As soon as the Ayushman Bharat Digital Health Mission of the Government of India started issuing Digital Health IDs, I was flooded with articles on how this new scheme is yet another attack on our personal privacy. Many of the concerns raised had the same arguments that were prominently displayed in the earlier challenge to Aadhaar. This included fears that the new Health ID would result in our health data being aggregated into large centralized databases, making this intimate information more easily accessible to those who wanted to misuse it.
As it happens, this particular fear is largely unfounded in the case of India’s digital health infrastructure, given that its federated design will, for the most part, ensure that your data stays where it was originally stored. it was done. But as I read through the increasingly agitated conversations on social media, it was clear that there was a much deeper issue at play. For some reason, digital identity systems in India are directly linked to a loss of privacy and any attempt to introduce them into our public digital infrastructure infrastructure faces knee-jerk opposition. What is not entirely clear is why.
Identity is a condition for the provision of services. To assess whether the services individuals are requesting are eligible for those services, you must be able to tell who they are. After establishing eligibility, you need to correctly identify them each time you avail the service to ensure that they are not trying to double the benefit already received.
When the services were provided in physical form, we did not think anything of submitting proof of identity for verification of service providers. We understood that they should be able to identify us to ensure equitable distribution of entitlements. And yet, now that these services are available online, we shy away from making our mark.
From one perspective, this restlessness is understandable. There is already widespread concern that digital service providers know more about our habits and behaviors than they should. To add to this, given the number of data breach and negligence incidents that are reported on an almost daily basis, it is not surprising that the majority of users believe that digital service providers have any interest in protecting our personal privacy. Not there. With universal identification systems added to the mix, many people believe that much of what we are doing is enabling us to more accurately cross-reference unrelated objects of information, making the situation worse. Is. And yet, there is no doubt that digital identity solutions, if implemented well, can add value to almost any service offering.
This is one of the central challenges facing anyone building a population-scale infrastructure for digital public goods. While efficient identity solutions would greatly increase the usefulness of these systems, given how closely digital identities are associated with loss of privacy, any attempt to incorporate them meets immediate resistance. Privacy purists would instead prefer that we did away with the digital identity system altogether. They argue that the losses caused by these systems are not worth any benefit they can provide.
Perhaps there is a less extreme option. Given how important identity is in a digital context, instead of trying to engineer our digital public goods infrastructure to work without any digital identity, perhaps we need to make an effort to ensure That the identity solutions used are more thoughtfully designed – to enhance rather than destroy privacy.
There are many ways in which this can be achieved. Where identification is necessary for the limited purpose of identifying eligible recipients, we can ensure that the moment eligibility is established, identifying information is indexed as such in separate hard-to-access confidential stores that it becomes impossible for this data to be mixed with other transactional information generated in the course of providing the Service. Wherever possible, this information should be encrypted and/or tokenized to ensure that even in the event of a data breach, the detrimental impact on privacy is negligible.
Where beneficiaries of one service are entitled to benefit from other associated services, we shall, wherever possible, facilitate such cross-verification of beneficiaries in a privacy-preserving manner without actually exchanging digital identity information. Our public goods infrastructure must be designed. For example, we may envision zero-knowledge proof solutions that establish an individual’s eligibility for an associated service without actually disclosing any basic identifying information.
In each case, the ideal solution will depend on the specific application in question. In some circumstances, it may be more appropriate to separate the data flow from the identity flow (such as how data and consent flows are separated within the framework of a data empowerment and security architecture). In others, it may be better to generate a token that acts as a proxy for identity. Rather than being prescriptive, we should encourage the use of privacy-enhancing digital identity solutions, but leave it up to the service providers to develop appropriate methods of implementation.
Only by actively rebuilding public trust in digital identity systems in this way will we be able to realize the full potential of our digital public infrastructure.
Rahul Mathan is a participant in Trilegal and also a podcast called Ex Machina. His twitter handle @matthan . Is
Don’t miss a story! Stay connected and informed with Mint.
download
Our App Now!!
.