Verifying Identity: Convenience vs. Surveillance
To access your tax account, you prove who you are. To vote, you prove who you are. To cross a border, apply for benefits, open a bank account, or access healthcare, you prove who you are. Identity verification is the gateway to participation—and a site of tension between convenience, security, and surveillance.
The Identity Verification Challenge
Government must confirm that the person accessing a service is who they claim to be. This prevents fraud, protects privacy (ensuring information goes to the right person), and enables accountability. But verification creates friction for users and excludes those who cannot meet verification requirements.
Traditional verification uses knowledge (passwords, PINs), possession (cards, documents), or inherence (biometrics). Each has tradeoffs. Passwords can be forgotten, stolen, or guessed. Documents can be lost, forged, or unavailable. Biometrics are unique but raise surveillance concerns and may not work for everyone.
Digital Identity Systems
Digital identity systems aim to make verification easier and more secure. Canada has explored various approaches:
GCKey and Sign-In Partners: The federal government offers GCKey (a government-issued credential) and Sign-In Partners (using banking credentials) for accessing federal services. These provide single sign-on across many federal programs.
Provincial initiatives: Provinces have developed digital identity programs. BC Services Card provides a verified digital identity for provincial services. Alberta and other provinces have similar initiatives at various stages.
Pan-Canadian framework: Efforts toward interoperable digital identity across jurisdictions continue, though progress is slow.
Arguments for Digital Identity
Convenience: A single verified digital identity could replace the need to repeatedly prove identity across services, reducing friction for users.
Security: Properly implemented digital identity can be more secure than passwords alone, using multiple factors and cryptographic protection.
Fraud reduction: Strong identity verification reduces identity fraud, protecting both government programs and individuals.
Inclusion: Digital identity could enable people without traditional identity documents to verify themselves through other means.
Arguments for Caution
Surveillance infrastructure: Centralized identity systems create infrastructure that could be used for surveillance. Even if not intended for tracking, the capability exists and could be activated by future governments or accessed by adversaries.
Exclusion risks: Digital identity systems may exclude people without smartphones, reliable internet, or comfort with technology. Biometric systems may not work for people with certain disabilities.
Mission creep: Identity systems created for limited purposes may expand. What begins as optional convenience may become mandatory requirement. What serves government services may extend to private sector.
Security risks: Centralized identity systems are high-value targets. A breach could compromise millions of identities at once.
Coercion: Identity systems tied to services create leverage. People may be compelled to use systems they would otherwise avoid.
Biometrics: Promise and Peril
Biometric identification—fingerprints, facial recognition, iris scans—offers strong verification but raises particular concerns.
Biometrics cannot be changed if compromised. Unlike passwords, you cannot get new fingerprints.
Biometrics enable tracking across contexts. A face recognized at one location can be matched to a face at another.
Biometric systems may perform differently across populations. Facial recognition systems have shown worse performance for women and people with darker skin.
Collection of biometric data by government creates databases that could be accessed for purposes beyond original intent.
Alternative Approaches
Privacy-protective approaches to identity verification include:
Minimal disclosure: Prove what is necessary (e.g., "over 18") without revealing more than needed (e.g., exact birthdate).
Decentralized identity: User-controlled credentials rather than centralized databases, reducing surveillance capability.
Purpose limitation: Technical or legal constraints preventing identity systems from being used for tracking or purposes beyond verification.
The Question
If identity verification is necessary for accessing services and preventing fraud, then how it is implemented matters as much as whether it works. How can identity systems be designed to verify without enabling surveillance? What governance would prevent mission creep and misuse? And who should control digital identity—government, private sector, or individuals themselves?