By Linda Gichohi
The Government of Kenya is spearheading efforts to enhance service delivery by embracing information and communications technology (ICT) as a core component of its reform agenda.
This initiative digitizes various government services, including civil registration and personal identification. Central to this transformation is the introduction of Unique Personal Identification (UPI) and the Maisha Namba digital identity system, which will revolutionise how individuals are registered and identified in the country.
The UPI, assigned at birth, will be a universal identifier across various government documents and services. At the same time, a third-generation digital identity will modernise the national ID system, marking a significant leap towards a fully digitalised national identity infrastructure.
However, as Kenya progresses with its digital ID initiatives, it must integrate human rights considerations, including complex inclusion, privacy, and data protection challenges.
I attended the launch of an advisory policy paper developed by Amnesty International Kenya and Strathmore University’s Centre for Intellectual Property Information and Technology (CIPIT).
The paper titled “Digital ID in Kenya (An Advisory Policy Paper Providing a Roadmap to the Implementation of a Rights Respecting Digital ID Regime in Kenya) 2023” looks into Kenya’s digital ID initiative, offers insights on its potential impact on citizens and highlights key principles essential for consideration by the government’s as it rolls out Kenya’s Maisha Namba digital ID system. The paper emphasises the importance of prioritising privacy, data security, and inclusivity in implementing digital ID systems.
The paper draws comparisons of the newly introduced Maisha Namba with initiatives like Unique Personal Identification (UPI) and Huduma Namba. It also outlines the challenges to privacy and data protection associated with implementing Huduma Namba. Similar concerns surround the UPI and Maisha Namba, with fears that these initiatives may not adequately protect data and guarantee privacy.
During the launch, stakeholders discussed the critical issues facing Kenya’s digital ID system, including threats to privacy rights, data protection, and compliance mechanisms. They also drew lessons from India’s Aadhaar system to inform regulatory considerations and avoid similar pitfalls.
The panel of experts at the session underscored the importance of inclusivity-driven design principles from the outset. They also examined the compliance and privacy challenges, stressing the need for transparent processes to roll out initiatives like Maisha Namba.
Further, they emphasised the need to enact data protection laws and robust evaluation frameworks to promote privacy protections in digital adoption.
In addition, the panellists advocated for embedding inclusivity in the design and life cycle of digital ID systems, echoing sentiments shared by the broader digital rights community. These sentiments are informed by Kenya’s historical context and the potential risks of ethnic profiling. There was also emphasis on the significance of public awareness, public participation, civic education, and the evaluation of human rights impact as crucial elements in the implementation process.
Similarly, in a recent article on the significance of Digital ID systems, Mr John Walubengo also stressed the importance of a balanced approach that safeguards individual privacy rights while advancing national interests, transparent data mining practices, appropriate frameworks and robust oversight mechanisms.
Similarly, the policy paper advocates establishing a rights-respecting and data-protection-compliant digital ID system in Kenya. It also calls for thorough data protection impact assessments, the participation of marginalised communities, clear definitions of objectives from the outset, adherence to data protection principles, and respect for the rights of data subjects.
Furthermore, implementing the digital ID system must anticipate and proactively mitigate risks such as data breaches, cybersecurity attacks, unauthorised disclosure, identity theft, function creep, unjust treatment, discrimination, surveillance, and vendor lock-in.
In conclusion, as the nation navigates the convergence of technological progress and societal responsibility, privacy and data protection emerge as indispensable pillars for successfully adopting digital ID systems and building public trust and confidence in using such systems.
Therefore, while digitising essential government services is imperative in the age of technological advancement, it must be done in adherence to human rights standards, data governance, and digital identity principles.
While Kenya can draw inspiration from the successful implementation of similar systems in other countries, it must develop a model digital ID system that complies with the constitution and remains responsive to the Kenyan context and lived realities of communities.
Moreover, it should develop appropriate technical standards, robust safeguards, data-sharing frameworks, and nationwide digital infrastructure to facilitate access for all citizens.
Further, participatory and inclusive design is critical to ensuring that traditionally marginalised and digitally excluded communities, such as indigenous groups, minority communities, persons with disabilities, and people living in informal settlements and rural areas, are included.
Likewise, collaboration between the government and key stakeholders, such as academia, civil society, the media, and the technical community, is critical to ensuring the effective implementation of Kenya’s digital ID system.
RELATED
Linda Gichohi is a lawyer, a KICTANet Legal Fellow, and a Gender Program Assistant. She is interested in women’s digital rights and access to justice for technology-facilitated violence.