The Digital Identity Laboratory of Canada (“IDLab”) is a Canadian federal Non Profit organization founded to advance digital trust by breaking down barriers to digital ID adoption. IDLab promotes conformity and interoperability of digital ID by delivering education, assessment, advisory and sandbox services. Services provided by IDLab are pursuing theses outcomes with IDLab clients and stakeholders:
In order to preserve its role as a trusted and neutral third party in the digital ID ecosystem, it is important for IDLab to not engage in commercial activities that would endanger its ability to fulfil its role. At issue in this policy are commercial activities for which IDLab shall not engage in and other commercial activities for which Management may engage in provided it obtains prior authorization from the Board of Directors.
The objective of this policy is to describe prohibited commercial activities, commercial activities requiring prior permission from the Board of Directors and commercial activities that are allowed.
This policy is adopted under the authority of the Board of Directors of IDLab and applies to the provision of services by IDLab to clients and stakeholders.
Prohibited commercial activities. The Laboratory shall not:
Third-Party Service Provider. By exception to the previous prohibition and in situations when a RFP requests that a bidder obtain third-party certifications, validations as part of the deliverable, or hosting a reference implementation, the Laboratory may participate, but only if all the following conditions are met:
Peripheral activities. In situations where a public or private sector organization approaches the IDLab and requests the IDLab to offer or complete peripheral activities, an ordinary resolution of the Board of Directors shall be obtained before the execution of any Agreement to that effect. A peripheral activity is an activity not prohibited under this policy that falls outside the scope of the IDLab activities listed under the “Context” section at page 1 of this policy. The Directors representing the private sector category of members shall abstain from voting on this resolution. For the purpose of this provision, a “peripheral commercial activity” is an activity that does not fall in the scope of “Laboratory Activities” as listed in the next section of this policy.
The scope of the approved activities for the Laboratory includes:
Facilitated outcome | Laboratory Activities |
Awareness & Education |
|
Development of digital ID assessment tools & frameworks |
|
Discovery |
|
Experimentation |
|
Integration | |
Quality Assurance | |
Trust |
|
This policy shall be published on the website of the Laboratory.
Amendments to this policy require an ordinary resolution of the Board of Directors.
Version | Effective on | Changes since last version |
2.0 | 5 Nov 2021 | Main changes in addition to editorial changes:
– Introductory part of the Context section amended to reflect the current IDLab core focus (purpose and niche) and to reflect the new categorization of services of IDLab (education, assessment, advisory and sandbox services) – Addition of “Development of digital ID assessment frameworks” in Context section – Removal of footnote that added clarification with regards to the Laboratory Sandbox Platform – Moved approved activities to a dedicated section titled “Scope of Approved Activities” – In the Scope of Approved Activities section, addition of “Development of digital ID assessment frameworks” row |
1.0 | 1 April 2020 | NA – first version. |
[1] The “Pan-Canadian Trust Framework” and “PCTF” terms are trademarks owned by DIACC.
“The IDLab worked with us to identify the best person to do a Privacy Impact Assessment for our company. The person we were connected with was top notch and did an outstanding job. The IDLab monitored the relationship throughout the term of the contract and helped insure we received the services we needed on time and on budget. This was an exceptionally positive experience for us.”
Jay Krushell, TreeFort Technologies Incorporated