Yearly Archives: 2025

DIACC and SIROS Foundation Partner to Advance Global Leadership in Digital Trust and Interoperable Credentials

Toronto, Canada, October 28, 2025 – The DIACC and the SIROS Foundation are proud to announce a strategic collaboration to accelerate trust, interoperability, and innovation in digital credentials and wallets.

This partnership brings together two recognized leaders in digital trust and identity services and responsible innovation to develop solutions that empower individuals, institutions, and governments to securely verify and share information across borders and sectors. The collaboration will focus on opportunities to support and extend academic and professional credentialing, labour mobility, and workforce upskilling, building the foundation for a more connected, inclusive, and trusted digital economy.

“Digital trust and identity is not only technology capabilities, they are economic and social enablers,” said Joni Brennan, President of DIACC. “Working with SIROS allows us to connect Canada’s public and private sector leadership with global industry-needs driven best practices to deliver real-world, interoperable solutions that benefit all.”

Through this collaboration, DIACC and SIROS will:

  • Address challenges and opportunities related to international interoperability, digital trust and identity assurance policy, and trust in specific use cases. 
  • Align efforts to enhance the secure and trusted exchange of digital credentials across sectors and jurisdictions.
  • Develop and showcase real-world use cases proving the effectiveness of interoperable digital trust and identity solutions.
  • Collaborate to advance policy alignment and technical interoperability through pilot projects and testing around use cases, including: Travel, Education, Payments, Organizational/Business credentials, Labour mobility, Professional upskilling, and Academic integration

“The SIROS Foundation is dedicated to building digital ecosystems that are secure, inclusive, and human-centred,” said Stina Ehrensvärd, Board of Directors SIROS Foundation. “By joining forces with DIACC, we can advance trust infrastructure that strengthens economic resilience and opportunities across Europe and Canada.”

Together, DIACC and SIROS are positioning Canada and its partners at the forefront of global digital trust innovation, advancing a model where secure, verifiable, and portable credentials enable greater mobility, economic growth, and public confidence in the digital age.

About DIACC
The DIACC is a non-profit coalition of public and private sector leaders working to unlock economic and societal opportunities for Canadians through secure, privacy-enhancing digital trust and identity verification solutions. 

About SIROS Foundation
The SIROS Foundation advances secure, inclusive, and responsible digital ecosystems through research, collaboration, and strategic initiatives that prioritize trust, transparency, and human-centric innovation.

L’CCIAN-DIACC félicite le Québec pour l’adoption historique de sa loi sur l’identité numérique nationale

Le 28 octobre 2025 – Le Conseil canadien de l’identité et de l’authentification numérique (CCIAN) félicite chaleureusement le gouvernement du Québec et l’Assemblée nationale pour l’adoption du projet de loi n° 82, Loi concernant l’identité numérique nationale et modifiant d’autres dispositions. Cette législation historique représente une étape importante dans le parcours de transformation numérique du Canada et démontre le leadership du Québec dans l’avancement de solutions d’identité numérique sécuritaires et centrées sur les citoyens.

« L’adoption du projet de loi n° 82 est une réalisation monumentale qui positionne le Québec à l’avant-garde de l’innovation en matière d’identité numérique au Canada », a déclaré Joni Brennan, président, CCIAN. « Cette législation incarne les principes fondamentaux que l’ACCDC défend depuis longtemps : la protection de la vie privée, la sécurité, le contrôle par l’utilisateur et l’adoption volontaire. L’engagement du Québec à donner aux citoyens le contrôle de leurs renseignements personnels tout en améliorant l’accès aux services gouvernementaux constitue un exemple puissant pour les administrations partout au pays. »

L’CCIAN salue particulièrement l’approche réfléchie du Québec pour la mise en œuvre de l’identité numérique nationale, qui comprend :

  • La protection de la vie privée dès la conception : Assurer que les citoyens ne partagent que les renseignements personnels minimaux requis pour chaque service
  • La participation volontaire : Respecter le choix individuel dans l’utilisation des attestations d’identité numérique
  • Une sécurité renforcée : Réduire les risques de vol d’identité et de fraude grâce aux attestations numériques
  • L’autonomisation des citoyens : Donner aux individus le contrôle sur leurs renseignements personnels et exiger une approbation pour chaque utilisation
  • La consultation publique : Engagement à consulter la population sur l’utilisation de caractéristiques biométriques

L’accent mis par la législation sur la gouvernance des données, la cybersécurité et la souveraineté numérique s’aligne parfaitement avec le Cadre pancanadien de confiance de l’CCIAN et démontre une approche globale pour bâtir des écosystèmes numériques dignes de confiance.

