GOV.UK Verify is Whitehall’s identity assurance programme, a system which ensures people are who they say they are when they use government services online.
The service is currently in its beta phase, having been used by a select few to fill in their HMRC tax returns online, and is expected to go live in April 2016.
“We’ve been building and reviewing privacy management functions around GOV.UK Verify that will assure users we are handling their data in accordance with their expectations,” claimed Tony Stevens, the identity assurance programme’s independent privacy advisor.
“As with any system, there’s a healthy tension between convenience for the user, the need to ensure the service complies with security requirements and protecting users’ privacy. To ensure we meet all of these requirements, we are using iterative delivery techniques to demand ongoing interaction between users and developers.
“For that to work it’s important to have someone in the development team to represent privacy needs. As the service grows, the traditional departmental approach of having data protection officers in a separate governance team isn’t enough,” he added.
According to GDS, the Privacy Officer role was created in response to this issue and will provide a focal point for decisions that may affect the use of personal data.
The chosen person will also manage the dialogue between developers at GDS, GOV.UK Verify users, certified companies and departments offering services through GOV.UK Verify.
The Privacy Officer will also have a strong relationship with the independent Privacy and Consumer Advisory Group and will brief it on privacy-related developments, as well as feeding advice and recommendations back to the GDS project team.
Stevens will be handling privacy on an interim basis and GDS is recruiting a permanent staff member to take over for the future.