To be an undocumented refugee, these days, is to exist in many places and to not exist at all. It is to have your movements, words, and actions tracked, archived, and multiplied. It is to live between fences, tents, and databases—one new entry per doctor’s visit, per bag of rice, per canister of water. It can mean having your biometric and biographical data scanned, stored, and cross-checked by people you do not know, and who speak a language you may not understand. It is to have your identity multiplied, classified, and reduced to lines of code. It is to live in spreadsheets.
Today, around 1.1 billion people live without a recognized form of identification. In many cases, their papers—if they ever had papers at all—have been burned, lost, or otherwise destroyed. And the number is growing every day. The United Nations High Commissioner for Refugees (UNHCR), the UN’s refugee agency, estimates that in 2017, one person became displaced every two seconds as a result of conflict, economics, or climate change. “In short, the world had almost as many forcibly displaced people in 2017 as the population of Thailand,” the agency reports. “Across all countries, one in every 110 persons is someone displaced.”
Each year, an average of 24 million people are displaced because of extreme climatic events, according to the Internal Displacement Monitoring Center. By 2050, the World Bank predicts, over 143 million people across sub-Saharan Africa, South Asia, and Latin America will become climate refugees. Perhaps some of them will be lucky enough to save their passports, national identification cards, health and education records from destruction. But those pieces of paper may not mean anything wherever they end up. How will they prove who they are?
Technology already provides a multitude of ways to track displaced people as they make their journeys. As they go from stop to stop, people move through a constellation of “digital passages.” They leave behind traces of their identities—fingerprints, names, e-mails, passwords, ages—not just at international borders but also at Wi-Fi hot spots, at charging stations, and in mobile apps. These trails bring refugees into close contact with governments, NGOs, smugglers, and private companies, and create a massive exchange of identification and location data. At the same time, algorithms are being used to predict when people are most likely to become climate refugees, how they will evacuate, and where they will go.
The next frontier, though, is not figuring out where people have been or where they will settle: it is figuring out who they will be when they get there. What will their “digital identity” look like? Who will hold the keys? A number of new and established tech companies are rushing to answer these critical questions. Technology accelerated the global identity crisis, and now technology claims to have the solution.
The coming goldrush
"Digital identity" is actually a very old concept and used by governments of all persuasions. Its primitive forms include IP addresses, e-mails, and usernames; digital identity has always been both ubiquitous and anarchic (who hasn’t lost a username and password, or forgotten them entirely?).
But now that so much of our economic and political life takes place online, creating new forms of identity has taken on a severe urgency. Both the private and public sectors are racing to come up with a sustainable way of counting, identifying, and connecting not only the growing population of the global displaced, but also the wealthy population of the voluntarily mobile. Mastercard, Microsoft, Apple, Palantir, and Facebook have all entered the field, through private ventures as well as controversial partnerships with some of the world’s largest humanitarian agencies.
In 2015, all the UN’s member states committed to providing “legal identity for all” by 2030 as part of its Sustainable Development Goals. As a result, virtually every major aid-granting agency is either incubating, researching, or piloting a digital identity program. The UNHCR currently hosts the identities of millions of refugees in its new Population Registration and Identity Management EcoSystem, or PRIMES, which it describes as a “trust and service platform” designed to provide every asylum seeker with a unique identity.
The World Bank’s Identification for Development initiative, meanwhile, focuses on making sure that digital IDs are integrated with government-held civil registration and vital statistics. (The two organizations also recently unveiled their Joint Data Center on Forced Displacement, which promises to collect and distribute refugee data “with adequate anonymization and safeguards.”)
Meanwhile, the World Economic Forum’s Platform for Good Digital Identity sees this push as a “new chapter in the social contract,” a way of preventing “a future where nearly all individuals lack choice, trust, and rights in the online world.” ID2020, one of the most prominent digital identity programs, is an alliance of governments, NGOs, and private corporations including Microsoft, Accenture, and Gavi, a public-private partnership aimed at increasing access to vaccines. It now wants trusted identity platforms to be labeled in the same way that organic milk cartons get a certification mark at the supermarket.
“There are a billion people globally who have no form of identification whatsoever,” says Dakota Gruener, executive director of ID2020. “Simultaneously, none of us have digital identities that work for us particularly well—all of our data is scattered.”
The UN’s World Food Programme recently announced a new $45 million, five-year collaboration with Palantir that will use the Palo Alto firm’s “range of digital analytical solutions” to streamline and track the dispersal of humanitarian aid. The move was immediately met with skepticism among privacy advocates: a group of more than 60 human rights activists sent an open letter to WFP executives, expressing deep concern over the partnership and urging WFP leaders to “reconsider the terms and scope of the agreement with Palantir.”
They argued that not only would the partnership threaten to “seriously damage the reputation of the WFP,” but also that it could “seriously undermine the rights of 90 million people the WFP serves.” The controversy, researchers said, should be a “wake-up call” to the humanitarian community about the dangers of relying on digital data and entrusting their networks to third parties.
In a statement responding to these concerns, the WFP wrote that a series of “checks and balances” would protect private, identifying data, and that Palantir would not be able to use it for commercial gain. In an e-mail to MIT Technology Review, a WFP representative wrote that the agency has its own solutions to managing refugee identities, and that “the WFP-Palantir partnership does not focus on areas that require personally identifiable information (PII) of beneficiaries, nor does it focus on digital identity. No PII data is ever shared with Palantir or with any other partner. Only anonymized/encrypted information is used to analyze allocation of assistance to ensure complete privacy and security for the people we serve.”
Yet as researcher Faine Greenwood said in Slate, the WFP may be overestimating its ability to protect and anonymize sensitive data.