L’CCIAN se réjouit de poursuivre sa collaboration avec le ministère de la Cybersécurité et du Numérique et les autres parties prenantes alors que le Québec met en œuvre cette initiative transformatrice. Cette réalisation renforce l’importance des efforts coordonnés entre les administrations canadiennes pour créer des solutions d’identité numérique interopérables et dignes de confiance qui servent tous les Canadiens.

Joni Brennan
President, DIACC

FCT’s Client ID Verification Achieves DIACC PCTF Certification: Enhancing Digital Trust for Legal Professionals

Toronto, October 23, 2025 – We are thrilled to announce that FCT Client ID Verification has been certified against the Pan-Canadian Trust Framework ™(PCTF) Verified Person Component at LOA2. Established in 2012, DIACC is Canada’s largest multistakeholder organization, exclusively addressing digital trust and identity verification, fostering confidence and consistency in the market through its internationally recognized framework and standardized third-party conformity assessment program.

Legal professionals today face a daunting task: safeguarding sensitive client information while navigating ever-changing regulatory landscapes as technology evolves rapidly. To address this, FCT’s Client ID Verification solution has successfully achieved certification against the DIACC Pan-Canadian Trust Framework (PCTF), ensuring its solution meets the highest bar for security and trust.​ 

The PCTF enhances digital trust relationships across the Canadian ecosystem based on legal, policy, and technical requirements to which organizations agree to adopt, which includes best practices, policies, technical specifications, guidance, regulations, and standards, prioritizing interoperability, privacy, security, and trustworthy use of digital identity and personal data.

“Earning certification against the Pan-Canadian Trust Framework (PCTF) demonstrates FCT’s dedication to protecting Canadians’ personal information while supporting the legal community’s shift toward digital transformation,” said Joni Brennan, President of DIACC. “This
achievement shows how trusted digital identity solutions can simplify compliance, strengthen security, and make digital services safer for everyone.”

Purpose-built for Canadian legal professionals, FCT’s Client ID Verification is a quick, secure, digital solution designed to authenticate client IDs in minutes, whether in person or online. By aligning with the PCTF, we can ensure personal data is managed, stored and secured with the highest standards of protection, so that legal professionals can always move forward with confidence.​ 

This certification guarantees that legal professionals’ client data is handled with the highest level of trust and security. FCT’s Client ID Verification meets KYC obligations, providing consistent quality that reduces risk, builds trust and helps legal professionals adopt digital workflows to meet regulatory requirements. ​ 

​Seamless workflow integration is at the heart of our solution. By integrating into the tools legal professionals already use and minimizing manual data entry, ID verifications can be completed efficiently while maintaining accuracy and compliance. Clients retain control of their information on their own devices, stored in their secure digital wallet, streamlining the verification process and reducing duplicate data entry errors. ​ 

“FCT’s completion of the DIACC Pan-Canadian Trust Framework (PCTF) certification demonstrates our commitment to delivering best-in-class identity verification and fraud detection products that empower legal professionals to work with confidence. Legal professionals trust FCT to help them navigate an increasingly risky environment. FCT’s Client ID Verification meets the highest national standards and delivers on our core brand promise of supporting legal professionals with secure digital workflows that drive efficiency and build trust with our clients at every step.” – Ryan Lambert, Vice President, data and strategy.

With FCT’s Client ID Verification, legal professionals can feel confident knowing they are using a solution built to the highest national standards, helping them manage sensitive information responsibly, reduce audit failure risk and keep pace with regulatory changes. By providing clear benchmarks for ID verification solutions, we are working to support the digital transformation of the legal sector, while ensuring functional benefits like compliance, reduced risk and workflow efficiency. ​ 

About DIACC
Established in 2012, DIACC is a non-profit strategic alliance of public and private sector members committed to advancing full and beneficial participation in the global digital economy by promoting PCTF adoption and conformity assessment. DIACC prioritizes personal data control, privacy, security, accountability, and inclusive people-centred design. To learn more about DIACC, please visit https://diacc.ca/

About FCT
Since introducing title insurance to Canada in 1991, FCT has continued to lead the way with innovative solutions that simplify and streamline the real estate process. Today, they have significantly expanded their offerings to become leaders in property intelligence, residential and commercial solutions, residential lending solutions, and asset recovery. Their diverse lines of business support partners and customers across the entire real estate lifecycle.

