For much of this decade, the mood music in Westminster, the seat of national politics in the UK, has been that Britain wants to introduce a national digital identity scheme. It took UK Prime Minister Keir Starmer's Labour government to move forward on the idea this autumn, but a unified digital ID has been debated by policymakers for years, at least since the days of Boris Johnson's Conservative administration.

Even so, this week's Westminster eForum policy conference on next steps for digital identity takes place in a new context: the decision to stop kicking the can down Whitehall, the center of British Government administration, and instead attempt to boot it into the back of the net (the Prime Minister is passionate about football).

This is a bold move for several reasons. First, previous eForums on this subject (see diginomica, passim) have focused on the significant challenges of such a project, among them portability, integration, interoperability, rapid obsolescence, data privacy, security, and transparency. How would such a scheme integrate with all the other ways in which we identify ourselves online, both nationally and internationally? And how could it be futureproofed?

Second, while Britain can claim piecemeal success in digitizing some government services, its track record in commissioning big-ticket national IT schemes has been appalling. For example, despite the simplicity of its aim – to create a unified patient record system for the National Health Service (NHS) – 2002's National Programme for IT (NPfIT) was a disaster. It was a toxic combination of post-millennium naivety, vaunting political ambition, poor specification, inept management, contractual problems, litigation, and Whitehall's glacial bureaucracy colliding with then-Prime Minister Tony Blair's obsession with modernity.

But its core problem was simple: a naïve belief that an overarching system for patient data could just be built on top of over 200 cash-strapped local Trusts, and thousands of hospitals, clinics, and surgeries, many of which were using outdated technologies. The result was an abandoned £20 billion ($26 billion) catastrophe for taxpayers – a scheme that went three times over budget but delivered no discernible benefit, except to lawyers and a handful of tech suppliers and consultants.

Now consider a national ID scheme that would face the same problems, but inevitably be even more complex, broad, and of less certain purpose, with so many touchpoints and flashpoints that the tech industry's mantra of 'move fast and break things' would be truly terrifying.

But caveat number three is perhaps the trickiest: one of the reasons why such an idea has been kicked down the road for years is that the UK is, for complex cultural reasons, resistant to the idea of identity cards – real or digital – and anything that resembles them. So, a sizeable chunk of the population is now furious. Indeed, the public's anger was so predictable that Starmer's political instincts must either be faulty or driven by a Blairite belief that Big Technology can fix everything. (Find out which in a moment!)

And that is not all. Lord Clement-Jones, the Liberal Democrats' urbane spokesman on science, innovation, and technology in the House of Lords, the upper legislative chamber of British Parliament, chairs the morning session. According to him, the UK Government's policy wrongfoots many in Parliament – and in the tech sector.

The peer explains:

Earlier this year, many of us thought that the strategy of creating a strong private-sector market in digital identity applications through long-awaited provisions in the Data Use and Access Bill was proceeding smoothly. We also thought we knew, despite misgivings – in particular around its security – what the government's intentions were for its 'one login' scheme, as a voluntary way of accessing government services. But all that changed with the government's announcement in September of a mandatory digital ID scheme for everyone to be able to work legally in the country.

The government has argued that a digital ID scheme will help reduce illegal working, streamline identity checks, improve public services, and strengthen data security using encryption and biometric authentication. However, the proposal has triggered fierce opposition from civil liberties groups, opposition parties, and many of the public, with a petition against digital ID gaining nearly three million signatures ahead of a scheduled parliamentary debate.

Critics are warning of risks to privacy, data security, civil liberties, and the digital inclusion of vulnerable groups, as well as concerns over possible mass surveillance. And there is insufficient evidence that digital ID will address the root causes of illegal migration or reduce illegal working, not to mention concerns that private-sector digital ID suppliers will be squeezed out as a result.

