Canada is beginning to develop their own version of a “Tell Us Once” Digital Identity policy, an approach pioneered in Europe by the likes of Estonia, a policy where having provided your data to one government agency, you’ll never be asked for it again from another, defined explicitly through legislation.
“They do so through the “once only” policy, which dictates that no single piece of information should be entered twice. Instead of having to “prepare” a loan application, applicants have their data—income, debt, savings—pulled from elsewhere in the system. There’s nothing to fill out in doctors’ waiting rooms, because physicians can access their patients’ medical histories.”
Canadian Digital Government
Canada’s adoption of the principle includes a first project for online direct deposits. Their future looking Canada150 site explores the idea that this represents the future of their online government, and as the feature video shows they’re seeking to socialize the idea across the Canadian public sector to encourage further adoption.
Via their ‘OrgBook’ project British Columbia offers a technology blueprint for achieving this approach.
This is for a use case of business registrations, a very powerful case study that harnesses the latest technology innovations including the Blockchain and Self-Sovereign Identity.
Red Tape Reduction
As their case study explains a primary motivation for the project is to greatly reduce the bureaucracy associated with small business administration.
Small businesses in Canada face a daunting work load – Companies with less than five people pay C$6,744 per worker just meeting regulations.
Even a sole proprietor in Canada must use at least three different tax numbers, and starting a new business is like navigating a maze with three levels: local, provincial, and federal.
The core benefit of a Tell Us Once approach is eliminating the need for citizens to repeatedly populate workflow forms with data they have already provided to another agency. In Estonia for example your tax return application application is pre-populated with data from other databases, indeed the requirement to do so is mandated by law.
Verifiable Organizations Network
The OrgBook project sought to bring this same efficiency to small business applications for British Columbia, launching the ‘VON‘ – Verifiable Organizations Network.
The OrgBook is a repository of web-searchable public credentials, instances of VON issuer/verifier agents, the equivalent of “Permit to Operate” documents posted on businesses’ walls. It acts as a digital marketplace, matching organizations applying for permits to those who issue them, verifying the integrity of that process through Self-Sovereign Identity methods.
The register is a decentralized, Self-Sovereign identity network built on Blockchain technology, using the Sovrin Foundation’s Sovrin Network as the underlying Identity Registry Network.
As an organization goes through the online application processes to acquire registrations, licenses or permits, the services get proofs (and their associated verified claims) from verifiable credentials already stored in OrgBook about the organization. Once a service completes the approval process and decides to issue the organization a registration, licence or permit, they issue that public verifiable credential digitally to OrgBook about the organization.
This saves the users from having to re-type the information for each service (and eliminates typos in the data). Each service can trust the information because it comes from a trusted source, cryptographically proving:
- The information was issued by the issuer.
- The information was issued to OrgBook.
- The information has not been tampered with (was not forged).
- The information has not been revoked.
Blockchain and Self-Sovereign Identity
An especially helpful primer to this technology and case study is offered through this webinar (below) from John Jordan of the British Columbia ID team, one of the first governments to pioneer adoption of Blockchain and Self-Sovereign Digital Identity technologies for government use cases.
Particularly noteworthy points include:
- Enacting the legislation required to underpin the technology framework for Identity-enabled digital services.
- How previous Identity approaches (the “old technology”) resulted in semi-digital versions of the offline paper-based process, resulting in yet more multiple online accounts, an effect greatly exasperated by the many levels of government citizens must interact with to complete one process (eg. business permits etc.)
- A Continuous Integration capability enabled by RedHat Openshift-based Government as a Platform architecture.
- Starting off with a proof-of-concept to trial key technologies like the Blockchain, in conjunction with DIACC and based on an early version of the Hyperledger Fabric.
- How the key is to approach design models as an Ecosystem, the ‘Decentralized Identity Solar System’.