Dutch govt kicks off rolling deployment of digital ID law
The Netherlands has enacted its Digital Government Act, which defines how Dutch government agencies and semi-government organizations create secure digital access to government services.
According to the Dutch government, the Digital Government Act gives citizens electronic identification with a “substantial or high degree of reliability.”
The Digital Government Act is being put in place in parts. The first deals with improving and standardizing accessibility to government sites and apps. Subsequent stages will be opened to each organization as it completes prescribed steps, according to a Dutch government document translated by Google.
Those mandatory steps must adhere to open standards and include classifying their digital services by their assurance level, be able to accept permitted means of logging in and paying for those login means for citizens.
Also required: adherence to information security and other standards related to digital ID.
The act is a framework law, meaning it is designed to provide the flexibility to work within general principles, responsibilities and procedures.
It implements the European Union’s eIDAS regulation, a framework for digital identification and trust services and access to government services.
Beyond purely governmental agencies, such as tax or health care agencies, the law regulates organizations with significant public-sector links including pension funds and educational institutions.
The affected organizations must classify their digital services according to an assurance level — the level of certainty to which an identity can be confirmed.
Assurance levels of “substantial” or “high” require agencies to accept all means of logging in and digital authorization statements that the government permits.
The law also encourages organizations to update their information security, including using the HTTPS standard. Also, affected organizations must use the HSTS standard that makes sure a user’s browser will go directly to a regulated site after a first visit.
The Digital Government Act will be introduced in phases and will only apply “when an organization is technically and organizationally ready to join.”
Article Topics
digital government | digital ID | eIDAS | government services | legislation | Netherlands
Comments