ID systems must be built on a foundation of trust and accountability between government agencies, individuals, international organizations, and the private sector, both within countries and across borders. A cornerstone of this foundation are the laws, codes, regulations, and practices that govern and support the ID system—i.e., the “legal framework.”
In some countries, legal frameworks and practices may already enable inclusive and trusted ID systems. In many other cases, however, key laws and regulations do not exist, are not enforced, do not comply with international law, or predate the use of digital ID systems and trust services such as electronic signatures. A thorough assessment (e.g., using the IDEEA) during the planning stage will help identify areas in which the legal framework may need to be amended, or updated.
In general, the policies, laws, and regulations that support an ID system can be divided into two categories:
Enablers—directly define and govern the ID system, including its design, management, operation, and relationships with stakeholders and other systems.
Safeguards—address potential risks surrounding the ID system, including those related to data privacy, security, and non-discrimination.
The particular architecture of the enablers and safeguards that make up a legal framework for ID will vary by country, and there is no one blueprint model. However, this section highlights some important areas and themes that should be covered as part of a comprehensive legal framework on identification (as enshrined in Principles 8, 9 and 10, see Section II. Principles). For a more detailed treatment of legal and regulatory frameworks, see the IDEEA.