Who are you? It’s a question people answer several times a day in order to access services, engage in economic transactions, and participate in social life. In one sense, there is only one answer to that question, because each human being is a unique individual, born into this world at a particular time and place, and moving through it over time. But amidst the complexities of life, whether in the mundane or in a moment of crisis, the answers vary across situations and practices: a person can “be” a mother and a sister; or a teacher and a bank customer, or a mobile phone user and a hospital patient, without having to “be”—or at least claim to be—all of those things, all at once.
We think here of Shailaja, one of our first interviewees in this research in India. When Shailaja was married young, her in-laws took away her voter ID, Aadhaar card, ration card, and bank passbook. Yet over time she negotiated her identity by getting a new passbook, renting a room in Bengaluru with her brother’s help and his IDs; all the while she kept her daughter’s birth certificate safe as she knew it was important for her future. Her experiences are an example of how a multiplicity of practices, credentials, and artifacts are used to support, assert, or prove identity. Some credentials are granted by the state, others by associations or private-sector companies. Some credentials are assigned in permanent ways to an individual at birth or at another critical juncture, others are adopted or selected actively by an individual as he or she cultivates various elements of his or her identity over time. Some are under her control, others, less so.
This study, drawing on interviews with 150 diverse individuals and dozens of professional stakeholders throughout India, draws on conversations like the one with Shailaja to explore the complexity of identity practices in everyday life. It is a critical moment for conversations like these, since new digital systems, such as India’s Aadhaar, expand formal identity credentials to previously underserved communities, and into everyday identity practices in new ways. That said, it is important to note that the goal of this study is not to offer an evaluation of Aadhaar itself,1 but rather to use the Aadhaar case to explore identity practices more broadly. The report suggests the need for an increased and sharper focus on the experiences of everyday people with their identity credentials, viewing those credentials not as things to be adopted once, but rather used every day, in ways and with outcomes more heterogeneous and nuanced than narratives to date might suggest.
There is general agreement that formal identification credentials offer significant benefits to all. The Sustainable Development Goal 16.9 calls for “legal identity for all, including birth registration.” Yet, the World Bank estimates that over 1.1 billion people in the world lack proof of legal identity2 and even for those who have proof of identity, enrolling on and using these systems can be complex. As Nandan Nilekani, chief architect of the Unique ID (UID or Aadhaar) in India, states: “Globally, identity as a public good is now becoming a critical topic.”3 The need for identity is exacerbated by a world where mobility is increasingly the norm— whether forced or unforced.
The development of digital technologies, from mobile telephony to low-cost and reliable biometric systems, has ushered in a new set of opportunities to close this identity gap around the world. The World Bank’s World Development Report 2016 defines digital identity systems as “central registries storing personal data in digital form and credentials that rely on digital, rather than physical, mechanisms to authenticate the identity of their holder.”4
Two parallel movements are gathering pace— first, countries as well as private-sector firms5 are investing heavily in digital identification— Aadhaar is the largest deployment worldwide, but the World Bank’s ID4D dataset estimates 133 economies worldwide have digital identity systems with varying levels of coverage.6
Second, there are increasingly prominent and influential calls for goals and principles for identification, such as SDG 16.97 and the Principles for Identification,8 signed by 20 international development and private- sector organizations, as well as NGOs.
Despite these considerable movements, there is a particular gap in our understanding of the experiences of individuals who interact with these ID systems, particularly in low-income contexts and particularly beyond the use of state identity systems. There is some research, such as case studies of Pakistan, Tanzania and Côte d’Ivoire,9 and anecdotal reports from experiences around the world but there is a lack of insight into the broader user experience of identification practices.
Specifically, we explore how identity practices (not just systems or numbers) might make a person’s life better, but equally, what are the vulnerabilities he or she might face? Identity is complex because it is multidisciplinary—it is legal of course, but it’s also personal, political, cultural, and psychological—and now, analog and digital. An identity credential is not a simple piece of paper or card—it is intersected with power and politics and further complicated by the complexity of networked technologies and biometrics. What are the new identity practices of a connected age? And what might designers, technologists, and policymakers do with an increased awareness of these identity practices?
Report aims, methods, and approach
With the support of the Omidyar Network, Caribou Digital, together with the International Institute of Information Technology, Bangalore, set out to uncover the complexity of the experience of managing identities and identity artifacts, from the perspective of people in lower-income communities in India.
