DINZ DISTF Working Group

Digital Identity Services Trust Framework

DINZ has launched a broad-scope members’ Working Group to support its members in the progress of the Digital Identity Services Trust Framework Bill and its associated rules, certification and future enactment and operations. Launched in November 2021, the group initially focused on developing the submission to the Select Committee for December 2021. The main focus for 2022 is expected to cover Trust Framework rules and other topics related to Trust Framework operations of interest to its members.

This Working Group is restricted to DINZ Members. 

From February 1st 2022, all DINZ hosted events are subject to its Events Code of Conduct policy. By registering for and attending DINZ DISTF WG meetings, you are acknowledging this Code and its enforcement provisions.

Are you or your organisation a member?

If not, you can join here. If you/your organisation are members, please email info@digitalidentity.nz to apply.

jOIN HERE

DINZ DISTF Working Group – Terms of Reference

Meeting schedule to date:

2021

  • 18 November 2021
  • 25 November 2021
  • 30 November 2021

2022

  • 10 February 2022
  • 12 May 2022
  • 22 June 2022
  • 18 July 2022

*Further meetings will be advised as work demand requires.


Overview

The Digital Identity Services Trust Framework Bill (the Bill) was introduced to Parliament on September 29th 2021, completed its First Reading on October 19th 2021, with the Select Committee accepting submissions on the Bill until December 2nd 2021. It is anticipated that the Select Committee will report back to Parliament prior to June 2022. The goal of the Bill is to set the standard for digital identity services in New Zealand, ensuring that all users have a safe and secure way of connecting with government and non-government services online. The trust framework, established through this Bill, will allow businesses to take advantage of a consistent approach to digital identity services so that they can maximise the use of them.

The Bill establishes:

  • an opt-in accreditation scheme for service providers who can demonstrate they can meet the Trust Framework rules, currently under development;
  • a governance board, within an existing public service department, responsible for reviewing and recommending changes to the Trust Framework’s rules, including taking into account the views of stakeholders (including groups with expertise in te ao Māori approaches to identity);
  • a Māori Advisory Group to provide advice, to the governance board on Māori interests;
  • the ability for the board to establish committees of advisors (from both the public and non-public sectors) to give advice and make reports to the board; and
  • an accreditation authority within an existing public service department – both to accredit organisations against the rules, and to monitor and enforce compliance.

Attribution: Content substantially taken from an email from the Department of Internal Affairs, shared with DINZ members on October 15th 2021.


Impact & Opportunity

DINZ encouraged and supported the development of the Bill from the outset and to this day continues to be supportive of the Bill’s intent and the Trust Framework as a cornerstone for enabling the future of a Digital Identity ecosystem for all of Aotearoa New Zealand – after all, who could argue against keeping New Zealanders safe online? There has never been a better time to establish Identity’s crucial role in Digital Trust than now and industry is keen to engage in the process since success will come through community and industry collaboration and consultation with Government. Several DINZ members and stakeholders from member organisations took part in the mahi that resulted in the Bill’s formation. DINZ is eager to keep contributing our members’ ideas and experiences to the Select Committee process and beyond. 

The interoperability with other Trust Frameworks and standards in force internationally is acknowledged in the Bill. This is typically done as a series of mappings which help assessors determine the relative conformance of a service provider’s service accredited/certified to one Trust Framework to another such as the DISTF.  Developing and maintaining these mappings helps international service providers by reducing the incremental time and cost for compliance with an additional Trust Framework – whether it is international and seeking to operate in New Zealand, or local and seeking to operate internationally.  This is another area where members are keen to discuss industry’s operational knowledge and experience. 

None of the four other common law countries with which Aotearoa New Zealand is typically compared has passed legislation. We could be the first, or a close second to Australia, because its high-level proposed legislation is moving at a similar pace as New Zealand’s, and the UK and US have stated intentions to legislate. Spurred on by industry, New Zealand is moving faster and more progressively by advancing both the legislation and the rules at the same time, assisted by knowledge of the experiences of other governments. This is perhaps a once-in-a-lifetime opportunity to ensure a truly people-centric ecosystem, underpinned by Te Tiriti and indigenous values, that could be world-leading for Aotearoa and exportable to the rest of the world for our tech industry. 


Helpful links

Trust framework rules are being developed by a small group restricted to participants who provide digital identity services and interested in opting into accreditation. This group is coordinated by the Department of Internal Affairs. Further information can be provided to parties that meet this criteria upon request.


If you have comments on this content please email them to info@digitalidentity.nz.