Digital Identity and Privacy

The digital revolution of the 21st century is driving everyone to embrace technology to varying degrees. Access to and engagement with government, the private economy, our communities, and each other all increasingly rely on digital connection. And underpinning all these connections is the necessity to assert one’s digital identity: a digital means of proving we are who we claim we are.

The growing digital economy will bring massive opportunities as connectivity increases and distance evaporates as a barrier for engagement and trade. Transactions will increasingly occur without the two transacting parties ever meeting. Access to state benefits and a range of other services have the potential to become easier, faster, and more inclusive.

At the same time, the digital economy will introduce new barriers to access and engagement for those who lack identification or are unable to establish identification for want of digital access. The World Bank estimates that there are more than 1.1 billion people in the world who lack the ability to prove their identity. For these individuals, many of whom already face social and economic exclusion today, inclusion in the rapidly digitizing world becomes even more difficult without the identifiers required to engage in it. But to ensure that digital identity is truly inclusive, secure, and safe for everyone to use, it requires a shared and thoughtful development of the necessary checks and balances.

At Omidyar Network, our hypothesis is that digital identity can lead to empowerment only if it (i) puts the individual in control of her identity and (ii) is built with checks and balances to protect personal information of individuals. At the heart of our perspective, we believe in three foundational precepts about digital identity. Identities must:

  1. be available and useful to individuals
  2. be non-discriminatory and designed for inclusion, meaningful user-control, and privacy
  3. provide for recourse and accountability for harms caused

For a digital identity system to achieve these objectives, we must consider both technical design and governance. In fact, in our view, the technical design can be more effective in protecting individuals than the legal privacy framework of a given country, given the difficulty of enforcing rights and having real recourse for individuals who may have their privacy violated.

There is a growing body of work on privacy, data protection, and identity principles. But more needs to be done. The enumeration of comprehensive and specific safeguards, permissible uses of digital identity and personally identifiable information, recourse and accountability, are all critical to ensure that engaging in the digital world can keep us all empowered, safe, and secure.

Read our full point of view, here.