In the last few years, the importance of digital identity has grown exponentially, from being an instrument employed primarily to secure closed systems (such as corporate networks) to being a platform for governments to deliver eGovernment public services.
This report looks at Transborder use of digital identity in the context of international transfer, control, and access to private/personal data between Canada and the European Union. In particular, it looks at such data transfer considering the obligation to inform individuals during data processing and investigate into the adequacy of transparency and notice for international data transfer.
Contents of this report have been submitted by the DIACC International Pilots Special Interest Group.
DIACC is hosting a series of spotlights showcasing our amazing female DIACC members in the digital identity space, noting the importance of diversity. These spotlights will be regularly socialized through DIACC’s LinkedIn and Twitter channels as well as our monthly member newsletters.
If you’re a DIACC member and would like us to feature your spotlight, contact us today to learn more!
What has your career journey looked like?
My educational background is in Gender Studies, so it was never my aim or expectation to have a career in the tech industry. In my first few jobs, before I had any knowledge of terms like ‘agile’ or ‘scrum’, I was naturally inclined to bring together colleagues from different functions, divide up our work into milestones, and deliver collaboratively as a team. In those early roles, because I was ‘good with computers’, I often found myself with tasks related to process digitization, website updates, and running digital marketing initiatives, in addition to team leadership and project management.
Several years into my career when I was working at ELLE.com, a mentor told me to look up product management, and I had a major lightbulb moment — I discovered there was a name for what I thought I did, professionally. Since that time, I’ve built a rich career in product, both as an individual contributor and as a people manager, and I’ve found my passion in strategic research and bringing new products to life.
When you were 20 years old, what was your dream job and why?
This is such a tough question — at 20, I don’t think I was mature enough to have had a dream job. I had always been inclined to want to help people, and during my teen years I spent most of my free time volunteering with nonprofits. At 20, I’m sure I expected that I would pursue a career in an area that would better the world, with a particular focus on women and the environment.
As a female leader, what has been the most significant barrier in your career?
As I’ve taken on more senior roles, it’s been a challenge to find my leadership style and voice and to develop the resilience needed to continue to lead despite unfounded criticisms or biased feedback. Sometimes it can feel lose-lose for women in leadership, meaning that we are often penalized for demonstrating too many classically ‘male’ behaviours, while also penalized for being too classically ‘female’. There will always be critics, so I like to shift my focus inwards and frequently ask myself if I’m being true to my principles.
How do you balance work and life responsibilities?
Perhaps it’s the New Yorker in me, but I wasn’t naturally good at creating boundaries between work and life. It wasn’t until I moved from NYC to Sydney that I finally understood what balance could look like. I still work more than your typical 9-5, but my mindset is different. I leave my work at work, and I don’t check emails or Slack after I’ve closed my laptop for the day. And most importantly, I now take my annual leave on time and don’t check in with work while I’m away. I’ve finally learned how important it is to ‘switch off’ and leave space in my mind and my day for things that bring me personal fulfillment.
How can more women be encouraged to pursue careers in the digital ID/tech space?
Women working in digital ID/tech need to be more visible, inside our orgs and externally in the industry. I think this is the #1 way we can encourage more women to pursue the same path. We have a responsibility to the generations coming up to create a presence, which we can do by asking to be part of hiring committees, volunteering to be mentors, and submitting to be speakers at industry events.
What are some strategies you have learned to help women achieve a more prominent role in their organizations?
Early in my career I learned that the best way to make myself known to decision-makers was to put my hand up and ask for the work I wanted to be doing. This created opportunities for learning, development, and recognition. As I began to grow my reputation, when it came time to assign new projects or grant promotions, I was already visible and ‘proven’ to the management.
What will be the biggest challenge for the generation of women behind you?
I think we’re only just starting to see the widespread negative effects of product decisions made by my generation. Things like always-on culture, social media, endless scroll, filters, and nudges may feel like an essential part of digital life, but we’re already seeing the negative effects. As we get more distance from these so-called popular advances, more examples of ethically questionable decisions and results will emerge. Unfortunately, it will be the next generation’s responsibility to ‘clean up’ 20 years of tech-driven behaviors and culture, and I see this as a great challenge for the generation coming up now.
What advice would you give to young women entering the field?
Find a mentor. Find a work friend. Find someone who champions you. Being a woman in tech can be difficult, but it can also be fun, engaging, and inspiring. It’s worth the challenge.
Merissa Silk is the Staff Product Manager at Onfido
By Julianne Trotman formerly Growth Marketing Lead at Vaultiewith additional contributions by members of DIACC’s Outreach Expert Committee.
For those of us new to the Digital Identity scene, separating fact from fiction and deciphering the benefits from the vast array of information written on the topic is not an easy task. Over the past 24 months, the use cases for Digital Identity have become more prevalent and the news surrounding the myriad of solutions and their applications in the marketplace continues to be front and centre. It has left the Digital Identity novice trying to understand the technology and asking three questions:
Why should they care about digital Identity?
How will it benefit them?
Whose responsibility is it to safeguard their personal data in a Digital Identity ecosystem and why they should care?
Having a Digital Identity is an important component for those wanting to interact in the digital economy. But what really is a Digital Identity and what is it used for? One way to think of a Digital Identity is as the equivalent of your identity in the physical world, such as having your physical driver’s license or health card digitized. It helps us to prove we are who we say we are, in an online context. Your identity can be used to replace physical identification such as a digital driver’s license, job credentials, or vaccine passport. Or it can also be used as a credential to access online services such as banking, apps on a mobile phone, or educational diplomas and certificates. Without trust in these relationships; between customers and organizations, citizens and government adoption and continued development of Digital Identity will be a challenge. Getting people to participate in the digital ecosystem is reliant on how much they trust that their information will be kept safe and not subject to unauthorized access by those in authority or with nefarious intent. For some, the trade-off between the ease of use and convenience of a Digital Identity, and the potential danger of having information compromised is not a great concern. They see the advancement of the technology that facilitates secure Digital Identity as progress and the trade-off as being a reasonable one. However, for many, the risk is not worth the adoption of a Digital Identity and their lack of confidence in the powers that be to keep their data, especially financial details, secure.