About FCT Client ID Verification
It provides a quick, secure digital solution for legal professionals to meet their FINTRAC and KYC obligations effortlessly. Lawyers and Notaries can authenticate their client’s identity using technology that performs many types of validation, including biometric matching between a live selfie and portraits extracted from identity documents, analyzes government-issued identity documents, including cryptographic verification of ePassports, to check against a multitude of compliance data points, including credit bureau and mobile account verification directly on their smartphone. In minutes, the verified credential is issued and stored in the client’s mobile phone’s secure digital wallet, and the report can be accessed directly by the legal professional from FCT’s ID verification portal.

Media Contact:
Joni Brennan
President
Digital ID and Authentication Council of Canada (DIACC)
communications@diacc.ca

DIACC Unviels Digital Trust Adoption Dashboard: Transparency for a Connected Canada

October 16, 2025 – We are thrilled to announce the launch of DIACC’s Digital Trust Adoption Dashboard, a transformative, interactive tool developed by our Adoption Expert Committee (AEC), marking a pivotal moment in Canada’s digital trust journey.

This public resource maps the evolution of digital trust programs across Canada’s provinces and territories. By combining data from government sources with an interactive, map-based interface, the dashboard reveals the current state of digital verification and authentication services, trust program adoption, interoperability, and maturity across the country.

Why This Matters for Canada

Digital trust is no longer optional; it is foundational infrastructure for a competitive, secure, and inclusive Canadian economy. Citizens deserve seamless, secure access to services. Businesses require trusted digital transactions to thrive. Governments need efficient, interoperable systems to serve their constituents effectively.

This dashboard empowers decision-makers, innovators, and policymakers to move beyond assumptions and into action. It reveals where progress is accelerating, where gaps exist, and, most critically, where strategic alignment and collaboration can unlock exponential value for all Canadians. In an era where digital capability determines economic resilience, this transparency is not just valuable; it is essential.

Built on Collaboration, Designed for Impact

Developed through rigorous collaboration among the AEC, government partners across jurisdictions, and DIACC’s dedicated team, this dashboard demonstrates the power of public-private collaboration. Each data point reflects publicly observable information, and, to the greatest extent possible, we’ve validated the data for accuracy.

The AEC will maintain and evolve this living resource, with regular reviews and updates triggered by significant program or policy developments. Regular monitoring ensures the dashboard remains not just current but also actionable, a dynamic tool that grows in value as Canada’s digital trust public sector services ecosystem matures.

A Call to Engagement

This initiative embodies DIACC’s commitment to making Canada’s digital trust landscape auditable, transparent, and interconnected. We are advancing both economic innovation and public good by providing an accessible, evidence-based foundation for informed decision-making.

As this tool evolves, we invite the Canadian public, industry stakeholders, and government partners to engage with it, share insights, and provide feedback. Your perspectives will strengthen this resource and accelerate our collective progress. Please direct your feedback and inquiries to contact@diacc.ca.

We congratulate the AEC and the entire DIACC team for delivering this critical milestone in Canada’s digital trust transformation. This tool demonstrates leadership in action, which is what our nation needs as we build the trusted digital future Canadians deserve.

DIACC’s Digital Trust Adoption Dashboard

Developed by our Adoption Expert Committee (AEC)

Purpose & Intent

  • Provide an interactive map showing current public-sector digital trust programs offered across Canadian provinces and territories.
  • Enable stakeholders to see adoption, interoperability, and maturity at a glance.
  • Support evidence-based decision-making and identify opportunities for collaboration, alignment, and private sector engagement.

How We Collected Data

  • Coordinated efforts with the support of AEC members and DIACC staff.
  • Observable/visible data from public government sources (program names, departments, service destinations, adoption metrics).
  • Structured questions (developed by AEC) to ensure consistency across jurisdictions.
  • Targeted government consultations to validate findings and capture policy context.

Committee Role & Maintenance

  • Ongoing stewardship: The AEC is responsible for maintaining the dashboard’s accuracy and relevance.
  • Review cadence: Annual reviews, plus updates triggered by major policy, regulatory, or program changes.
  • Monitoring: Track government announcements, adoption metrics, and stakeholder input to keep data fresh and actionable.

Key Takeaways

  • Purpose: Deliver a transparent, observable data-based view of Canada’s digital trust landscape.
  • Methodology: Grounded in both observable-sourced data and committee government representative consultations.
  • Sustainability: Maintained by AEC with annual reviews and update triggers.

Utility: A living tool to support strategy, collaboration, and interoperability at the national level.

Further Reading:

DIACC is Where Digital Trust Means Business

Contact us to be a part of the change you want to see, stay informed about developments in digital trust and identity verification, and learn how you can contribute to discussion drafts or become a member.

