“Digital ID systems are the battlefield where the fight for privacy, security, competition, and social inclusion is playing out,” Mozilla writes in a new white paper.The white paper usually surveys the landscape around government digital ID projects and recommends several policy prescriptions and guardrails for systems like voting, getting access to welfare benefits, loans, taxes and medical access among others.“The rush by governments and the international development community to deploy digital, and often biometric, identity systems is often leading to mass surveillance and denial of vital government services and benefits,” said Mozilla’s Public Policy Lead for Africa, Alice Munyua and one of the authors of the paper.Mozilla says some form of identity is almost always mediating interactions online and offline due to connections.“In designing, implementing, and operating digital ID systems, governments must make a series of technical and policy choices. It is these choices that largely determine if an ID system will be empowering or exploitative and exclusionary,” says Munyua.“We believe that the concept of openness provides a useful framework to guide and critique these choices and to ensure that identity systems put people first,” she adds.
According to Mozilla, the paper examines and makes recommendations around five elements of openness:
1. Openness as in multiplicity of choices: There should be a multiplicity of choices with which to identify aspects of one’s identity, rather than the imposition of a single and rigid ID system across purposes.The consequences of insisting on a single ID can be dire. In India, for example, there are documented cases of people dying because they did not have an Aadhaar number or their Aadhaar didn’t work.
2. Openness as in decentralisation: When national IDs are mandatory for accessing a range of services, the resulting authentication record can be a powerful tool to profile and track individuals.This centralised log of biometric data and transaction records paint a detailed portrait of the most intimate details of the lives of every person in the system.In doing so, these systems can dramatically increase the surveillance capabilities of both governments and companies.Centralisation of identity information creates a single point of failure which is ripe for attack by malicious actors. Digital IDs should, therefore, be designed to prevent their use as a tool to amplify government and private surveillance.
3. Openness as in accountability: Legal and technical accountability mechanisms must bind national ID projects.Data protection laws should be in force and with a strong regulator in place before the rollout of any national biometric ID project.National ID systems should also be technically auditable by independent actors to ensure trust and security.
4. Openness as in inclusion: Governments must place equal emphasis on ensuring individuals are not denied essential services simply because they lack that particular ID or because the system didn’t work.Individuals should also have the ability to opt-out of certain uses of their ID.This is particularly vital for those marginalised in society who might feel the most at risk of profiling and will value the ability to restrict the sharing of information across contexts.
5. Openness as in participation: Governments must conduct wide-ranging consultation on the technical, legal, and policy choices involved in the ID systems right from the design stage of the project.Consultation with external experts and affected communities will allow for critical debate over which models are appropriate if any.This should include transparency in vendor procurement, given the sensitivity of personal data involved.The Firefox maker which has been active in data protection said it has engaged with governments around the world on digital ID.