Guidance

Memorandum of Understanding on digital identities cooperation

Published 22 December 2021

This was published under the 2019 to 2022 Johnson Conservative government

0.1 Introduction

This Memorandum of Understanding (MOU) has been developed in connection with the negotiation of the UK-Singapore Digital Economy Agreement, in the context of contributing to a closer economic relationship between the United Kingdom and Singapore.

0.2 Participants

This MOU is made between: The Government of the Republic of Singapore, as represented by the Smart Nation and Digital Government Office; and The Government of the United Kingdom, as represented by the Department of Digital, Culture, Media and Sport. (referred to individually as a “Participant” and collectively as the “Participants”).

0.3 Purpose

Based on the shared objectives and vision in increasing digital trade to enhance economic cooperation and development, and the understanding that digital identities enable increased international economic, innovation and social development, this MOU intends to promote cooperation in the field of digital identity between the Participants according to the relevant laws and regulations of their two countries, and based on the principle of mutual interest and benefit.

The purpose of this MOU is to:

  • strengthen collaborative activities in the area of digital identity between the Participants;
  • develop a roadmap to enable the interoperability, mutual recognition and use of digital identities between the Participants; and
  • facilitate collaboration between the Participants through the establishment of joint projects, as required from time to time.

0.4 Scope of collaboration

The Participants will cooperate on the following areas:

  • Legal and regulatory frameworks supporting the development of digital identity including:
  • Digital identity legislation and regulation;
  • Liability and commercial models for digital identity;
  • Data strategy and privacy; and
  • Alignment with wider digital trust services and digital transformation activities;

Governance, business and operation processes including:

  • Accountabilities for scope and governance of digital identity;
  • Frameworks for the mutual recognition of digital identity; and
  • Approaches to the assessment, certification and accreditation of digital service providers;

Standards for the assurance and security of digital identity including:

  • The roles and responsibilities within a digital identity ecosystem;
  • Technical architecture approaches;
  • Identity verification and identity management standards;
  • Interoperability specifications and data models; and
  • Fraud and security management; and

Adoption of digital identity by individuals and businesses, including industry pilots and initiatives (see Annex).

The activities for cooperation under this MOU may include:

  • Sharing of insights and experience relating to digital identity including legislation, policies, strategies, plans, institutional approaches, and technology models;
  • Development of a joint roadmap which provides a plan of activities to reach mutual recognition of digital identities;
  • Identification of scenarios and use cases and the design of pilots to support research into interoperability and mutual recognition of digital identities;
  • Participation in workshops, working groups, forums and events related to digital identity and collaboration between the Participants;
  • Provision of support for mutual visits, knowledge sharing and capacity building;
  • Identification of and support for opportunities for increased Government / Industry / Academic collaboration;
  • Strengthening of links between respective ecosystems to enhance academic research and industry partnership and leveraging this expertise for innovation and research; and
  • Any other areas of cooperation and collaboration that may be jointly agreed between the Participants.

The Participants may identify and jointly determine further areas of common interest relating to digital identity that are consistent with the objectives of this MOU.

0.5 Costs and expenses

Unless otherwise decided in writing by both Participants, each Participant will bear its own costs and expenses, and provide its own resources for the implementation of this MOU and any matter related thereto.

0.6 Information exchange and confidentiality

If a Participant provides information to the other Participant in accordance with the collaborations under this MOU and designates the information as confidential, the other Participant will keep the information confidential.

The Participants will not use or further disclose the confidential information provided by the other Participant under this MOU except for the purposes specified in paragraph 2.2 and scope of collaboration specified in paragraph 3.

The Participant providing the information is responsible for ensuring that guidance is provided to the Participant receiving the information on handling and protection requirements. Each Participant will respect requests made on handling and protection requirements regarding the security or sensitivity of the information.

Each Participant will comply with any condition, restriction or caveat imposed by the other Participant in respect of the handling or disclosure of information, subject to its own domestic laws and regulations, and international obligations.

