Have you seen something? Share it securely.

Tracking how donor-funded identity systems are shaped by architecture, influence, and implementation.

Have you seen something? Share it securely.

Tracking how donor-funded identity systems are shaped by architecture, influence, and implementation.

Our Mission

Digital identity systems are being deployed globally through open-source platforms and large-scale development funding. But who defines the architecture? Who benefits from its adoption? And what happens when governance is shaped not by law—but by technical configuration?

Our mission is to examine the structural dynamics behind donor-funded identity systems—particularly where platforms like MOSIP are introduced under the language of openness but implemented ahead of legal safeguards, institutional readiness, or national oversight.

This observatory collects structured evidence from practitioners, insiders, and implementers to understand how such platforms are promoted, financed, and embedded—often before public frameworks or accountability mechanisms are in place.

We provide a confidential, secure channel to contribute documentation, testimony, or signals—toward greater transparency, legal alignment, and structural integrity in digital identity governance.

What We Are Seeking to Understand

Each question includes optional guidance for whistleblowers, consultants, civil servants, or partners involved in implementation.

What platform or technical stack was actually used in the project?

Was MOSIP used as-is, forked, or replaced?
Which components were retained, discarded, or replaced with proprietary solutions?

Was MOSIP adoption tied to funding, procurement, or pilot requirements?

Did ID4D or any other donor suggest or require MOSIP use to unlock financing?
Were alternative options considered and rejected? Why?

Which organisations were contracted for implementation?

Who delivered the system (by name)? Were they involved in earlier technical assistance or platform design?
Was the same vendor awarded post-pilot contracts?

Was a legal basis in place before system deployment?

Was data protection law enacted before or after the identity system went live?
Did any team member or legal authority raise red flags?

Were local institutions involved in system architecture decisions?

Who made the final decisions—donor teams, consultants, or national ministries
Were national data protection authorities, parliaments, or civil society consulted?

Were any project outcomes changed post-disbursement?

Was the final ID system different from what was proposed to the donor?
Were any project documents modified during or after implementation?

Were there known governance or compliance concerns during rollout?

Was biometric overcollection raised? Was consent only technical, or legally grounded?
Were any elements silently removed from the “open” stack?

Do you know team members or advisors who shaped technical decisions?

Please name teams or institutional units, not individuals unless public (e.g., “digital transformation unit,” “UNDP advisor,” “World Bank regional lead”).

Was MOSIP suggested, recommended, or mandated by donors during project design?

If yes, which agency or advisor proposed it (e.g., ID4D, GIZ, UNDP, World Bank country team)?
Was the justification technical, financial, or political?

Were loan conditions (World Bank) explicitly or implicitly tied to MOSIP adoption?

Was a comparison of multiple platforms allowed, or was MOSIP treated as the default?
Were these conditions discussed transparently with national stakeholders?

Did the loan or grant negotiation involve MOSIP Foundation staff or affiliates?

Were MOSIP team members present at funding meetings or part of World Bank technical missions?
Did donor-side advisors have pre-existing relationships with MOSIP?

Were any advisors, consultants, or technical assistance personnel directly affiliated with MOSIP?

Do you know of any secondments, overlapping roles, or past employment links?
Were these disclosed formally in project documentation?

Did any national or donor advisor promote MOSIP while also advising procurement or architecture choices?

Were these roles independent and disclosed, or blurred across multiple functions?

Was MOSIP part of the negotiation, or was it presented by ID4D on MOSIP’s behalf?

Who led the technology due diligence?
Were local institutions given space to evaluate MOSIP independently?

Were national oversight bodies (parliament, data protection authority, audit office) informed about the donor-platform linkage?

Were they aware of the MOSIP relationship and technical implications?
Was the system ever independently reviewed or audited?

Do you have meeting notes, correspondence, or TORs that describe how MOSIP was introduced into the funding dialogue?

Especially minutes from project preparation, pre-appraisal, or grant committee review phases.

Were any consultants working for the World Bank, ID4D, or partner agencies also involved with MOSIP directly or indirectly?

Did they hold any formal or informal advisory role in the MOSIP Foundation, Technical Committee, or developer network?

Do you know of individuals who were paid through ID4D or donor technical assistance programs while also contributing to MOSIP’s architecture or deployment?

Was this dual involvement declared in contracts or hidden in side arrangements?

Were any consultants promoting MOSIP while simultaneously receiving contracts or honoraria from both sides (World Bank and MOSIP or MOSIP promotors like ITU, GIZ & GovStack)?

Please describe any known arrangement, even if informal or indirect.

Do you have any evidence or insight into how consultants benefited personally, professionally, or financially from endorsing or positioning MOSIP in country programs?

For example:

Early access to procurement roles
Preferential contracting
Public attribution or influence leveraged for further engagemen
Speaking fees, advisory retainers, or travel covered by both entities

Were there visible patterns where the same individuals circulated between ID4D missions and MOSIP engagements across countries (e.g. Ethiopia, Nigeria, Morocco)?

Did this influence national decision-making or suppress alternative options?

Were any disclosures made—or omitted—regarding these relationships in project documentation, review panels, or technical missions?

Add an answer to this item.

OPTION 1: UPLOAD DOCUMENTS ANONYMOUSLY

Submit files or short messages without using email or logging in. No IP tracking. No cookies.

PGP public key download: https://cryptpad.fr/file/#/2/file/4aSdY+atZWKQgWEdHPK48Y+8/

Upload securely:
(Use https://cryptpad.fr/drive/#/2/drive/edit/dee5r1nHeYTBwV16EJOFSl8k/)

Accepted formats:

Procurement files
Redacted PDFs or internal reports
Screenshots or technical logs
Short notes or testimonies

OPTION 2: SEND ENCRYPTED EMAIL (PGP)

OPTION 1: UPLOAD DOCUMENTS ANONYMOUSLY

Use PGP encryption to protect your message and any attachments.

PGP public key download: https://cryptpad.fr/file/#/2/file/4aSdY+atZWKQgWEdHPK48Y+8/

Send to: worldbankandmosip@proton.me

Recommended tools:

Mailvelope (Browser)
ProtonMail (Encrypt to non-user
Thunderbird with Enigmail
GPG (CLI)

OPTION 3: USE PROTONMAIL (NO SETUP)

OPTION 1: UPLOAD DOCUMENTS ANONYMOUSLY

OPTION 3: USE PROTONMAIL (NO SETUP)

If you already use a secure email service:

Send to: worldbankandmosip@proton.me

This ensures end-to-end encryption without needing a PGP setup.

World Bank & MOSIP Monitor

Have you seen something? Share it securely.

Have you seen something? Share it securely.

Our Mission

What We Are Seeking to Understand

We have your best interest in mind!

OPTION 1: UPLOAD DOCUMENTS ANONYMOUSLY

OPTION 1: UPLOAD DOCUMENTS ANONYMOUSLY

OPTION 1: UPLOAD DOCUMENTS ANONYMOUSLY

OPTION 2: SEND ENCRYPTED EMAIL (PGP)

OPTION 1: UPLOAD DOCUMENTS ANONYMOUSLY

OPTION 1: UPLOAD DOCUMENTS ANONYMOUSLY

OPTION 3: USE PROTONMAIL (NO SETUP)

OPTION 1: UPLOAD DOCUMENTS ANONYMOUSLY

OPTION 3: USE PROTONMAIL (NO SETUP)