Safeguards can accelerate trusted, effective digital public infrastructure. Our Digital Donor’s Exchange laid out 2025 priorities.

As digital public infrastructure (DPI) continues to transform how people access services and participate in the digital economy, effective safeguards are critical to minimize risks and drive positive outcomes for people.  

In recent years, the DPI community has made significant progress toward establishing a consensus on the need for safeguards. Thus, in 2025 we find ourselves at a key moment to drive forward the implementation of practical and fit-for-purpose safeguards. Recognizing this, the Digital Impact Alliance convened our Digital Donors Exchange community to ask: Where are we in terms of advancing global understanding, collaboration, and action to make safe and trusted DPI a reality?  

To kick-off the discussion, we invited three expert speakers working to advance DPI safeguards: 

• Amandeep Singh Gill, Under-Secretary-General and Special Envoy for Digital and Emerging Technologies since June 2022. In this role, he spearheads the United Nations Office for Digital and Emerging Technologies, which facilitates collaboration between the UN member states and coordination across the global multistakeholder ecosystem. His office also spearheads the UN’s Universal DPI Safeguards Initiative. 

• Dr. Melissa Omino, Director of the Centre for Intellectual Property and Information Technology (CIPIT) under Strathmore Law School, based out of Nairobi, Kenya. She is also a co-author of the recent advisory paper on the implementation of a rights-respecting Digital ID system in Kenya.   

• Priya Vora, CEO of the Digital Impact Alliance. Priya has over 20 years’ experience working to ensure the world’s most marginalized communities are empowered with political voice and economic opportunity. Priya oversees DIAL’s work to advance specific and practical safeguards. 

Today, as our speakers explained, global digital capacity is concentrated in just a handful of countries. This has serious consequences in terms of who creates value from the digital economy, and for whom. For example, Africa currently has less than 0.5% of the world’s graphics processing units (GPUs) needed to train the large language models (LLMs) behind generative AI. 

DPI is, in the words of one participant, the “closest thing we have to a magic wand,” for addressing these inequalities and building inclusive digital economies. Yet, without appropriate protections, it could be misused for surveillance, censorship, and disinformation, which is why safeguards are critical.  

National governments, in most cases, are ultimately responsible for integrating DPI safeguards, particularly by establishing relevant policy and regulations that are complemented by effective institutions, such as data protection agencies. Recognizing this, the discussion focused on practical steps that other actors can implement – namely multilateral institutions, donor agencies, and local civil society – to ensure that safeguards are systematically and sustainably integrated into DPI.  

Participants from the global community of donors remarked that, today, the multilateral cooperation space is fragmented, with challenges including duplication and lack of delivery. These are further exacerbated by diminishing resources for – and trust in – multilateral approaches. In this environment, globally recognized norms including those set forth by the Global Digital Compact (GDC), UN DPI Safeguards Framework, and the Principles for Digital Development, are critical, as they establish global norms that provide a basis for cooperation, even in the face of shifting political realities.  

As an important milestone in this global norm setting, the GDC was the first international agreement to recognize DPI’s importance across all 193 UN member states. It simultaneously established a foundation for implementing safeguards and inclusive digital cooperation and set the stage for the UN DPI Safeguards Initiative.  

In 2024, the Safeguards Initiative published the Universal DPI Safeguards Framework, providing key principles that can be supported and upheld by policies and practices. This framework elaborates how one of the nine Digital Principles – Anticipate and Mitigate Harms – can be applied in practice to DPI.  

These consensus documents provide globally-recognize reference frameworks that help countries and other actors implement DPI safeguards that work for their unique contexts. potential AI applications that build services from the data generated across these layers.  

Donors can support national governments and others to make necessary policy and institutional improvements that help mitigate potential for – and consequences stemming from DPI misuse. This might be direct support, or it might come through sectoral investments (such as those focused on health or agriculture) to ensure that these initiatives are adhering to good digital practices and advocating for digital safeguards as relevant. To frame the discussion, our speakers provided three possible approaches donors can take to advance effective safeguards.  

