Co-written by Kaliya Young, IdentityWoman & Joni Brennan, DIACC President
Around the world, people are suffering due to the disruption caused by the COVID-19 pandemic. Some of this suffering is due to the need to move education and work to take place fully online. Many workplaces have moved their workforce to be remote. However, not all workplaces are able to function remotely. (Examples goods and essential services, pharmacy, travel etc…) Workplaces that are not able to operate remotely have shut down or limited hours and capacity severely. This puts a massive strain on economies.
In the past we have talked about Digital Identity as a convenience to make it easier for people to transact with cybersecurity and privacy protection. Now, when we talk about security, the conversation is urgent and focused on life security. People are asking, “Will I be able to continue to work? Will I be able to put food on the table?”
Governments and businesses are urgently looking for tools to safely reopen and restart economies.
In the U.S., large cities are considering proposals that delegate the management of phygital (physical-digital) identity to CLEAR, a U.S. based company, so that cities can “safely reopen” their local economies by requiring people who want to navigate the city to have a CLEAR ID and link it to their health record/COVID status.
CLEAR offers a service that replaces a physical ID check with a biometric scan of a person’s eyes and fingertips. In some locations, this service allows passengers to move through airport security faster.
CLEAR is like “login-with Facebook” or “login-with Google” where people are required to get into websites to have a relationship with these private identity providers where CLEAR’s service straddles both the physical and digital worlds.
Just as Facebook or Google login tracks and surveils you and your behaviours, the CLEAR approach could essentially track and surveil people in the physical world. This approach also has the potential to delegate authority to manage access to public spaces by a single private sector entity. Without an agreed on and adopted framework, this type of approach could have the effect of restricting freedom of movement to be managed by a single private sector entity.
Why Trust Frameworks Matter
As businesses and governments are looking for tools to safely reopen and restart economies. Tools for reopening are an important part of the challenge. Tool development and tool selection in these scenarios must be guided by “rules of the road” that put people and socioeconomic security at the centre of the design.
Without transparent operational guidance, people’s privacy and personal freedoms may be compromised. By having a set of operational rules, decision makers will have the capacity to make better decisions that will enable the public to trust that the tools being implemented have been designed to respect their best interests.
The Pan-Canadian Trust Framework represents a set of operational rules that have been developed by public and private sector leaders to enable a diversity of public and private sector organizations to provide services and solutions that could help to restart the economy.
By having a Pan-Canadian Trust Framework, the playing field could be leveled to enable a diversity of entities to play a role in safely reopening economies with privacy and personal data protections built in by design.
The Pan-Canadian Trust Framework has been built with privacy and consent to personal information disclosure embedded into all aspects of the design. The Pan-Canadian Trust Framework has been designed to measure the implementation of assurance, security and privacy practices in networks and solutions that are built on various (and often different) technologies.
For more information about how your organization can adopt or help to shape the Pan-Canadian Trust Framework please visit diacc.ca or contact us at firstname.lastname@example.org.