Digital public infrastructure (DPI) is a term I’ve been hearing with increasing frequency over the last year. DPI are core digital systems that enable governments to function better and ensure that people, organisations and governments can interact, exchange information and access services securely and easily.
But how prevalent is DPI and how does it differ from previous ways of governments doing digital infrastructure? And, connected to its function in delivering better public services, can it play any role in reversing the erosion of trust between citizens and their governments?
One person who is involved in these debates is Krisstina Rao. The Berlin-based Rao is a Research Fellow at University College London and manages the DPI Mapping Project undertaken by the university’s Institute for Innovation and Public Purpose. The map aims to advance understanding of the state of DPI around the world by developing a baseline dataset on DPI initiatives and highlighting best practices around their development.
I sat down with her to discuss the emerging area of DPI and the issues around it.
A different way of doing digital services
Undertaking a high level scan of 210 countries, the DPI Mapping Project identifies three key areas in which DPI is being implemented: digital identity systems which enable residents to verify their identity once and, thereby, access a range of government services; digital payment systems that have a public interest operator and can facilitate real-time financial transactions; and digital data exchange systems that share data across sectoral/national levels, including sharing data crucial to public service delivery.
While these systems have been in existence for some time, Rao contends that the DPI concept that now increasingly underpins their development is relatively new.
For a very long time, especially in digital development, tech was being sold to governments as a way to solve problems at scale. But they were not taking into account what it means for tech to be absorbed into government IT departments or service units. What typically ended up happening is governments ended up paying for software and hoping that they could keep it up to date, scale it up and scale it down and modify and customise it, depending on their needs as they emerged. The problem was the capacity to manage it wasn’t ever in these government departments, it was always outsourced to a vendor. And what ended up happening is that a lot of these vendors became, as is the nature of markets, rather locked into this ecosystem, [and] it was very difficult for governments to pull out. If stuff was not working for them, they couldn’t leave these [software] agreements. These agreements were also often very expensive.
DPI involves a rethinking of how governments, particularly in global majority countries, invest in digital services and which aspects they outsource versus which they build capacity to manage internally.
It doesn’t involve governments investing in software repeatedly for every new use case. We are trying to say, think about what is common among all these procurements and invest in that as infrastructure, and try to own and operate it yourself. So, you have less dependency on these vendors, which creates a certain amount of sovereignty and autonomy that comes with you owning and operating this infrastructure.
Another difference involves investing in digital infrastructure to not only solve problems at scale but using a tech stack that can be repurposed across multiple government departments and functions.
Previous ways to create digital transformation have typically been siloed vertical stacks that the health department is building, the transport department is building, that the social welfare department is building, etc. And what’s happened is that while it’s transformed workflows and value chains in public administration and service delivery, it’s not actually transformed the way that governments actually invest in digital and helped them create accessible service for citizens.
As well as using the same technological building blocks, DPI also involves developing common delivery standards, common data pools or lakes, and governance guidelines to guide the work across different departments and services and ensure uniform quality.
Origins of the mapping project
The project to map the international prevalence of DPI started about two years ago. The inspiration was that a handful of countries – India, Brazil, Estonia, etc – were starting to adopt this approach and there was discussion that it had benefits, and more countries should be adopting it.
But this felt very loose as an argument and it didn’t seem grounded at all, and we realised that we just needed to prove this empirically and maybe even prove the statement wrong. Because what we truly believed was that DPI was way more prevalent than people were saying.
Initially the project didn’t involve mapping, “it was just a framework for thinking through this is what we can measure and this how we can measure it. What does DPI look like from a public administration point of view but also from a technological point of view, what is the governance approach, etc.”
Over time, as more data was gathered, the mapping concept evolved. The map contains all the publicly available data on the prevalence of the three key DPI types that Rao and her team can find. “If there is more data out there it needs to come from new sources.” The team are currently contemplating using AI tools to help with web scraping to try and source additional data. They also want to create more sustainable data sourcing pipelines with DPI practitioners who may be closer to things happening on the ground.
While Rao believes “the map is impactful and useful if the people who come to it find the data useful,” she is also thinking about different sets of users and what they might take away from it.
Researchers and funders will take away one thing. Others, for example DPI practitioners in the Latin American and Caribbean region are very interested in cross border transactions. How does DPI enable cross border data transactions for them? This is also a very big thing in Africa. So, we are interested to see what a regional deep data dive would look like.
