JurisdictionUtahTitle 63AUtah Government Operations Code
Ch. 63A-16Utah Technology Governance Act
Part 63A-16-12State-endorsed Digital Identity
This text of Utah § 63A-16-1202 (State digital identity policy.) is published on Counsel Stack Legal Research, covering Utah primary law. Counsel Stack provides free access to over 12 million legal documents including statutes, case law, regulations, and constitutions.
(1)It is the policy of Utah that:
(1)(a) each individual has a unique identity;
(1)(b) the state does not establish an individual's identity;
(1)(c) the state may, in certain circumstances, recognize and endorse an individual's identity;
(1)(d) the state is obligated to respect an individual's privacy interest associated with the individual's identity;
(1)(e) the state is the only governmental entity that may endorse an individual's digital identity for the purpose of establishing a state-endorsed digital identity;
(1)(f) the state may only endorse an individual's digital identity if the state-endorsed digital identity program is expressly authorized by the Legislature;
(1)(g) an individual whose digital identity has been endorsed by the state is entitled to:
Free access — add to your briefcase to read the full text and ask questions with AI
(1) It is the policy of Utah that:
(1)(a) each individual has a unique identity;
(1)(b) the state does not establish an individual's identity;
(1)(c) the state may, in certain circumstances, recognize and endorse an individual's identity;
(1)(d) the state is obligated to respect an individual's privacy interest associated with the individual's identity;
(1)(e) the state is the only governmental entity that may endorse an individual's digital identity for the purpose of establishing a state-endorsed digital identity;
(1)(f) the state may only endorse an individual's digital identity if the state-endorsed digital identity program is expressly authorized by the Legislature;
(1)(g) an individual whose digital identity has been endorsed by the state is entitled to:
(1)(g)(i) choose:
(1)(g)(i)(A) how the individual discloses the individual's state-endorsed digital identity;
(1)(g)(i)(B) to whom the individual discloses the individual's state-endorsed digital identity;
(1)(g)(i)(C) which elements of the individual's state-endorsed digital identity to disclose;
(1)(g)(i)(D) where the individual's state-endorsed digital identity is stored; and
(1)(g)(i)(E) whether to use a state-endorsed digital identity or physical identity to prove the individual's identity;
(1)(g)(ii) allow a governmental entity or a person to use information related to the individual's use of the individual's state-endorsed digital identity for a purpose other than the primary purpose for which the governmental entity or person collected the information; and
(1)(g)(iii) have a guardian obtain or use a state-endorsed digital identity on the individual's behalf;
(1)(h) a governmental entity or person that accepts a state-endorsed digital identity shall:
(1)(h)(i) collect, use, and retain an individual's state-endorsed digital identity in a secure manner; and
(1)(h)(ii) comply with the requirements of this part through technological means;
(1)(i) a governmental entity may not:
(1)(i)(i) convey a material benefit upon an individual for using a state-endorsed digital identity instead of a physical identity; or
(1)(i)(ii) withhold services or benefits from an individual if the individual uses a physical identity or is otherwise unable to use a state-endorsed digital identity; and
(1)(j) a governmental entity or a person may not require an individual to surrender the individual's mobile communication device to verify the individual's identity.
(2) The state may not endorse an individual's digital identity unless:
(2)(a) the state has verified an individual's identity before endorsement;
(2)(b) the state-endorsed digital identity:
(2)(b)(i) incorporates state-of-the-art safeguards for protecting the individual's identity;
(2)(b)(ii) includes methods to establish authenticity;
(2)(b)(iii) is easy for an individual to adopt and use; and
(2)(b)(iv) is compatible with a wide variety of technological systems without sacrificing privacy or security;
(2)(c) the state provides clear information to an individual regarding how the individual may:
(2)(c)(i) maintain and control the individual's state-endorsed digital identity;
(2)(c)(ii) use the individual's state-endorsed digital identity;
(2)(c)(iii) limit access to:
(2)(c)(iii)(A) the individual's state-endorsed digital identity; and
(2)(c)(iii)(B) any elements of the individual's identity disclosed by the state-endorsed digital identity; and
(2)(c)(iv) obtain a new state-endorsed digital identity if the individual's state-endorsed digital identity is compromised;
(2)(d) the state ensures that when an individual uses a state-endorsed digital identity:
(2)(d)(i) any record of the individual's use:
(2)(d)(i)(A) is only used for the primary purpose for which the individual disclosed the state-endorsed digital identity; and
(2)(d)(i)(B) is not disclosed, shared, or compared by the governmental entity or person receiving the state-endorsed digital identity; and
(2)(d)(ii) the use is free from surveillance, visibility, tracking, or monitoring by any other governmental entity or person; and
(2)(e) the state-endorsed digital identity enables an individual to:
(2)(e)(i) selectively disclose elements of the individual's identity; and
(2)(e)(ii) verify that the individual's age satisfies an age requirement without revealing the individual's age or date of birth.
(3) The state may only revoke or withdraw the state's endorsement of an individual's state-endorsed digital identity if:
(3)(a) the state-endorsed digital identity has been compromised;
(3)(b) the state's endorsement was:
(3)(b)(i) issued in error; or
(3)(b)(ii) based on fraudulent information; or
(3)(c) the individual requests that the state revoke or withdraw the endorsement of the individual's state-endorsed digital identity.