Which digital issue will be at the top of this year’s agenda at the United Nations, the G20, the Internet Governance Forum and the BRICS summit [1]? This theme will be addressed again at TRUSTECH Paris during the Government Identities conference, using the three-letter acronym “DPI” to designate the concept of a “Digital Public Infrastructure”.

While the concept is simple to say, remember and use, it is not as straightforward to understand and apply. Its name refers to its nature as an infrastructure. However, it is not, strictly speaking, a physical infrastructure: servers, networks, connectivity, and the cloud, as we might expect from the references of the past. Similarly, the word “public” does not refer specifically to the public sector, as there are also DPIs deployed by the private sector, but rather to the infrastructures designed to bring digital inclusion and benefits to a wider public. In fact, only the word ‘digital’ seems to be appropriate in this context.

In this article, we will try to explain what a DPI is, reveal the underlying trends that are bringing them to the fore today, and briefly describe some of the work being done to ensure quality and sustainability in their implementation. Finally, we will try to determine whether this is a conceptual evolution or a genuine revolution in the global digital approach and nations’ strategies.

Picture with a network of digital lights interconnected

Understanding DPIs

A good way of approaching the concept of Public Digital Infrastructure is to start by discussing its purpose and then its timeframe. The specific aim of DPIs is to create digital infrastructures that are robust, resilient and usable for a multitude of purposes. By definition, a DPI is intended to be inclusive, simple and robust. It aims to encourage widespread adoption and use. Its temporality is in line with the digital society we have inherited from Lockdown, which states that it is possible to share basic application layers for all digital transactions and calls for these basic modules to be integrated into the basic infrastructure, enabling digital transformation to take place on a different scale.

The Digital Public Infrastructure (DPI) is designed to be highly adaptable and versatile, using modular building blocks that allow it to meet a wide range of needs and contexts. DPI development is based on interoperability, using standards, structured programming interfaces and common or shared protocols. Modularity makes it easier to integrate the development of new technologies, application modules or AI into data. Finally, databases are usually federated to guarantee confidentiality and cybersecurity and to minimise risks.

A DPI is built on a triple foundation: organised data exchange (with managed consent), digital payment (often instantaneous) and digital identity.

The building blocks of DPIs, derived from or attached to these foundations, can guarantee their consistency and scalability:

  • Reliable records and verifiable identities. They are used for identification, authentication, KYC (Know Your Customer) and the entry of functional records.
  • Data aggregators enabling data to be exchanged and reused according to formats and processes for certifying titles or verifying attributes.
  • Tools for managing consent and different types of digital signature.
  • Programming interfaces for opening, discovering and managing transactional flows
  • Digital payment management modules for different types of individuals or legal entities.

 

In short, a DPI is designed as a “digital transformation superhighway”, with a large, robust capacity that is already equipped to handle high-volume transactions and remain scalable. It provides a basis for building digital services. It allows innovation while guaranteeing security and confidentiality.

Of course, DPIs have their historical references, i.e. achievements that have truly transformed the digital landscape in countries large and small the world over. They are, so to speak, champions. Among the most frequently cited examples are Estonia, with its X-Road data exchange infrastructure; India, with its famous ‘Indian Stack’ combining Aadhaar (identity), UPI (payments) and DEPA (data governance); and Brazil, with PIX, its instant payment system. In these three countries, mass adoption and widespread use have profoundly transformed people’s habits and won over a very broad cross-section of the resident population. X-Road, for example, has been adopted by nearly 25 countries and has more than 500 million users worldwide [2]. In India, the “Indian Stack” has helped to bring tens of millions of Indian households into the middle class and contributed significantly to the economic growth of the country, which is set to become the world's third-largest economy before the end of the decade. Finally, in Brazil, the roll-out of PIX has reached 80% of the adult population, i.e. 140 million users, and in terms of inclusion, half of them have made their first digital payment with PIX.

Behind these few well-known cases, there are many other achievements that can also lay claim to the title of DPI, even if they are better known on a national or regional rather than a global scale. In Europe, in addition to the continuation of pilot projects (PEPPOL [3], CEFACT, etc.) and the new regulation (EU 2024/903) for public sector interoperability, a facilitation framework has been created with the European Digital Infrastructure Consortium [4]. In fact, there are now programmes with the name “DPI” in almost every country in the world [5].

DPIs are now also being considered as part of major sector modernisation projects. In India, for example, an education DPI is used to serve 265 million pupils, more than 9 million teachers and one and a half million schools. In the UK healthcare sector, the NHS has built a system for ‘Fast Healthcare Interoperability Resources’ (FHIR) [6], which is a set of components for the structured use of messages, APIs and other digital documents. In Singapore, a number of projects, including APEX Cloud [7] and the Tech Stack provide a standardised approach to data and transactions that meet the needs of government agencies, citizens and businesses. Projects are also flourishing elsewhere in the world, and the use of DPIs is being considered in areas like justice, agriculture and the environment [8].