In the event that information received by one Participant from the other Participant becomes subject to a court order or a requirement under their domestic law to produce the information, prior to any lawful disclosure, the disclosing Participant will inform the other Participant, and allow the other Participant the opportunity to argue against production or to request a limitation on the disclosure.

0.7 Disputes

Any dispute arising out of this MOU will be amicably resolved by the Participants solely by mutual negotiations and discussion in good faith.

0.8 Enetry into effect, duration and termination

This MOU will come into effect on the date of signature indicated herein and will remain in effect for a period of five (5) years thereafter, unless terminated by either Participant giving at least one (1) month’s prior notice in writing to the other Participant.

0.9 Non-legally binding

This MOU does not constitute or create and is not intended to constitute or create any legally binding obligations. Nothing in this MOU will alter or affect any existing agreements between the Participants.

Without prejudice to the generality of the immediately preceding paragraph, the participants acknowledge that this MOU will not be deemed as an international agreement and will not constitute or create legal obligations governed by international law.

0.10 Amendments

Either Participant may propose an amendment to this MOU by means of written notice to the other Participant. An amendment will be effected only upon the mutual written consent of the Participants.

The foregoing represents the understandings reached between the Participants.

SIGNED in duplicate in the English language.

For the Smart Nation and Digital Government Office: Josephine Teo For the Department of Digital, Culture, Media and Sport: Nadine Dorries

ANNEX

Details on the UK-Singapore Digital Identity Cooperation Activities

0.11 Desired Outcome

Participants will work towards mutual recognition of digital identity approaches which would allow digital identities to be used for cross-border transactions.

0.12 Objective

Participants will conduct cooperation activities in the area of digital identity and develop a roadmap for mutual recognition of digital identities between the two countries.

0.13 Scope of activities

The cooperation agreement may cover the following activities as the basis for designing a mutual recognition roadmap between the two countries over the next 12 months:

Digital identity policy and strategy:

  • Share and review the overall strategic plans for the development of digital identity models in the UK and Singapore
  • Analyse and understand similarities and differences between the approaches and the foundation on which these approaches have been developed

Legal and regulatory frameworks:

  • Share and review the legal and regulatory frameworks for digital identity
  • Analyse and understand how and if broader legislation and regulation in the economy has had to be updated and aligned to allow the use of digital identities
  • Review the approaches for assurance and certification of identity services, including certification by external, independent certification bodies or government agencies responsible for accrediting government services

Trust frameworks and rules:

  • Analyse the trust frameworks and national rules for digital identity and carry out mapping between the UK and Singapore (where relevant)

Standards:

  • Share, analyse, and compare key identity related standards between the UK and Singapore including:
  • Identity assurance and verification
  • Data protection
  • Fraud protection
  • Technical protocols for authentication and exchange of attributes and data
  • Technical architectural models
  • Security protections

Governance and operational processes:

  • Review the accountabilities and responsibilities for managing digital identity governance and supporting national operational services between the UK and Singapore

Liability:

  • Review liability and contractual models for the delivery of digital identity and develop models for the cross-border use of digital identity

Market development, stakeholder initiatives and adoption:

  • Understand the trends in the use of digital identity, digital identity innovation, user and service adoption
  • Understand the role of industry and the role of relying parties in engaging with interoperability strategies and plans
  • Develop and compare categories of stakeholders and understand overlaps between the two countries

Digital identity dependencies:

  • Understand the dependencies in digital identity models with other policy and product innovation areas such as cross-border digital trade facilitation, financial services, digital currencies, payments, e-signatures, KYC and AML
  • Use case prioritisation:
  • Identify use cases that would bring tangible benefits to users and businesses and support wider cooperation between the UK and Singapore
  • Indicative use cases centre on the user journey for individuals and representatives of businesses who are new to the country and needing to register for services (e.g. international students, company incorporation, bank account opening)
  • Review technical landscapes between UK and Singapore
  • Review technical investment and innovation priorities to support wider cooperation between the UK and Singapore
  • Understand industry landscapes and potential pilot participants

Industry and technical pilot design:

  • Review technical options for pilot design
  • Analyse and prioritise pilot participants
  • Design pilot projects between the UK and Singapore