Universal DPI Safeguards Framework

The Universal DPI Safeguards Framework offers practical, rights-based guidance to ensure that Digital Public Infrastructure (DPI) is safe, inclusive, and effective. It addresses the governance, design, deployment, and use of DPI by identifying risks and proposing key safeguards across different stages of the DPI life cycle. This framework is adaptable to various contexts and builds on global consultations to promote trust, accountability, and human rights in digital transformation.

Learn more

How We Built It: A Collaborative Approach

The DPI Safeguards Initiative weaves together global efforts to design and sustain DPI, drawing from a rich pool of knowledge resources. To fit all DPI and meet diverse needs, it evolves through ongoing feedback from stakeholders like you.

The Universal DPI Safeguards Framework

The Framework translates principles into actionable recommendations to mitigate risks across the DPI life cycle. It is designed as an open knowledge asset, adaptable to diverse contexts, and comprises five components: Principles, Risks, Life Cycle Stages, Process and Practice Recommendation.

Principles

Principles, currently 18, are core propositions to mitigate risk which have been derived based on the possible risks observed in the DPI ecosystem, both new risks and existing structural vulnerabilities.

Risks to be mitigated

Risk is the possibility of harm to people interacting with the DPI. Currently, the Framework describes 13 interrelated risks.

Responsible authorities

A functional group of stakeholders with assigned or assumed roles, responsibilities and accountability for effective implementation and evolution of DPI safeguards.

Life Cycle Stages

DPI has five life cycle stages, namely: Conception and Scoping, Strategy and Design, Development, Deployment, and Operations and Maintenance.

The Harmonizing Principles

Principles are core propositions that form the foundation of a flexible, universal framework that guides the effective functioning of a DPI. The purpose of DPI is to maximize participation, agency and trust for all individuals. This implies that the risks described in the sections above need to be mitigated, and residual risks need to be managed in the context of each country’s sociopolitical environment. To achieve this, all responsible authorities should be guided by a set of principles to ensure trust and coordinated responses throughout the DPI life cycle. These principles form a common language that helps to build mutual understanding and support ongoing cooperation.

The principles are divided into two categories: Foundational and Operational. The former refers to principles that should serve as the basis for any DPI, while the latter refers to principles that come into play at an operational level and may vary across contexts.

Foundational principles: The building blocks for safe and inclusive DPI

F1. Do no harm

Harms to individuals may not be immediately obvious. A human rights-based framework should be integrated throughout the DPI life cycle to anticipate, assess, and effectively mitigate any potential human rights harms and power differentials.

F2. Do not discriminate

All individuals, regardless of intersecting identities, should have unbiased access and equal opportunity. Risks due to the circumstances of all vulnerable communities, historically marginalized groups and those who opt-out should be mitigated.

F3. Do not exclude

All individuals should have a choice of channels (digital/non-digital) to access and benefit from services enabled by DPI based on their individual capacity and resources. Access should not be limiting, conditional or mandatory — explicitly or in practice.

F4. Reinforce transparency and accountability

DPI should be developed with democratic participation, have public oversight, promote fair market competition and avoid vendor lock-in. All partnerships should be transparent, accountable and publicly governed.

F5. Uphold the rule of law

DPI should be introduced with a clear legal basis, with required legal and regulatory aspects embedded into its design, supported with capacity for sector specific tailoring (such as health), implementation, oversight and regulation by law.

F6. Promote autonomy and agency

Ensure that everyone (especially indigenous communities with sui generis rights), on their own or with assistance, can take control of their data, promote their agency, exercise choice, and contribute to their society’s well-being.

F7. Foster community engagement

All stages of the DPI life cycle should centre on the needs and interests of individuals and communities at risk. They should participate at critical junctures and provide feedback actively in an environment of transparency and trust.

F8. Ensure effective remedy and redress

Complaint response and redress mechanisms, avenues for appeal without reprisal, supported by robust administrative and judicial review, should be accessible to all in a transparent and equitable manner during service delivery.

F9. Focus on future sustainability

Inculcating foresight is key to anticipating and limiting long term and inter-generational harms. For example, mitigating the environmental impact with a net-zero strategy or minimizing resource needs with reuse of software.

Operational principles: Driving continuous trust and adaptation

O1. Leverage market dynamics

DPI should foster an increasingly inclusive environment for public and private innovation such that market players can compete and introduce diverse equitable solutions that cater to emerging needs of all people across the society.

O2. Evolve with evidence

Independent, transparent, and continuous assessments, due diligence, or audits should engage with people, understand concerns, review evidence and rapidly cease or initiate activities that contain heightened risks or harms.

O3. Ensure data privacy by design

DPI should embed legal, regulatory and technical principles that enforce core privacy principles (e.g., data minimization, provisions to delink, ability to limit observability) and legal safeguards should be enacted around them.

O4. Assure data security by design

DPI should incorporate and continually upgrade security measures, such as encryption or pseudonymization, to protect personal data. A legal framework should fill the gaps where technical design may be insufficient for data security.

O5. Ensure data protection during use

Personal data should be processed or retained lawfully and transparently only by authorized personnel within a legal framework including transaction history, data subject rights and protections against overreaching requests.

O6. Respond to gender, ability or age

Not all individuals experience DPI in the same way, and some continue to face barriers and challenges related to access or use. DPI implementation should not exacerbate existing challenges or introduce new barriers and inequalities.

O7. Practice inclusive governance

Long-term effectiveness of DPI is contingent upon the establishment of a robust legal, regulatory and institutional framework that should promote transparent and participatory multi-stakeholder governance focused on safety and inclusion.

