Keir Starmer wants everyone who works in the UK to carry a digital ID — and fast. The government’s pitch, unveiled at the end of September, is short on ceremony and long on promise: a centrally backed, phone-centric identity called the “Brit Card” (built on the GOV.UK One Login system) that will be required to prove the legal right to work. Supporters say it will choke off illegal employment, simplify access to services and close loopholes in the underground economy. Critics say it risks creating a single, juicy target for hackers and a new layer of state control over everyday life.

What the government says (and when)

The Prime Minister’s office published the plan on 26 September 2025, saying the new digital ID would be used for Right-to-Work checks and that it will be “rolled out” across the country during this parliament — in effect meaning a legal requirement for work by the end of the parliamentary term (reports and government material point to a target in the second half of the decade). The announcement stresses the scheme will be free, that paper alternatives and face-to-face help will be available for people without smartphones, and that credentials will be stored on individuals’ own devices with “state-of-the-art encryption and authentication.”

Why ministers say the Brit Card matters

The political logic is blunt: make it harder for people without lawful status to get jobs, and you both deter unsafe journeys and cut the profit margins for unscrupulous employers. Ministers frame the move as a practical, modern alternative to the centuries-old (and politically toxic) idea of physical ID cards — a way to make passport-level checks routine without forcing people to carry a paper document around. The government also pushes the convenience line: a single verified ID could simplify everything from accessing benefits to booking a GP appointment.

The tech beneath the headlines: GOV.UK One Login

The Brit Card would piggyback on GOV.UK One Login, the government’s single sign-on and identity-checking system that already lets people prove their identity to some government services. One Login can use an app, online security questions or in-person checks at Post Office counters, and the government has been encouraging services to adopt it as a central authentication layer. That technical familiarity is part of why ministers think a digital ID is feasible today in a way it wasn’t 20 years ago.

Why critics aren’t convinced

The response has been immediate and fierce. Civil-liberties groups are warning that the scheme is a step toward mass surveillance, while a growing public petition has collected well over a million signatures opposing mandatory digital IDs. Security experts point out an unavoidable truth about large identity systems: they become attractive targets. Independent testing and reporting have already raised alarms about One Login’s resilience — including lapses in certification against government trust frameworks and security tests that found serious vulnerabilities.

The practical problem with “on your phone”

The government’s promise of outreach for people who don’t use smartphones is an attempt to neutralise a clear practical criticism, but it leaves open difficult choices. What does “face-to-face support” look like at scale? How will the system treat people who lose a phone, who are digitally excluded, or whose biometric checks fail? And how will employers, landlords and local services be regulated so that checks are reliable but not abusive? The answers to those questions will determine whether the project is an administrative improvement or a new bureaucratic headache.

Security and private-sector involvement

A big identity project inevitably invites private contractors. Reporting suggests multiple firms are already circling potential contracts, and that is part of the anxiety: handing sensitive personal data to a mix of state and private actors raises accountability questions. There is also a tension between decentralised promises — “credentials on your device” — and the reality that central verification and cross-checking are necessary to police right-to-work rules. That architecture — who holds what data, who can ask for verification, and how logs are kept — will determine both security risk and civil-liberties exposure.

A political gamble

Starmer’s move is explicitly political as well as technical. Labour has been trying to reframe its stance on immigration and law and order since taking office; delivering a practical tool to limit illegal work fits that strategy. But the plan revives the long memory of Britain’s previous ID debates — Tony Blair’s attempts two decades ago, subsequent backlash, and the still-fresh suspicion among many voters about state databases and surveillance. Whether the Brit Card becomes accepted practice or a political liability will depend on how the government manages rollout, explains safeguards, and responds to the inevitable legal and technical challenges.

A final note

Digital identity is not, in itself, either liberty-destroying or freedom-protecting — it’s a tool. The debate in the coming months will be about the guardrails: the legal limits on who can see your data, the technical details that make the system resilient, and the practical measures that prevent exclusion. For many British people, the question won’t be abstract: it will be whether, as they change jobs, rent a flat or deal with the state, the new system makes life easier — or makes them feel watched.