Letter from our President

In an era when identity fraud is evolving rapidly, our collective efforts to defend the integrity of client-lawyer relationships have never been more vital. Today, I’m proud to reflect on a significant step forward: the launch of the PCTF Legal Professionals Profile Final Recommendation V1.1, the first industry-specific profile under the Pan-Canadian Trust Framework (PCTF). diacc.ca

This development is more than a technical standard; it’s a symbol of what’s possible when regulators, legal professionals, and technology providers protect clients, preserve trust, and reduce risk on the front lines of legal practice.

Why This Profile Matters

The PCTF Legal Professionals Profile establishes Conformance Criteria for how lawyers and their agents expect services to conduct client identity verification (IDV) in a manner that is auditable and consistent

Here’s what it does:

  • Reduces variability and risk by requiring that third-party agents meet minimum assurance criteria when verifying client identity. 
  • Clarifies expectations for service providers, helping them design identity solutions that align with law society requirements, avoid duplication of effort, and reduce uncertainty. 
  • Bridges practice and regulation by creating a pathway supporting compliance, enabling lawyers to rely on trusted, certified identity services rather than reinventing idiosyncratic internal solutions. diacc.ca

In short, this profile turns what was once discretionary or opaque into something auditable, transparent, and scalable.

The Challenge We Face: Rising Fraud, Rapid Change

The timing of this launch is critical. Fraud and identity theft remain persistent threats in Canada’s digital era:

  • In 2023, the police-reported rate of general fraud increased by 12% compared to 2022, despite a decline in incidents of identity fraud and identity theft. Statistics Canada 
  • In 2024 alone, Canadians lost $638 million to fraud. Canada.ca 
  • A 2025 Equifax study found that 48% of Canadians personally know someone who was a victim of identity theft. equifax.ca

These numbers reflect only a fraction of what’s really happening; many victims don’t report fraud, and many attacks go undetected for long periods.

The legal sector: lawyers have fiduciary responsibilities, handle funds, and often deal with clients remotely. The accuracy and trustworthiness of identity verification are crucial to maintaining legal integrity.

A Shifting Regulatory Landscape

Law societies and regulatory bodies are recalibrating in response to shifting norms and evolving risks:

  • Jurisdictions have rescinded the pandemic-era relaxations that allowed remote client verification via video calls alone. diacc.ca
  • The updated Client Identification and Verification (CIV) Rules now require that virtual verification utilize authentication technology capable of confirming the authenticity of government-issued IDs, rather than merely displaying them over video. Law Society of Alberta 
  • The use of third-party agents is now more explicitly permitted, provided the agent complies with the regulatory criteria, allowing lawyers to exercise controlled flexibility in how they operationalize identity checks. Law Society of Alberta | Law Society of British Columbia 

These changes place greater demands on vendors, law firms, and regulators, but also create openings for innovation, standardization, and certainty.

Progress Through Collaboration

What makes the release of the DIACC PCTF Legal Professionals Profile especially meaningful is that it represents progress through collaboration:

  1. Information was sought from the Federation of Law Societies of Canada to assist in creating the Legal Professionals Profile, enabling the tailoring of verification requirements to real-world legal workflows.
  2. Identity technology providers, such as Treefort Technologies, one of the first services to earn PCTF certification under the DIACC program, now have visible, auditable pathways to align with the legal sector’s expectations. Treefort’s early certification signals to lawyers and law societies that robust verification solutions are market-ready. Treeforttech 
  3. Legal professionals and firms now have a more straightforward path to choosing verification services that conform, not just on paper, but in practice. The DIACC Member Services Directory and the Trusted List of certified services are ready reference points. diacc.ca

By stepping into a coordination role, neither vendor nor regulator, DIACC has helped create common ground. Such neutral convening is rare, but essential in domains where trust, regulation, and technology must intersect.

What This Means for Canadian Lawyers on the Front Lines

For lawyers, especially those serving clients remotely or handling high-risk transactions, the implications are real:

  • Less friction in onboarding new clients, because lawyers can confidently outsource identity checks to trusted services.
  • Reduced liability and regulatory risk, because the verification process is auditable and traceable.
  • More consistency in expectations across jurisdictions would reduce the burden of navigating different local rules.
  • Improved client confidence, clients increasingly expect digital convenience without compromising security.

Consider the example of remote identity verification in real estate law. Lawyers like “Jamie” can now verify client identity using vendor services that combine document authentication, facial matching, liveness checks, and risk assessments, without requiring clients to come into the office. diacc.ca

It’s a tangible shift: trust, remote convenience, and compliance can coexist.

