Return to > Information security and privacy
Short address for this page: www.oecd.org/internet/idm
Digital identity management is fundamental for the further development of the Internet Economy
The management of digital identity has many facets - technical, economic, social and cultural - and is complex to understand and address as a whole. It raises the issue of how to translate in the digital world the mechanisms through which individuals trust each others as a prerequisite to interacting with each other.
Thus managing digital identity is essential for the Internet to operate as a platform for economic development and social progress.
At this stage, the management of digital identity does not seem to have reached the level of maturity which would enable the full realisation of the Internet economy. In particular, interactions which carry a high level of risk are not yet common on the Internet.
The level of trust that existing digital identity management practices provide is not high enough for users to engage into this type of transactions. Why is the market not providing an appropriate response? How should governments approach this question and what should be their role?
This booklet on “Digital Identity Management: Enabling Innovation and Trust in the Internet Economy” represents the culmination of analytical work by the OECD between 2007 and 2011 to achieve a shared understanding among government policymakers about digital identity management, its role in the Internet economy and how to develop better public policies in this area.
The booklet compiles four reports which are also available separately.
The main section explains briefly what digital identity management is and why it is fundamental for the further development of the Internet Economy. It provides guidance to government policy makers for developing digital identity management strategies that support innovation across the public and private sectors while enhancing security, privacy and trust online (also available separately). This section builds on the main findings of the work reflected in the annexes below.
This annex includes a comparative analysis of national strategies for digital identity management in 18 OECD countries. It explores how governments approach digital identity policy making and identifies key commonalities and differences across countries at strategic and policy levels. It is also available separately.
This annex reflects the general understanding of this policy area in 2009, before the analysis of government strategies. It provides policy makers with a broad-brush understanding of the various dimensions of digital identity management and aims to support efforts to address public policy issues for securely managing and protecting digital identities. It is also available separately.
This annex includes the proceedings of a workshop organised by the OECD and hosted by the Norwegian Ministry of Education and Research and Ministry of Government Administration and Reform in 2007. The workshop brought together experts from government, industry and civil society to explore the main information security and privacy issues surrounding digital identity management. The agenda, presentations and proceedings are also available online.
OECD work on digital identity management was developed in furtherance of the Seoul Ministerial Declaration on the Future of the Internet Economy (2008). It stands at the crossroad of OECD activities in the area of security of information systems and networks and privacy protection, all carried out by the WPISP.
OECD work on digital identity is the continuation of almost ten years of policy work on electronic authentication since 1998, in the early days of e-commerce and e-government. The main outputs include:
This legal instrument encourages efforts by Member countries to establish compatible, technology-neutral approaches for effective domestic and cross-border electronic authentication of persons and entities. It should be read in conjunction with OECD Guidance for Electronic Authentication (see below).
This document provides policy and practical guidance for the development, implementation and use of electronic authentication products and services as they relate to the authentication of persons and entities.
The Guidance sets out the context and importance of electronic authentication for electronic commerce and electronic government and provides a number of foundation and operational principles that constitute a common denominator for cross-jurisdictional interoperability. It aims to help Member countries and non-Member economies establish or, as appropriate, amend their approaches to electronic authentication with a view to facilitate cross-border co-operation.
It served as the basis for the 2007 OECD Council Recommendation on electronic authentication (see above).
This Declaration was adopted at the Ministerial Conference "A Borderless World: Realising the Potential of Global Electronic Commerce" held in Ottawa, Canada. It recognises the importance of authentication for electronic commerce and outlined a number of actions to promote the development and use of electronic authentication technologies and mechanisms.