Serious Concerns Around Uganda’s National Biometric ID Program

The Wikimedia/Yale Law School Initiative on Intermediaries and Information has serious concerns over the implementation of Uganda’s National ID program, particularly stemming from the requirement to submit to a mandatory facial recognition database in order to access the Internet.

The National ID program was launched in 2014, and further expanded after the passage of the Registration of Persons Act in 2015, such that its use is now mandatory for purchasing a SIM card, making registration essentially a pre-requisite for getting online. Registration is also required for a range of other vital services, including accessing public education or healthcare services, obtaining a passport, or opening a bank account. The system has also been plagued by technical challenges since its inception, including allegations of a major data breach in June 2017. Though the government has denied these reports, it acknowledges that citizens’ biometric data has been shared with telecommunications companies, as part of the process of verifying SIM cards. Official sources also confirmed reports of enrollment personnel soliciting money from citizens for program services. David Kaye, the United Nations Special Rapporteur on freedom of expression, has expressed concern over compulsory SIM card registration schemes as an illegitimate attack on the right to communicate anonymously, as well as undermining the right to privacy. These concerns can only be compounded where registration schemes are beset by mismanagement, corruption, and a lack of adequate data protection safeguards.

In addition to these implementation challenges, concerns around the National ID program are elevated by the risk of abuse incumbent in facial recognition technology. Freedom of expression and freedom of assembly are both under sustained threat in Uganda, including documented cases of police firing on protesters, and regular arrests of journalists, civil society activists, and opposition members. A comprehensive national facial recognition database would provide a substantial boost to the State’s ability to repress critical voices, for example by enabling the identification of every individual within a crowd of protesters. Without adequate safeguards, a mandatory facial recognition database could facilitate an unprecedented level of surveillance and control.

According to the European Data Protection Board (EDPB), the processing of biometric data in general, and of facial recognition in particular, generate heightened privacy risks, which gives rise to a need for robust safeguards, including facilitating alternate solutions for those who wish to opt out, or for whom the technology is not working as expected. The EDPB also recommends that, rather than storing sensitive biometric information in a consolidated database, this information should be decentralized (for example, stored on the ID card itself).

In the context of the severe privacy risks associated with the National ID program, it is concerning that its rollout predated the passage of Uganda’s Data Protection & Privacy Act, which was only signed into law in February 2019, and whose implementation remains an ongoing challenge.

There are a number of advantages associated with centralized identification programs, such as promoting more accurate and efficient delivery of government services and combating corruption. However, these schemes must be rolled out with due concern to their human rights impacts, particularly where they utilize biometric data, and should never be coupled with mandatory registration schemes for Internet access. The Wikimedia/Yale Law School Initiative on Intermediaries and Information recommends the following:

1. The government should undertake an open national consultation on the National ID program, to address public concerns associated with its implementation.
2. The government should provide an opt out for anyone who is uncomfortable with the collection of their biometric data, including an alternate form of registration for essential public services.
3. Participation in the National ID program should not be mandatory for access to public services, or the purchase of a SIM card.
4. The government should implement a right to request one’s own personal information as captured by the National ID program, and to request corrections where this information is inaccurate.
5. The government should ensure that biometric information is stored in a decentralized manner, as far as possible, and that any centrally warehoused biometric information should be subject to robust security safeguards, including at a minimum that it should be stored in an encrypted form.
6. The government should commit to restricting the availability of biometric data to outside actors, particularly to private sector entities.
7. The government should enhance transparency around the National ID program, including fully disclosing the planned future scope and uses of the program, and instituting a policy to mandate the disclosure of any data breaches, including to any individuals impacted.