Submission Guide

Introduction

In order for a digital solution to be recognised as a digital public good, the solution must conform to the definition of digital public goods. This definition has been operationalised via a set of indicators which collectively are referred to as the DPG Standard.

Requirements to be a DPG

All digital solutions will be reviewed by the Digital Public Goods Alliance’s technical review team to ensure it meets the requirements of each indicator of the DPG Standard. Take this eligibility test to assess if your digital solution can become a DPG – it only takes 5 minutes.

In order to apply to be recognised as a digital public good, you’ll need the following information:

1. SDG RELEVANCE

Digital solutions must demonstrate relevance to one or more of the SDGs (Sustainable Development Goals).

Evidence required:  A description that links the digital solution to the SDG targets detailed under each SDG. This will be required for each SDG that the solution may cater to.

2. OPEN LICENSING

Digital solutions must use an approved open license.

Evidence required: A public link that explicitly mentions an approved open license. Refer to the list of approved open licenses that are accepted.

3. CLEAR OWNERSHIP

The organisation that owns the digital solution must be clearly defined.

Evidence required: Link(s) to the copyright, trademarks, or publicly available ownership documentation for the digital solution. Examples include a webpage that clearly defines who owns the digital solution or Terms of Service that indicate ownership. Additional legal documentation that provides supporting information will strengthen your application.

Digital solutions owned by a parent organisation could highlight this connection on their website to strengthen the application.

4. PLATFORM INDEPENDENCE

Digital solutions must not be locked into a specific vendor or product which creates a dependency in order to operate. Any mandatory dependencies that create more restrictions than the original license should have an open alternative. Non-mandatory dependencies may be replaced with open alternatives without making significant changes to the core digital solution (the source code).

Evidence required: Applicants must provide a description of how open-source components are independent and/or list the open alternatives for any closed component(s).

Applications should be able to demonstrate that closed components can be replaced with open alternatives with minimal configuration changes and without requiring a major overhaul of the entire system. This requirement can be best answered by a technical member of your team.

5. DOCUMENTATION

Digital solutions must have strong documentation. The documentation should allow a technical person unfamiliar with the solution to launch and run the digital solution themselves.

Evidence required: A detailed description of how the solution is documented as well as link(s) to all relevant documents.

For software solutions, documentation could include an open repo, technical specifications, functional requirements, etc. For data sets or solutions, documentation could describe all the fields in the set, and provide context on how the data was collected and how it should be interpreted. For content, documentation could include relevant compatible apps, software, or hardware required to access the content and any instructions on how to use it.

For more details on documentation best practices, please visit this link.

6. NON-PII DATA EXTRACTION

Digital solutions must have mechanisms for extracting or importing non-PII (non Personally Identifiable Information) data from or into the system in a non-proprietary format if non-PII data is collected or used.

Evidence required: A detailed description of how the non-PII data can be imported or exported into non-proprietary formats such as CSV/XML/JSON etc or by exposing the non-PII data through APIs.

7. PRIVACY & APPLICABLE LAWS

Digital solutions must comply with relevant privacy, domestic, and other applicable international laws.

Evidence required: If the digital solution collects PII data, then link(s) to the privacy policy, terms of service, or other relevant legal documentation must be provided.

To strengthen the application, applicants are encouraged to provide a list of the relevant laws that the digital solution complies with in the relevant jurisdiction. Some examples include: General Data Protection Regulation (GDPR), Indian IT Act, Persons with Disabilities Act 2020, Canadian Disabilities Act, Americans with Disabilities Act of 1990, etc.

8. OPEN STANDARDS & BEST PRACTICES

Digital solutions must comply with relevant standards, best practices, and/or principles.

Evidence required: A list of the open standards, best practices, and principles that the digital solution adheres to with relevant links wherever possible. Here is a list of open standards and best practices that you may find helpful.

9. DO NO HARM BY DESIGN

Digital solutions must ensure that steps are taken to anticipate, prevent, and do no harm.

Evidence required:

a) If the digital solution collects, stores, or distributes PII data, then a list of the types of data collected, stored, or distributed is required along with a detailed description of the steps taken to prevent adverse impacts resulting from its collection, storage, and distribution to ensure the privacy, security, and integrity of this data.

b) If the digital solution collects, stores, or distributes content, then a detailed description of (1) the policies for identifying inappropriate and illegal content, and (2) the processes for detecting, moderating, reporting, and removing inappropriate/ illegal content.

c) If the digital solution enables interaction between users, then a detailed description of how the project enables users and contributors to protect themselves from harassment as well as link(s) to relevant policies such as a code of conduct.

Application Process

1. APPLY: We respect your time, so we created a custom application to guide you through the requirements.
2. REVIEW: After you submit the application, our technical team will review it in detail against all the indicators of the DPG Standard to ensure adherence.
3. RESULT: If your application meets all the requirements of the DPG Standard, it is recognised as a digital public good and featured on the DPG Registry. The DPG owner then joins the DPG practitioner community.
4. VALIDITY: DPG status is valid for a period of one year from its approval. This is to ensure that all solutions comply with the latest version of the DPG Standard. All applications undergo an automatic review process at the end of the year. In case certain parameters have changed or further clarifications are needed, the review team will reach out over email.
5. EXPIRY: In case the solution fails to meet the DPG Standard even after your response, or there is no response received, the solution will be marked as ‘Expired’ and be removed from the DPG Registry.

The information you provide will be in the public domain and licensed as such (currently through the Unlicense). Your name and contact information will remain private.

Who can apply?

Only an authorised representative of the project can submit the application on behalf of the organisation(s) or individual(s) that own the project.

Do you have an FAQ page I can visit to guide me through my application journey?

Yes! Please visit this page for more details.

How much time will it take to review my application?

We try to review all applications within 30 days of submission. But this can vary depending on the volume of applications received at any given time. You can read our review policies and process for more detail.

Where can I track the status of my application?

The status of your applications can be tracked from your dashboard as well as this URL: https://app.digitalpublicgoods.net/a/[ID], where ID is the application ID of your submitted application.

Who do I contact if I have more questions about the application process?

Please send an email at hello@digitalpublicgoods.net.

The information you provide will be in the public domain and licensed as such (currently through the Unlicense). Your name and contact information will remain private.