So, what’s missing? What is needed to instill trust into the equation? It seems as though almost every week there’s a story in the news about the latest organization that has been affected by a data breach. These breaches have been directed at private sector organizations, public institutions, and government targets. The hackers are indiscriminate about which institutions they attack, so the general public’s faith and trust in these institutions continue to be eroded every time another one of these attacks comes to light. The uncertainty that comes with not knowing whether data you have shared with an organization is secure or not, or what you can do to avoid this type of thing happening again in the future, is very unnerving. For people to have more faith in the current systems they need to understand how and why an organization is collecting their data and how it will be used, shared, and stored. This issue has been the source of much debate when it comes to trusting that some areas of government will not collect and use their citizen’s data for purposes that have not been fully disclosed. For example, with law enforcement, many people are hesitant to open pandora’s box of police-citizen data collection with a historical lack of transparency around its use and to what extent this data is collected in the name of public safety.
To deal with the issue of trust, governments and industries have looked to put what are known as trust frameworks in place, such as the Pan-Canadian Trust Framework (PCTF). These frameworks provide auditable criteria for different capabilities in an identity ecosystem, such as those for issuers of digital credentials, the people who use them, and the organizations who rely on identity assertions linked to the credentials. Trust frameworks vary in scope as some seek to verify the trustworthiness of information, technology, and processes of a solution, such as the PCTF, while others seek to facilitate a clear understanding between the people using Digital Identity products, the organizations providing and using the services, and the data being used. A trust framework is a tool to facilitate information verification and compliance that help promote trust and technical interoperability while allowing for information assurance verification and technical implementation compliance. Trust Frameworks enable digital systems and technologies to be able to communicate with each other or together measure each system’s trustworthiness. However, having these frameworks in place does not in and of itself help guarantee trust in the system. In order for this to happen there needs to be education around what the frameworks are given that trust frameworks define outcome-based requirements trust frameworks themselves may not guarantee interoperability between systems. For this to be secured solutions would need to build on the same technologies and standards with additional technical compliance verification required.
The journey to a more ubiquitous world of Digital Identity is one that still has many hurdles to overcome before it becomes a more pervasive reality. As many of these challenges are met and the acceptance of the ecosystem becomes more the norm than the exception, ensuring that we do not lose sight of the human side of the discussion is paramount. Trust is earned not given, and we, those involved in the Digital Identity industry must continue to work towards building an ecosystem that encompasses systems and technologies that help to instill trust into the process.
DIACC is hosting a series of spotlights showcasing our amazing female DIACC members in the digital identity space, noting the importance of diversity. These spotlights will be regularly socialized through DIACC’s LinkedIn and Twitter channels as well as our monthly member newsletters.
If you’re a DIACC member and would like us to feature your spotlight, contact us today to learn more!
What has your career journey looked like?
I started out with an engineering degree and an MBA in Finance and Systems. Completed my Masters in Finance from London Business School on a British Council Chevening scholarship. Spent the time from 2002-2019 across 3 top-tier investment banks in London…then joined Onfido as a Machine Learning Research Intern!
It’s been a great journey so far – I had to unlearn and completely rewire my expertise. My current job is in Biometrics, I deal with documents, selfies and videos. Skills include computer vision, deep learning, Python and Tensorflow…everyday I come to work wide-eyed and eager to learn.
When you were 20 years old, what was your dream job and why?
I studied mechanical engineering in India. I was the only woman in a batch of 90, and there were no other women in the batch before or after mine! So you can say I trained for a career in STEM.
As a female leader, what has been the most significant barrier in your career?
When I started my career there was no concept of flexibility, work-from-home was a privilege, daily long commutes on packed London Underground trains was a given. I had to raise my daughter while doing an intense job… reliable, affordable and quality childcare definitely helps. As a woman of colour with an accent to match, and limited local knowledge, I of course faced unique issues early on in my career. I’ve also had the privilege of having some of the best bosses and managers one can ever have. So it kind of evens out.
How do you balance work and life responsibilities?
I don’t! As a working mom, some days are good, other days not so. Resilience and a long-term view go a long way. I’ve been blessed with a cracking set of colleagues in my current org and function (Onfido Research) – you may say they have my back.
How can more women be encouraged to pursue careers in the digital ID/tech space?
Get them to talk to me? We women tend to second guess ourselves a lot. Just having a go at things, without expectations, is key.
What are some strategies you have learned to help women achieve a more prominent role in their organizations?
It largely depends on the type of management and mentors on offer. There is no magic bullet. There is only so much “leaning in” women can do, if the organisation is not ready for it then those strategies can even backfire. The organisation needs to be ready to embrace women leaders, and mentor them to success.
What will be the biggest challenge for the generation of women behind you?
There is already a subtle backlash I feel, against Diversity and Inclusion initiatives. We don’t want a set of “token women and minorities”, we need solid professionals who are mentored, given challenges and more importantly given space to fail and grow as much as their straight male colleagues.
What advice would you give to young women entering the field?
Don’t overthink! Just do it. You have one life. When you are seventy years old you don’t want to think what could’ve been. Take that shot, learn that skill, get past the challenge and rise to your true potential. This is not empty advice – I gave myself this advice when I made a career change into Identity. Good luck!
Ananya Lahiri, Machine Learning Research – Applied Scientist at Onfido
