Written by Michael Leahy, Vice President, National IT Strategy, Government Sourcing Solutions 

The rapid acceleration of digital transformation presents both unprecedented opportunities and profound challenges for governments worldwide. As states increasingly transition essential services to the digital realm, the promise of enhanced convenience, efficiency, and responsiveness to constituents is immense. However, this digital evolution unfolds against a backdrop of declining public trust in government and pervasive concerns about personal privacy, data security, and potential surveillance. Merely digitizing existing processes is insufficient; a fundamental rethinking of the relationship between government and citizen data is required.

This document proposes a comprehensive framework for “Verifiable Government” and “Digital Inclusive Government Services” (DIGS), integrating existing best practices with foundational legal principles of privacy, duties of loyalty, and fiduciary models of data control. By embedding these legal constructs into the very architecture of digital government, we can foster a new era of trust, transparency, and true citizen autonomy.

The Imperative for Digital Inclusive Government Services

The National Association of State Chief Information Officers (NASCIO) consistently identifies digital government and cybersecurity as top priorities. This reflects a broad consensus that digital services offer significant benefits: lowered costs, greater responsiveness, and improved citizen convenience. Yet, the pursuit of these advantages must proactively address “digital divides” and ensure access for all constituents—including minors, the elderly, the homeless, and the disabled.

Current digital implementations often fall short. They are frequently built on a discrete, agency-by-agency model, leading to fragmented, confusing citizen experiences rife with inefficiencies and security vulnerabilities. Crucially, they struggle to replicate the established norms of trust and control present in the analog world. For instance, the simple act of presenting a physical driver’s license for age verification in the analog world inherently limits data disclosure (only relevant information is viewed) and relies on inherent trust in a physical credential. In the digital realm, the ease of data replication and sharing demands a more robust approach to verifiability, identity, and authority, while minimizing susceptibility to fraud and inappropriate disclosure.

The vision for DIGS and Verifiable Government is built upon three foundational principles: Utility, Security, and Autonomy.

  • Utility: Encompasses usefulness, flexibility, adoptability, ease of use, and cohesiveness of coverage. It also champions offline capability and avoidance of vendor/technology lock-in.
  • Security: Focuses on robust systems and data protection, verifiability of user identity and authority, auditability, and fraud prevention.
  • Autonomy: This principle is critical for establishing trust and is where modern legal scholarship on privacy and data control becomes profoundly relevant. It demands adherence to Fair Information Practice Principles (FIPP) attributes such as transparency, privacy, confidentiality, individual control, consent, recourse, and crucially, a minimization of disclosure without any possibility of surveillance.

The Privacy Problem: Beyond Notice and Consent

Public surveys consistently reveal a deep unease among Americans regarding their personal data. A significant majority feel they have little control over data collected by businesses and government, expressing concern over its use and believing risks outweigh benefits. This sentiment underscores a major disconnect: while people express strong privacy concerns, they often “click away” and agree to lengthy, incomprehensible online privacy notices.

As legal scholars like Woodrow Hartzog and Neil Richards argue, the current privacy regime, heavily reliant on “notice and consent,” is fundamentally broken. It places an unreasonable burden on individuals to understand complex data practices and negotiate terms with powerful entities. Instead, they propose a shift from mere contractual agreements to a framework grounded in fiduciary duties.

The prevailing model often allows government, like many private entities, to collect volumes of data beyond what is “necessary” for a specific purpose. Unlike commercial entities that are increasingly subject to privacy regulations (e.g., GDPR, CCPA), government operations have often been exempt from these same stringent requirements, contributing to a generalized “lack of trust in government.”

A New Paradigm: Fiduciary Duties for Government Data

This is where the insights from Hartzog, Richards, and Jack Balkin become transformative. They advocate for applying fiduciary models to data relationships, particularly where there is an asymmetry of power, information, or expertise. In such relationships, the entity collecting and managing data (the fiduciary) owes specific legal and ethical duties to the individual (the beneficiary).

The core fiduciary duties, as articulated by these scholars, include:

  • Duty of Loyalty: The fiduciary must act in the best interests of the beneficiary, avoiding conflicts of interest and refraining from self-dealing. For data, this means prioritizing the individual’s privacy and autonomy over institutional desires for data aggregation or monetization.
  • Duty of Care: The fiduciary must exercise reasonable skill, diligence, and competence in handling the beneficiary’s assets. For data, this translates directly to robust security measures, data protection, and competent management to prevent breaches, misuse, or unauthorized access.
  • Duty of Confidentiality: The fiduciary must keep sensitive information private and not disclose it without proper authorization.

