The UK Digital ID Consultation Closed Amid Industry Pushback. The Architecture Lesson Is for Everyone Else.
The UK Cabinet Office's national digital ID consultation closed May 5, 2026. The People's Panel deliberation continues. The architecture debate is the real story.
At 12:30pm on Tuesday May 5, 2026, the United Kingdom's Cabinet Office consultation titled "Making public services work for you with your digital identity" closed to written submissions. The consultation, which ran from March 10, 2026, asked the public to weigh in on a proposed national digital ID system. The next phase, a People's Panel for Digital ID involving 100 to 120 randomly selected UK residents in deliberative workshops, is scheduled to conclude June 21, 2026, when the formal consultation process ends.
The consultation has not been "rejected" in any procedural sense. The government will issue a formal response after the People's Panel concludes. But by every public indicator, the written submission phase produced strongly mixed feedback at best, and substantial pushback from a coalition of civil society organizations, the digital identity industry, and a parliamentary petition signed by approximately 2.9 million people. The architectural debate the consultation surfaced is the more interesting story for compliance and identity teams elsewhere in the world.
What the consultation actually proposed
The Cabinet Office's proposal sits in a meaningfully different place than where the policy started. In September 2025, Prime Minister Starmer announced the digital ID scheme with two stated aims: combating illegal working and easing access to government services. The original framing included a commitment to making digital ID mandatory for right-to-work checks by the end of the parliamentary term.
By January 2026, the government rolled back the mandatory aspect of the scheme. The consultation that opened in March focused on three principles for the new digital ID — useful, inclusive, trusted — and explicitly stated that the digital ID would not be mandatory for any specific use case. A federated architecture (no central database) is described in the consultation document, with data remaining with the issuing authority and credentials held on user devices.
The consultation also proposed an age threshold of 16 for digital ID holders, with questions about whether the threshold should be lowered to 13 (the age of digital consent under UK GDPR) or removed entirely. Children under 13 having digital IDs would have parallels to the kind of credential issuance the EU's eIDAS 2.0 framework anticipates.
What the industry pushback was actually about
Three threads run through the substantive industry response.
The first thread is the relationship between the proposed government digital ID and the existing UK Digital Verification Services (DVS) sector. The UK already has a regulated private-sector digital identity industry under the DIATF (Digital Identity and Attributes Trust Framework) certification regime. Industry submissions consistently raised the question of whether the government scheme will displace or layer on top of the existing DVS providers. The Association of Digital Verification Professionals wrote an open letter to Cabinet Office Minister Darren Jones in early 2026 to request formal collaboration. techUK's submission emphasized that the DVS sector should be "acknowledged and leveraged."
The second thread is architectural. The architecture debate divides between centralized government-anchored identity systems (where the state issues and verifies the credential) and federated wallet-based architectures (where verified credentials live on user devices and can be presented to relying parties without revisiting a central database). The EU's eIDAS 2.0 framework chose the federated wallet model. The original UK approach leaned closer to centralized. The consultation explicitly addresses the federation question, but the public position remains less crisp than the EU equivalent.
The third thread is consumer trust and historical precedent. The UK has tried this before. The 2006 Identity Cards Act was scrapped in 2010 with significant public backlash. GOV.UK Verify, introduced in 2013, was buried after £220 million in spending and limited adoption. The 2.9 million petition signatures opposing the digital ID scheme draw on this institutional memory. Civil society submissions, including from the Electronic Frontier Foundation, focused on the structural concern that even a non-mandatory digital ID becomes effectively mandatory through service availability over time.
What the EU got right (and what the UK is debating)
The contrast with the eIDAS 2.0 framework is instructive for compliance and identity teams designing their own systems.
The EU framework starts from the premise that the user controls the wallet. Verified credentials issued by member-state authorities or qualified trust service providers are stored in the European Digital Identity Wallet (EUDIW) on the user's device. Relying parties query the wallet, not a central database. Data minimization is built in: an age check returns "over 18" without revealing the date of birth.
The UK proposal, in its current form, sits closer to this model than the original September 2025 announcement suggested, but the architectural commitment is less binding. The consultation document describes a federated approach but leaves design decisions for after the consultation. The People's Panel will weigh trade-offs that the EU framework already pre-decided.
Three architectural commitments distinguish the EU framework from less mature digital ID schemes. The first is the relying-party register: the EU framework defines who can request what credential under what conditions, building accountability into the protocol layer. The second is selective disclosure: the framework requires that wallet credentials support partial-attribute presentation (proving age without revealing identity), not just full-credential presentation. The third is interoperability: the EU framework supports W3C Verifiable Credentials, ISO/IEC 18013-5 mDL, and OpenID4VP for cross-border presentation. Each of these is technically tractable. None is automatic.
What this means for jurisdictions still designing
For teams in jurisdictions still working through their own digital ID architecture, three lessons from the UK consultation are usefully concrete.
