The announcement of the UK’s nationwide Digital ID scheme has divided tech experts, with privacy advocates highlighting the dangers of mission creep and security risks.
British Prime Minister Sir Keir Starmer this week announced the mandatory Digital ID scheme, requiring anyone who wishes to work in the UK to carry digital identification on their mobile phones.
Unveiled by Starmer at the Global Progressive Action Conference in London, the Digital ID is expected to be rolled out by the end of the current Parliament, which is scheduled to close in 2029.
Yet figures working within the tech sector have mixed views on whether the scheme will be a net gain for data security.
“Putting all of someone’s identity, biometrics, and access to services into one central system doesn’t just create a bigger target for hackers—it means that if that system is breached, everyone is at risk,” said Rob Jardin, chief digital officer at privacy-first decentralized VPN platform NymVPN.
Jardin underlined the risk that would come from including any biometric data—which cannot be changed in the event of a hack—in the ID scheme, while pointing to the possibility of mission creep.
“A digital ID might start as a simple way to prove who you are, but over time, it could quietly expand into tracking where you go, what you do, or even controlling access to services,” he said.
How will the UK’s Digital ID work?
The digital ID is expected to include a person's photo, name, date of birth and residency status.
The UK Government is considering ways of enabling non-smartphone users to participate in the scheme, and will be launching a three-month consultation later in the year on best practice for delivering the service. The consultation will explore whether additional information such as addresses should be included.
Speaking at the Global Progressive Action Conference, Starmer said that the scheme is necessary to reduce illegal immigration and, in particular, the numbers of people working illegally in the UK.
“Digital ID is an enormous opportunity for the UK,” he said. “It will make it tougher to work illegally in this country, making our borders more secure.”
Members of opposition parties in the UK have criticized the plans, with Liberal Democrat leader Sir Ed Davey saying that the scheme would “add to our tax bills and bureaucracy, whilst doing next to nothing” to reduce the migrant boat crossings that have become a hot topic in England.
Addressing security concerns
While some tech experts have highlighted the potential security risks involved in the Digital ID scheme, others working in relevant areas suggested that a properly designed Digital ID system could end up being more secure than existing methods for identification.
“When security concerns are addressed with advanced cryptography and continuous monitoring, they create a more resilient national infrastructure,” said Cindy van Niekerk, CEO of UK-based ID and verification firm Umazi.
As an example, Van Niekerk suggested that digital ID will save the need to email a scan of your passport to service providers and/or prospective employers, something which can be exposed to hacks and data leaks.
“Digital ID eliminates this by using cryptographic credentials that prove identity without exposing personal data,” she told Decrypt. “Citizens control what information is shared and when, creating genuine privacy protection rather than the illusion of it.”
Elaborating on this point, van Niekerk said that UK citizen data is currently stored across “hundreds of insecure databases” in the public and private sector, and that an adequate Digital ID system would consolidate verification while distributing storage, reducing the risk of mass data breaches.
“Estonia’s digital ID system, which has been in operation since 2002, today has approximately 1.4 million users and in the 23 years, has only had one incident, but emerged stronger because its decentralised architecture prevented wholesale data loss,” she explained.
Decentralizing digital IDs
The example of Estonia could be instructive, since some experts argue that decentralization may be vital in delivering an ID scheme in a robust and secure way.
“Strong legal protections and transparency matter, but the real safeguard is building systems in a decentralized way—meaning no single authority controls all the data, and individuals always hold the keys to their own data,” said Jardin. “Done right, decentralised digital IDs could deliver convenience and trust without turning into a tool of surveillance we later regret."
This emphasis on decentralization is something that van Niekerk largely agreed with, although she also underlined the important role that quantum computing could end up playing in any nationwide ID system.
“The UK can deploy quantum-resistant algorithms from day one, avoiding the billions of retrofitting costs other countries will face later,” she said.
She also explained that a decentralized architecture would enhance any quantum resilience the UK digital ID scheme could ultimately include.
“Distributed systems using post-quantum cryptography create multiple protection layers,” she said. “Even if one cryptographic method is compromised, redundant quantum-safe protocols maintain system integrity.”
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
