Question to the Cabinet Office:

To ask the Minister for the Cabinet Office, what steps he is taking to ensure that mandatory digital ID would not put the population’s personal data at risk of data breaches by hackers and foreign adversaries.

Security is a core principle of the new national digital credential that government is building, and will follow National Cyber Security Centre advice and international best practice.

Data will be federated, not centralised, minimising risks by keeping information securely stored where it already is. Advanced encryption and regular penetration testing will be part of a wider infrastructure to help protect against cyber threats, fraud, and hacking.

The system will comply with GDPR, operate strict legal firewalls, and empower individuals to have more control over what data is shared. All of these elements will help ensure there are robust safeguards to protect personal data from hostile actors.