OnPolicy blog image

Welcome to OnPolicy, your monthly briefing on key policy updates from the world of digital identity, AI, and data privacy.  Before jumping in to our usual UK, EU, and US updates, a quick look at some global topics of note.  

Metaverse. With all the discussion about the metaverse, what is the role of identity verification? Our Global Policy Director, Matt Peake, shared his thoughts here on how anonymity online can be balanced with the desire to have verified identities. Ultimately, online identity verification needs to be swift and robust, with the appropriate level of privacy and security.

Mitigating Bias in AI. With growing use in a variety of sectors, policymakers around the globe are increasingly focused on potential for bias in AI. Onfido’s research team published a new white paper outlining how we approach mitigating bias — read the paper here.

International Identity Day. September 16 was International Identity Day, highlighting the importance of individuals having proof of identity. It is held annually on September 16 in commemoration of the UN Sustainable Development Goal 16.9, which calls for the provision of legal identity for all by 2030, including birth registration. It is estimated that today 1 billion people (about half in Africa) lack proof of identity. Onfido supported this by sharing a video of Amy Shuart, our Head of North America Government Affairs, via Women in Identity on why identity is important and the key to access.  


Data Privacy. The government unveiled the Data Protection and Digital Information Bill, which seeks to take the UK in a different direction from the EU and its GDPR data protection and privacy rules. Learn more in our blog: How is data protection changing in the UK?

IDV for businesses. Companies House, the UK’s registrar of companies and an executive agency of the government, announced plans to conduct identity verification of registrants. This is a positive step towards reducing economic crime and fraud in the UK and is one to watch.

Digital Identity. Plans for governance of the UK’s Digital Identity Trust Framework continues to evolve, with the regulator, OfDIA, to be housed within the Department for Digital Culture Media and Sport (at least initially). The Framework itself is currently in beta phase and will likely have relevance to many market segments over time. Onfido recognizes the value of meeting these demanding industry standards and we recently obtained our certification to the beta version.


AI event. Onfido hosted an AI Act event in the EU Parliament on September 7, to highlight how it will impact financial services and how we can improve the current draft law. On stage we were joined by Mastercard, Stripe, law firm Freshfields, as well as an MEP Axel Voss, and a representative from the EU Commission. We continue to focus on ensuring that the AI Act will incentivise investment and innovation in the EU while protecting user rights.

Parliament blog image


Data Privacy. Data privacy continues to be a hot topic in the US. The Federal Trade Commission (FTC) released a notice of proposed rulemaking (NPRM) on data privacy, with responses from stakeholders due in mid October.  Meanwhile, Speaker Pelosi and the state of California have expressed concerns regarding the bill that was reported by the House Energy and Commerce Committee in July.  If a federal law doesn’t happen this year, House Republicans have indicated it remains on their agenda for next Congress.

Digital Identity Legislation. Before leaving for the October recess, the Senate Homeland Security and Government Affairs Committee (HSGAC) unanimously approved the Improving Digital Identity Act (S. 4528), as amended.  With Senators Sinema (D-AZ) and Lummis (R-WY) submitting an amendment to the National Defense Authorization Act bill - one of the major must pass pieces of legislation that will be considered before the end of the year - this will be one to watch during the lame duck session after the midterm elections.

Age Verification. California Gov. Gavin Newsom signed into law the California Age-Appropriate Design Code Act last month, based in part on the United Kingdom’s Age Appropriate Design Code. The new law seeks to minimize the scope of data collected on users of websites or platforms that are “likely to be accessed by a child.” Age verification services are among the tools that may help online services and platforms remain compliant when the law comes into effect in July 2024. 

AI Bill of Rights. The White House Office of Science and Technology policy published the long awaited AI Bill of Rights, which includes five principles for design — safe and effective systems, algorithmic discrimination protections, data privacy, notice and explanation, and human alternatives, considerations and fallback. Onfido is among those listed as providing feedback for the development of this document and you can find our submission here.  

Want to learn more?

Discover how Onfido’s technology can help your business navigate KYC and AML regulation.

Get in touch