We focused on India as Aadhaar is not only the world’s largest biometric identity system, with almost 1.2 billion individuals registered,10 but also because it is home to multiple other public and private sector ID systems. We interviewed around 30 key identity experts and held 150 interviews across six sites (urban, non-urban) in the states of Karnataka, the National Capital Territory of Delhi, and Assam, largely with low- income demographics such as tradesmen and women, house helps, construction workers, and others (see Appendix A1 for more details on methodology). Importantly, this is a qualitative and not a representative study, and as such, “situational, rather than demographic, representativeness is what is sought.”11 Our findings are particular to the people we spoke to and offer insight into what others in similar circumstances might experience.
Our approach is to adopt a “wide lens,” focusing on a plurality of “identities” and “identity practices” rather than on a specific use case or evaluation of a single system. We take the plural of the term identities to reflect the multiple identities we all hold, and the aggregate of the expressive forms of ID such as personal preferences and statements of affiliation as well as ascribed forms of identity such as nationality, gender, income categorization and so on. We use “identity practices” rather than credentials or systems to describe the way identities are relational and manifest through the hundreds of millions of micro-negotiations that happen each day, and particularly in the transactions where identity must be verified.
The 12 interlocking essays that constitute this report help tease out the realities of these experiences, and their implications for the design and development of future identity systems and technologies.
Findings and structure
There is a growing support for standards and principles to underpin future identity systems, with initiatives such as the Principles on Identification providing necessary high-level guidance. Yet these alone are not a sufficient basis from which develop ethical digital identity systems. Incorporating user experiences can provide policymakers and system designers with the local context and understanding necessary to develop more effective, equitable, and empowering identity systems. This research finds several challenges in identification practices, not least high barriers to identification and a lack of awareness and knowledge on obtaining ID credentials amongst people from low-income backgrounds. We organized our findings according to the practices of identification, the implications for vulnerabilities, and conclusions to inform the policy and design of identification systems.
Our first group of findings reflects four aspects of the wide lens approach we described above. Each heading is an essay in the document that follows:
- We argue that people have always had, and managed, multiple personal identities. Identity technologies are always layered over and incorporated into the management of these identities.
- Conversations with participants reminded us that physical identity artifacts matter, even in the digital era. Although digital promises to replace material artifacts, people find value in a credential they can hold in their hand.
- We found that every identity transaction means something to the people involved. Identity transactions are always leavened with meaning and intersected with the operation of power along various lines.
- And finally, like an “identity mosaic,” we found that people select and combine identity elements for transactions during the course of everyday life. The management of identity mosaics brings to the fore questions of power and agency that determine the empowerment implications of identity credentials.
Our second theme reflects five ways in which identification technologies mediate vulnerabilities.
- We found that there is a tension between fixed identities within rigid systems and people’s shifting, dynamic lives. Identification systems in general and digital systems in particular make static aspects of people’s identity in ways that are often outside their control.
- Many respondents suggested that crossing borders makes managing identities a struggle for migrants. Transiting the boundaries of identities in general and the credentialing of municipal, regional, and national citizenship in particular creates tensions and can exacerbate vulnerabilities for the most marginalized.
- We saw how at the moment of enrolling into ID systems, vulnerabilities are exposed for many. Processes of registration and the demand to reveal aspects of individuals’ lives can expose latent and already present vulnerabilities.
- In addition to end-users, we also found that ID systems often create vulnerabilities for the intermediaries who facilitate the transactions. Intermediaries who enable registration and ongoing usage of services may lack knowledge or awareness of rule changes, and often bend rules to enable users to achieve their goals.
- We also suggest there are persistent tensions around gender and identity. Individuals’ social and cultural contexts of power and status are embodied in the use of identification systems that can serve to mitigate as well as reinforce established dimensions of gender identity.
The third set of essays move from description to implications, offering a set of interconnected but distinct reflections on our findings.
- We find that critical issues—such as privacy—are often abstract to the user. There is a need to use clear language to describe them. Differing conceptions of privacy can lead to conclusions such as the poor lacking concern for privacy. Framing abstract concepts in the context of people’s experiences reveals concrete concerns that can inform system design.
- We argue that Intermediaries are critical—and need more support and accountability. We found that the intermediaries who support enrollment and ID use are key to enabling access and remain significant despite the promise of digital to do away with human intermediaries.
- Third and finally, we argue Multiple ID elements are a feature, not a bug. Many identity systems seek to fix identity around static categories that limit user ability to control what aspects of their identity mosaic are visible to others. Designing for empowerment should include attention to user agency over their multiple identities.
Takeaways for the broad community
Drawing on the spirit of discussions emerging from our stakeholder workshops, the concluding essay “From India to the World” looks back across these findings from India, framing them as takeaways for an even broader community.