The Road Ahead: Opportunities & Challenges

This milestone is a launch point, not a finish line. Here’s what remains:

  • Broad adoption: The value of the Profile grows only when law societies, large firms, small practices, and vendors all adopt it.
  • Ongoing certification rigour: As bad-actor fraud techniques advance (e.g., AI-assisted deepfakes, synthetic identity attacks), the conformance criteria must evolve.
  • Education and support: Many lawyers will require help in selecting, integrating, and monitoring identity verification services.
  • Interoperability across sectors: Legal identity verification must increasingly interoperate with banking, government, and other trust ecosystems.
  • Monitoring outcomes and feedback loops: We need to measure how this framework reduces fraud, speeds onboarding, builds confidence and iterates.

In Gratitude and in Resolve

To everyone who has supported this effort, from regulators to identity solution providers and legal professionals, thank you. This profile is stronger because of your feedback, engagement, and dedication.

Our work is far from done. As fraudsters refine their tactics, we must continue to refine, adapt, and collaborate. That is the spirit of digital trust: not static defence, but evolving resilience.

DIACC remains committed to serving as a neutral, trusted enabler in this journey. We will continue to expand resources, convene stakeholders, monitor real-world outcomes, and raise the bar as threats evolve.

May this milestone mark what we’ve collectively accomplished and catalyze what comes next, a legal sector where client verification is seamless, fraud is harder to commit, and trust is foundational to every digital legal interaction.

Joni Brennan
President, DIACC

Further Reading:

DIACC is Where Digital Trust Means Business

Contact us to be a part of the change you want to see, stay informed about developments in digital trust and identity verification, and learn how you can contribute to discussion drafts or become a member.

Reimagining Canada Post: From Delivering Mail to Delivering Trust

Letter from the President

Canada Post is losing approximately ten million dollars per day. The traditional business model of delivering physical mail to every Canadian address is fundamentally unsustainable. The federal government has directed the corporation to reduce delivery frequency and fundamentally transform operations.

Crisis as Catalyst

This is a crisis. However, it’s also an opportunity that Canada risks missing if we consider Canada Post solely in terms of mail delivery.

The Hidden Infrastructure

Consider what Canada Post actually represents: a trusted institution with physical presence in virtually every Canadian community, deep expertise in verification and logistics, existing relationships spanning individuals and businesses, public accountability, and a mandate to serve all Canadians regardless of commercial viability.

These aren’t assets to be wound down. They are the foundations for building Canada’s digital trust infrastructure.

Where Private Innovation Falls Short

The private sector has pioneered remarkable innovations in digital trust and identity verification, user experience, and privacy-enhancing technologies. Still, private sector solutions may face inherent limitations: market forces drive them toward commercially valuable populations and geographies; profit imperatives can create tensions with privacy protection; and competitive dynamics resist the open standards that enable broad interoperability.

A Vision for Digital Trust

Canada Post could bridge this gap, not by displacing private innovation, but by complementing it. Imagine Canada Post operating as a privacy-preserving verification service that helps Canadians prove their identity online, confirm addresses for e-commerce and financial services, and authenticate business credentials. Imagine post offices serving as trusted in-person verification points where Canadians without smartphones or digital literacy can establish digital credentials with assistance. Imagine Canada Post providing the addressing infrastructure that enables secure digital commerce while protecting privacy.

Complement, Not Compete

This isn’t about government competing with private sector innovators. It’s about leveraging a trusted public institution to ensure universal access, serve populations that aren’t commercially attractive, maintain the physical-digital bridge that inclusion requires, and operate according to public interest principles rather than purely commercial logic.

Asking The Right Question

Canada Post’s transformation should be guided by a simple question: What role can a universally accessible, publicly accountable, and privacy-respecting institution play in Canada’s digital trust ecosystem? The answer isn’t « deliver less mail. » It’s « deliver digital trust services that complement private innovation while ensuring no Canadian is left behind. »

Joni Brennan
President, DIACC

Further Reading:

DIACC is Where Digital Trust Means Business

Contact us to be a part of the change you want to see, stay informed about developments in digital trust and identity verification, and learn how you can contribute to discussion drafts or become a member.

A Letter from the President, DIACC

The choices we make about digital trust and identity verification architecture today will shape Canadian privacy, security, and digital rights for generations to come. Recent developments in the United Kingdom offer a timely reminder: how we build digital trust and identity systems matters as much as whether we build them.

Canadians demand a path that’s grounded in the principles of federation, decentralization, privacy by design, and user control. As pressure mounts globally for mandatory and centralized digital identity systems, we must advocate for principles that ensure our implementations live up to the designs that Canadian’s demand.