First, consult before announcing. The UK government's January 2026 acknowledgment that it was "unfortunate" not to have consulted the digital identity industry before the September 2025 announcement is a recoverable error. Consulting after the announcement, against a backdrop of 2.9 million signatures opposing the scheme, is a much harder starting position than consulting before.
Second, federated wins over centralized. Every credible architecture in 2026 (EU's EUDIW, the US TSA ConfirmID architecture being designed, the W3C Verifiable Credentials work) is federated, wallet-anchored, and selective-disclosure capable. Centralized government-anchored identity faces stronger civil society resistance, harder data protection compliance, and worse interoperability with existing private-sector digital identity ecosystems.
Third, the relying-party experience matters as much as the issuance experience. UK industry submissions emphasized that current DIATF-certified providers serve thousands of relying parties (banks, employers, age-verification consumers, real estate). A new government digital ID that doesn't connect cleanly to that relying-party ecosystem becomes a parallel system, not a unified one. Compliance teams in any jurisdiction should design relying-party integration as a first-class concern, not a later phase.
What deepidv brings to the wallet era
For the verification stack to be ready for a federated wallet world, three capabilities matter: NFC document reading, mDL ingestion (ISO/IEC 18013-5), and EUDIW credential consumption (the OpenID4VP flow). deepidv runs all three on a single verification engine. When a user presents a wallet credential at onboarding, the same engine that verifies a document-and-selfie flow consumes the wallet attestation, runs the policy checks (issuer trust, signature validation, attribute selection), and returns a structured verification result. The cryptographic receipt the verification produces (proof.deepidv.com, anchored on Base L2) is independent of any single wallet ecosystem.
UK Digital ID Consultation FAQ
- Has the UK digital ID scheme been rejected?
- No. The written submission phase of the consultation closed May 5, 2026, but the formal consultation process continues through June 21, 2026, when the People's Panel for Digital ID concludes its deliberations. The government's formal response and decision will follow.
- Is the UK digital ID mandatory?
- In its current form, no. The government rolled back the mandatory aspect of the scheme in January 2026. The consultation document explicitly states that use of the digital ID will not be mandatory in any scenario. However, the government has indicated that digital right-to-work checks may become mandatory by the end of the parliamentary term.
- How does the UK approach compare to the EU's eIDAS 2.0?
- The EU's eIDAS 2.0 framework specifies the European Digital Identity Wallet (EUDIW), a federated wallet architecture supporting W3C Verifiable Credentials, ISO/IEC 18013-5 mDL, and OpenID4VP for selective disclosure. EU member states must offer EUDIWs to citizens by December 2026. The UK proposal, in current form, describes a federated approach but is less specific on protocol-level commitments.
- What is the People's Panel for Digital ID?
- A deliberative engagement process involving 100 to 120 randomly selected UK residents, who participate in workshops with expert facilitators to discuss the digital ID proposal in depth. The panel will produce shared recommendations for government. This process concludes June 21, 2026.
- How does this affect the existing UK digital identity industry?
- The UK already has a regulated private-sector digital identity industry under the DIATF (Digital Identity and Attributes Trust Framework). Industry submissions to the consultation emphasized concerns about how a government-issued digital ID would interact with existing DVS-certified providers. The government has said it intends to engage with the industry; specific design decisions are pending.
- What about the 2.9 million petition signatures opposing the scheme?
- A parliamentary petition signed by approximately 2.9 million people called for an end to the digital ID rollout. The petition was debated in Parliament in December 2025 and contributed to the rollback of mandatory aspects of the scheme. The petition's substantive concerns (data security, surveillance, civil liberties) continue to feature in civil society submissions.
- What does this mean for non-UK organizations?
- The UK debate is a useful reference for any jurisdiction designing digital ID architecture. The lessons (consult before announcing, prefer federated over centralized, design for relying-party integration) generalize. For organizations operating across the UK and EU, the divergence between UK approach and the EU's EUDIW framework is a real architectural consideration: relying-party systems may need to handle both.
Relevant Articles
Meta Just Made AI Bone-Structure Analysis the Default Age Verification
Inferred-age detection at platform scale.
May 11, 2026
MiCA Final Deadline: 60 Days for Crypto Firms to Get Authorized
ESMA confirmed the MiCA transitional period ends July 1, 2026.
May 11, 2026
FDIC Extends GENIUS Act Comment Period to May 18
Where the comment substance has to land.
May 12, 2026
The SEC Just Sent 'Regulation Crypto' to the White House
What it means for KYC at digital asset firms.
Apr 8, 2026
What is deepidv?
Not everyone loves compliance — but we do. deepidv is the AI-native verification engine and agentic compliance suite built from scratch. No third-party APIs, no legacy stack. We verify users across 211+ countries in under 150 milliseconds, catch deepfakes that liveness checks miss, and let honest users through while keeping bad actors out.
Learn More