Welcome to OnPolicy, your monthly briefing on key policy updates from the world of digital identity, AI, and data privacy. We’ll provide a quick overview of hot topics being debated in London, Brussels, and Washington, DC and Onfido’s policy related activity. Headed into summer recess, it's been a busy time in Congress, Parliament, and the European Commission.
Biometrics regulation. The Ada Lovelace Institute, an independent research institute specializing in AI and data, published an independent legal review – known as the Ryder Review – of the governance of biometric data in England and Wales. It focuses on issues related to the use of biometrics for the unique identification of individuals as well as the governance surrounding the use of Live Facial Recognition. City AM published a letter to the Editor from Onfido’s Global Director of Policy, Matt Peake, which argues any regulatory approach needs to be risk-based, proportionate, and not duplicate existing legislation, while also not overlooking different use cases beyond law enforcement – such as age verification or anti-money laundering checks.
Crypto. The UK government has announced plans for the UK to become a global cryptoassets technology hub. Among other measures stablecoins will be brought within regulation paving their way for use in the UK as a recognised form of payment, and industry engagement will be increased. Meanwhile the UK Treasury Select Committee has launched an inquiry into cryptoassets. The Committee plans to examine the risks and opportunities associated with the use of cryptoassets, their impact on social inclusivity and the potential need for regulatory change in the future.
AML review. The Government has also launched a review of AML rules. In doing so it recognizes its role in encouraging tech innovation through initiatives such as the UK Digital Identity and Attributes Trust Framework and via an Innovation Working Group. It also noted that there has been international collaboration, including the FATF publishing guidance on digital identity technologies.
AI regulation. The EU continues to push ahead with plans to regulate AI, the European Parliament recently publishing a list of suggested amendments. The overarching objective is to balance the desire to guarantee the safety and fundamental rights of EU citizens without stifling innovation while improving AI technology. At its core the proposed model is risk-based, where the degree of regulation seeks to reflect the level of risk posed by the AI in question. This makes sense – however there are definitely areas for improvement. For example, the current draft may consign low risk technologies, used exclusively to combat fraud, to the high risk category. There are also fresh initiatives to more closely regulate 'general purpose' AI. We need to strike the right balance, and Onfido is working hard with policymakers to improve the draft law, so it works for everyone. Learn more in our blog that outlines the action and how we’re working with policymakers.
AML reforms. The EU Parliament is scrutinizing the new AML rules proposed by the Commission, and recently published a list of suggested amendments. Of particular note were proposals to remove exemptions from the rules for gambling services, prohibit sub-outsourcing, reinforcing rules on remote identity verification and allowing for mutual recognition of such services. These new proposals, as well as the proposed reforms of eIDAS, will shape the future of AML and digital identity in the EU in the years to come.
Data privacy. Earlier this year, Connecticut became the 5th state with a data privacy law, following California, Colorado, Virginia, and Utah, while other states, such as Illinois and Texas have enacted biometric specific laws. Meanwhile, there is bipartisan activity on federal data privacy law, with the House Energy and Commerce taking a strong bipartisan vote in favor of the legislation at mark up in late July. While the outlook for this legislation is unclear, data privacy is quickly becoming a top policy issue across the US.
Digital identity legislation. In the House, the Oversight and Reform committee marked up Reps. Foster (D-IL) and Katko (R-NY)’s Improving Digital Identity Act (H.R.4258) and was approved. The bill as amended would create a White House Task force on Digital Identity and authorize grants to states for mobile drivers license infrastructure. A Senate companion bill was introduced by Senators Sinema (D-AZ) and Lummis (R-WY), which is an important step as it means we have bipartisan digital identity champions in the House and Senate. Separately, the Chips and Science Act is headed to President Biden’s desk for signature, which directs the National Institute of Standards and Technology to conduct digital identity management research to improve interoperability, strengthen identity proofing and verification methods, and improve accuracy, usability, and inclusivity.