Mozilla calls for openness in Digital ID systems

Mozilla calls for openness in Digital ID systems

February 26, 2020 0 By mykenyancareers

NAIROBI, Kenya Feb 26 – Digital ID systems are increasingly the battlefield where the fight for privacy, security, competition, and social inclusion is playing out, Mozilla writes in a new white paper released Wednesday.

“In our
ever more connected world,” it said, “some form of identity is almost
always mediating our interactions online and offline.”

the corporate giants that dominate online space using services like Apple ID
and Facebook and Google’s login systems to government IDs which are
increasingly required to vote, get access to welfare benefits, loans, pay
taxes, get on transportation or access medical care digital ID systems are key.

white paper surveys the landscape around government digital ID projects and
recommends several policy prescriptions and guardrails for these systems.

rush by governments and the international development community to deploy
digital, and often biometric, identity systems is often leading to mass
surveillance and denial of vital government services and benefits,” said
Mozilla’s Public Policy Lead for Africa, Alice Munyua and one of the author’s
of the paper.

designing, implementing, and operating digital ID systems, governments must
make a series of technical and policy choices. It is these choices that largely
determine if an ID system will be empowering or exploitative and exclusionary,” she says.

believe that the concept of openness provides a useful framework to guide and
critique these choices and to ensure that identity systems put people first,”
continued Mozilla’s Public Policy Lead for Africa, Alice Munyua.

whitepaper examines and makes
recommendations around five elements of openness:

  1. Openness as in multiplicity of choices: There should be a multiplicity of choices with which to identify aspects of one’s identity, rather than the imposition of a single and rigid ID system across purposes. The consequences of insisting on a single ID can be dire. In India, for example, there are documented cases of people dying because they did not have an Aadhaar number or their Aadhaar didn’t work.
  2. Openness as in decentralisation: When national IDs are mandatory for accessing a range of services, the resulting authentication record can be a powerful tool to profile and track individuals. This centralized log of biometric data and transaction records paint a detailed portrait of the most intimate details of the lives of every person in the system. In doing so, these systems can dramatically increase the surveillance capabilities of both governments and companies. Moreover, centralization of identity information creates a single point of failure which is ripe for attack by malicious actors. Digital IDs should, therefore, be designed to prevent their use as a tool to amplify government and private surveillance.
  3. Openness as in accountability: Legal and technical accountability mechanisms must bind national ID projects. Data protection laws should be in force and with a strong regulator in place before the rollout of any national biometric ID project. National ID systems should also be technically auditable by independent actors to ensure trust and security.
  4. Openness as in inclusion: Governments must place equal emphasis on ensuring individuals are not denied essential services simply because they lack that particular ID or because the system didn’t work. Individuals should also have the ability to opt-out of certain uses of their ID. This is particularly vital for those marginalised in society who might feel the most at risk of profiling and will value the ability to restrict the sharing of information across contexts.
  5. Openness as in participation: Governments must conduct wide-ranging consultation on the technical, legal, and policy choices involved in the ID systems right from the design stage of the project. Consultation with external experts and affected communities will allow for critical debate over which models are appropriate if any. This should include transparency in vendor procurement, given the sensitivity of personal data involved.

said it has engaged with governments around the world on the topic of
Digital ID, including by filing an affidavit in front of the Constitutional
Court of Kenya in a case on the country’s National Integrated Identity
Management System (NIIMS).

Firefox-maker has also been active in data protection debates in five