UK digital ID providers fear govt plans conflict with data protection act aims

UK digital ID providers fear govt plans conflict with data protection act aims

UK digital ID providers fear govt plans conflict with data protection act aims
The mechanism within the UK’s Data (Use and Access) Act that allows businesses certified under the government’s Digital Identity and Attributes Trust Framework (DIATF) to collect data from public authorities has become the latest grounds for dispute between parties in the country’s spasming identity sector. Most the data protection rules remaining under the Act, also known as the DUAA, meanwhile, came into force Thursday.

For digital identity and biometrics providers, also still outstanding is clarity on their role in the country’s digital identity system, and whether it is commercially viable.

Earlier in the week, the Department for Science, Innovation and Technology (DSIT) and Government Digital Service updated the status of the Information Gateway mandated by Section 45 of the DUAA in a joint webinar on the UK’s digital ID landscape. Digital Verification Service providers will be able to request and gather information from public authorities via the Information Gateway.

DSIT says a “Code of Practice” for these information disclosures is coming, and is expected to be approved by Parliament this summer, according to a LinkedIn post by legal and digital identity consultant Richard Oliphant. A lively discussion has followed in replies to the post.

“This is a necessary precursor to establishing the Information Gateway and it will boost the use of DVS in the UK private sector,” Oliphant says.

However, he also identifies two major problems ahead.

One is that DSIT has said there are no plans to allow DVS providers to host government-issued verifiable credentials, like a UK mobile driving license (mDL). These will be stored in the GOV.UK Wallet, giving it an unfair advantage over DIATF firms, which will only be able share derived credentials that do not bear the digital signatures contained in the VC, and therefore have minimal value.

Authorities will also have the option to deny DVS provider requests, DSIT says. But if public authorities can deny data such requests, Oliphant argues, rights such as data portability granted by UK data privacy law.

Both issues could pit DVS providers against the government plan, Oliphant says, and conflict with the DUA’s statutory aims.

In the meantime, all of the DUAA has now commenced, except a complaints procedure requirement that takes force midway through 2026 and some pending ICO governance provisions.

The Information Commissioner’s Office (ICO) has published updates to its guidance for businesses, particularly for “children’s higher protection matters” mandated under the DUAA.

Milwaukee police sink efforts to contract facial recognition with unsanctioned use

Milwaukee police sink efforts to contract facial recognition with unsanctioned use

Milwaukee police sink efforts to contract facial recognition with unsanctioned use
A meeting on whether and how Milwaukee police should use facial recognition in criminal investigations took an unexpected turn Thursday night, with revelations that the technology is already in use, complete with transparency and governance failures. By Friday morning, the Milwaukee Police Department had placed a moratorium on the use of facial recognition by its staff.

MPD revealed in a Fire and Police Commission meeting discussing its procurement options and whether the force should be allowed to use the technology that it has already been doing so in investigations, as reported by NPR affiliate WUWM. Further, it did so without a standard operating procedure, and was still doing so when MPD Chief of Staff Heather Hough asked late last night for acknowledgement that we recognized this was an issue and we disclosed it.”

Those attending the meeting had expected a draft policy to be presented for consideration ahead of any implementation of face biometrics for local law enforcement investigations.

MPD officials said they used the technology through neighboring police departments. They said it has only been used in criminal investigations, but could not support the claim with any evidence.

The disclosure prompted Commission Vice Chair Bree Spencer to suggest a moratorium was needed.

An internal MPD memo reported by ABC affiliate 12 News this morning shuttered the practice.

“Despite our belief that this is useful technology to assist in generating leads for apprehending violent criminals, we recognize that the public trust is far more valuable,” says the memo obtained by 12 News.

The twist follows a widely-misunderstood effort by MPD to contract facial recognition capabilities from Biometrica. MPD is now abandoning those efforts, according to the memo.

Scientists create smart synthetic skin that can hide images and change shape

Scientists create smart synthetic skin that can hide images and change shape

Inspired by the shape-shifting skin of octopuses, Penn State researchers developed a smart hydrogel that can change appearance, texture, and shape on command. The material is programmed using a special printing technique that embeds digital instructions directly into the skin. Images and information can remain invisible until triggered by heat, liquids, or stretching.