Your browser currently has JavaScript turned off, which means that Digital.govt.nz might not display properly on your device. It’s easy to turn JavaScript on - find out how to enable JavaScript in your browser.

Principles of the trust framework

These principles help to shape the trust framework, which sets out how accredited digital identity services should work in New Zealand.

Principles for an effective trust framework

The principles inform the rules and regulations. Digital identity service providers should strive to follow these principles.

The principles should be treated as in draft while the rules and regulations that will support the trust framework continue to be developed.

People-centred

The rights and needs of people are of the highest importance, though not to the exclusion of the needs of other entities involved in the digital identity environment.

Key measures

People’s participation in the use of digital identity services is voluntary, with the right to opt out without penalty.
Digital identity services are convenient and straightforward for people to use.
People retain control over their information in line with legislative requirements, including the Privacy Act 2020.

Inclusive

The trust framework aims to create a digital identity environment that is accessible and inclusive. Everyone has a right to choose whether they use digital identity services.

Key measures

The digital identity environment reflects the needs and requirements of a broad range of stakeholders.
Barriers to participation in digital identity services, whether they be social, financial or technical, are minimised without compromising security or privacy.
Everyone is able to use digital identity services without risk of discrimination or exclusion.

Secure

Everyone has the right to expect that personal and organisational information will be stored, shared and used in a secure manner within the digital identity environment.

Key measures

Systems and services are designed with the security of information in mind.
Technology design, operational controls and regulations governing the use of personal and organisational information safeguard it from breaches, corruption or loss.

Privacy-enabling

Privacy is a critical part of digital identity services. Everyone’s privacy must be respected.

Key measures

Approaches to privacy are proactive and preventative.
Privacy is embedded in the design and maintenance of systems and services.
There are no gaps in either protection or accountability — privacy is continuously protected.
Obligations are met regarding the legislative requirements of the Privacy Act 2020.

Enabling te ao Māori approaches to identity

The digital identity environment is inclusive of Māori perspectives of identity and enables the needs and aspirations of Māori to be achieved.

Key measures

Māori participate equitably in the digital identity environment.
Māori perspectives and approaches to identity are enabled by the digital identity environment.
The digital identity environment is developed and maintained in partnership with Māori.
Māori are supported in leadership and decision-making roles to ensure Māori perspectives of data and identity are embedded in the digital identity environment.

Sustainable

The digital identity environment must be designed and maintained in a manner that supports its technical, social, and economic sustainability in the long term.

Key measures

The digital identity environment generates value — for example, social, economic or fiscal — for those involved.
Systems and services are sufficiently flexible to adapt to change — for example, social licence, government priorities, emerging technologies or regulatory developments — and support innovation.
Systems and services are scalable, or able to be altered in size, in order to enable people-centred outcomes.

Interoperable

Personal and organisational information should be able to be re-used across services, sectors and geographies without security or privacy being undermined.

Key measures

Common approaches such as open standards, frameworks or best practice guidelines are used to ensure consistency and facilitate interoperability nationally and internationally.
Barriers to interoperability such as proprietary technology or the lack of portability of personal and organisational information are minimised.
Consultation and collaboration occur between the public sector, private sector, Treaty partners, the wider community and international partners to identify and address interoperability issues.

Open and transparent

The digital identity environment is maintained in an accessible, responsive and accountable manner.

Key measures

It’s clear how personal and organisational information is stored, used and shared, and for what purpose.
The rules and standards governing the digital identity environment are available to all.
Government is accountable to the public for its role in the digital identity environment.

JavaScript is currently turned off in your browser — this means you cannot submit the feedback form. It’s easy to turn on JavaScript — Learn how to turn on JavaScript in your web browser.

If you’re unable to turn on JavaScript — email your feedback to info@digital.govt.nz.

Was this page helpful?

Yes No Partly

Thanks, do you want to tell us more?

Do not enter personal information. All fields are optional.

What did you come here to do?

How can we improve this information?

Last updated 27 June 2024

Principles of the trust framework

Principles for an effective trust framework

People-centred

Key measures

Inclusive

Key measures

Secure

Key measures

Privacy-enabling

Key measures

Enabling te ao Māori approaches to identity

Key measures

Sustainable

Key measures

Interoperable

Key measures

Open and transparent

Key measures

Utility links and page information