Government-Issued Digital Credentials and the Privacy Landscape

This whitepaper is focused on the privacy implications surrounding government-issued digital credentials. In particular, we look at the digital credentials issued by government authorities and intended as a technology that helps enable efficient, privacy-preserving services to people and businesses. Similarly, we consider where legislation and regulation define the individual’s expectation for privacy and establish some of the requirements for the technology. The scope here is global, with a particular focus specifically on digital credentials issued by liberal democratic governments which tend to have more stringent privacy laws and higher expectations of their residents to have their privacy expectations met. The paper does not cover privately issued identity credentials, what governments need to do to provide services to users that do not have government-issued identity credentials, or the needs of centralized governments with less focus on privacy.