Red Cross issues recommendations for digital ID in humanitarian sector
A report into the various uses of digital ID in humanitarian settings brings together the many risks and challenges as well as opportunities for the technology, and outlines five key areas of recommendations for developing and adapting it, particularly in migration settings.
As a consortium of humanitarian agencies prepares for the second phase of its own cash assistance project, it decided to take stock of the overall use of digital identity in the sector.
The International Federation of Red Cross and Red Crescent Societies (IFRC) worked with the DIGID (Dignified Identities for Cash) consortium – the Norwegian Red Cross, Norwegian Refugee Council, Norwegian Church Aid, and Save the Children Norway – to produce “Digital Identity: Enabling dignified access to humanitarian services in migration”.
DIGID has been operational in Kenya and the next phase, DIGID2, will roll out this year with a focus on the needs of vulnerable migrants. According to UNHCR figures quoted, there were 80 million displaced people worldwide by mid-2020. One in a hundred people. The IFRC has made “Migration and Identity” one of its five global challenges for its Strategy 2030 mission.
As digital identity technologies are increasingly common in these situations, the DIGID group is investigating how different humanitarian actors can recognize and work with the same set of digital credentials.
Digital ID pros and cons
The report finds that there is no clear consensus on what ‘digital ID’ is, nor a common vision of what it could be. Projects in operation range from simple beneficiary registration to issuing people with self-sovereign ID (SSI). While there are many opportunities for both users and administrators, digital ID systems can be life-threatening as well as life-saving.
Researchers interviewed migrants and surveyed humanitarian agencies on their experiences of the various versions of digital ID in use around the world.
Although the agencies generally administer urgent aid with no requirement for ID, 63 percent of agencies reported they had had to withhold some services to migrants who did not have ID.
Consent for giving data in order to be registered for a particular ID as an area of concern for the agencies and the report writers. 14 out of 16 agencies said they ask migrants to sign or tick a box to indicate their consent. An agency that uses iris biometrics (likely UNHCR) reported that it spends 15 to 20 minutes with each person to explain the process.
“There is growing concern that informed consent is neither really consensual, nor properly informed, particularly in the case of digital identities, creating a risk of misunderstanding or lack of knowledge on behalf of the end user,” states the report.
Half the agencies reported experiences of migrants refusing to share their ID. Anecdotally, migrants responding found that their fellow migrants had little or no understanding of the implications of sharing data, confidentiality or data privacy. It seemed to many that giving up their data was simply what was required to receive aid.
The report finds that those enroled in digital ID schemes should be able to access their data and also request that it be deleted.
Another area the report calls for more discussion on is the result of using increasingly complex digital identity solutions. As they become more complex, towards SSI, they require far greater literacy and digital literacy from the users.
Even the fact that users can access more of the data held on them can prove problematic. Victims of gender-based violence or people in conflict situations could be forced to access the data held on them under duress. This could reveal medical reports or stays in refugee camps which could compromise their safety.
Ringfencing of certain data types within a person’s records could help prevent this. Another issue is who is the ‘guardian’ of a digital ID system and does a migrant need to transfer to a new local operator if he or she crosses a border?
Location data itself can endanger digital ID users: “Geo-localized data may reveal migrants’ journeys, which in some cases could deny them safe access and asylum in a particular country if it is determined that they should have sought asylum in a country they had reached previously. There is sufficient evidence about migration authorities requesting such data from migrants’ phones to support or deny their asylum claims.”
An unnamed operations manager from a humanitarian NGO is quoted as saying, “In the context of growing criminalization of migration, it might be dangerous to have information about people’s journeys.”
The report has a list of recommendations to offer better protections to service users and to allow agencies to interact more easily with the various digital identity programs in operation.
Organizations are asked to minimize the amount of data recorded in humanitarian action. They are asked to “follow a model of cooperation or consortia, identifying clear governance structures and incorporating relevant expertise in advisory and decision-making functions.”
They are urged to take a long-term vision on digital identities and have guiding principles or a strategy to ensure internal and external accountability. They should publish these principles and put in place safeguards around control of data, to determine when too great an onus is being placed on migrants in managing their data.
Recognizing the greater issue of UN Sustainable Development Goal 16:9 – legal identity for all by 2030 – the report states “humanitarian organizations should advocate for greater engagement of migrants in developing digital identity solutions, as well as supporting national authorities to provide identity to the more than one billion people around the world who currently lack it.”
As the reputation of the technologies and platforms in use by one agency can be damaged by the mishandling of an identity project of another, the report calls on organization to build trust at all levels.
The ultimate goal is interoperability across platforms so that various agencies can recognize digital credentials provided by another.
“A key issue being examined is digital ID technical standards, to have a broad acceptance network,” a digital identity expert from a humanitarian organization is quoted as saying, “Those relying on the identity need to know what those standards are and whether they can trust it, and how different tools can interoperate.”