MinterEllisonRuddWatts – On 5 August 2020, Government announced that the development of the Digital Identity Trust Framework (Trust Framework) has been confirmed by Cabinet. The Trust Framework is intended to be a regulatory regime and accreditation framework for digital identity service providers, ensuring that identity information is being handled appropriately.
The Trust Framework will be developed by the Digital Identity Transition Programme, an independent transition team within the Department of Internal Affairs (DIA), in conjunction with other stakeholders.
The announcement, as well as a description of the Trust Framework, can be found on the Digital.govt.nz website.
What does it cover?
The aim of the standards, rules and agreements that will constitute the Trust Framework is to create an ecosystem for digital identity, allowing providers to become accredited and instill greater trust and confidence in ecosystem participants.
This trust and confidence is expected to transform New Zealand’s digital economy, creating more confidence and participation in it, and reducing some of its existing frictions. A robust system would also improve the protection of personal data and against cyber threats, as well as provide a structure for regulations and policies to be designed around so that compliance costs can be reduced.
Who needs to read it? Why?
This should be of great interest to anyone that carries out transactions or interactions in the digital economy (an economy which includes a large portion of our financial service providers).
Our view
This is an exciting development for New Zealand. While other countries are developing similar digital identity frameworks, New Zealand has the chance to help shape digital identity standards globally.
As we raised in our March discussion of the Financial Action Task Force’s (FATF’s) official Guidance on Digital Identity, the increasing digitisation of society and its economic interactions means that regulatory regimes must adapt and keep up, else they cause undue disruption. This applies equally beyond regulatory regimes, to the ways in which these interactions take place more broadly. A robust and developed system around the use of digital identity services should be beneficial in both respects.
We were engaged early this year by Digital Identity New Zealand (DINZ) and some of its members to provide legal input into a report on AML/CDD as a use case for digital identity, the different forms of AML/CDD reliance permitted under the AML/CFT Act and the issues surrounding the use of the Trust Framework and digital identity technology in this regime. DINZ will soon publish the analysis, conclusions and recommendations in its report on the topic, which will be relevant to those considering what the benefits may be of the Trust Framework. When the report is available we will link to it here.
What next?
An Interim Trust Framework will be developed by the DIA, so that rules can be designed and tested with providers of digital identity services while the legislation is being drafted. That legislation is expected to be introduced to Parliament in 2021.
