In Favour of DPI

Last year there was widespread support for India's DPI approach—with countries around the world hailing its achievements, and looking to emulate them. Over the past few months, however, the voices of dissent have grown steadily louder. Rather than allow arguments against DPI to go unanswered, I thought it best to deal with them head-on.

This is a link-enhanced version of an article that first appeared in the Mint. You can read the original here.

Last year saw tremendous enthusiasm around the concept of digital public infrastructure (DPI) during the G20 and after. What I didn’t realise at the time was that, lurking just beneath the surface, were strong undercurrents of disapproval.

The arguments against DPI range from the semantic (that the term DPI flatters to deceive) to the techo-solutionist (not everything can be solved by throwing technology at it). These arguments have, in recent times, been raised with greater stridency. Before this narrative gains any further traction, I thought it best to address it head-on.

Most economists start with semantic concerns—the fact that what we call DPI is neither non-rivalrous nor non-excludable in the way that public goods ought to be. This, they argue is evidence of “green-washing”— an attempt to leverage the lustre of digital public goods (DPGs) even though DPI has none of its features.

That a given DPI is excludable is often a matter of choice. Many countries believe that it remains their sole prerogative (and sovereign right) to offer these services. And that no other person should be allowed to deploy DPI in their country. It is to address these concerns that the term DPI was coined in the first place. As a result, this is not so much an attempt to make DPI look more like DPGs, but an attempt to distinguish these solutions from them.

As a matter of fact, most DPI solutions are also available in open-source modes, making them both non-rivalrous and non-excludable. MOSIP, an open-source digital identity system, is one such system currently being used by 17 countries and has already registered over 100 million people.

Then there is the argument that governments ought not be building technology solutions. Their job is to govern, so they should focus on doing that and leave the job of building technology to the private sector.

This argument is based on an imperfect understanding of how DPI solutions are deployed. In almost every instance, governments aren’t doing the actual building. All they do is prescribe protocols and leave it to the private sector to develop solutions. Not only does this ensure that we have a multiplicity of DPI solutions in a given sector, even though each is built by a different company, it makes sure they are all mutually consistent and aligned with stated national values. Private incentives rarely align with national goals, and unless we prescribe the protocols, these companies are incentivised to build solutions that benefit their private stakeholders.

Another allegation is that the DPI approach is just tech-solutionism—an attempt to throw technology at a problem in the hope of solving it. This is why, they argue, many solutions get built without first putting the necessary regulations in place. And why they don’t, as a consequence, have legal authority.

All DPI solutions incorporate legal principles directly into the design of the infrastructure—principles of individual autonomy, freedom of choice and open markets—that all participating entities must adhere to because they are baked directly into the protocols. This means that even in the absence of specific regulations, DPI solutions will conform to existing legal norms. Since they are modular, every new solution built on top of an existing DPI will inherit these values from the layers on which they are built, making these core legal principles hard to vary each time a new layer is added to the stack.

But by far the most common argument against DPI is that these digital systems are only popular because governments see them as new ways to watch over their people. Since most population-scale DPI projects are designed to process massive amounts of people’s data, critics argue, they serve as technologies for surveillance.

This is yet another argument born out of a poor understanding of how these systems are built. DPI systems are designed to keep data federated—to ensure that data remains at the edges—and are only accessed when needed. Since data does not get concentrated in a single place, governments would struggle to use these systems for surveillance.

But I have found that often this argument, of itself, is not convincing. Repressive governments, critics say in response, will always find new ways to subvert this design to achieve their ends. Federated data alone will not stop a government that is hell-bent on using this data for surveillance.

This is true. Very little can stop a government that has its mind set on getting something done. But if such a government was on the look-out for an ideal digital surveillance system, a DPI solution is probably the worst option it could choose.

There is also the concern that DPI solutions built by a well-intentioned democratic government could be subverted by a repressive government that succeeds it. This, critics argue, is a reason not to build these systems in the first place.

However, since DPI systems are modular by design, the democratic principles embedded in the stack’s foundational layers are increasingly difficult to unwind the more layers you add on. This makes the DPI approach an effective inoculation against an ill-motivated future administration.

Governments across the world have already committed vast sums of money to building digital governance models. Despite what sceptics and naysayers claim, of all the choices available to us, digital public infrastructure is probably the best aligned with democratic principles.