Other links:

Other links:

Digital Public Goods 101

The unprecedented digitisation in public life in India is founded on collection of massively  successful public goods. But these have critical gaps in social appropriateness

Digital  public good

1.2 billion biometric records

36 crore daily transactions

Current use-  cases/impact

  • Used for large variety of applications:
    • Welfare Disbursal and DBTs
    • PDS/Ration Systems
    • Deduplications of Taxpayer/Voter  Registries
    • Covid Vaccination Records
  • In addition, enables KYC verification in a large  set of private applications.
  • One of the largest transaction systems in the  world.
  • Considerably enhanced ease of doing business.
  • Adoption and penetration even in rural  areas.


  • Legal ambiguity over current use-cases given SC position, no clear regulatory authority.
  • Excessive imposition of Aadhar may also lead to arbitrary exclusion and distrust.
  • Transactions are not anonymous.
  • Loosely regulated 3rd party apps
  • Receipt system not independently verifiable



Digital  public good

25 crore linked health records

8 largest banks
already in network

Current use-  cases/impact

  • Currently in pilot stage, but digital health IDs  have already been created for all Indian citizens.
  • Already crucial for supply change management  for Covid response.
  • Expected to create Electronic Health Records for  all  citizens,  shareable  and interoperable across  all healthcare providers
  • Will allow intermediary services to gather all of  a consenting user’s data from different Financial  Information Providers in one place, and share  with all requesting Financial Information Users.
  • Potentially one of the largest account  aggregation systems in the world, with SEBI  additionally participating in the project.


  • Inadequate threat modelling for privacy and security.
  • Centralization of processes, when healthcare is primarily a state subject.
  • The basic framework (and user protections) here  are based on NITI Aayog’s Digitial  Empowerment and Protection Architecture  (DEPA), which is still only at draft stage.

In the spotlight

The national digital health mission is an actively unfolding  case study of the complexities public goods need to navigate.


Healthcare is a state subject. The push for digitisation in the healthcare sector  is centre-led. This is problematic for a number of reasons:

  1. Health ID based access  using a centralized  protocol vulnerable to  breaches/abuse in the  absence of (binding)  laws that regulate data  analysis and processing.
  2. Any health intervention  needs buy-in from the  grassroots level  (regulated by the  states) and trust from  different communities in  order to succeed.
  3. Consent-based  approach presents a  false choice. Possibilities  of exclusion or  difficulties in accessing  healthcare.

Some of these fears have already been vindicated:

30 to 40 million individuals’ data compromised in  ransomware attack

It is particularly revealing to examine cases where consent is supposedly collected: is the consent meaningful or false?

The National Health Authority has announced that participation in the creation of digital health IDs is completely optional. BUT:


AIIMS-Delhi, which sees a footfall of 15-18k a  day and long delays, has made access to care  easier if patient registers for ABHA IDs1.

Is a citizen with an urgent health need really in  a position to opt-out?

The use of the Co-WIN app is formally optional.  But everyday life often requires it. 40% of all  ABHA IDs originate from Co-WIN2.

Can a citizen who needs to install the

application to receive the vaccine really consent?

Study at Ashoka

Study at Ashoka