Can the Once-Only Principle be the Magical Solution to All Government Problems in Canada?

I personally recently went through the process of renewing my driver’s license, a process that most of us are familiar with and it, unfortunately, is never thought of as a fun experience. It entails going through multiple lists of required paperwork, guessing which documents apply to your specific case, printing these documents and putting them in order, and finally traveling physically to the Department of Motor Vehicles (DMV)to realize that you forgot to bring one form that shows, for example, the last time you entered the country as a non-citizen. Luckily, I still submitted my application on that same day. However, it sounded strange to me that “the government” needed a printed version of the same document that is allowing me to be inside the country in the first place and which I have provided in every single interaction I had with a public administration department. Shouldn’t there be a system where all government agencies have secure access to my official documents?

The Once Only Principle (OOP) addresses that issue. It refers to the idea of not requiring members of the public to provide the same information more than once to public administrations (as defined in the EU eGovernment Action Plan). OOP is being proposed more often recently as part of the conversation about digital governance. It sounds like a magical solution to the many problem and inconveniences that citizens face in their interactions with government agencies. However, before jumping to advocating strongly for the OOP, we should consider the ways in which this system could endanger citizen’s privacy and information security.

Adopting OOP in Canada requires a serious evaluation of benefits and risks. It is clear through the example mentioned above how this system can fundamentally improve the citizen’s experience while interacting with government. However, the following risks associated with such process could make it less attractive:

1. Anyone in the system can access your date: the risk associated with this element is that, in some cases, citizens might not want their information to be accessed by anyone in the government. For instance, it makes sense for the DMV employee to be able access entrance/exit records needed to verify eligibility for a license. However, that interaction would have become less enjoyable if the DMV employee was able to see that the person applying for a license recently went to court for defaulting on a loan, for example.
2. Centralizing all the information in one place: the issue of cybersecurity in digital governance is widely discussed and requires a deeper dive than this post allows for. However, it is important to note that OOP could make it easier for bad actors (whether domestic, foreign, or from the state itself) to access a centralized repository of all of the citizen’s data allowing them to do more harm.
3. Giving more power to the state: This does not appear as a major threat in Canada under the current democratic government that respects citizens rights. The risk becomes more dangerous if we live at a time where government is actively trying to limit citizen’s freedom and secure information about them. In my view, this is the most dangerous aspect of the OOP at a global level.

In addition to the risks associated with OOP, the process is not as simple as it sounds when applied at a federal scale. In a country like Canada, the federal government will have to address challenges related to: transforming an existing legacy system (or multiple different systems for each province), designing a smooth and convenient process flow that makes the citizen’s experience easier, and finally, protecting and securing the citizens data.

The conclusion here is not necessarily that we are better off without OOP. It is important to fully understand what the process implies for citizen’s in terms of benefits and risks and for the federal government in terms of implementation and design challenges. The final decision of whether to implement such a strategy should be made based on a benefit and cost analysis not only for the government but also for the citizen. In order to harness all the benefits of the OOP and avoid the significant risks, the federal government must first guarantee protection for the privacy and security of the data and update the laws and regulations to respect citizens’ right as part of the democratic process in a digital world.

Note: some of the ideas mentioned in this blog were inspired by a recent presentation given by Naeha Rashid on Deploying the Once-Only Policy, given at a class session for the course following course taught by David Eaves at the Harvard Kennedy School: DPI 662A: Digital Government: Technology, Policy, and Public Service Innovation.