“We still don’t have much information about how the WFP came to this agreement with Palantir or what the full terms are—a bad precedent to set in the humanitarian assistance field, where trust is key,” wrote Greenwood, an assistant researcher at the Harvard Humanitarian Initiative.
Both the promise and the risks of digital identity have already become evident in the work of a small army of blockchain and biometric startups. The immutable, decentralized nature of the blockchain has led a number of startups to pin their hopes on the emerging technology as a solution to the problem of storing and protecting sensitive information, including biometric data.
Passbase, which bills itself as “the first self-sovereign identity platform backed by verified government documents, linked social media accounts, and biometric signatures,” has raised seed funding from Alphabet and Stanford, and currently accepts documents from over 150 countries. Vinny Lingham, cofounder of the blockchain identity verification company Civic, goes so far as to claim that his company can help save democracy. WFP.s Building Blocks program also uses blockchain inside a refugee camp in Jordan.
Maybe blockchain will save democracy. Or maybe it will make future political crises even worse. The Rohingya Project distributed blockchain-based digital identity cards to Rohingya refugees in order to help them access financial, legal, and medical services. It is, on the face of things, an altruistic, forward-looking humanitarian initiative. But uploading highly sensitive, identifying biometric information to an immutable ledger and testing emerging technology on a vulnerable population means exposing that population to untold risks.
“Might it be highly irresponsible to digitize all that information?“ asks Wayan Vota, a digital entrepreneur and critic of the initiative. “Wouldn’t making a list of who is persecuted be a handy reference for those who seek to persecute more?” Other efforts to register Rohingya were hamstrung when refugees discovered that their new identity cards would not describe them as “Rohingya” but rather as “Myanmar citizens,” leading some to refuse registration.
BanQu, a blockchain app currently being piloted in 11 countries, hopes to solve the problem of the “unbanked” and connect the world’s poor and displaced populations to the global market. The company’s cofounder, Hamse Warfa, fled Mogadishu with his family and spent three years living in a refugee camp in Kenya, where his entire existence was reduced to a registration number. He and his cofounder, Ashish Gadnis, returned to his former refugee camp in 2015 and realized that a lack of official identification was keeping many refugees tied to their camp’s infrastructure.
“Refugees have no ability to prove the history of their existence at a transaction level,” Gadnis told me. “If I send you back to Mogadishu, there you are a brand-new refugee all over again. And yet your data is in the spreadsheets of the UN, the UNHCR, the Gates Foundation … The fundamental problem is that the model has always been NGO-centric. It has never been refugee-centric.”
But designing “refugee-centric” systems means ensuring that data is efficiently minimized, secured, and transported across borders—a goal that is as utopian as it is technically challenging.
“Refugees are a population where the risks and benefits of digital identities are amplified,” Manju George, who leads the World Economic Forum’s Digital Identity program, told me. The slightest error in a refugee family’s digital profile can affect the amount of aid it receives. The UNHCR, for example, uses a “desk formula” to determine which refugees should get aid, and how much: any family that scores above the “magic number” is deemed not needy enough, while those who score below it are eligible for support.
Data breaches, like those that have repeatedly exposed personal information in India’s Aadhaar biometric identification program, have exposed at-risk populations to new dangers. And they are all too common: in March, a data breach at the US Federal Emergency Management Agency exposed the personal information of 2.3 million survivors of American wildfires and hurricanes, leaving them vulnerable to identity fraud. In April, Kaspersky Labs reported that over 60,000 user digital identities could be bought for $5 to $200 via a dark-net marketplace. No technology is invulnerable to error, and no database, no matter how secure, is 100% protected from a breach.
Many of the private-public digital identity partnerships aim to streamline international aid supply chains. But doing so could have adverse effects: maybe the person who keeps taking two bags of rice instead of one resells the extra bag for other goods and services as part of an informal economy. Linking undocumented populations to the global market, a move that many organizations bill as a ticket out of poverty, could also open up new avenues for mass exploitation.
“It’s pretty simple: if you look at the 500 top brands in the world, they source from refugees and from people in poverty. And those people do not exist,” said Gadnis. “At the end of the day, everything is a supply chain.”
Simply layering technology on top of existing humanitarian problems tends to exacerbate the issues it intended to resolve. In a new report on the role of digital identity in refugee and migrant contexts, a team of researchers at the Data & Society Research Institute, led by Mark Latonero, detail the various ways these initiatives can reproduce and worsen existing bureaucratic biases.
“One might think that putting a ‘human in the loop,’ or ensuring a human is involved in a computer system, is a way to catch or remedy potential mistakes,” they write of their findings, the result of dozens of interviews with refugees and aid workers in Italy. “Yet in Italy, or any country with an enormously complex bureaucracy, individuals need to rely on a parallel informal system; an Italian citizen might find a solution to a bureaucratic impasse by using a loose network of friends, relatives, or those in power to resolve the issue. Migrants are excluded from these networks of power and privilege, and instead get one shot at data entry in a database.”
As digital identification technologies flood into the market, it is difficult to imagine predicting or preventing the disruptions—good and bad—that they will cause. Blockchain and biometric technologies have touched off a critical reevaluation of the most existential questions: What determines identity, and how many identities can one person claim? What will it mean when official identification eventually—inevitably—is no longer the purview of the nation-state?
“Everybody deserves to have formal identification that they can use to exert their rights,” says Brandie Nonnecke, director of UC Berkeley’s CITRIS Policy Lab, which works on technology development in the social interest.
But the rush of public and private digital identity programs has already begun to complicate fundamental questions about identification, registration, citizenship, and belonging. Even the simplest questions about digital identity have yet to be determined, Nonnecke says: “Do you have one identity, or do you have multiple identities across institutions? Is that a safeguard, or does it create more risk?”