The UK’s Announced Approach

The UK faces genuine challenges that digital trust and identity could address. Document fraud in right-to-work verification creates significant problems. Administrative burden on employers is substantial. And approximately 10% of UK residents have never held a passport, creating barriers to proving identity for routine transactions. A digital credential accessible via a smartphone, which 93% of UK adults possess, could help address these legitimate issues.

The critical question isn’t whether digital trust and identity can solve real problems. It’s how it’s implemented.

The UK government has committed to making its proposed BritCard system mandatory and references « a central database of people entitled to live and work in the UK. » Cybersecurity experts have been explicit in their warnings: centralized databases create « enormous hacking targets, » particularly when complex dependency chains involving contractors and integrators are involved. Within days of the announcement, 1.6 million people had signed petitions opposing the scheme, expressing concerns about surveillance and the notion of « Big Brother in your pocket. »

These concerns aren’t theoretical. Centralized identity databases have been compromised in multiple jurisdictions, impacting millions of individuals. Once compromised, the consequences include identity theft, widespread fraud, and erosion of public trust that takes years to rebuild. The attack surface, which arises from aggregating millions of records in centralized systems, is of enormous importance.

Architecture as Values Made Concrete

There is an alternative architectural strategy that is privacy-preserving and uses decentralized credentials. This approach uses:

  • Cryptographically-signed credentials that are held on user devices, not in centralized databases
  • Verification happens through cryptographic proofs rather than database lookups
  • Selective disclosure enables proving what’s necessary (like eligibility to work) without revealing your complete identity profile
  • Users control when and how their credentials are shared

This isn’t experimental technology. Estonia has operated such a system successfully for over two decades. The EU Digital Identity Wallet regulation explicitly requires selective disclosure and offline verification capability. Singapore’s Singpass uses QR-code-based verification to minimize tracking. These approaches have been proven at the national scale.

The lesson for Canada isn’t « don’t build digital trust and identity verification. » It’s « architecture must reflect values.« 

A mandatory system built on centralized databases carries fundamentally different privacy risks, security vulnerabilities, and civil liberties implications than a voluntary system using privacy-preserving credentials held by users. The efficiency gains and fraud reduction can be achieved through either approach; however, one strategy respects privacy by design rather than by promise.

Canada’s Distinctly Different Approach

Canada has already charted a different course. Aligning with our governance models and values, our approach is decentralized. There is no single national digital identity system, no central government database of all Canadians, and no mandatory credential that citizens are required to obtain. Learn more about our vision for Canada’s decentralized approach.

Instead, our vision of a digital trust and identity verification ecosystem aligns with the Pan-Canadian Trust Framework (PCTF), developed by DIACC in collaboration with federal, provincial, and territorial governments, financial institutions, telecommunications providers, privacy advocates, and civil society organizations. The PCTF enables digital trust and identity services through:

Federated Architecture: Multiple credential issuers (provinces, federal government, private sector organizations) can issue credentials that are mutually recognized through conformance to a common framework of components without creating centralized databases or requiring technological uniformity.

Privacy by Design: The PCTF embeds privacy protections at the architectural level. Requirements include data minimization, purpose limitation, selective disclosure capabilities, transparent consent management, and security safeguards proportionate to the sensitivity of the information. These aren’t policy aspirations; they’re assessed through independent certification.

User Control: Individuals maintain control over their credentials and decide when and with whom to share information. Credentials can be stored on personal devices, and users can revoke consent and withdraw their credentials through clear procedures for data deletion.

Voluntary Adoption: Digital credentials supplement rather than replace existing identity documents. Canadians choose whether to use digital identity based on convenience, security, and trust. It’s not a government mandate.

Verifiable Privacy Protections: Through DIACC’s PCTF Certification Program, organizations can obtain independent verification that their digital trust and identity verification services implement privacy-preserving architectures. This shifts privacy from a policy promise to a verified reality.

This approach reflects what Canadians want. Our research consistently indicates that privacy, security, and choice are key factors driving Canadians’ desire for digital trust and identity. The bottom line is that voluntary, privacy-focused solutions earn public trust, while mandatory systems face resistance.

The Technologies That Enable Privacy

Privacy-preserving digital trust and identity isn’t just philosophically preferable; it’s technically achievable through verifiable credentials and related technologies that the PCTF supports:

Selective Disclosure: Instead of presenting your entire driver’s licence to prove you’re old enough to purchase age-restricted products, you can present a cryptographic proof that you’re over 19, without revealing your birth date, address, or even your name. The verifier gets the answer they need; you retain privacy over information they don’t.