Those are strong words from a conference chair whose presence at these events is invariably a model of diplomacy, fairness, and balance. Meanwhile, his comment about the risks to digital inclusion comes in the wake of an ill-advised public relations campaign from 10 Downing Street, the Prime Minister's official residence, which focuses on the punitive costs of not having a digital ID. What about the digitally excluded or those in long-term digital poverty? Implicitly, those on the margins of society would face escalating costs: not exactly a positive message, Prime Minister.

And Clement-Jones neglects to mention the cultural dimension. Yes, we have our passports, phones, cloud accounts, credit cards, driver's licences, membership cards, student IDs, proofs of address, and other means of authentication, but in the British psyche a centralized ID scheme would be tantamount to an assault on the national character. Give us inconvenience and fumbling in the rain for our phones and wallets instead!

In control of your relationship with the state?

In fairness to grumpy Brits, however, most of those systems are discrete, work, and are built for a specific purpose. And, to put it politely, the belief that an overarching scheme would – in a struggling, austere, cost-cutting economy – link everything seamlessly and unlock a myriad citizen benefits fails every common-sense test in the wake of the NPfIT.

So, what does the conference make of the policy? Perhaps inevitably – given the whiff of utopian idealism about the plan – the morning's keynote session kicks off with a presentation from the Tony Blair Institute for Global Change (TBI), the international think tank led by the former Prime Minister and backed by US Big Tech dollars. Ker-ching!

Yes, the same Tony Blair who was behind the disastrous NPfIT, and the same TBI that has been advocating for opting creatives' copyrighted work into training AI models, against the advice of the UK Artificial Intelligence (AI) industry (see diginomica, passim). The TBI backs the concept of a UK digital ID – because of course it does.

Alexander Iosad is its Director of Government Innovation. He believes that a mandatory scheme needs to be bold, and to be about more than just closing the loopholes in Britain's shadow economy. (He's right on the latter point: those loopholes are used by the most vulnerable in society, by citizens who are struggling to make ends meet.)

So, what is driving the TBI's zeal for Big Technology as a universal cure-all – beyond the wishes of some Big Tech backers, of course (the TBI claims those funds are ringfenced and do not influence its policies)?

Iosad says:

We see digital ID as foundational infrastructure that addresses three key functions, all of which are things that we have to do in the world as it is today, but at the moment, we often have to do it in ways that are fragmented, insecure, and inconvenient. Digital ID is a means to prove that you are who you say you are, which in its digital form, can be always up to date, is much more resistant to tampering, and can be biometrically secured.

Is there a way to prove that certain things about you are true? Because there may be information that, for example, the state holds about you that, at the moment, you often have to repeat over and over again, and submit to do things as you go about your daily business. And with digital ID, we can build systems that are private, that are built around consent from the beginning by design, and that are more secure to verify this type of information.

At this point, a cynic might ask, "Who is 'we'?"

That aside, clearly such a system would not be built on the consent of the British people. The three-million-strong petition proves it – a petition whose heat map shows opposition spread evenly around the country and across political divides. And "consent" also implies that citizens voted for it, yet Lord Clement-Jones reveals that even Parliamentarians did not know about the policy.

So, why is the TBI so keen on it? Iosad continues:

This is the element that we at TBI are particularly excited about and we believe is going to be important for this country. It's the ability to access services based on who you are and your circumstances, in ways that mean that – rather than having to prove yourself constantly to access what you know you're eligible for, or trying to use one service as a proxy to prove things about yourself – you can be pre-approved for services based on information that is known about you. And you can be in control of that relationship so that it is, in fact, a state that treads much more lightly on your life than it currently might.

Yet such a system would only "tread lightly" on citizens' lives if it works – flawlessly and without error. But if any data within it is out of date or incorrect, or it misidentifies an individual or confuses them with another, then the state might tread very heavily on that person indeed.

For example, if one citizen were to be confused with another of the same name (which has happened to me several times) or a database wrongly indicates that a bill has not been paid (which happened to me this year), then someone could find themselves locked out of critical services – a form of automated exclusion in which errors would have a cascade effect.

