I'm sorry, who are you?
In my first year at university, I needed to open a bank account with a local branch and change my GP to one close by.
When I opened the bank account, they misspelt my surname. They were not the first, but it was a bank, a trusted institution, and it managed to make this type of mistake. I was sent a bank card and chequebook that confirmed the error. Some organisations (including the NHS) accept a bank statement as a valid form of ID. The bank is supposed to know who I am.
When I changed GP, during the consultation, it occurred to me: he was an NHS GP, the NHS had this information, but he knew nothing about me. The only way he could find out was to ask me, while he waited for a copy of my records to be delivered in the post.
This all happened the year before the modern NHS number was introduced. Today, there are more NHS numbers than living patients. Some are due to delayed record updates when people die, but many are simply duplicates.
Solving this identity problem isn't just for good record keeping. It would make prescribing safer, integration simpler, data sharing possible, bureaucracy lighter, and implementing new technologies like AI easier.
Last month the government published their consultation document: 'Making public services work for you with your digital identity' which builds on the UK Digital Verification Services Trust Framework, a technical specification.
In December 2025, 2,984,192 people signed an online petition against the very idea of a government digital ID, triggering a Parliamentary debate. So why are so many people against fixing this?
Their objection is not the cost, nor the technical challenge. It's trust.
The government has tried this twice before. In 2006, Tony Blair introduced National Identity Cards. In 2010, the Coalition abolished them. In 2016, David Cameron launched GOV.UK Verify, a £200 million programme with a 52% abandonment rate.
The current programme is called GOV.UK One Login, which now has 13 million users, built on their new 'Trust Framework'.
But trust as a technical specification misses the point. The problem is not a lack of trust in systems, it's a lack of trust in government, and how they will use these systems.
Three million petition signatures say they do not have the public's trust. Because they don't.
People aren't worried about cryptographic standards and technical specifications (even though they should be), they're worried about mission creep, surveillance, and a system that starts voluntary and drifts toward mandatory.
The NHS is converging towards a Single Patient Record. One Login is getting traction. But when your NHS record is also linked to tax, welfare, and immigration, the relationship between the patient and the NHS broadens into a relationship between the citizen and the state. That's not a data integration problem. That's not an encryption problem. That's a trust problem.
People already dismiss these concerns in exchange for convenience. Google, Meta, Amazon, Apple; all have data about us as specific individuals: our habits, desires, political persuasion, gender, health data. A government can even buy this data or insist that it is shared. We have already gifted our personal data to the private sector but still want to hide it from the government.
If the government wants to win public support for this, the question they need to answer is why should we trust them? We need a new digital social contract. If the public reject it, then so be it. But if our relationship with the private sector suggests anything, it's that we won't.
If I see any GP in the country today, they can see my summary care record. My prescription can be delivered to my door. I'd like to be able to trust my government with every public service: health, education and social justice, so that every interaction is as painless as renewing my prescription. That won't happen without our trust, and that trust needs to be earned.
The government's 'Making public services work for you with your digital identity' consultation is out and closes 5 May 2026.