On 19 October, Prime Minister Narendra Modi announced that health IDs would be used for COVID-19 immunisation in India. Modi first proposed these IDs on Independence Day this year, when he launched the National Digital Health Mission—a scheme to provide a digital “health ID” to all of India’s citizens. Despite the scale and ambition of this programme, the NDHM is not supported by a legal or governance framework, and consequently invited much criticism about the Modi government’s policy-making process. The NDHM’s use for the administration of vaccines against the deadly pandemic will likely compel widespread participation. While the centre has consistently drawn criticism for introducing policies that threaten digital security before enacting a data-protection law, there has been little focus on two aspects of the digital infrastructure behind it—the India Enterprise Architecture and the National Open Digital Ecosystem.
India Enterprise Architecture, or IndEA, aims to integrate all government services and make them accessible through a single window, by using a common digital framework that can be adopted across state and central services. By digitising and integrating activities across ministries and sectors, IndEA envisions “government as a single enterprise”—it seeks to create a single window or platform for the delivery of all government services. Many tech and public-policy experts have pointed out that the architecture for seamless data flow between government departments will lead to the creation of centralised database of personal data of citizens. But the central government has denied this, arguing in a framework document that the IndEA will follow a federal architecture.
The successful implementation of IndEA requires the setting up of National Open Digital Ecosystems, or NODEs, which are platforms on which all government ministries and departments are to be able to perform their functions and deliver services, digitally. The NDHM, like many programmes introduced by the central government, is a part of a larger digital framework that includes IndEA and NODE. NODEs are an essential component of the project, because they are the digital delivery platforms for initiatives such as the NDHM.
In March this year, the ministry of electronics and information technology, or MEITY, released a whitepaper highlighting its plans for developing government technology, and seeking comments on the proposed NODEs. Meanwhile, MEITY had released the IndEA framework in October 2018. But none of the three—the NDHM, IndEA or NODE—have undergone parliamentary scrutiny. As a result, there are serious concerns with these technology policies that are not addressed, or even acknowledged, before they are introduced. The consequences of this are not restricted to the information-technology space, because digital infrastructure such as IndEA and NODEs are designed to transform the whole process of governance across all tiers and sectors.
There are procedural concerns with the undemocratic nature of information-technology policy drafting in India, where the government has repeatedly engaging the same small group of IT firms and experts without issuing any formal tender. This practice points to two other significant problems—an apparent whitewashing of conflicts of interest between these firms and their work, and the increasing role of the private sector in public issues of governance.