Building such a system would certainly be ambitious, Iosad implies:

To enable all this to happen, there are two elements, and these often get conflated, including in the most salient debate around what the role of digitalization is when it comes to migration [Iosad is referring to asylum seekers and illegal immigrants]. In particular, there is the underlying data infrastructure which can, and should, be interoperable, federated, and secure, which means that certain credentials about individuals can be verified and proven easily.

And there is the front end, which is that a digital ID can be made convenient, transparent, and proactive in the way that we use it. And this is where inclusion is absolutely key. What we have argued for, and will continue to argue for, is a parity of experience, in which whether you choose to access services that are based upon digital ID through a digital front end or in person, the underlying data infrastructure would allow you [to do that].

We believe the digitality would bring streamlined interactions to how we deal with the state, and at the same time, prove that government can deliver big and positive change. We believe that digital ID can be built to be more transparent and more private than current systems, and help people understand how their data is held, and how their data is used.

And where it might be incorrect, it will allow them to correct it.

Interesting, though he doesn't say how. Then he clarifies a key point for the policy's critics:

We do not believe in mandatory ID cards. That is a very different debate today to ones we might have had in the past, precisely because the technology allows us a much wider range of uses and a much wider range of benefits.

Yet it is precisely that "much wider range of uses" that troubles the scheme's critics, as technology potential rapidly becomes scope creep if the will is there, department by department and case by case, to push for greater access to citizens' lives, actions, networks, and contacts. More on that in a moment.

Iosad adds:

If it is built right, then it should be built as an interoperable platform. And that means our private sector, when it comes to digital ID, can apply their innovation too, and can build it on top of that platform, so it gives them a boost, rather than holds them back.

A statement which perhaps implies a world in which the state might choose to monetize citizens' data and allow a range of commercial interests into their lives, with new levels of data insight.

Leaving us exposed

So, what of the naysayers? Amusingly, Iosad's co-presenter at the keynote is Jasleen Chagar, Legal and Policy Officer of civil liberties organization Big Brother Watch, thus pitching a very different world view on the topic. She is certainly not convinced by the utopian zeal of the former Prime Minister's think tank, saying:

We have been leading the campaign against the government's digital ID scheme, which we view as a mandatory digital ID. A digital ID could, of course, be helpful in providing different ways to prove your identity, but a mandatory digital ID represents a real step change from what we have already resourced as a country.

Digital ID is not just an app. It's perhaps more useful to think about it as a digitalized identity document which is linked to government databases. A digital identity system which joins up all our government records using a single, unique identifier, and then logs our interactions – and where we've used our digital ID to prove our identity – would be a nightmare for civil liberties.

But why is that? In the TBI's view, it would do the opposite: unlock a range of citizen benefits, while maximizing convenience. Chagar explains:

It would leave us exposed to mass surveillance, tracking, profiling, security breaches and discrimination. So, it's not a question of utopias and dystopias, as Alexander put it, it's about whether we think it's worthwhile creating an infrastructure that contains these risks to civil liberties, and which would remain in place long after this Labour government. It could be misused and abused by future governments as well.

Indeed, though some Opposition leaders have signalled their desire to scrap the scheme if elected. But is Chagar right to be worried?

Hers is a common alarmist viewpoint, of course, but in 2025 it would be foolish to dismiss it. Former Conservative leader Michael Howard once famously claimed that "the innocent have nothing to fear", but if that were true then no one would ever be wrongly convicted of a crime, or wrongly profiled, pursued, questioned, or arrested by police.

And if simply throwing data and technology at organizations removed that risk, then we would not have had the single worst miscarriage of justice in British history: the Post Office Horizon scandal, which led to hundreds of people being wrongly prosecuted for false accounting, theft, and fraud in the mistaken belief that an IT system could not have made an error.

People died because of faith in technology triumphing over people, trust, and common sense, and lives and careers were blighted or destroyed as a result. And in an ideal world, the US Correctional Offender Management Profiling for Alternative Sanctions (COMPAS) sentencing guidelines algorithm would not have penalized black offenders either, or been more lenient to white Americans based on partial evidence from a century of flawed justice.

