Governing Digital Public Infrastructure

Dr. Emrys Schoemaker
Caribou Digital
Published in
5 min readJun 9, 2023

--

DPI is neither good, nor bad but never neutral — governance is the key to achieving the goals of DPI and Digital Transformation

The digital technologies that serve as the ‘infrastructure’ of widespread digital transformation are increasingly recognised as key drivers of development. In recognition of the importance of these technologies in enabling development, the United Nations, G20, WEF and others increasingly highlight the importance of thinking about these technologies as ‘digital public infrastructure’ (DPI), flagging technologies such as the infrastructure and standards of digital identity, payments and data sharing as core ‘rails’ of digital transformation.

A technology-only approach to DPI will fail — getting governance right is critical

We know from the history of technology and development that technology alone is never a solution — from e-government initiatives to laptops the lesson is that technology alone is no silver bullet. If anything, without care it ‘amplifies’ existing patterns of power and inequality. We need to establish governance of digital technologies as a critical enabling layer to ensure all DPIs deliver on their promise, and to ensure a digital transformation that is rights based, protective and inclusive. A framework for the governance of digital technologies can set the rules of the road for all digital technologies — including DPI but also private sector too.

Three thoughts on why governance is key to making DPI a success

At Caribou Digital we’ve been working on technology in development for a while — from increasing access to digital technologies, supporting dialogue around what ‘good’ digital technologies look like to enabling entrepreneurs to better use technology. Underpinning this work is a commitment to listen and learn from the way technologies are increasingly part of everyday life.

1. Making technology deliver for development requires institutional capacity and expertise: one form of digital public infrastructure is ‘digital public goods’ (understood as open source software, data, AI models, standards and content). There has been big progress in developing DPGs — there are 150 DPGs in the DPG registry, and DPGs have helped solve real problems. But we know that open source alone is never a solution, and that it also requires institutional competency, champions, sustainable business models. Without these, open source software deployments commonly fail. Open source systems also introduce new dependencies — for example on companies who integrate new open source technologies into existing systems. In the Philippines, the government has advanced one of the most significant deployments of the open source digital identity platform MOSIP, one of the most developed DPIs — yet the contract for the integrator alone was just under $40m and is a ‘crucial’ component of the project. The contract is ongoing.

Design is key to inclusion: ensuring that DPI meet standards that reflect core values is key — especially around issues such as individual agency, inclusion and protection. We’re currently researching the implications of the design of the EU’s wallet initiatives for migrants, looking at where identity wallets have been implemented — such as Ukraine’s Diia, Pakistan’s Pak Identity or the IFRC’s DIGID. From the humanitarian context we know that many vulnerable populations such as migrants see little value in digital wallets. But while design matters, we shouldn’t expect governments to become technology companies, developing all their own inhouse development capacity. Instead, governments need to be smart customers, with informed procurement practices.

2. Impact and risk assessment is key: in our research on registration and identity systems and management and information systems in refugee and social protection, it’s clear that many deployments lack assessment of impact. For example, while there are broad policy goals of linking humanitarian systems with social protection systems, there are widespread concerns about the transfer of vulnerable peoples’ personal data from humanitarian agencies to host governments. While the humanitarian sector has established principles and approaches such as ‘do no harm’ to assess potential danger, there is a growing attention to the issue of ‘digital risk’.

Due diligence and impact assessment tools are key. The UN has established due diligence assessment tools for assessing technology use across the organization. In our work on HR due diligence for tech investors, we developed an assessment tool to support technology investors consideration of rights in their decision making. Impact assessment is key to assessing the design and deployment of a specific system. To address other technologies, systems or wider path of digital transformation, a broader framework is required. A broader framework is also needed to ensure a sustainable, long term solution for countries who wish to manage the range of digital technologies in use within a sovereign jurisdiction.

3. Governance is the key to safeguarding, protection — and defining the values of digital transformation. A national set of rules of the road for digital technology under a sovereign jurisdiction can set the direction of digital transformation. This can include determining things like procurement rules to establish interoperable, transferable data formats, as well as wider principles such as civic participation, oversight and recourse. With the right rules in place a nation can benchmark systems against agreed standards and rules — and determine whether a particular system meets what we have decided are ‘good’ standards. What should a governance framework look like? Each country’s governance framework will be unique — though it’s important to recognise that its not about new laws/elements but ensuring existing laws are fit for the digital age.

We’re currently working with UNDP to develop a model framework, and in our work so far key elements for this framework include: Legal framework; Capable institutions; Data Protection and Privacy; Policy and system design principles; Facilitating access to services; Procurement & anti-corruption; Transparency and access to information; “Rights, Risk & Inclusion” and Accountability.

The governance layer enables national sovereignty and interoperability: the governance layer sets out the rules of the digital railroad — ensuring that any digital transformation and technology can meet the goals of DPI. But like a railroad, standards determine whether trains can safely move from one country to another — or not. The governance layer can determine a country’s ability to interact with international partners — such as the digital governance heavyweights of the US, EU and China.

Governance is key to defining the private sector’s role:

  • DPI is not just public or government owned tech — financial sector, data brokers and managers.
  • A sustainable national digital public infrastructure ecosystem requires private sector technology vendors, investors and innovators.
  • Getting the governance layer right — from data protection laws, procurement regulations and financial reporting — is key to ensuring that private actors and capital can be confident their role and interests will be protected.

These governance frameworks have deeply value laden dimensions — consider the emphasis on individual rights in the EU’s suite of digital regulation (DMA, DSA, GDPR) and on national socialism in China’s AI Act. All technology systems, regulations and principles reflect values and ideas about the goals that governance is intended to support.

DPI are technologies — and as such are neither good, nor bad — but never neutral. Governance is the key to determining the impact of digital public infrastructure, and the destination of the resulting digital transformation. Getting governance right will get the right digital transformation.

--

--

Dr. Emrys Schoemaker
Caribou Digital

research & strategy; digital technology, media and identity ; development, conflict & governance; Caribou Digital; PhD (LSE)