DIGIT

DIGIT is an open-source, configurable, extendable, modular, digital infrastructure that enables local governments to deliver municipal services to citizens in an efficient, inclusive, and transparent manner.

Website: https://www.digit.org/

Type of Digital Public Good

  • Open content
  • Open data
  • ✅  Open software
  • ✅  Open standard
  • Open AI model

1. Is it relevant to one of the Sustainable Development Goals?

  • 9. Industry, Innovation and Infrastructure

    Evidence: SDG 9, our work is closely aligned with Target 9.1, "Develop quality, reliable, sustainable and resilient infrastructure, including regional and transborder infrastructure, to support economic development and human well-being, with a focus on affordable and equitable access for all". Effective local government, which is able to provide local infrastructure and services, is key to inclusive development at the last mile, and enabling local governments to collect resources and deliver services in an efficient & transparent manner enhances their capacity to deliver the conditions for well-being, sustainability, and innovation. Our work also aligns with Target 9.c, leveraging local intermediaries to provide digitally-enabled access to services to populations that may otherwise have to rely on physical channels, or have difficulty accessing services at all.

    Link to Evidence: http://13.232.68.160/impactbook/

  • 11. Sustainable Cities and Communities

    Evidence: At eGov, we see our work as fitting with the themes of SDG 11 - Sustainable Cities and Communities - and SDG 17 - Partnerships for Development. SDG 11 - Some key targets that our work supports include: • Ensuring access for all to adequate, safe, and affordable housing and basic services • Enhancing capacity for participatory, integrated, and sustainable human settlement planning and management • Reducing the adverse environmental impacts of cities, including by paying special attention to municipal and other waste management • Developing effective, transparent, and accountable institutions at all levels

    Link to Evidence: http://13.232.68.160/impactbook/

  • 17. Partnerships to achieve the Goal

    Evidence: At eGov, we see our work as fitting with the themes of SDG 11 - Sustainable Cities and Communities - and SDG 17 - Partnerships for Development. SDG 17 - To make cities work for citizens requires collaborative efforts that reach across every sector of economy and society. We place great emphasis on collaboration and co-creation because urban governance is an inherently complex problem. We think of the ecosystem in terms of three sectors: samaaj (society), sarkaar (government), and bazaar (market or industry). The ecosystem first approach is what differentiates eGov from organisations that seek to identify “what works” and then scale that solution. We aim to create networks of trust and partnership that enhance local capacity to solve - so that the diverse challenges of urban India can be met by a wide range of local solutions, each effective in its own context.

    Link to Evidence: http://13.232.68.160/impactbook/

2. Does it use an appropriate open license?

Yes, this project is licensed under the following license(s):

3. Is ownership clearly defined?

Is the ownership of the project and everything that the project produces clearly defined and documented?

Yes

If yes - please link to the relevant copyright, trademarks, or ownership documentation for the project.

https://www.digit.org/about-us/

4. Does the license of libraries/dependencies undermine the openess of the project?

Does this open project have mandatory dependencies (i.e. libraries, hardware) that create more restrictions than the original license?

No

If yes - are the open source components able to demonstrate independence from the closed component(s) and/or are there functional, open alternatives?

Not Applicable

If yes - please describe how the open source components are independent and/or list the open alternatives for the closed component:

Not Applicable

5. Is there documentation?

Does some documentation exist of the source code, use cases, and/or functional requirements. For software projects, this should be present as technical documentation that would allow a technical person unfamiliar with the project to launch and run the software. For datasets and data projects, this should be present as documentation that describes all the fields in the set, and provides context on how the data was collected and how it should be interpreted. For content collections, this should indicate any relevant compatible apps, software, hardware required to access the content and any instructions about how to use it.

Yes

If yes - please link to the relevant documentation:

6. Is non PII data and/or content accessible?

Does this project collect or use non-personally identifiable information (non-PII) data and/or content?

Yes

If yes - is there a mechanism for extracting or importing non-personally identifiable information (non-PII) from the system in a non-proprietary format?

Yes

If yes - describe the mechanism for extracting or importing non-personally identifiable information from the system in a non-proprietary format:

DIGIT supports the creation of reports and dashboards, using tools such as Elastic Search and Kibana. These tools support export of data in most commonly used formats, e.g. CSV. The responsibility for and capability to access data lies with the government entity/ies who are using DIGIT to deliver municipal services, rather than with eGov.

7. Does the project adhere to privacy and other applicable international and domestic laws?

Has this project taken steps to ensure adherence with relevant privacy, domestic, and international laws? For example, the General Data Protection Regulation (GDPR) in the European Union or the Supplementary Act A/SA.1/01/10 on Personal Data Protection for the Economic Community of West African States (ECOWAS) (yes/no)

Yes

If yes, please list some of relevant laws that the project complies with:

  • Information Technology Act, 2000 (as interpreted by the Supreme Court of India in the Puttaswamy - 1 judgement)
  • Personal Data Protection Bill (Draft bill)

If yes, please describe the steps this project has taken to ensure adherence (include links to terms of service, privacy policy, or other relevant documentation):

8. Does the project adhere to standards and best practices?

Does this project support standards? (i.e. Web Content Accessibility Guidelines (WCAG) 2.1 or other standards such as those listed on W3C)

Yes

Which standards does this project support (please list)

  • Rest API Definitions
  • OpenAPI Specifications Transfer Protocol
  • HTTPS Storage and Query
  • SQL PII Encrypted using
  • AES/GCM/NoPadding
  • Data Layer SQL PII Encrypted using
  • AES/GCM/NoPadding
  • Service Layer RestAPIs
  • OpenAPI 3.0 JSON HTTPS
  • Frontend - JavaScript, HTML CSS

Can you point to evidence of your support? (i.e. please link to your validator, open test suite, etc.)