Integrating Fiduciary Principles into Verifiable Government

Applying this fiduciary lens to government data handling dramatically strengthens the Autonomy principle of Verifiable Government, providing a robust legal and ethical underpinning for its goals:

  1. Transparency: A government acting as a fiduciary has an amplified duty to be transparent about all data collection, use, and sharing practices. This goes beyond a simple privacy notice to clear, understandable explanations of why data is collected, how it’s used, and who has access. Citizens must have ready access to their data and convenient means to correct inaccuracies or request deletion.
  2. Control and Consent: A fiduciary model empowers the individual. True control means the data subject retains ownership of their data and must provide meaningful consent for its use, especially beyond legally mandated purposes. This implies a proactive, informed, and revocable consent, rather than passive acceptance. The duty of loyalty dictates that government will not exploit ambiguous consent or default settings to expand data collection.
  3. Least Disclosure/Specific Purpose: The “minimization elements” of FIPP are directly reinforced by the duty of loyalty. A government fiduciary would be obligated to collect only the absolute minimum information necessary for a specific, stated purpose. This fundamentally challenges the “data lake” approach, instead advocating for sequestered, purpose-specific databases. The duty of loyalty dictates that government should not hoard data beyond its immediate, legally required purpose.
  4. Privacy and Confidentiality: These are core to the fiduciary duty of confidentiality. Government, as a fiduciary, must not only prevent accidental or nefarious exposure of citizen data but also actively enable confidential disclosure when necessary, ensuring binding obligations on receiving parties. This directly combats unauthorized surveillance, recognizing that constant observation fundamentally changes individual behavior and is antithetical to a government’s responsibility, except under strict judicial authority.
  5. Recourse: For fiduciary duties to “have teeth,” clear and accessible recourse mechanisms are essential. Citizens must have well-defined policies and methods to enforce their rights and obtain remedies if government breaches its fiduciary obligations regarding their data.

Operationalizing the Fiduciary Model with Verifiable State ID

The proposed Verifiable State ID model directly embodies this fiduciary relationship. Rather than government being the sole issuer and keeper of identity, the model suggests government acts as an endorser of an individual’s self-generated autonomic identifier.

Here’s how it works:

  • Citizen Control: Individuals hold government-endorsed credentials (e.g., driver’s license endorsement, birth certificate verification) in a personally controlled and secured “digital wallet” on their own devices. This physically manifests the principle of citizen control over their data, aligning with the fiduciary ideal that the individual is the “trustee” of their own data sets.
  • Least Disclosure in Practice: When seeking a benefit or license, the state’s digital systems would query the citizen’s digital wallet for “yes/no” eligibility answers, rather than collecting raw data. For example, instead of requesting a full birthdate to confirm age, the system would merely receive a verifiable affirmation that the individual meets the age requirement. Only upon confirmed eligibility and explicit, informed consent would the minimal legally required data be transferred from the individual’s wallet for that specific transaction.
  • Purpose-Limited Data: This paradigm dictates that each specific use creates a sequestered database, dismantling the “data lake” model. This simplifies database construction, enhances security by precluding lateral movement within massive stores, and makes a “zero trust” philosophy practical and affordable. This direct reflection of the duty of loyalty prevents data from being used for purposes other than those for which it was originally collected.
  • Delegation and Guardianship: The cryptographic protocols underlying Verifiable State ID can inherently support delegation capabilities, addressing issues like minors’ identities or powers of attorney, providing secure, verifiable digital equivalents to analog processes while maintaining appropriate controls and privacy.

Benefits and Challenges

Adopting a fiduciary model for government data management, underpinned by the principles of Verifiable Government, offers significant benefits:

  • Re-established Trust: By consistently acting in the citizen’s best interest, prioritizing their privacy and control, and demonstrating robust care for their data, government can begin to rebuild sorely needed public trust.
  • Enhanced Security: Decentralized, purpose-limited data storage and cryptographic verification inherently improve security postures, reducing the attractiveness of large, centralized data targets.
  • True Autonomy: Citizens gain genuine control over their digital identity and personal information, moving beyond theoretical rights to practical empowerment.
  • Responsible Innovation: A framework based on explicit duties can guide the development of new digital services in a manner that is inherently privacy-preserving and citizen-centric.

However, implementing such a transformative shift presents significant challenges:

  • Legal Reform: Current laws and administrative practices often favor government data collection and retention. Substantial legislative and regulatory changes will be required to codify and enforce fiduciary duties for government entities.
  • Technical Overhaul: Moving from existing legacy systems and centralized data models to a decentralized, citizen-controlled architecture demands considerable technical investment and expertise.
  • Cultural Shift: Government agencies and employees will need to embrace a new mindset—one that sees data as a trust, not merely an asset to be collected and leveraged.
  • Citizen Education: Effectively communicating the benefits and functionality of new digital tools and models to the entire citizenry, particularly those less digitally literate, is crucial for widespread adoption and success.

Conclusion

The confluence of technological advancements, evolving privacy concerns, and a deficit of public trust necessitates a paradigm shift in how governments approach digital services. By embracing the principles of Verifiable Government—Utility, Security, and Autonomy—and grounding them in the legal and ethical imperative of fiduciary duties towards citizens’ data, we can move beyond simply digitizing government. We can instead build a future where digital interactions with the state are not only convenient and efficient but also inherently trustworthy, privacy-preserving, and truly empower the individual. This is not merely an aspiration but a fundamental requirement for the democratic state in the digital age.

Also in the news:

Microsoft launches cryptographic library disabling credential linkability Default Thumbnail18 months to launch: Is Europe ready for the EU Digital ID Wallet? Default ThumbnailA key component of digital identity infrastructure and decentralized ID