is already a government-backed digital identity and attributes trust framework, which sets rules for certified digital verification services. It covers areas such as privacy, data protection, fraud management, cyber security and inclusion.

There is also a public register of digital identity and attribute services. It lets people and organisations check which providers are certified against the framework. It is not a price comparison site, but it is a useful first check.

Separate from that, GOV.UK One Login is the account system for some government services, while GOV.UK Wallet is being developed to store government-issued documents on a phone. The systems are connected by the same basic idea: prove once, reuse carefully.

What The Government Is Proposing Now

The current national digital ID proposal is bigger than a login account. The government’s digital ID scheme explainer says the free digital ID would be stored on your phone and used to prove identity, age and residency status. It is expected by the end of this Parliament.

The part most people notice is employment. The government’s consultation says the ambition is for digital right-to-work checks to become mandatory by the end of this Parliament for obtaining a statutory excuse. That does not mean every person would have to use one single app. Evidence checked through a robust digital process could include the digital ID, a British or Irish passport, an Irish passport card or an eVisa, with exception handling still needed.

This is why the debate can sound contradictory. The consultation says there would be no general legal obligation to have or present the digital ID. At the same time, right-to-work checks are a specific area where the government wants digital checks to become the standard route. Both things can be true.

Why People Worry

People are not only worried about a phone app. They are worried about what sits behind it. The common concerns are data breaches, profiling, exclusion, usage tracking and function creep. Function creep is when a system introduced for one purpose quietly becomes necessary for many more.

Some of these concerns are technical. If the same identifier is used across government, banks, landlords and websites, it becomes easier to link activity across contexts. Even if each individual check is lawful, the pattern can become revealing. This is why privacy design matters from the start.

Some concerns are practical. A person may not have a smartphone, reliable internet, a current passport, a stable address or the confidence to use identity apps. The government says inclusion is one of the core principles of the new system, and its consultation discusses alternative routes, face-to-face help and support for difficult identity cases. If digital ID becomes important for work, renting, welfare or banking, then exclusion becomes a real-world problem.

The ICO’s guidance on data minimisation gives a useful test: organisations should collect personal data that is adequate, relevant and limited to what is necessary. For digital ID, that means the right question is not “can this system identify me?” It is “is this service asking for the minimum proof it genuinely needs?”

What To Check Before You Use One

The first check is whether the service is asking for identity, or only an attribute. Identity says who you are. An attribute says something narrower, such as “over 18”, “has the right to work” or “holds a valid document”. If a service only needs the narrow proof, it should not ask for more.

The second check is who runs the service. If a private provider is involved, look for whether it appears on the official register and what role it plays. A certified provider is not automatically perfect, but certification is better than trusting a random upload portal with passport scans.

The third check is what record is created. Ask whether the verifier keeps a copy, receives only a yes-or-no answer, or stores a transaction log. You may not always get a perfect answer, but the privacy notice and consent screen should tell you enough to understand the trade-off.

The fourth check is what alternative exists. This is especially important for employment, housing, benefits and public services. A digital route may be faster, but a fair system needs a route for people who cannot use the default app or cannot prove identity in the usual way.

A Worked Example

Imagine you are applying to rent a flat and the letting platform asks you to verify your identity through a digital provider. The good version of this flow is simple. The provider checks your document, confirms the relevant facts to the letting agent and avoids sharing more information than needed.

The less good version asks you to upload scans to an unfamiliar website, gives little explanation of who can access them, keeps copies for longer than necessary and gives you no clear alternative if the automated check fails.

Your practical checklist is short. Check the provider name. Look for the official register. Read the screen that explains what will be shared. Prefer a narrow proof over a full document upload where that is offered. If you cannot complete the check, ask for the exception route rather than repeatedly sending more personal documents through email.

What This Means For You

Digital ID will probably become more common in everyday UK life, even if the final national scheme changes after consultation. You may see it first in work checks, age checks, renting, banking, government services or apps that need to verify a real person.

Treat it like any other sensitive permission. Do not assume “digital” means safer. Do not assume “government-backed” means every connected service is equally careful. Look for the narrowest proof, the clearest explanation and the easiest way to revoke or challenge a decision.

The best digital ID systems reduce repeated document sharing. The worst ones turn identity into a pass you have to show everywhere. The difference is in the rules, the design and the alternatives.

In Plain English

Digital ID is a way to prove something about yourself without always showing paper documents.

It can be useful if it shares only what is needed, such as proving you are over 18 without revealing your full date of birth.

It becomes risky if it is used too widely, excludes people who cannot use the app, or lets organisations link too much of your life together.

Use it carefully. Check who is asking, what they receive and what happens if you say no.

Related Reads