Digital Identity

As governments and private actors adopt digital ID technologies for service delivery, security, and inclusion, questions arise around privacy, data protection, accessibility, and human rights. CIPIT provides evidence-based research and policy guidance to ensure that digital ID systems are inclusive, secure, and rights-respecting.

CIPIT’s work in Digital ID sits at the intersection of law, technology, and public policy. The Centre conducts multidisciplinary research that:

• Analyzes regulatory and governance frameworks governing digital identity systems in Africa.

• Assesses risks and safeguards related to data protection, surveillance, and human rights.

• Examines inclusivity and accessibility, ensuring marginalized groups are not excluded from identification systems.

• Provides technical and policy advice to governments, civil society, and private sector actors on responsible digital ID implementation.

• Facilitates multi-stakeholder dialogues, bridging academia, policy institutions, and technology developers to promote ethical digital identity practices.

Determining true risks and their impact to the user experience of Digital ID

Increasingly, with the introduction of DID programs in a number of African countries, citizens and residents have taken to social media to elaborate on some of their experiences of ID and interacting with ID systems. Albeit limited in scope and magnitude, these online reports of lived experiences provide a useful tool for assessing the impact of DID and identifying likely harms to which users may be exposed. Analysing social media narratives from 11 African countries, this report identifies, in descending order of gravity, three major categories of harms affecting users, as well as instances when the harms are most likely to manifest. These categorisations are proposed as a tool to assess the feasibility and proportionality of DID programs. Category One Harms are primarily associated with an inability to access foundational forms of ID. Category Two Harms on the other hand relate to users having the ID; its impact on constitutional rights, namely, the right to equality, privacy, and other human rights such as healthcare. The last category, Category Three Harms, deals with the harms occasioned by logistical/operational shortcomings such as clerical errors, long lines, etc. This report is guided by two main frameworks discussed below, the Principles for Evaluation set out by the Centre for Internet & Society (CIS) and the Omidyar Network’s Good ID principles.

Report on online narratives on Digital ID in Africa

The reports below are our analysis of Digital ID in the context of a global pandemic.

1. Part 1: MOBILE MONEY DURING A PANDEMIC

2. Part 2: Emerging Issues in Digital ID (PART I)

3. Part 3: Using Digital ID to Provide Social Assistance

4. Part 4: Digital Signatures

5. Part 5: Predictive Use Case: Using Digital ID for Vaccine Distribution

Kipande, Kitambulisho, Huduma Namba: The Violent Ontologies and Epistemologies of National Identity Systems in Kenya.

In 2019, the Government of Kenya through the Ministry of the Interior announced a new initiative called the Huduma Namba; a centralised, ‘single source of truth’ database that would determine the extent to which citizens would be able to access key government services.

However, the Huduma Number is the latest incarnation of the idea that a centralised register of persons is necessary to effective governance. It is designed to take precedence over the existing ID (kitambulisho) system, which has its origins in the pre-independence registration of African males in Kenya. But despite its stated confidence in its own system, the government launched the Huduma Number under a cloud of threats and coercion. Citizens were given 30 days to register for the new system and informed that failure to register would deprive them of access to banking, passports, mobile money, and even while, for instance, provision was not made for those in the diaspora. Eventually, this move raised suspicion as to the legality of this mandatory enrolment.

This paper will retraces the politics and history such centralised databases in Kenya beginning with the introduction of the kipande in colonial Kenya in 1921, through to the creation of the kitambulisho system at independence, including enrolment of women in 1978 and the modern digital database, through to the Huduma Namba itself. This critical genealogy will emphasise the reasons why the various systems were created, the ways they were expected to operate, and the political challenges they raised, as well as the extent to which these challenges were addressed. In this way, the paper argues that the fundamental flaws in Kenya’s identity systems are political and not technological and that the introduction of a digital database without addressing the political context may compound more problems than it solves.

This paper is currently under peer review.

Reports

1. THE INCLUSIVENESS OR EXCLUSIVENESS OF NATIONAL IDS IN WEST AFRICA

The purpose of this project is to review the use of IDs in three (3) West African countries in order to determine where the IDs have been used to include and or exclude individuals in getting access to social services. In doing so, we reviewed relevant literature, laws and policies, grey literature, primary and secondary accounts, and other materials on inclusive/exclusive uses of IDs in the respective countries. The Consultant identified Cote D’Ivoire, Ghana and Nigeria for purposes of the study. The countries have been selected to represent the diversity of legal systems and governance structures within West Africa.

For each country, we have discussed two critical identity credentials/documents: the national identification card (or the national identification number in some cases) and the national health insurance card. The two cards are chosen to represent the foundational and functional identification systems in the three countries, and also reflect the peculiar dimensions and implications for inclusivity.

Overall, we find that in terms of laws and policies related to IDs, governments in the three (3) countries generally have a pro-inclusivity disposition. Yet, there are also policies and laws in the countries that undermine ID inclusivity and intend promote exclusivity. These exclusionary factors of the six (6) IDs studied here are often heightened by administrative impediments to access. Below are some of the major observations from the three (3) country’s case studies.

2. BIOMETRIC TECHNOLOGY, ELECTIONS, AND PRIVACY INVESTIGATING PRIVACY IMPLICATIONS OF BIOMETRIC VOTER REGISTRATION IN KENYA’S 2017 ELECTION PROCESS.

The Centre for Intellectual Property and Technology Law (CIPIT) conducted this research project to investigate the privacy implications of using biometric technology during the electoral

process in Kenya. The project focused on two main questions: what are the motivations for the adoption of biometric technology in the Kenyan elections and, how is privacy and security of personal data in Kenya impacted by the adoption of biometrics in the electoral system? We conducted primary and secondary research from our location in Nairobi, Kenya before, during and after the 2017 general elections. We will seek to contribute evidence-based research to academic, policy and advocacy engagements on population registrations, elections, data security,

and privacy

Policy Briefs

1. Digital ID in Kenya– This policy paper provides academic views on the the need, justification, principles, benefits and challenges of the UPI and digital ID in Kenya. It also provides a comparative analysis of the digital ID system successfully rolled out in India Though not discussed at length, this paper also examined digital ID systems in Estonia, Mauritius, Germany, Portugal and Pakistan. This policy paper is, therefore, an advisory document.

Policy Briefs

1. Beyond Technical Soundness: Making Room for Human Rights in Kenya’s Digital Identity Projects.

Developing countries around the world are turning to digital identity systems to address development challenges. But some development challenges cannot be resolved purely on technical terms. Where they are implemented without adequate consideration of the local social and historical context, the systems can cause significant harm that undermine any putative benefits. This policy brief focuses on Kenya’s digital identity project which has been plagued with dissent and confusion in part because it has not been sensitive to key human rights concerns. It provides a preliminary human rights framework to analyse Kenya’s Huduma Number.

A Downloadable version of the policy recommendations below is here.

BLOGS

1. Digital Rights in Focus: Navigating Kenya’s Maisha Namba Implementation Landscape

2. The Gender Equality Mirage: From Human Bias to AI Bias in Digital ID Systems in Africa

3. An Overview of the Digital ID system and the Unique Personal Identifier in Kenya

4. Inclusion and Exclusion: Reflections from the Digital ID Talk

5. Digital surveillance in health emergencies

6. The Draft Registration of Persons (NIIMS) Regulations 2020

7. HUDUMA NAMBA JUDGEMENT SUMMARY

8. Did we get Huduma Namba because of a simple mistake in Parliament?

9. HUDUMA NAMBA BILL ANALYSIS