Was this project built and developed according to or in adherence with any design, technical and/or sector best practices or principles? i.e. the Principles for Digital Development?

Yes

Which principles and best practices does this project support (please list)

  • 1. Ecosystem-Driven
  • 2. Interoperability through Open APIs and Open Standards
  • 3. Inclusive
  • 4. Minimalistic
  • 5. Privacy and Security by Design
  • 6. Unbundling
  • 7. Designing for Evolvability and scale
  • 8. Transparency and Accountability through Data
  • 9. Non-Repudiable
  • 10. Domain Modeling
  • 11. Federated Architecture
  • 12. Ensuring extensibility through the use of layered design
  • 13. Multi-Channel Access

9. Does the project do no harm by design?

Has this project taken steps to anticipate, prevent and do no harm by design?

On the whole, does this project take steps to ensure that it anticipates, prevents and does no harm by design?

Yes

Is there any additional information you would like to share about the mechanisms, processes or policies that this project uses to avoid doing harm by design?

DIGIT takes the following mitigation steps: Secure by default, Privacy by Default, ensures ownership of Data must reside with the user, consent is sought and stored, and data is purpose limited.

9.a. Data Privacy & Security

Does this project collect or store personally identifiable information (PII) data and/or content?

Yes

If yes - please list the types of data and/or content collected and/or stored by the project:

  • We collect information/data (“data”) to improve and provide better services to you.
  • We collect and process PII such as your first name, last name, parent’s / guardian’s name, address, email address, telephone number, age, gender, identification documents.
  • We may collect your educational, demographic, location, device and other similar information.
  • We collect information such as Internet Protocol (IP) addresses, domain name, browser type, Operating System, Date and Time of the visit, pages visited, IMEI/IMSI number, device ID, location information, language settings, handset make & model etc.
  • However, no attempt is made to link these with the true identity of individuals visiting the mSewa App.

If yes - does this project share this data and/or content with third parties?

Yes

Please describe the circumstances with which this project shares data and/or content with third parties. Please add links as relevant.

  • We use this data to serve you with the best civic experience, such as providing digital complaints systems, creating dashboards of ULB activities, etc. We collect only such data as serves these objectives. Specifically:
  • - We process this data as necessary to provide you with the services you are requesting.
  • - We may process, disclose, or share certain metadata, as well as aggregated and anonymised data, in order to assess and improve the status of such service delivery over time.
  • - We may disclose or share this data to/with employees and/or contractors of the urban local body, state government, or other government agencies, service providers, whose role requires them to view or use this information in order to perform their official duties, including providing you the service(s) you are requesting.
  • - Resolving any disputes that may arise with respect to the transactions/deals that you may conduct using the app/website.
  • - Monitoring user activity and preferences as evidence from user’s activity on app to provide a better experience in future.
  • - Detecting, investigating and preventing activities that may violate our policies or that may be illegal or unlawful.
  • - Conducting research or analysing of the user preferences and demographics as statistical data and not as individual data.
  • - We may disclose or share this data in order to comply with the law or any legal process, including when required in judicial, arbitral, or administrative proceedings.
  • - Payments made through the mSewa App/website are processed via secure payment gateways.
  • - We will not process, disclose, or share your data except as described in this policy or as otherwise authorized by you.

If yes - does the project ensure the privacy, security and integrity of this data and/or content collection and has it taken steps to prevent adverse impacts resulting from its collection, storage and distribution.

Yes

If yes - please describe the steps, and include a link to the privacy policy and/or terms of service:

DIGIT implements the following in its core architecture: authentication, authorization and data encryption to guarantee data privacy and security.
Encyption techniques- https://core.digit.org/focus-areas/data-security/encryption-techniques
Privacy Design - https://core.digit.org/focus-areas/privacy/privacy-design

9.b. Inappropriate & Illegal Content

Does this project collect, store or distribute content?

No

If yes - what kinds of content does this project, collect, store or distribute? (i.e. childrens books)

Not Applicable

If yes - does this project have policies that describe what is considered innappropriate content? (i.e. child sexual abuse materials)

Not Applicable

If yes - please link to the relevant policy/guidelines/documentation.

Not Applicable

If yes - does this project have policies and processes for detecting and moderating innappropriate/illegal content?

Not Applicable

If yes - please describe the policies and processes for detecting, reporting and removing innapropriate/illegal content (Please include the average response time for assessment and/or action. Link to any policies or descriptions of how inappropriate content is handled):

Not Applicable

9.c. Protection from harassment

Does this project facilitate interactions with or between users or contributors?

No

If yes - does the project take steps to address the safety and security of underage users?

Not Applicable

If yes - please describe the steps this project takes to address risk or prevent access by underage users:

Not Applicable

If yes - does the project help users and contributors protect themselves against grief, abuse, and harassment?

Not Applicable

If yes - please describe the steps taken to help users protect themselves.

Not Applicable

Development & deployment countries

List of countries this project was developed in.

  • India

List of countries this project is actively deployed in.

  • India