 

The DPI phenomenon at the crossroads of underlying movements

Having looked at the concept of the DPI, its aims and its main components, it is interesting to take a closer look at the DPI as a historical phenomenon. We understand that the DPI has become a symbol for the implementation of digital inclusion and the effective digital transition of usage in the major emerging countries. Which underlying movements have converged to bring this new concept of digital public infrastructure to the fore?

It is appropriate to begin by recalling the impact of the global COVID-19 epidemic on the adoption of digital technologies. The world has changed when it comes to online collaboration and data-sharing tools for work, education, health and long-distance relationships. Services, electronic transactions and contactless payments have been made accessible to people thanks to the exchange of structured data through mobile terminals and the cloud.

The next logical step was to observe a much more complete transition from dematerialisation to ‘datafication’, the process of transforming electronic exchanges into digital data. “Datafication” takes advantage of digital formats to generate and analyse data, leading to more structured, granular and efficient operations. It is also what is currently driving developments in artificial intelligence.

One of the consequences of this “datafication” is the growing convergence of payments and identities (registers, titles and attributes), both in terms of the information processed and the formats used: encryption, tokenisation, titles, etc. This trend towards more integrated, secure and user-friendly digital interactions with interoperable formats is also reflected in the rise of electronic wallets (see our last article). This digital convergence makes it possible to address transactional schemes and services according to their respective levels of requirements.

Another of the ambitions behind the DPI is to create a third way in the search for “efficient digital technology”, somewhere between a formalisation of services that is too dependent on third parties and a use that is confined to government technologies and infrastructures that would be too inflexible. The idea of using an application infrastructure that allows components to be reused and interoperable “by design” aims to reconcile the best of both worlds through the economic efficiency of sharing and rapid, agile deployment while maintaining a genuine capacity for strategic autonomy.

In this respect, the joint working groups within the BRICS make no secret of the important role of DPIs in the member countries’ strategic plans, so that they can apply their appropriate digital sovereignty strategies. Russia is another example of this, having successively equipped itself with large interbank information systems like SPFS and electronic payment systems like MIR, launched in 2014, to become virtually autonomous in this area in just ten years.

However, the decline of the major international ecosystems should not close our eyes to the fact that DPIs also embody this quest for digital efficiency through the use of open standards and interoperable components. In this sense, it is more of a lever for defragmenting digital silos. It can contribute to a new form of usable, accessible and coherent management of information systems and promote gains in economic productivity, discovery and innovation.

As we can see, the enthusiasm for DPIs, which began with the need for rapid digital inclusion of the populations of emerging countries, has become the more elaborate fruit of developments in society and the digital economy, at the same time, being influenced by the geostrategic digital policies of the major global players.

 

Seeking shared guarantees and requirements

While “Digital Public Infrastructures” offer many opportunities, they also carry significant risks. Several types of risk are involved. There are significant risks to human rights, such as privacy and freedom of expression. There are also organisational or governance risks that can lead to institutional failure or a deterioration in management quality. Implementing long-term projects also involves sensitive issues, including funding, dependency and inadequate support for releases, all of which can have an impact on the services delivered. Finally, there are technical and technological risks, such as system failures, data compromise or other cybersecurity impacts.

Aware of these threats, the United Nations, through the UNDP, has launched a “DPI Safeguards [9]” initiative. This involves bringing together a large number of international players and building a framework and strategies to mitigate the risks of DPIs. Work is underway to define universal principles, to define a transparent design and policy framework, to put in place proven integration processes with systematic testing and phased deployment, and to carry out recurring risk assessments. The aim also seems to be to ensure that the future digital transformation highways that DPIs are intended to be can meet interoperability and security requirements and be based on known and evolving international standards.

 

Conclusion

The international enthusiasm for DPIs has given rise to the idea of a revolution in global digital practices with the aim of creating highways for digital services and transactions that are versatile, interoperable and, to a large extent, replicable because of their modularity. Will the results demonstrate that these ambitions are justified? It is difficult to say yet, but the next five years will be decisive in this area.

 

Join us in a few months’ time to discuss the latest developments and the changing needs of governments in relation to DPIs at TRUSTECH 2024.

 

Written by Guy DE FELCOURT, Public Affairs Consultant Digital Society & Identity focus - Author and University Lecturer.

 

[1] 2024 Summits: The G20 Summit in Rio de Janeiro, the United Nations Global Digital Compact in New York, the Internet Governance Forum (IGF) in Riyadh, Saudi Arabia, and the BRICS Summit (Brazil, Russia, India, China, South Africa) in Kazan (Russia)

[2] https://x-road.global/xroad-world-map

[3] See https://peppol.org/learn-more/peppol-interoperability-framework/ and also https://unece.org/trade/uncefact

[4] https://digital-strategy.ec.europa.eu/en/policies/edic

[5] See some of the projects identified by India after the 2023 G20 summit at https://www.dpi.global/home 

[6] https://digital.nhs.uk/services/fhir-uk-core

[7] https://www.developer.tech.gov.sg

[8] Examples on the UNDP website https://www.undp.org/sites/g/files/zskgke326/files/2023-12/undp-accelerating-the-sdgs-through-digital-public-infrastructure-v2.pdf

[9] https://www.dpi-safeguards.org/