Decentralized Verification: Credentials can be verified through cryptographic signatures without requiring queries to centralized databases. This means verification can happen offline, in real-time, without creating transaction records that enable tracking or surveillance.

Zero-Knowledge Proofs: Advanced cryptographic techniques enable proving statements about your identity (such as « I am a resident of Ontario » or « I hold a valid professional license ») without revealing the underlying credential or creating linkable identifiers across different interactions.

User-Held Credentials: When credentials live on your device rather than in government or corporate databases, you control when they’re shared. A data breach at one organization doesn’t compromise your credentials held elsewhere.

These technologies are standardized and operating at scale internationally. Canada’s PCTF is designed to accommodate them as they become more widely deployed, ensuring that our framework supports the most privacy-preserving approaches available.

What This Means for Canada’s Digital Future

The path forward requires intentionality about the choices we make now, in procurement specifications, in system design, in policy development, and in public dialogue:

For Government Leaders: The PCTF bridges regulations with operational realities to provide a foundation for cross-sector interoperability. Resist pressure for centralized databases or mandatory systems. Ensure procurement specifications prioritize privacy-preserving architectures and require independent DIACC’s PCTF certification. Build the physical-digital bridges (assisted digital services, multi-modal access) that ensure universal accessibility.

For Industry Stakeholders: Pursue PCTF certification for digital trust and identity solutions and design products that implement selective disclosure and user control, rather than relying on maximalist data collection. Accept certified credentials from diverse issuers to create convenience that drives voluntary adoption. Contribute expertise to framework evolution.

For Privacy Advocates and Civil Society: Hold organizations accountable for their privacy promises by demanding PCTF certification. Participate in framework governance to ensure that citizen perspectives inform the technical architecture. Help build public understanding of how privacy-preserving systems work and why architecture matters.

For Technology Providers: Align product development with PCTF specifications and privacy-preserving technologies. Seek DIACC PCTF certification for competitive differentiation. Invest in open standards that prevent lock-in and enable interoperability. Innovate on capabilities including: verifiable credentials, selective disclosure, and zero-knowledge proofs.

For Citizens: Engage with digital trust and identity programs as they launch. Demand transparency about whether systems use centralized databases or decentralized credentials. Provide feedback on usability, accessibility, and privacy concerns. Exercise control over personal information through consent management: support organizations that pursue voluntary, privacy-preserving approaches over mandatory, surveillance-enabling architectures.

Building Services Worthy of Trust

Canada can build a digital trust and identity verification infrastructure of services that are:

  • More secure because it’s decentralized — no honeypot databases to target
  • Widely adopted because it’s genuinely helpful and voluntary — convenience without coercion
  • Privacy-protecting through architecture, not only policy promises — verified through independent testing
  • Interoperable while respecting jurisdictional sovereignty — federation without centralization
  • Inclusive by design rather than by afterthought — multi-modal access serving all Canadians

Our success demands that we prioritize privacy-preserving architectures in procurement specifications, insist on open standards and independent verification, invest in accessibility for all Canadians regardless of their digital literacy or access to technology, and establish strong trust frameworks and mutual recognition mechanisms that enable effective federation.

The path forward isn’t about government versus private sector, federal versus provincial, or mandatory versus voluntary in the abstract. It’s about all of us, across jurisdictions and sectors, committing to build and use digital trust infrastructure services that are distinctly Canadian: digital trust infrastructure that reflects our federal structure, our values, and our constitutional commitments to privacy and individual rights.

The UK’s experience with BritCard is a reminder that design choices matter. Centralized, mandatory systems may promise efficiency, but they carry profound risks to privacy, security, and civil liberties. Canadians have chosen differently, and we must ensure our implementations honour their choice.

We can develop digital trust and identity verification services that earn the confidence of Canadians. The architecture exists. The technologies are operational. The framework is ready. What remains is a collective commitment to getting the implementation right.

The choices are ours to make. The time to make them thoughtfully is now.

Joni Brennan
President, DIACC

Further Reading:

DIACC is Where Digital Trust Means Business

Contact us to be a part of the change you want to see, stay informed about developments in digital trust and identity verification, and learn how you can contribute to discussion drafts or become a member.

Reconnaissance du leadership du Québec en matière de confiance numérique et de cybersécurité à Kananaskis

2 octobre 2025

Le CCIAN est fier de souligner le leadership du Québec lors du récent Séminaire des ministres et sous-ministres fédéraux, provinciaux et territoriaux sur la confiance numérique et la cybersécurité à Kananaskis, en Alberta. En tant que coprésident, le sous-ministre des Affaires numériques et de la cybersécurité ainsi que dirigeant principal de l’information du Québec a joué un rôle clé dans l’avancement des travaux, menant à une entente collaborative sur des propositions cruciales en matière de cybersécurité.

