If data is the currency of the twenty-first century, the true measure of value is trust. So says new evidence from Canada, where, according to an opinion piece in the Financial Post, digital adoption continues apace – but Canadians being much more careful about who gets access to their personal information.
“Increasingly, they are asking difficult questions,” says the op-ed by Francois Guay of the Canadian Cybersecurity Network. “What data is being collected? Why is it necessary? Who will have access to it? How long will it be retained? Can it be protected?”
The result is a market that runs on trust, rather than innovation or technology: “the next phase of digital transformation will not be determined solely by who builds the best technology. It will increasingly be determined by who earns the greatest trust.”
That has implications for businesses who seek fraud protection, security tools and other technology that requires them to ask for more information from their customers. “The very measures intended to build confidence may be producing the opposite result,” says the report, “creating greater friction, lower participation and declining trust.”
The numbers tell the story. Research from the Office of the Privacy Commissioner of Canada shows nearly nine in ten Canadians are concerned about protecting their privacy online. Approximately 78 percent report refusing to provide personal information to an organization because of privacy concerns. Data from the Digital Identity and Authentication Council of Canada (DIACC) shows more than 90 percent want greater control over their personal information.
Digital literacy makes trust more potent
The shift is not simply a matter of digital paranoia. Rather, it signifies a re-weighting of ownership in Canadians’ concept of personal data. As the risks and harms of the internet have revealed themselves over time, user habits have evolved so that the impulse to share data whenever prompted is now checked with caution. In a sense, this is the desired outcome of what is often called digital literacy: a populace that demands legitimacy from the online ecosystem, and rejects what it finds suspicious or untrustworthy.
Or, in other words, is firm in asking, why do you need my data, what do you intend to do with it, and how do you keep it safe?
The piece quotes Joni Brennan, president of the DIACC, who says the market will favor those who prove they can be trusted up front. “Trust isn’t a communications problem that can be solved after launch. When digital trust and identity solutions are practical, transparent and independently certified against standards, adoption pairs with utility,” Brennan says.
Brennan recently appeared on the Fime podcast to discuss Canada’s memorandum of understanding with the EU on digital ID, and why interoperability means more than just technical compatibility, but also alignment on policy and mutual trust.
Technology enables participation but trust determines user choice
Francois Guay concurs that trust is not a matter of clever marketing, but the plate that holds the entire layer cake. “Security, privacy, transparency, usability and confidence are not competing priorities from the user’s perspective,” he writes. “They are inseparable.”
Usability is another foundational layer – on both sides of the transactional divide. While strong identity verification is equated with trust, too much of it, deployed clumsily, can add friction that erodes trust. Guay cites research on customer onboarding and identity verification which “has found that approximately one in five users abandon account creation because the process becomes too complicated.”
“Financial institutions have reported onboarding abandonment rates approaching 60 per cent in some circumstances, while e-commerce shopping cart abandonment routinely exceeds 70 per cent.”
The cumulative evidence, he says, “suggests many organizations underestimate the impact that complexity and confidence have on participation.”
That means that the debate around digital identity may be focused on the wrong question. Most discussions, Guay says, continue to focus on how organizations can collect enough information to establish identity with confidence.
“The more important question is how organizations can establish trust while collecting less information.” Or, how to collect information better.
“For years, digital transformation has been measured by how effectively organizations moved services online,” he writes. “The next phase will be measured very differently. Success will increasingly depend on whether organizations can build systems that people understand, trust and confidently choose to use.”
Customer demand will thus push organizations to recognize trust as a strategic asset – and trust will increasingly become economic infrastructure.
Interac serves as home-grown example
As an example of how Canada might lead in developing trust as part of its economic strategy, Guay points to Interac – the banking system that powers debit card payments in Canada.
“Millions of Canadians use Interac every day to move money, verify transactions and access financial services,” he says. “Most users rarely think about the underlying infrastructure because trust has already been established within the system. They are not repeatedly asked to provide extensive personal information every time they complete a transaction. Confidence has effectively been embedded into the experience.”
Beyond Canada, technologies are being developed to facilitate a replacement of data sharing with digital proofs. Verifiable credentials, privacy preserving identity systems and decentralized identity networks allow for selective disclosure and more sovereignty over user data. “Although these technologies remain in relatively early stages of adoption,” Guay says, “they all share a common principle: verify more while collecting less.”
Five-person commission will be ‘digital super-regulator’
Guay believes Canada has an opportunity to take advantage of the emergent trust economy. “The country possesses respected financial institutions, strong privacy traditions, internationally recognized expertise in digital identity and an expanding ecosystem focused on digital trust,” he says.
“If those strengths can be combined with approaches that prioritize transparency, interoperability, independent standards and collecting only the minimum information necessary, Canada can become a global leader in what may emerge as the trust economy.”
Part of that will involve regulation – and plans are afoot to create a new federal regulatory body overseeing online safety and privacy rules, and handling enforcement.
A report from Global News notes the Liberal government’s recent introduction of two major pieces of tech policy legislation, which will need managing: Bill C-34, which focuses on digital safety for social media and AI chatbots, and Bill C-36, which focuses on privacy and data handling.
The new commission of five will be tasked with making decisions on certain online safety issues, including rules around online age assurance for age-restricted products and services. It will have “authority to issue binding orders to organizations and levy fines of up to $10 million or three per cent of the organization’s gross global revenue. For the most serious offences, such as when companies obstruct the commission’s work, the fines can go up to $25 million or five per cent of global revenue.”
The commission is expected to take roughly 18 months to set up.
Michael Geist, a frequent critic of online safety laws, says the commission will be a “digital super-regulator” with “astonishing powers that may be unmatched anywhere in the democratic world.”
That is sure to be untrue in practice. However, Heidi Tworek, a professor of history and public policy at the University of British Columbia, points out that Canada’s plan does differ from examples elsewhere, by giving the new body dual responsibilities – and taking certain powers away from the privacy commissioner.
“In other places we see a separation of the privacy regulator and the online safety regulator,” she says.
The government says having one commission for both digital safety and privacy legislation is intended to “give Canadians who are engaging with private-sector companies a single entity focused on issues like children’s safety and data.”
Article Topics
Canada | digital government | digital identity | digital inclusion | digital trust
