NZ planning digital ID trust framework register tender for end of August

A tender will soon launch for digital identity, IT or cybersecurity provider to supply and implement a trust framework register for New Zealand.

Advanced notice of a request for proposals (RFP) published this week will close at the beginning of next Wednesday, August 13, local New Zealand time. DIA expects the RFP itself to be published at the end of August. The RFP for a digital credential issuance platform was launched near the end of July, the same day its advanced notice closed.

New Zealand’s government published the Digital Identity Services Trust Framework Rules 2024 just weeks ago. The rules specify the standards ID documents and credentials must comply with, including the W3C Verifiable Credential Data Model, the ISO/IEC 18013-5: Mobile driving licence (mDL) application, or ISO/IEC 23220 series. The Framework also stipulates to minimize the risk of a breach of biometrics or other sensitive data, and prohibits server retrieval during credential presentations.

The country also rolled out a biometric data privacy code this week that sets necessity, privacy safeguard and proportionality requirements for the use of facial recognition and other biometrics. Biometric samples must be collected directly from individuals, except in specific circumstances, and data subjects must be notified that their biometric data has been collected, by who and why.

One of the next steps for New Zealand’s Department of Internal Affairs (DIA) is setting up a trust register listing credential and service providers that are accredited under the framework. It will take the form, according to the announcement, of “a centralised, standards-based platform for communicating the accreditation status of digital identity providers and services.”

Article Topics

digital ID  |  digital identity  |  government purchasing  |  New Zealand  |  rfp  |  tender  |  trust framework