1. Prioritize quick wins. In a world where aid dollars are shrinking, participants recognized that support can only go so far. At the same time, they pointed to low-hanging, relatively inexpensive options for support such as strengthening online mediation and arbitration options that provide individuals with recourse options in case of misuse or abuse. In India, for example, there is an emerging ecosystem of organizations who mediate disputes between companies and customers and provide quick legal recourse. Companies in this ecosystem rely on very small commitments from networks of lawyers and promote mediation before judicial action. Therefore, they can be supported by relatively small dollar amounts and help establish new partnerships, providing a low-cost avenue to scale dispute and recourse mechanisms, both of which are critical safeguards.  
2. Promote adoption of global norms. Donors can also signal to their institutions and others the importance of integrating strong digital safeguards into any initiative, not just those with a specific digital focus. Signaling can start with a formal endorsement of the norm setting efforts previously mentioned, and by helping to elaborate how these norms translate into practice. For instance, the Digital Principle Anticipate and Mitigate Harms points actors to the UN DPI Safeguards Framework for practical ideas of advancing this principle in the context of DPI. To go even further, donors can embed these norms and principles into request for proposals and grant agreements. This signals to partners that they should dedicate time and resources to good digital practices.   
3. Surface good practices. Digital ecosystems are dynamic, and new risks can emerge rapidly. The DPI field, on the other hand, is relatively new, and our collective understanding of DPI safeguards is still developing. It is critical to surface and share insights and data collected against robust metrics that measure adoption and outcomes. For example, when DIAL set out to study organizations handling online dispute resolution, we were unable to find basic information such as: how many disputes were filed? How many of those were settled? How often are people able to successfully settle in their favor, rather than in favor of a large corporation? Systematically collecting data against these types of questions will help surface which safeguards to prioritize and how to improve services to ensure better outcomes for people.  

During the discussion, Kenya was presented as a pertinent case study into the role of civil society organizations (CSOs) in turning DPI safeguards from written policies to tangible outcomes for people. Kenya’s recent attempts at digital ID highlight how, on one hand, engaging civil society can help accelerate inclusive DPI adoption. On the other hand, excluding their voices can lead to failed systems and diminished trust in government.  

Kenya’s first attempt to modernize identification in the country was called the Huduma Namba program. In 2019, around 36 million Kenyans registered for a new ID number under the program. This effort was undertaken without consulting civil society, and in 2020, the impacts of this oversight became all too clear. CSOs lodged a complaint with the High Court, which agreed that the scope of the data captured was overly extensive and did not follow adequate data protection measures. This was a clear victory for people-centered data practices but cost the government an estimated $115 million in sunk costs to the suspended Huduma ID.  

The current administration is trying again, this time with the Maisha number. Civil society is speaking up early and often, in an effort to help avoid the mistakes of the past. One example of this is the advisory paper published by Strathmore University, Centre for Intellectual Property Information and Technology Law (CIPIT) and Amnesty International. The advisory paper presents data governance principles and provides recommendations to include migrant communities and other marginalized groups. The government has also held a series of breakfast meetings to ask civil society organizations what they would like to see with the new digital ID.  

While it is too early to tell if these efforts will be sufficient, the participants noted that there are some early positive signs. The government has held mobile registration rallies targeted at youth outside of Nairobi, indicating some intentional effort to push for inclusion. On the other hand, the government has not yet clarified other questions raised by civil society such as: Will the system accommodate diverse naming practices? Will use of the Maisha ID be mandatory? Will the costs be passed onto individuals, as they have been with the e-Citizen portal? And, will they continue to require people to “authenticate” that they are Kenyan, a process which excluded many marginalized groups from Huduma registration? While the Cabinet Secretary has said that this will not be required, the law has not yet been amended and thus there is no legal clarity.   

This example illustrates the key role that CSOs play in advancing a rights-based approach. Without their engagement, governments are more likely to engage primarily with actors focused on commerce and trade, which could result in prioritizing economic growth over data privacy and human rights. Similarly, even when there are government agencies tasked with safeguarding systems, such as the Data Protection Commissioner in Kenya, they might not have the level of independence needed to fully hold the government to account in cases of overreach and misuse.  

Global cooperation efforts such as the UN Safeguards Framework can help CSOs hold governments accountable, for example, by giving them a basis on which they advocate for inclusion by design. Donors can play a role in supporting, signaling, and surfacing good practices. And yet, as participants noted, global norms and evidence-based research goes nowhere on its own –  CSOs must be able to use this work to use it to push for policy changes and action.  

The discussion ended with a call to action: For the Safeguards Framework and other global cooperation efforts to work on the ground, concerted action is needed. We need to iterate on existing guidance so that it becomes increasingly practical. For example, if a country does not have the capacity to implement all safeguards at once, where should they start? What safeguards are more or less relevant for countries, depending on their digital maturity levels? 

 With these considerations in mind, the DPI community is working to put theory into practice, integrating safeguards in digital development projects, funding instruments, and implementation frameworks – and actively engaging the CSOs that are advocating to ensure that DPI delivers on its promise to uplift people and communities.