Executive order by Biden emphasizing digital identity's security and safeguarding
In a bid to enhance digital security, privacy, and fraud prevention, the Biden administration introduced an executive order focusing on digital identity and mobile driver's licenses (mDLs) in 2021. The order aimed to strengthen online identity verification, bolster cybersecurity, reduce fraud, and protect citizens' privacy.
One of the key aspects of this order was the establishment of standardised digital identity credentials, such as mDLs, to improve privacy by enabling safer, more controlled sharing of identity information. Notifications to individuals when their identity data was used were also included, providing transparency and consumer control over personal data.
The order supported the development of robust, cryptographically secure digital identity infrastructure to counteract emerging cybersecurity threats, including those posed by advanced quantum computing. This included mandating the National Institute of Standards and Technology (NIST) to issue guidance on secure digital identity documents, fostering strong federal and industry alignment on security and privacy standards.
The rollout of mDLs and broader digital identity systems was designed to reduce fraud by replacing less secure legacy forms of identity verification with cryptographically protected digital credentials difficult to counterfeit or misuse. This was expected to make it harder to commit identity-related fraud in accessing public benefits and other services.
However, the continuation of these Biden-era policies was significantly impacted by a subsequent executive order from the Trump administration in June 2025 that rescinded the digital identity initiatives, including plans to pilot mDLs for online citizen verification. The Trump order cited concerns about digital IDs facilitating fraud by undocumented immigrants—a claim experts reject as a false premise—and explicitly shifted away from federal encouragement of digital identity verification, leaving development largely to states.
This rollback raised concerns among cybersecurity and fraud prevention experts who warned that it undermines anti-fraud efforts and federal cybersecurity progress by fragmenting approaches to digital identity verification. It could also delay the adoption of advanced security technologies like mDLs that were seen as critical for the future of digital identity proofing, especially in light of evolving threats like quantum computing.
The U.S. needs to adopt decentralized solutions to reduce reliance on centralised databases and prevent unauthorised access or data breaches. To effectively tackle these issues, comprehensive federal data privacy and security laws are needed, prioritising individual rights. Verifiable AI should be used to validate the accuracy of data and algorithms used in AI systems, ensuring they're not biased or inaccurate.
Despite the setbacks, federal officials from agencies like the General Services Administration emphasise that mDLs are still considered a transformative step towards secure, seamless digital identity verification that supports fraud prevention and privacy protection. However, without strong federal leadership and mandates, these efforts face significant challenges in achieving widespread adoption, interoperability, and consistent security standards.
The U.S. can take inspiration from international regulations like the GDPR in the European Union to ensure digital systems are secure, efficient, and built with privacy at their core. mDLs have demonstrated improved security, convenience, and privacy in countries like Canada, Estonia, and Singapore. Several states, including Arizona, Maryland, and Colorado, have begun pilot programs showcasing the potential of mDLs in enhancing user experience and privacy.
About 15 states have implemented mDLs, but widespread adoption has been slow due to inconsistent implementation and lack of federal standards. The executive order mandates federal acceptance of digital IDs, aiming to create a unified framework for seamless use across states and federal agencies. The order also encourages cooperation between federal agencies and private sector partners to detect fraudulent activity early using advanced machine learning algorithms.
The draft executive order addresses online fraud, which has resulted in losses totaling $43 billion in 2023. Data brokers must be held accountable for how they collect, store, and share personal information. These laws should empower individuals to access, correct, and delete their data from third-party databases.
In conclusion, the Biden administration’s executive order sought to enhance federal data privacy, cybersecurity, and fraud prevention through standardised digital identity verification and mobile driver’s licenses. The subsequent rescission slowed or reversed these gains at the federal level, leading to risks of decreased security, greater fraud vulnerability, and a fragmented digital identity ecosystem in the U.S. A return to these initiatives is crucial to ensure the U.S. remains at the forefront of digital identity development and maintains strong cybersecurity and privacy protections for its citizens.
[1] https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/05/executive-order-on-improving-the-nation-s-cybersecurity/ [2] https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-ensuring-accurate-identity-management/ [3] https://www.whitehouse.gov/briefing-room/statements-releases/2021/05/12/fact-sheet-on-the-executive-order-on-ensuring-accurate-identity-management/ [5] https://www.whitehouse.gov/briefing-room/statements-releases/2021/05/12/fact-sheet-on-the-executive-order-on-improving-the-nation-s-cybersecurity/
- The Biden administration's executive order in 2021 focused on strengthening cybersecurity and privacy by developing policy-and-legislation for digital identity and mobile driver's licenses (mDLs), with the intention of enhancing technology in these areas and reducing fraud.
- In the realm of politics, the subsequent rescission of these digital identity initiatives by the Trump administration in 2025 raised concerns within the cybersecurity and fraud prevention community, as it may hinder progress in federal cybersecurity and digital identity development, and potentially delay the adoption of advanced technologies like mDLs.