The point is this: such problems are real and evidenced, they are not some 'woke' myth or the bleatings of a technophobe. And I would add that blanket tech evangelism and scope creep are at least as dangerous as authoritarianism; the Horizon scandal proves it. Indeed, naivety, faith, and authoritarianism are often fellow travellers.

Even so, many will be tempted to dismiss Chagar's views as dystopian. But she goes on to make a valid point: a mandatory ID would tear up the social contract and replace it with the assumption that citizens must constantly prove who they are to a system that, by implication, could always be trusted to do the right thing.

Automated mistrust, perhaps. Chagar comments:

On the front end of this system, it changes the way in which we interact with the state. At the moment, we operate as a largely trust-based society where we prove our identity only as and when we need to, using whatever documents we need in that specific context. For example, a passport to enter and exit the country.

Digital ID reverses that, because it creates a permit that we must use to prove our identity all the time, creating a society that's essentially on licence – one where we must prove permission to access services at every turn. Digital ID centralizes our personal information into a single identifying document, which could then be used in a multitude of contexts, irrespective of whether it's appropriate for that specific use.

She continues:

The second important impact of digital ID is what's happening on the back end, where these systems centralize vast amounts of personal information about us. So, each time an individual uses their digital identity that would be recorded in government databases. And that's not only when you're using it in the public sector – for example, with your health records, your taxes, your access to welfare benefits, or your interactions with the police – but also if you're using it in the private sector.

We've already heard the government speaking about how this could be used to prove your age for buying alcohol, for example, or accessing certain content online. And so, there are real implications for what kind of information would start being recorded on government systems, for creating records in places where they wouldn't have existed previously. Then AI could be applied to it for mass searching and mining for insights about us.

But remember, "the innocent have nothing to fear", right?

Project creep

One can certainly imagine a world in which our diets, personal choices, lifestyles, and consumption count against us when seeking healthcare or benefits, for example, and a realm which also records our social statements and political views. Again, this is not an alarmist view: in the US, it is not unknown for health insurance policies to come with compulsory fitness trackers, while anecdotal evidence is spreading of people's phones, laptops, contacts, and social presences being investigated by US immigration.

But can Chagar provide hard evidence to back up her fears? She can:

Digital identity systems are particularly susceptible to being expanded beyond their initial purpose, and we've seen that in other contexts around the world. For example, in India, their digital ID scheme was initially introduced to tackle benefit fraud and encourage financial inclusion, but today, though it is not mandatory, it is de facto required for everyday life. You need it to buy a house, get a job, purchase a SIM card, enroll your child in school, open a bank account, and receive benefits.

At the moment in this country, digital ID is only being discussed in the context of illegal immigration, where we know it is going to have very little impact: legal migrants already have to use an eVisa to prove their right to be here.

But what it will do is transfer the burden of administering our border onto the rest of the population, who will then have to use digital identity cards to prove their right to work. The government have already been talking about expanding the scope of digital IDs to children aged 13 to 16, and it being used to access public services. So, we can already see scope creep emerging.

And remember, sections of the population are digitally excluded or live in digital poverty, so risk being shut out completely from a world they already can't afford.

My take

Chagar makes some fair points.

And there is another dimension to this: by strongly advocating for digital IDs, and winning the support of Britain's Prime Minister, it is fair to ask whose interests the Tony Blair Institute is representing when it talks of "we". On that point it is far from transparent: its financial statements (available at the UK's Companies House business registry) have never disclosed the full list of its backers.

Its biggest supporter is known to be the Larry Ellison Foundation – reportedly to the tune of a quarter of a billion dollars – and the TBI's 2023 financial report cites Microsoft and Amazon as being among its tech industry backers, but its 2024 statement does not. So, do they no longer support the TBI, or have they simply asked for their names to be removed from documents?

Unless the Institute can be as transparent as it expects the British people to be, it should step out of this debate.