An assessment of the legal and regulatory framework supporting the implementation of the National Integrated Identity Management System (NIIMS) in Kenya

This study sought to establish the elements that constitute comprehensive legal and regulatory landscape for successful digital identity system establishment and implementation. Subsequently, the study sought to assess whether these elements were present in the establishment and implementation of the National Integrated Identity Management System (NIIMS) in Kenya. The study adopted a qualitative approach, data was obtained firstly, through literature review that provided background information to the study. Secondly, semi structured interviews were undertaken on purposively selected key informants. The study established that the elements that constitute a robust legal and regulatory framework for digital identity (ID) establishment and implementation include presence of a constitutional provision on the right to privacy; existence of a digital ID law governing the establishment of the system; amendment of laws relating to the registration of persons; existence of a data protection law; existence of an overarching law governing the digital economy among others. Largely, most of these elements were present in Kenya. However, the legislative approach adopted in crafting digital ID law in Kenya was wanting. This has undermined effective implementation of the NIIM system by among other things eroding public confidence in the system. The study concluded that effective operation of the system hinged on the existence of a robust and comprehensive legal and regulatory framework that will engender users' trust in the system. In this regard, the study recommended review of the existing legal framework to ensure that it underpins both the foundational and functional aspects of the NIIM system. Policy Significance Statement This study is significant to policymakers in several ways. First, it outlines the set of laws that countries must enact prior to implementing digital identity systems in their jurisdictions. Further, the study provides best practice cases of successful digital identity systems implementation across the world, which policymakers can use as a benchmark to ensure successful digital identity implementation. Thirdly, the results of this study can be used by policymakers in regional bodies such as European and African Union to develop a digital identity system legal guidebook that guides member states seeking to establish and implement digital identity systems. Overall, the result of this study supports policymakers in establishing a robust, inclusive, legal, and trusted digital identity systems.