Trust, privacy, human rights fundamental for DPI
Advocacy on the importance of digital trust, data privacy and human rights considerations in the design and development of digital public infrastructure (DPI) is not new, but two new papers from the Atlantic Council and Access Now have emphasized the inevitability of these factors.
The building of DPI is one of the key areas of concern for many countries that are currently advancing their digital transformation agenda. But how these DPI tools are designed, developed and deployed has a bearing on how they are accepted by the public and the impact they eventually have on users.
The Atlantic Council paper, authored by tech policy advisor Justin Sherman, thus examines the opportunities and risks of DPI in terms of digital trust, data privacy, cybersecurity and resilience, and recommends that for DPI to be effective, these factors must be at the nucleus of its architecture. The paper reflects views collected from experts of a working group on how these aspects relate to DPI payment, public service delivery, data backup, cloud and others.
“Approaching these issues with a dual policy and technology lens will hopefully help decision-makers eliminate or mitigate some of DPI’s most serious risks—while enabling the maximization of public-interest, rights-centered opportunities for societies around the world,” the author writes.
The brief looks at trust from the technological standpoint which “could include potentially publishing code or using open-source code, creating systems for independent third-party privacy and cybersecurity audits,” as well as from the broader trust environment which depends on “factors such as the perceived legitimacy of the government in power, privacy and cybersecurity laws and regulations, and meaningful transparency.”
“If citizens cannot trust their government to follows laws and regulations across areas ranging from corruption to respect for a free press, that lack of trust completely undercuts their ability to trust the government to follow its own governance mechanisms for DPI,” the author states.
In building trust for DPI, a step-by-step or sequential approach for rolling out DPI projects matters, as seen in the examples of India with the India stack as well as in Ukraine with the Diia digital government application, according to the paper.
The publication also posits that for governments to have proper data protection and privacy frameworks in place, there is need for multistakeholder engagement that promotes transparency: “Companies, civil society groups, and other stakeholders can also create co-governance mechanisms, frameworks, and best practices for data privacy in DPI that are specific to the country, project, and context. In fact, governments should ideally be willing to collaborate with businesses and civil society in such efforts so that DPI projects reflect a whole-of-society approach.”
“Cybersecurity and resilience are necessary for DPI systems to operate with trust, protect individuals’ data and system data, and facilitate their predictable and reliable use. Strong cybersecurity and resilience practices are a process rather than an end state.”
Among other points, the paper calls for the definition and implementation of frameworks for digital trust, privacy, and cybersecurity, and mentions that there must be guardrails put in place to enhance their operationalization.
In another paper in June, the Atlantic Council harped on the importance of DPI and data for building strong digital economies.
Access Now urges focus on security risk reduction, rights protection
Meanwhile, in a discussion paper, digital rights advocacy watchdog Access Now also provides recommendations on DPI approaches that do no harm and prioritize people and communities.
The publication discusses the various definitions of DPI, how the current approach in the implementation of DPI poses a threat to human rights, and ways through which human rights can be at the core of DPI design and implementation.
The paper also makes proposals on methods through which security risks and infringements should be avoided in the implementation of DPI programs. It is a call to action for policy makers such as lawmakers.
“To create truly public digital infrastructure, it is essential to prioritize the needs and rights of individuals, particularly those most vulnerable to exclusion and coercion. This requires a shift from viewing DPI as a purely technical solution to understanding it as a social process that must be governed by principles of equity, inclusion, transparency, and accountability,” writes Access Now.
“Digital transformation should never be an end in itself but a means to achieve broader social goals. By placing human rights at the center of DPI, we can ensure that digital technologies empower individuals and communities rather than entrenching existing power structures and inequalities.”
To get this done, Access Now points out the need to engage directly with impacted communities, make sure DPI is actually public by authorities showing accountability and transparency, ensure human rights safeguards from the design stage, and avoid making DPI systems legally or practically mandatory.
Access Now has also been vocal about the need for transparency and human rights safeguards in the use of biometrics, including in humanitarian settings.
Article Topics
Access Now | data privacy | digital economy | digital identity | digital public infrastructure | digital trust | financial inclusion | humanitarian
Comments