NIIMS -A professional Point Of View
Mradi Bora or Bora Mradi? A Professional View on NIIMS – 3/4/2019
Over the last two months or so, there has been an ongoing public debate on the “Huduma Namba” initiative, more formally referred to as the National Integrated Identity Management System (NIIMS). The project is expected to cost the tax payer Six Billion Kenya Shillings, with some of the major human rights bodies seeking to block it through litigation.The High Court has given the greenlight to government to proceed with the project launch, but with caveats not to make it mandatory or tie it to access to public service. There is likelihood for appeal and counter-appeal, and to disregard the caveats. The Senate too has demanded that the project is halted until the two ministries driving it answer questions raised by the law makers. Amongst their questions is whether the new identification numbers under NIIMS will replace the national identity card.
We are yet to study the full ruling and reasons by the Court for its decision, but in the circumstances, we would have expected some caution on the part of all major parties, more so government, before roll-out. As professional informaticians (INF), we are wary about the quality of advice the executive have been given on this matter. We appreciate the growing concern and engagement of other professions in informing national governance narratives, and Information Technology should be no exception.
As this public discourse goes on, IT professionals have not pronounced themselves loudly and effectively. Whereas Kenya is respected globally as an innovation hub and regional source for thought leaders in technology, the same cannot be said for some of the projects initiated by the government. The school laptops project is largely viewed as a failure because implementers focused on delivery of equipment without looking at a holistic picture of what was required to deliver a successful and sustainable initiative. We gather that certain experts advised on the need to setup computer laboratories that would serve as the central hub to support early adoption and learning for primary school students, but their insights fell on deaf years. Now the country has had to retreat on the laptops project and walk a different path that could have been taken from the onset had experienced IT professionals who have no other interest than the well-being of this great nation been listened to. A comprehensive system engineering and design, complete with buy-in and public participation should have preceded any roll-out.
Once again we are at a pivotal point where we the citizenry must demand for “Mradi Bora” not “Bora Mradi”. We do not seem to have learnt any lessons, not even the single-sourced 13 billion security system. We continue to initiate ICT projects without public participation and well-structured engagement with the industry. Kenya (both public and private sectors) have lost multi-billion shillings in ICT systems that are either cost-inefficient or underperform, e.g. voting and financial management systems, to name just two. As government makes every effort to stop wastage and pilferage in public spending, same should happen for ICT systems. We encourage the Auditor General to undertake a technical and financial 2 audit of ICT systems deployed in government the past 10 years to expose the rot; we would be pleasantly surprised if it is less than a trillion shillings.
For the NIIMS project, firstly, let us dispel some myths and untruths: the numbers allegedly being satanic has no scientific or biblical basis whatsoever. Equally, excluding the DNA capture initially cited is welcome news. This has tempered the otherwise dire need for Privacy and Data Protection laws, which nonetheless Kenya should have enacted long ago. In effect, to have a single number and card (often called smartcard) which contains all necessary citizen information (national ID, driver’s license, etc), like Estonia has and Rwanda tried is in itself very noble.
In terms of project scope, the government has indicated that the NIIMS project will involve biometric registration of all Kenyans and Foreigners living in the country. Once registered on NIIMS, each individual will be issued with a unique “Huduma Number (Namba). This will apply to Kenyan citizens, foreigners and refugees. In effect, this will become the single source of truth for population data and used by all government agencies as part of service delivery to the citizenry.
To contextualize our key queries, we would like to highlight a number of government systems currently in place that are able to meet part of the intended scope and objectives.
- According to the Ministry of Interior and Coordination of National Government, the Integrated population registration system (IPRS) is the single source of truth for population of all Kenyan and foreign residents in Kenya. On the official government website, it is rightly called: ‘one-stop shop for all the population data’. A convincing technical reason why not to simply upgrade IPRS hasn’t been laid anywhere.
- Also according to the Ministry of Interior and Coordination of National Government, the National Registration Bureau (NRB) is responsible for identification, registration and issuance of identity cards to all persons who are citizens of Kenya and who have attained the age of eighteen years and above. The department also maintains an electronic database of registered Refugees and Foreign nationals.
- Prior to the 2017 General Elections, the Independent Election and Boundaries Commission registered 19,611,423 Kenyans. This included biometric registration through what was referred to as the BVR (Biometric Voter Registration) system. According to IEBC, the BVR system captured a voter′s facial image, finger prints and civil data or Personally Identifiable Information (PII)-Name, gender, identity card/passport number, and telephone number.
- In 2017, the Ministry of Education launched the National Education Management Information System (NEMIS), a platform that is used to digitally register all primary and secondary school pupils. All students registered are given a unique identification number that is used to track their performance from primary to tertiary education.
A key question is why the government did not opt to use, upgrade or enrich IPRS or NRB for Huduma Namba? Setting up a Master Data Management system (MDM) should have been 3 easy given the fact that IPRS, NRB, NTSA, and KRA all use the National ID number as the unique reference. Secondly, if the main driver was to capture citizens below the age of 18, why not leverage the data in NEMIS. Last but not least, if over 19 million Kenyans recently did biometric registration for the 2017 elections, why did the government not choose to access, cleanse and update this biometric data for purposes of Huduma Namba? The data would then be amalgamated into a central database (or even a block-chain) after proper verification. The various government agencies would then be required to securely integrate into this data warehouse through Application Programming Interfaces (API) based on various use cases like citizen verification and know your customer (KYC). With biometrics – both finger-print and facial, we would have a system as good as any other world over to secure our borders.
Overall, there is no sound basis for NIIMS that the systems listed above cannot address in technical terms. Matters are made worse not only by the haste, but also why single source bespoke systems that are no rocket science? This, at a time when the new ePassport is also being introduced, and a national census just round the corner. And there’s even no mention of how all these exercises would leverage each other for cost containment. A country in dire need of resources to provide the very basics to its citizens, including the dying hungry, would be more prudent in expenditure.
We find ourselves in a very precarious position as professionals. At our very core is a desire to support the digitization program being driven by the government, for a myriad of reasons like transparency, efficiency, security and improved service delivery. However, this needs to be well thought through with a strong business case and solution that leverages existing investment at a time when our country is faced with a significant budget deficit.
The six billion shilling question is whether we are interested in Mradi Bora or Bora Mradi. We are well alive to the possibility of this professional opinion being ignored, and the project proceeding as-is. But one day Kenyans shouldn’t say they were not forewarned!
INF George Njuguna, Chief Information Officer (CIO) and CIO of the Year 2018!
Dr (INF) Shem Ochuodho, ICT Hall of Fame Member
*The views expressed herein are personal and do not represent any organizations we are