Policy actions sorted A-Z.
Policy actions sorted A-Z.
Digital signatures are recognised with legal equivalence to “wet signatures” so that people can transact digitally.
Estonia: eSignatures for registering a company online, e-banks, online voting system and electronic tax filing.
United States: 2001 ESIGN Act states a contract or signature “may not be denied legal effect, validity, or enforceability solely because it is in electronic form”.
European Union: Article 5 of the Electronic Signatures Directive mandates that European states must regard electronic signatures with the same authority as wet signatures.
Elsewhere: Many other G20 countries implement legislation that gives legal recognition to digital signatures for most purposes. Some countries enforce restrictions: Argentina prohibits use for certain legal documents and public deeds; Canada prohibits use for wills and marriage controls; China, in practice, prohibits use in corporate documents that require public notarisation.
Organisations should set standards, or regulators should enforce standards, on the communication of terms and conditions to users. This would improve users understanding the contract they enter with a digital service.
Terms of Service; Didn’t Read gives an overview of the main points of various digital services terms and conditions, assigning a rating on their fairness to their users.
IF’s Data licences explores how a consistent design pattern can improve people’s understanding of how their data will be used.
People have the right to port their data between service providers so that they have genuine choice of providers. This is distinct from “enable people to access data held about them in an agreed format” as the particular data about a consumer isn’t readily accessible to them, but a transfer between services can be made.
European Union: Article 20 of the General Data Protection Regulation gives people the right to obtain and reuse their data across different services.
United Kingdom: QR codes on utility bills contain energy usage data for quick comparison between providers.
United Kingdom: Current account switch guarantee automates the process of changing banks by automatically transferring balances and direct debit instructions.
Switching mobile phone number: Communication regulators in many countries mandate that mobile phone numbers can be transferred between different networks.
Large, interlinked services operating effectively as monopolies could block transfer of data to services with a narrower focus.
Companies could use anti-patterns that make it difficult for people to transfer data between services.
Services automatically compensate consumers if the performance of a service is below the expected level. This gives consumers value for money and eases the process of getting compensation.
Digital services should be translated and appropriately adapted to meet the needs of the communities using them. This is particularly important in non-English speaking countries and countries with distinct communities that use minority languages.
Worldwide: ICANN, the international organisation that maintains the domain name system, introduced the ability to create domain names that use non-Latin characters in website addresses.
Canada: The accessibility of public services in English and French is legally mandated.
Providers of digital services are legally bound to comply with design standards that allow people with accessibility needs to access digital services.
Worldwide: W3C published a recommendation, the Web Content Accessibility Guides (WCAG), that helps web developers create accessible digital content.
United Kingdom: Standard 8878 by the British Standards Institute defines the processes needed in the planning and deployment of accessible web products. While not legally enforceable as a standard, other legislation in the UK means that websites are legally required to be accessible.
United States: A 1998 amendment to the Rehabilitation Act that requires Federal agencies to make their electronic and IT technology accessible to people with disabilities.
Spain: A law, UNE 139803, requires websites to follow accessibility requirements based on the WCAG standard.
Create and publish a set of design standards to promote best practices, accessibility and familiarity between digital public services.
Set a minimum period where manufacturers must provide software updates to ensure customers are reasonably protected against software vulnerabilities without having to make new purchases.
Some software manufacturers have fixed support periods. Microsoft has a 10 year support period for Windows 10. Ubuntu, a Linux operating system, designate every fourth version as “Long Term Support”, where the update period is extended from 9 months to 5 years for server software and 3 years for desktop software.
Netherlands: Consumentenbond is campaigning for mobile phone manufacturers to provide longer support periods for Android.
The United States Navy paid Microsoft $9.1 million to continue support for Windows XP, a version of Windows released in 2001 but has widespread use in government IT because of the time between the following version being released.
David Wheeler writes that updates should be legally mandated for three years after purchase, or the customer should be offered a refund.
Mandating a minimum period of software updates could be financially straining for smaller software developers.
Longer mandatory update periods could increase costs for consumers.
Digital service providers are bound to ensure that specific design criteria are met when requesting consent from users to ensure they have enough information to give meaningful consent.
United Kingdom: A Direct Debit mandate must be completed by the payer, using bank-approved wording that makes it clear they are setting up an ongoing authority for the merchant to debit their account. This involves a paper-based form, a telephone conversation with a format script, an online application approved by the bank.
Third party applications that use digital authentication platforms like Sign in with Twitter and Facebook Login have usage policies that require users to be redirected to Facebook or Twitter’s URL, where a standardised dialogue lays out what data is being shared with the third party application.