O8. Sustain financial viability

As DPI are a public infrastructure, diversified, phased and sustainable financing models should be established. Governments can lead during the build phase and local digital partners or the private sector can lead on operations and maintenance.

O9. Build and share open assets

DPI should share and reuse open protocols, specifications, Digital Public Goods (DPGs), and the associated knowledge. This enhances flexibility and assures that proprietary systems do not limit the ability to improve safety and inclusion.

Mitigating key risks

The DPI Safeguards initiative addresses risks related to DPI that may emerge in relation to the international human rights framework, the Sustainable Development Goals, and the Roadmap for Digital Cooperation. These risks can undermine safety and inclusion and include structural vulnerabilities which limit the effectiveness of safeguards.

Risks

Safety

Privacy vulnerability
Digital insecurity
Physical insecurity
Lack of recourse

Inclusion

Discrimination
Unequal access
Exclusion
Disempowerment

Structural Vulnerabilities

Digital distrust
Weak rule of law
Weak institutions
Technical shortcomings
Unsustainability

Responsible Authorities

The Framework takes into account various ‘Responsible Authorities’ in the DPI ecosystem. It is adaptable to different contexts and is applicable across the DPI life cycle. It recognizes that DPI comprises technological systems and services that operate at the intersection of individuals on one hand, and civic, public and private entities that hold social, political and economic power on the other.

Governments

Typical persona (non-exhaustive)

Policymaker

DPI Programme Manager

DPI Implementer

Minister with Responsibility for ICT

Potential use of the Framework

Regulators

Typical persona (non-exhaustive)

Executive Legal Officer

Head of ICT Regulation Authority

Potential use of the Framework

Donors

Typical persona (non-exhaustive)

Project Manager

Local Head of Development Agency

Potential use of the Framework

Technology Providers

Typical persona (non-exhaustive)

Cybersecurity and Privacy Expert

CEO, Local Technology Provider

Product Manager

Technical Expert

Potential use of the Framework

Advocates

Typical persona (non-exhaustive)

Digital Rights Activist

Digital Inclusion Advisor

Director, Civil Society Organization

Researcher

Potential use of the Framework

When? The Iterative DPI Life Cycle

DPI evolves through five iterative stages. The DPI Safeguards Frameworks is applicable at each stage, ensuring safety and inclusivity.

Conception and Scoping

The Conception and Scoping stage of the DPI life cycle is crucial as it establishes and reviews the purpose, goals, constraints and boundaries of a DPI. These parameters guide subsequent decision-making and ensure alignment with strategic and operational objectives, as well as the needs of individuals. Typical activities include:

• Framing of the goals and objectives.
• Identifying core problems and challenges.
• Assessing impact potential.
• Analysing the enabling environment for barriers to DPI implementation, effectiveness and adoption, taking account of relevant risks.
• Anchoring rule of law and institutional capacity for safe, inclusive DPI implementation.

Strategy and Design

This is the stage where a comprehensive plan comprising DPI design or adjustments are formulated to translate functional and performance objectives into actionable steps, including scalability and sustainability, and planning for optimum service delivery. Typical activities include:

• Mapping and engaging with stakeholders to understand individual and societal needs.
• Identifying parties across responsible authorities and personas for collaboration.
• Raising awareness regarding the barriers to DPI implementation in the enabling environment and advocating for their removal.
• Establishing standards, protocols and metrics to assess adoption and societal impact.
• Setting design objectives and specifications according to best practices and principles with a focus on incremental improvements and resilient architecture, and employing evidence-based strategies to mitigate design-related risks.

Development

In the development stage, a prototype DPI is built according to defined specifications, ensuring functionality, reliability and scalability. Existing technical building blocks are evaluated before further development. This phase ensures that solutions are refined and tested to minimize risk sand maximize the effectiveness of safeguards before widespread implementation. The mitigation of risks associated with implementation is critical at this stage, appropriate to the maturity of DPI implementation and the local context. This phase presents a valuable opportunity to empower local developers. Typical activities include:

• Evaluating and selecting existing building blocks, including technical stacks.
• Software coding to design specifications as necessary.
• Building open Application Programming Interfaces (APIs) and sandboxes.
• Analysing the enabling environment for barriers to DPI implementation, effectiveness and adoption, taking account of relevant risks.
• Running and iterating through pilot project/s, with an emphasis on practicality and the mitigation of risks related to security, privacy, and experience of people.
• Filling gaps in institutional structures, policies and regulations.

Deployment

During the deployment stage, the DPI is implemented in its operational environment. Any outstanding organizational changes are made to deliver value to users and to protect safety and inclusion. Change management strategies are recommended. This stage is critical to ensure successful large-scale adoption of DPI. Typical activities include:

• Installing, configuring, activating and scaling of hardware, software and networking components.
• Capacity-building of relevant responsible authorities and personas.
• Refining based on evidence, relevant data and feedback.
• Activating a robust governance framework with monitoring and redress.
• Planned and gradual onboarding of people to carefully manage system scaling and integrity through the adoption timeframe.

Operations and Maintenance

Regular operations and maintenance ensures ongoing optimal performance, stability and efficiency of the DPI within the operational environment. Typical activities include:

• Continuous monitoring, management, maintenance, evaluation and upgrading to ensure safety and security through technical, organizational and normative means.
• Employing innovative methods for ongoing engagement across the ecosystem.
• Ensuring redressal mechanisms are fit for purpose.
• Continuously assessing readiness to leverage policy windows or opportunities to scale.
• Managing environmental impact.
• Learning and continuously improving.

Explore the Universal DPI Safeguards Framework