Why the Gov.uk App could (maybe, possibly...) be a turning point for digital government

Twelve years ago, the Government Digital Service (GDS) told us that it was “not ‘appy at all”. The March 2013 blog post that announced GDS would not develop a government mobile app and would instead pursue an adaptive web, HMTL5-based approach, laid a foundation that has framed online government ever since.

With the launch this week of the first Gov.uk App, it’s even more clear in hindsight what a limiting decision it was to say, “by default, no apps” to Whitehall web developers. As the world became used to apps, and apps became the default way by which mobile users interacted with services, shopping, streaming, content and information, so the limitations of the old GDS approach became clear.

When the NHS App launched and reached 34 million users – three-quarters of the UK adult population – it amply demonstrated how eager the public is to engage with government through its favoured mobile software format.

The Gov.uk App has a long way to go – it’s an incredibly basic version, with very limited functionality, and probably not much better than would have been produced in 2013. But it’s a start, and a recognition by the Labour government that mobile apps are the way to engage a digital public with digital government.

It’s also another step towards a mass-market, government-backed digital identity system. If you need to use services through the app where you have to prove who you are, you’ll be using One Login, the ID verification system that has come under great scrutiny recently over cyber security concerns.

We’ll soon also see a Gov.uk Wallet, where you can store government documents such as a digital driving licence – again, protected by One Login.

Last month, the Data (Use and Access) Act passed into law, enabling the regulation and certification of ID verification services and other measures to enable a digital identity ecosystem in the UK.

The government is slowly, inexorably, getting people used to the idea of digital ID – without formally launching a policy that says, we’re on the way to a national digital identity scheme. Technology secretary Peter Kyle would no doubt deny such a policy exists – and he’d be right, it doesn’t. But the direction of travel that Labour wants to take is increasingly clear.

The UK’s cultural resistance to identity cards – to even some form of basic unique identifier for each citizen – means announcing a preference for a government-backed national digital ID is off the table. But it’s fine for Labour influencers – think-tanks and MPs, for example – to make the case on the government’s behalf. It feels very much like we are being softened up for such an approach – and without proper public debate on the pros and cons.

While civil liberties groups will instinctively recoil at the idea, there are huge potential benefits to be achieved. Anyone who has spent time in countries where digital ID is commonly used – the Nordic countries and Singapore spring to mind as obvious examples – would think the UK’s reticence is bonkers.

Digital identity is the key to joining up online government so that it works better for the individual – but at a time when public distrust of government and suspicion of politicians is higher than ever, it’s going to be a hard sell. It won’t take much for a Daily Mail headline about state surveillance, databases with all our personal information or Whitehall over-reach to bring a deluge of negativity raining down on the Department for Science, Innovation and Technology.

Private sector digital verification services will proliferate, now there is statutory backing to the certification of their products, under the auspices of the also now-statutory Office for Digital Identities and Attributes (OfDIA). Digital age verification will become common – as demonstrated by the acceptance from the porn industry that the Online Safety Act means they have to ensure their users are over 18. The history of the web shows that where porn sites go with tech, other sites follow.

If you’re offered or required to pick a private sector provider, be careful – there are way more than the market can possibly sustain. Many will founder. But it’s clear where most people are likely to turn – Google wasted no time taking advantage of the Data Act.

Last week, the search giant launched Google ID Pass in the UK, which allows users to create digital ID passes with their UK passports and store them in Google Wallet. More functionality will inevitably follow. Apple won’t be far behind.

There are still lots of hurdles to overcome, many of which could further slow or even scupper progress. ID providers need to be certified through an independent assessment body – of which there are currently only two, and one of those, the British Standards Institution, was rumoured to be pulling out, but when Computer Weekly asked recently, the group confirmed its intention to remain in the programme.

There are still security concerns over One Login, after a March penetration test found the system could be compromised. GDS has yet to publish a Data Protection Impact Assessment (DPIA) and has only promised to release a “digestible version” of the DPIA in the autumn, claiming that it cannot publish the full version due to security issues – which will only provide more fuel for critics. Remember that in November 2022, GDS was warned that One Login had “serious data protection failings” and that the live service should be suspended pending resolution.

It’s already taken a long time and a lot of wasted money to reach this point. GDS’s original attempt at digital identity, Gov.uk Verify, kicked off in 2012 and burned through over £250m of taxpayer cash before being put out of its tortured misery. There have been many mistakes along the way – not least the avoidance of apps. But there is a real chance that the launch of even a small-scale, beta version of a limited functionality Gov.uk App may become a turning point in finally engaging citizens with digital government.