In Kenya, as in many parts of the world, national identity has become a key product of modern nationalism. The ability to prove your identity is critical for access to public services and exercise of legal rights.
Kenya has a well-established national identification (ID) system, where a national ID card is the mainstay of daily life. The greatest weakness with Kenya’s identity ecosystem, however, remains in the fact that the two identity modes — the foundational and functional systems — have very little interoperability.
Foundational systems are civil registrations meant to provide general identification for official purposes, such as a national ID, alien and refugee registrations. Functional systems are registrations for a particular service or transaction such as health cards, passports and driving licences, each relating to a particular agency.
A wallet of a Kenyan is full of multiple functional cards. The problem has always been with the foundational systems registration. The national ID card, despite having all the personal data details, including biometrics, has very little utility in functional areas. This failure to have linkage between foundational and functional systems has led to duplication in registrations and wastage of resources.
It is therefore refreshing to learn that the government has prioritised reforming the identity ecosystem by adopting the foundational ID system through the proposed National Integrated Identity Management System (NIIMS). Recent pronouncements by officials reveal certain decisions have been made to this effect.
These include issuing a single unique ID number form birth, a single national population register that includes citizens, aliens and refugees, and a smartcard for citizens. NIIMS will provide a foundational ID system, where other databases, such as registries of voters, will be built from.
A World Bank research found that many countries have realised considerable benefits of adopting efficient ID systems. In Argentina, for instance, integration of the tax databases, occupational and other registers through a unique ID improved tax audits, generating over $44 million in additional revenue and a reduction in tax fraud.
The India’s Aadhaar has significantly facilitated access to and delivery of services. Clearly, rolling out an efficient identity system will present opportunities for fiscal savings, development of the digital economy and enhanced public and private sector service delivery.
A well-designed NIIMS is capable of acting as basis of vote registry and the government could save significant costs from the need to carry out periodic voter registration drives. It would facilitate digital authentication that would open doors for e-government and new e-commerce markets.
While NIIMS opportunities abound, so are challenges and risks. There are some things that have to be got right in order to promote trust and confidence in the system. There is need to examine the regulatory enabling environment for privacy and personal data protection and reducing technology risks, and unintended risks of exclusions.
With electronic ID systems, the need to secure data, prevent inappropriate sharing or use of data, including discriminatory use against certain individual or groups, is paramount. Data collected for one purpose may be used for other purposes such as profiling and surveillance, including by government agencies, which may compromise trust and integrity of the system.
Equally, cyber security risks such as data theft, fraud, manipulation or hacking, or even destruction need to be considered. Vulnerable infrastructure, systems and data will erode user confidence, making the use of the systems less attractive. Lastly, technology risks should be mitigated, including being proactive in contract negotiations in procuring IT systems to prevent any vendor lock-in practices.
The processing of the data needs to be localised through a data centre in the country. The vendors should be deprived of controls to prevent hurdles that face the KRA’s i-Tax system or those purportedly faced by the IEBCduring presidential election petitions. Inappropriate design of the IT system will result in substantial costs increases, reduced flexibility and sustainability.
To mitigate these risks, the NIIMS programme ought to be founded on clear rules, specifying the rights and obligations of issuers and users, and to avoid unintended consequences such as inadvertent exclusions. It would be appropriate to have a comprehensive legal framework to ensure a NIIMS that promotes trust in the design, implementation and use of ID.
Currently, the only legislative proposal is contained in Statute law (Miscellaneous) Amendment Bill. It is not fair that such a landmark project is initiated through an omnibus Bill, whose sole purpose is to make minor changes in the statute books.
There is need to adopt a consultative legislative approach and enact an inclusive legislation, focusing on inclusion, non-discrimination, individual privacy, data protection and IT systems. These are important to ensure public trust, which is a critical factor for the success of the programme, especially to promote the ‘demand side’ case for people registering.
Where personal privacy is not safeguarded, or the new ID system is seen as discriminatory or exclusionary, people may withhold information, supply inaccurate information, or simply avoid participating, reducing the economic and development impact of the programme.
Equally, before investing in smartcards and centralising data from different sources into a single database, there is need to consider alternative options, including latest technology trends such as distributed ledgers and mobile phone-based IDs and experience from other countries. These could be leveraged and ensure the country adopts the best methods.