Covid-19 spurs national plans to give citizens digital identities
MOSIP, an open-source platform developed in India, will be central to many of those efforts
AND THEN THERE'S THIS:
MOSIP open digital identity initiative partners up to enhance platform for developing countries
A new partnership to promote robust digital identity as a global public good has been formed by the International Institute of Information Technology, Bangalore (IIIT-B) and the Norwegian Agency for Development Cooperation (Norad) to develop MOSIP, the Modular Open-Source Identity Platform.
The strategic partnership between IIIT-B and Norad is intended accelerate the achievement of the UN’s Sustainable Development Goals (SDGs) through digital identity, according to the announcement. SDG 16.9 seeks the provision of universal legal identity and free birth registration by the year 2030.
MOSIP is an open source platform for foundational ID backed by the Bill & Melinda Gates Foundation, Sir Ratan Tata Trust and Omidyar Network, with the aim of breaking down vendor lock-in.
It is available on GitHub, and intended to provide scalable, secure and privacy-preserving foundational ID systems. MOSIP Legal Counsel Srijoni Sen told Biometric Update in an interview when the platform was launched at ID4Africa 2018 that the open, modular system “enables interchangeability of service providers.”
Digital IDs Are More Dangerous Than You Think
THERE ARE SIGNIFICANT, real-world benefits to having an accepted and recognized identity. That’s why the concept of a digital identity is being pursued around the world, from Australia to India. From airports to health records systems, technologists and policy makers with good intentions are digitizing our identities, making modern life more efficient and streamlined.
Governments seek to digitize their citizens in an effort to universalize government services, while the banking, travel, and insurance industries aim to create more seamless processes for their products and services. But this isn’t just about efficiency and market share. In places like Syria and Jordan, refugees are often displaced without an identity. Giving them proof of who they are can improve their settlement, financial security, and job prospects in foreign lands.
But as someone who has tracked the advantages and perils of technology for human rights over the past ten years, I am nevertheless convinced that digital ID, writ large, poses one of the gravest risks to human rights of any technology that we have encountered. Worse, we are rushing headlong into a future where new technologies will converge to make this risk much more severe.
For starters, we are building near-perfect facial recognition technology and other identifiers, from the human gait to breath to iris. Biometric databases are being set up in such a way that these individual identifiers are centralized, insecure, and opaque. Then there is the capacity for geo-location of identifiers—that is, the tracking of digital “you”—in real time. A constant feed of insecure data from the Internet of Things may well connect you (and your identity) to other identities and nodes on the network without your consent.
In addition, systems using artificial intelligence and machine learning are used to make decisions based on our identities. Those systems are often built on data that can reinforce bias and discrimination, and are wielded without sufficient transparency or human review.
Ultimately, social credit systems, such as those that are currently being developed in China, will be based on digital ID, thereby enabling or disabling our full and free participation in society.
By developing these technologies in parallel with systems for a digital ID, we are not simply establishing an identity to access basic social services. Digital IDs will become necessary to function in a connected digital world. This has not escaped the attention of authoritarian regimes. Already, they are working to splinter the internet, collect and localize data, and impose regimes of surveillance and control.
Digital ID systems, as they are being developed today, are ripe for exploitation and abuse, to the detriment of our freedoms and democracies. We can make another choice. In the design and deployment of Digital ID systems, we must advocate for the principles of data minimization, decentralization, consent, and limited access that reinforce our fundamental rights.
First, that means the use of a digital ID should not be mandated. We should have the option to say no to any demand that we have a digital ID, without prejudice or negative repercussions.
Our cybersecurity needs to be defended.
The Aadhaar program, India’s national digital ID framework—the world’s largest—was recently shown to be compromised. For a digital ID system to work without becoming an easy target for hacking, it should be decentralized and otherwise adhere to recognized principles for good digital security.
One single digital identity used for authentication of multiple contexts creates the potential for pervasive profiling.
Likewise, our capacity for anonymity must be preserved. Our data needs to be protected. Governments are data fiduciaries, and data protection authorities, non-governmental legal experts, and civil society should therefore be consulted in the administrative, legislative, and technical design of digital ID systems.
In the case of Aadhaar, a recent ruling by the Supreme Court of India recognized the need for a robust data protection framework. Transparency is essential. Without transparency, there is no accountability, and few pathways for remedy of human rights abuse.
Finally, access to our data by state authorities must be governed by relevant international legal standards, particularly the “Necessary and Proportionate” principles. Personal information provided for one purpose should not be made available for identification for law enforcement purposes, without being subject to these vital legal standards. We cannot continue on the current path without stopping to build in necessary human rights protections to mitigate harm.
Our civil liberties should be the foundation upon which digital ID technologies, platforms, and systems are being constructed. Otherwise, in the quest to create a digital identity for the benefit of many, our fundamental rights can and will crumble.
The looming disaster of immunity passports and digital identity
A digital ID that proves immunity will raise serious human rights issues. And the failure of the digital ID industry to deal with the issues of exclusion, exploitation and discrimination puts the entire industry under question.
KEY FINDINGS
'Immunity passports' are a theoretical credential - most likely digital - that someone can prove that they have either had the virus and recovered, or have had a vaccination.
Immunity passports are being hyped as a solution to ending lockdowns around the world by actors including the proponents of digital identity; the digital identity industry; think-tanks; and the travel industry. Yet there is currently no scientific basis for these measures, as highlighted by the WHO.
The nature of what information would be held on an immunity passport is currently unknown.
The social risks of immunity passports are great: it serves as a route to discrimination and exclusion, particularly if the powers to view these passports falls on people's employers, or the police.
The digital identity industry - pushing their own products as immunity passport solutions - is failing to protect against these harms: they are interested in building wider digital identity systems, based on their pre-existing models, rather than developing a genuine solution to the risks of these passports.
No comments:
Post a Comment