Measuring the impact of digital public infrastructure
The question of how to isolate and evaluate the impact of specific DPI initiates – something that is deliberately not measured in the map – is a complicated issue.
Evidence is very sparse right now. Which is why us talking about prevalence and just setting out what DPI is across the world, rather than diving into impact, mattered to us. And now we feel like there is more credible evidence on the impact coming up. To me, if it is working it means it is being used as a tool or an infrastructure. And then I would look at adoption metrics, like how many IDs are being issued or how many transactions are taking place. Who is using DPI for what kind of service delivery? How seamless is that service delivery, how inclusive. Things like that.
Some view DPI as having the potential to play a role in reversing the erosion of trust that is occurring in many countries between citizens and their governments. As I wrote in a recent article, it was one of the topics that dominated discussions at the recent Open Government Partnership Summit 2025, in Vitoria-Gasteiz, Spain.
I am a researcher, so I am never thinking in absolutes,” says Rao. “I don’t know that there is enough evidence to say that adopting DPI is co-related with a government that is enjoying high trust.
But there are, Rao maintains, indications of DPI’s benefits in other areas, which could arguably have a part in generating greater public trust in government. She cites the example of India’s digital ID system, known as Aadhaar. It uses a 12-digit unique identity number that can be obtained voluntarily by all residents of India, based on their biometric and demographic data. A mixture of open source and proprietary tech, approximately 90 per cent of the country’s 1.4 billion citizens now use Aadhaar in their interactions with everything from social welfare services and university entrance to employment and taxation.
It plugged, I don’t know the exact number, between 30-40% of financial leakages… So, any issues with corruption, any issues with middlemen absorbing money that is otherwise supposed to flow to the poor, all of those got quelled.
Apart from obvious short term impacts, such as saving costs and more efficient administration, Rao believes there is also merit in thinking about DPI’s longer term impacts. “Things like, how are competition and markets affected? How is it changing entry or exit barriers in a certain market? Is it enabling value creation at news layers of the technology stack? These are metrics that are very poorly understood.”
The role of open source technology
Another aspect of DPI not measured by the mapping project – and of particular interest to Link Digital – is the prevalence of open source software.
We did not want to look for open source, because if we did, we would kind of be imposing an unintentional performance benchmark on countries. For us to be able to track from a desk based methodology point of view, whether a government is using open source or not, is also a bit of a misnomer, involving all kinds of complex questions. A government might start by using open source tech, but might fork it and then have a proprietary vendor come and work on other aspects of it, etc.
There are also important questions in terms of the support that governments can get for using open source applications, what is the vendor support ecosystem and how can DPI based on open source technology be made sustainable over the long term.
That said, these kinds of questions are emerging, and they are only emerging because open source is becoming a bigger and bigger part of the conversation as countries think through how to build their DPI. If it wasn’t so, then it [open source] would be an afterthought.
The importance of safeguards
One issue Rao is very keen to emphasise concerns the provision of adequate safeguards for DPI. This is particularly important given that the narrative around DPI is sometimes very technology led.
We need to look at how this tech is not existing in an isolated bubble. It is being absorbed in an institutional set up that is going to be subject to the same kind of vulnerabilities as any other institution. So, you need to think about how this technology is going to be absorbed and how it creates value for a bunch of different people and not just some. But also, it doesn’t take away value from any of them. Safeguards became an important way to think about this.
One framework that governments can operationalise to ensure their DPI development includes adequate safeguards is the Universal DPI Safeguards Framework, which is based on United Nations principles. In its second year of development, the framework looks at principles such as do not harm and do not exclude, etc, as well what does a particular DPI initiative mean for market dynamics and competition.
Safeguards has become very much a way for governments to think about implementation, but from a people first lense. So, you think about these principles being implemented alongside the technology being absorbed, regardless of whether it is open source or proprietary. To what extent are you creating a stack that is almost entirely dependent on proprietary tech? Are you creating the same vendor lock-ins that you were trying to run away from? I would say, before safeguards existed there were just a lot of sticky questions around thinking through the governance of DPI and safeguards has now created a vocabulary and a sort of tool kit for not only governments but other stakeholders to think about their implementation issues.