Cette approche stratégique de la confiance numérique témoigne de l’engagement du Québec à offrir des services gouvernementaux plus sécurisés et mieux adaptés aux besoins de ses citoyens et de ses entreprises. La province a adopté une démarche novatrice pour relever des défis numériques complexes en regroupant les équipes et les services sous un cadre unique de confiance. Cela crée un portail numérique intégré pour tous, avec des fonctionnalités comme « dites-le-nous une fois » et une coordination efficace de la prestation des services.

Le CCIAN se réjouit de poursuivre son partenariat afin de soutenir le leadership du Québec en matière de confiance numérique. En bâtissant sur ces fondations, le Québec renforce sa réputation de pionnier de l’innovation numérique. Ces initiatives en cours donnent aux Québécoises et Québécois les moyens d’agir, soutiennent les entreprises locales et stimulent l’innovation à l’échelle de la province et du Canada.

Joni Brennan
Présidente, CCIAN

Spotlight on Autocorp.ai

1. What is the mission and vision of Autocorp.ai?

Our mission is to modernize the car-buying experience by building digital tools that put transparency, trust, and efficiency first. We envision a future where automotive retail is fully digital, seamless, and secure — empowering dealerships to sell smarter and customers to buy with confidence.

2. Why is trustworthy digital identity critical for existing and emerging markets?

Trust is the currency of digital commerce. In automotive, where vehicles are high-value assets, fraud has surged — with identity fraud making up over 75% of fraudulent applications in Canada. For existing markets, strong ID verification prevents costly theft and financial loss. For emerging markets, it lays the foundation for safe digital transactions, unlocking growth and inclusion by making financing and ownership accessible to more people.

3. How will digital identity transform the Canadian and global economy? How does your organization address challenges associated with this transformation?

Digital trust will accelerate financing, reduce fraud-related losses, and expand access to credit globally. In Canada alone, automotive fraud rose 54% year-over-year – a clear signal that transformation is needed. Our solution, AVA™ ID, leverages AI, biometrics, and OCR to verify identities in seconds while ensuring compliance with KYC and AML regulations. This helps dealerships and lenders eliminate inefficiencies, cut losses, and create safer digital ecosystems that power sustainable economic growth.

4. What role does Canada have to play as a leader in this space?

Canada is uniquely positioned to lead – combining strong financial institutions, progressive regulatory frameworks, and advanced data security expertise. By innovating in industries like automotive, Canada can export proven models of secure digital identity verification to global markets, setting the standard for how high-value transactions should be protected.

5. Why did your organization join the DIACC?

We joined the DIACC because digital trust is bigger than any one company. It requires collaboration across industries, regulators, and innovators. By being part of DIACC, we ensure that the automotive sector’s needs are represented while contributing to the creation of national standards that build confidence for consumers and businesses alike.

6. What else should we know about your organization?

Autocorp.ai is Canada’s first fintech to bring No-Impact Credit Checks, real-time Trade-in Valuations, and Fraud-Proof Test Drives into a unified digital retail suite. Our tools are already helping dealerships increase conversion by 35%, revenue by 28%, and lead generation by 55%. More than just software, we’re building the digital infrastructure that ensures every automotive transaction – from credit pre-approval to keys-in-hand – is safe, fast, and customer-first.

Supporting Canada’s Buy Canadian Mandate While Balancing Global Collaboration

September 24, 2025

In a world of increasing economic uncertainty and shifting global supply chains, prioritizing Canadian talent, goods, and innovation sends a clear message of support for workers, businesses, and communities across the country. At the same time, Canada’s continued openness to fair international collaboration and competition will remain essential for ensuring that Canadian businesses remain innovative, globally competitive, and resilient.

DIACC and its members have worked for over a decade to advance digital trust as a cornerstone of a strong and inclusive digital economy. Secure, verifiable credentials and trusted digital identity can help Canadian businesses demonstrate compliance, access new markets, and participate confidently in both domestic and international supply chains.

DIACC stands ready to partner with governments, industries, and communities to ensure that Buy Canadian measures are implemented in a way that protects and empowers Canadian workers while maintaining the interoperability and global connections that sustain innovation and economic growth. 

Together, we can strengthen Canada’s economy, uphold fairness, and position Canadian solutions to thrive on the world stage.

Joni Brennan
President, DIACC

« Older Entries

Newer Entries »