Yes. Thank you for your question, Ms. Fortier.
I would say that one of the tricks here is that cybersecurity and privacy is a very complex topic, and the challenge with the model today is that everybody in Canada has to understand how the system works in order for the security system to be effective. That to me is fundamentally bad design.
What I'd like to do is pick up on Matt's comments about Estonia. Estonia did an amazing thing for itself, but when it comes to digital ID, I'd say there are two key messages I want to deliver today. Message number one is that every government in the world wants their digital identity information to be sovereign. They don't want to be beholden to some foreign corporation beyond the reach of their jurisdiction. That's one challenge.
However, the bigger challenge is that identity is very cultural. What works in one country won't necessarily work in another. This is particularly acute in the example of Estonia. When it comes to national ID cards, I would say that there are only two types of countries in the world: the countries that have national ID cards, and the countries that hate national ID cards. I would say Canada, the U.S., the U.K., Australia, New Zealand and many parts of Europe are against this idea of a national ID card.
There are several reasons for this. Part of it is because of World War Two. We saw all of the harms that came from governments having these large databases. The government had no intent of harm when it created these systems, but when somebody came in after—the Germans—they created all sorts of unanticipated harms. We saw the danger of having all the data in one place. I would say that this, on balance, is a better scheme, but I'm not here to criticize what Estonia did. I think their model is very good, but they come from a different cultural place, and I think Matt made that point very well.
If we're going to do this right, then rather than looking at a country of a million, why don't we look at the biggest and most successful identity and authentication scheme in the world—the credit card scheme? We have six billion cards in circulation for payments around the world, and we don't see news breaking every week about a credit card being compromised here, or Starbucks having problems there, or users losing credit cards. We don't see that. Why is that?
The reason is that the global payment system is managed very differently from the online identity system we have today. As a consumer, I don't have to understand how the payment scheme works. I just have to know how to tap my card, and if I can do that, I'm good. When it comes to the cards, we've done two very clever things. One is that we made it super simple for the user—when I do this, I know I'm committing myself, so it's hard for a crook to trick me out of it. Moreover, I don't have to understand it. I know the barista can't change my $10 to $1,000 after I leave. That's the first thing that makes the global payment system safe.
The second thing that keeps the global payment system safe is that there's a trusted network operative in the middle. The crook can't pop up in the middle and say, “I'm a crook, I take Visa.” You have to apply to get into that network and you have to behave to stay in the network.
It's not the same as the Internet. On the Internet, it's very different. None of the banks in Canada send SMS messages to their customers for security. The reason is that they don't believe it's secure enough. The problem is that every other service does. Facebook does it, Apple does it, Netflix does it, Google does it. When my dad gets a message on his phone saying “Suspicious activity on your account. Please click on this URL: www.bmo.com.crookURL.com”, my dad doesn't know how a URL works, and he clicks on this thing, thinking it's going to go to BMO. Despite the fact that BMO has very good control—by the way, this is not about BMO, which has very good security controls in place—BMO's got a security breach on its hands because my dad didn't get what was going on.
So hiding the complexity from the user and having a trusted network operator is really important.
Now, I want to bring it back to something Rene said a second ago. The third thing that keeps the global payment system safe is user behaviour. When I lose my payment card, I will call the bank within minutes. I didn't call them up because I promised I would—I don't care about them, I care about me. I'm terrified that the crook who found my card is going to spend my money and I'm going to be responsible. That user behaviour, that self-interest, causes me to do the right thing and turn it off. That's what keeps the global payment system safe, which is very unlike the way we manage digital identity today.
So if we want to look to a model, rather than look at Estonia—though I do think that what they did is good for them—we should look at and learn from what we've done in Canada. We should look at our own experience here. Every other government in the world is looking at us and asking how we got this partner login service with all the banks in Canada. They all want that. Everyone else is looking here, and we're looking over there.