OnPrivacy February 2023

Welcome to Onfido’s Policy Corner, your regular briefing on key global policy updates from the world of digital identity, regulatory compliance, AI, and data privacy. With a new year, new Congress, a new EU presidency, and a new UK technology partnership with the US, there is plenty of activity to keep an eye on.

In case you missed it, Onfido has released its first ever Diversity and Impact Report. In it, you will learn how we think about diversity, equity, and inclusion within our organization and our product and the steps we have taken. You’ll also find an update on our progress towards our NetZero pledge.

Hot topic alert - children’s online safety

Before jumping into our usual updates by geo, it's worth highlighting a policy discussion that is happening all over the world and is going to be a hot topic this year - children’s online safety. We’ve seen the UK lead in this space with the Age Appropriate design code, California enacting its own law, and other states considering their own versions of the legislation. As the UK considers amendments to the Online Safety Bill that could introduce criminal liability for failure to protect children, across the pond states are discussing their own approaches to keeping kids safe online and what age verification requirements could be necessary. This space will be one to watch.

International Data Privacy day was January 28 — check out thoughts from Onfido’s Head of Privacy, Michelle Levin, on the privacy regulatory landscape in a special edition of OnPrivacy.

UK

Inaugural meeting of US - UK Dialogue on Technology and Data: We now have further details of the dialogue deliverables, following the formal launch of the Dialogue in October 2022. The discussions, led by senior officials from both countries, will focus on three work streams: Data, Critical and Emerging Technologies, and Secure and Resilient Digital Infrastructure. Deliverables identified for 2023 include: collaboration to facilitate global trusted data flows, strengthening UK-US collaboration on AI technical standards development, and tools for trustworthy AI.

Online Safety: The UK Online Safety Bill continues its legislative passage. Recently proposed new amendments would result in senior managers being held legally responsible if children can access illegal and harmful content on their platforms. It will increase focus on the need for age verification on platforms, and how this can be achieved in a proportionate way.

EU

AI Act developments: In December, the Council of the EU adopted its general approach on the AI Act. This text will form the basis for Council’s negotiations with the Parliament and Commission in upcoming interinstitutional “trilogue” negotiations, which are expected to begin in April 2023. The Council position includes a clear exemption of authentication and verification from the definition of “remote biometric identification system,” and a nuanced approach to general purpose AI that will allow providers to be consulted in full, prior to the application of the AI Act to general purpose technologies.

AML developments: In December, the Council of the EU also adopted its general approach on the AML Regulation. The Council has made several changes to the original Commission text published in 2021. In particular the Council approach would facilitate the outsourcing of elements of the user onboarding process to third parties. However, it failed to take the opportunity to introduce a mutual recognition clause, which would allow onboarding processes in one Member State to be used seamlessly across all the other Member States.

US

House’s new crypto panel: The House Financial Services Committee will definitely have an increased focus on crypto this Congress, with the creation of a new subcommittee on digital assets, financial technology, and inclusion. The subcommittee will be chaired by Rep. French Hill (R-Arkansas) and will play a key role in oversight and policy development through hearings and legislation.

Pandemic Unemployment Benefits Fraud hearing: With the House Oversight and Accountability Committee Chairman James Comer (R-KY) and the House Ways and Means Committee Chairman Jason Smith (R-MO) both holding the hearings right away on pandemic unemployment benefits fraud, it is clear this topic will be a big one this Congress. The pandemic unemployment insurance benefits implementation created the perfect set of conditions for identity thieves and foreign organized crime rings to steal billions from the US government and the American people — and became a high profile example of why now is the time to get digital identity infrastructure right. We will watch to see if this focus creates momentum to get the Improving Digital Identity Act over the finish line this Congress.

Interested in learning more about the regulatory landscape?

Our compliance manager's guide to identity verification for KYC and AML looks at the global compliance landscape, best practices for creating identity verification processes, and what to look out for when assessing technology partners.

Read the guide