This is the first post in our series of conversations with privacy experts. The purpose of these conversations is to educate, connect key players and to promote Canadian innovations in organizations. We want to discover and explore the big questions around innovation and ideas shaping the digital economy here in Canada and around the world.

At the heart of it, digital ID and authentication form the foundation of a strong digital economy. All of our interactions, our transactions and our online lives depend on the creation of robust, secure and scalable systems that allow us to prove who we are online.

Guests in this series will include leaders from both the public and the private sector but the focus will remain on Canadian leaders working at home and abroad.

About the Guest

Our first guest in this series is Dr. Pat Meredith.

She is a former senior banking executive and advisor, a global thought leader and author and consultant in the emerging field of strategic governance. She is best known for her role as Chair of Canada’s Task Force for the Payment System Review bringing together government, community and industry leaders to transform the payments system in under two years.

Pat is a Director of many public, private and not-for-profit organizations. She was Executive Vice-President and Chief Strategy Officer of a major financial institution and Senior Strategy Advisor to financial services and technology companies for a global strategy consultancy.

From 2010 to 2012, she was the Chair of the Task Force for the Payments Review. The Task Force – which applied a catalytic governance process – delivered a community supported action plan that enabled government and industry to quickly act on all four of the recommendations. With her Catalytic Governance co-authors, Steven Rosell and Ged Davis, she is working to create a community of leaders developing better approaches to governing in the information age.

What were you doing when you first came across the idea of digital ID in 2010?

Dr. Pat Meredith: The late Jim Flaherty, who was the Canadian finance minister, asked me to chair a task force on the future of the Canadian payments system. Payments are the arrangements that people and businesses use to transfer value from one person to another.

There was a feeling in Canada that we were falling behind –  digital payments were taking off and Canadians were still largely paying in traditional ways: cheques, cash, credit cards, debit cards, etc.  

The technology was changing and our payments system needed to change in order to keep up. In fact the story, and I’m not sure whether it’s true or not, is that one of the reasons why the task force was struck was because when Jim Flaherty was in Malaysia, he shared a cab ride with their finance minister and the Malaysian finance master was able to pay for the taxi ride without opening his wallet. At that point he realized that the rest of the world was leading in digital ID.

The Internet is an anonymous place. Users can send and receive messages in relative anonymity and that’s great, if all you’re looking to transfer are ideas and information. But that isn’t so great when you’re looking to move money from one party to another and so it became very clear to me that we needed a way to ensure the identity of both the receiver and the sender was protected. That really led us to exploring the idea of did digital ID and authentication in more detail.

What are some of the examples of this?

PM: One of the things that we used a lot in the payments discussion were use cases. In the physical world, when a person wants to open a bank account they go into a bank, they fill in an application form and they present two pieces of ID.

The bank photocopies the ID, checks them and then opens a bank account. The challenge is that this process cannot be replicated online. So for people who don’t have a bank branch nearby this clearly becomes a problem. It is also a problem because many people didn’t want to go into branches anymore and wanted to be able to access or open a bank account on their phone. That’s challenging for individuals but for businesses it’s the kiss of death.

Without the ability to transact, businesses have no way of selling their products and services online and receiving payment. We used to joke that Canadians could pay for their kid’s hockey lessons online using e-transfer but they couldn’t sign a liability waiver. Essentially, they couldn’t do things that clearly required them to identify themselves and have their identity authenticated.

What are some of the recommendations that you made as a task force around digital ID?

PM: The Task Force made a number of recommendations for both the public and the private sector to work together to create a regime to underpin a modern payment system and to protect the privacy and security of Canadians in the online world.

We believe that this sort of regime was essential to not only processing payment transactions that supported economic activity over the long run but also fundamental in supporting things like digital health records, digital voting and other activities that clearly could be automated and made accessible to virtually every Canadian.

Does the government have to be the one to solve this issue? Aren’t there larger organizations that are kind of looking to try to own identity or manage our identities for us?

PM: Google, Apple and Facebook have clearly moved into the identity space. The question for Canadians is really whether or not they want to have those large technology companies being the ones who play a significant role in managing their digital footprint.

It is in the best interest of those companies to know exactly who they’re dealing with and collect as much data on the person as they can and to harvest that data to generate revenues for themselves.

Traditionally, our data has been managed by the government of Canada. In today’s world, it makes sense to have the government continue to play a role in the recognition of a person or an organization’s existence in the digital world. The regime however really has to work collaboratively in order for businesses to collect and use the data that they’ve collected to provide services and goods in an efficient and effective way.

What was the process that you went through with bringing this new working group of the public sector and the private sector at the table together?

PM: We started with a general discussion of why this was important and what we needed to do. Then we started to look at specific use cases and one of the use cases that I remember very well because for me it illustrated many of the points that had to be taken into consideration was that the challenge of a young person going into the beer store to buy beer for the weekend.

In order to prove that they were old enough to drink, the cashier asks them to present your ID. Most people pull out their driver’s license while all the cashier really needs to know is that you are of legal drinking age. They don’t need to know how old you are. They just need to know that you’re above the minimum age.

Yet, when you hand over your driver’s license or when my son hands over his driver’s license not only does it tell them the actual date of his birth, it tells them his full name and all kinds of information that is not essential for him to buy a beer.

And it is clearly an invasion of privacy.

To hear more episodes of the IdentityNORTH podcasts, visit our podcast page.