The core essays offer broad and complementary perspectives on the practices, persistent vulnerabilities, and implications for design of digital identity systems. They are intentionally modular, and each can be read as a standalone piece or as part of the integrated set. That said, as an overview and summary we offer several crosscutting takeaways below. These points are our nominations for the concrete takeaways from the essays for the community of designers, policymakers, practitioners, technologists, and researchers involved with digital identity systems. Together they reinforce and show a path ahead from the research aims: to encourage the development of identity systems and technologies that empower users as they navigate increasingly digital lives.
The big picture
- There are no greenfield identity systems—People have been managing identities for millennia, adapting their behavior and practices in relation to each new identity technology that becomes commonplace. Even the most advanced digital identity platform will be perceived and engaged with in relation to all of the other identity systems, digital and analog, an individual has experience with.
- Physical artifacts matter, even in a digital age—People place importance and value on physical artifacts, as evidenced by the standard practice of carrying printed Aadhaar enrollment forms for a credential that was supposed to be completely virtual.
Fair and inclusive
- Design for marginalized groups—Individuals with disabilities, those suffering from HIV/AIDS, transgender individuals, and other groups may require additional consideration to ensure that processes and technologies are accessible and privacy preserving.
- Unintended consequence often excludes the most vulnerable—Policies that work for most people, most of the time, can end up excluding those who don’t fit in the mainstream: For example, those without a permanent address can’t sign up for many identity credentials; delays in credential processing can prevent children from attending school; and requirements for feeder documents are often most onerous on migrants and/or those from rural areas.
- Actively support women’s needs—Even simple ideas, such as creating safe spaces (or times) for women to interact with service centers, or supporting the role of peer organizations such as sanghas or labor rights to assist women, can have significant impact on mitigating the barriers they face.
Help the helpers
- Informal intermediaries are a mirror— System designers and policymakers that take a hard look at the intermediaries who are actively facilitating their system will see a reflection of the highest-friction and costliest processes that users have to endure.
- Figure out the right incentives—System agents, whether state employees or 3rd-party firms, provide the best support to individual end-users when their incentives are aligned with the user.
- Information asymmetry leads to exploitation— The less people know about how the system works, the more dependent they are on intermediaries, and the greater the knowledge gap the more likely it is for intermediaries to be unscrupulous; increasing awareness and having more accessible channels for finding information reduces uncertainty and predatory practices.
Privacy, agency, and dignity
- Privacy by design—The best identity systems would follow principles of minimal disclosure to limit what data is shared during identification and authentication, and ideally utilize zero-knowledge proofs to conduct authentication transactions so that the requesting entity only receives a yes/no and not any PII.
- User choice and control are about more than functionality—Providing flexibility for how people can identify themselves enables them to better compartmentalize and manage their identities, leading to increased agency and dignity; for many people, multiple ID elements are a feature, not a bug.
Understanding the user perspective is especially important with identity, since incentives for adoption of digital credentials and use cases are intrinsically tied to other services—financial, health, government—and thus require a holistic and deep view into how individuals engage with the institutions that matter most.
The research detailed in the essays that follow contributes approaches and insights that others can build on to advance in the development of future identity systems which support the privacy, agency, and dignity of their users. We hope that both the advances and vulnerabilities shared, in their own words, by individuals we spoke to across India, will encourage others to investigate how to design systems that mitigate marginalization and exclusion, and to build further on the possibilities that digital identity systems offer.
ID Insight, “State of Aadhaar Report 2016–2017” (Delhi, May 2017).↩
Vyjayanti T. Desai et al., “Counting the Uncounted: 1.1 Billion People without IDs,” World Bank Blogs, June 6, 2017.↩
Asha Rai, “‘Show Me Even One Example of Data Theft. Aadhaar Is Very, Very Secure’; Nandan Nilekani,” Economic Times, April 3, 2017.↩
World Bank, “World Development Report 2016: Digital Dividends” (Washington, DC: World Bank, 2016).↩
Caribou Digital, “Private Sector Digital Identity In Emerging Markets” (Farnham, Surrey, UK, 2016).↩
Desai et al., “Counting the Uncounted: 1.1 Billion People without IDs.”↩
United Nations, “Sustainable Development Goal 16,” 2017.↩
World Bank, “Principles on Identification for Sustainable Development: Toward the Digital Age” (Washington, DC: World Bank, 2017).↩
GSMA, “Driving Adoption of Digital Identity for Sustainable Development: An End-User Perspective Report,” February 2017.↩
Unique Identification Authority of India, “Dashboard Summary,” UIDAI Portal, August 5, 2017.↩
Dorothy Horsburgh, “Evaluation of Qualitative Research,” Journal of Clinical Nursing 12, no. 2 (March 1, 2003): 311, doi:10.1046/j.1365-2702.2003.00683.x. P311↩