OECD adopts recommendations on digital identity governance

The Organization for Economic Co-operation and Development Council has adopted a new set of recommendations on how digital identity should be governed.

The OECD recommendations point to the importance of identity verification for the “functioning and resilience” of modern societies and economies, but said conventional forms of physical ID such as passports “are not adequate to meet the opportunities and challenges of the digital age.”

However, the recommendations make no explicit mention of biometrics, nor do they address any technical challenges or suggest changes to any of the schemes that specific countries are looking to implement.

In response to a question from the audience at the Global Digital Public Infrastructure Summit in India, both Barbara Ubaldi of the OECD and Jonathan Marskell of the World Bank said their organizations recommend considering biometrics only with appropriate safeguards in place, and only where appropriate, as reported by MediaNama.

For countries with smaller populations, Marskell says demographic data may be sufficient to register individuals.

OECD members are expected to follow and implement OECD recommendations, though they are not technically legally binding.

The first pillar of the recommendations emphasizes the creation of “user-centred and inclusive digital identity systems” which are effective and usable and  can “respond to the needs of users and service providers.” The pillar also nods to the importance of prioritizing inclusion and minimizing “barriers to access.”

The second pillar focuses on shoring up the governance surrounding digital identity, saying that this requires both a “strategic approach” as well as “defining roles and responsibilities” throughout the ecosystem. Goals such as data privacy and security are also emphasized, as well as aligning legal and regulatory frameworks.

The third pillar outlined by the report concerns the cross-border use of digital identity. The goals highlighted include “achieving cross-jurisdictional portability of digital identity” as well as “co-operating internationally to establish the basis for trust in other jurisdictions,” though the report also acknowledges the complexity of doing so.

In terms of the next steps, the Public Governance Committee (PGC) responsible for the latest set of recommendations is set to keep track of trends and activities within the digital identity space and will then report back to the OECD Council in 2028 on their “implementation, dissemination, and continued relevance.”

The recommendations are based on responses from 30 OECD Members as well as respondents from outside the OECD, which include both government representatives and units responsible for digital identity.

The official set of recommendations comes after the OECD’s PGC started to solicit comments on its initial draft set of legislations on 31st March.

Article Topics

biometrics  |  digital government  |  digital ID infrastructure  |  digital identity  |  identity verification  |  OECD