In Uganda, a national digital identity system funded by the World Bank was supposed to bring millions of citizens into the formal economy. Huawei built the infrastructure. Today, according to a year-long Bloomberg and Lighthouse Reports investigation published in 2024, that system is the backbone of a surveillance state, used to track political opponents, silence journalists, and target critics of the government.
On 5 April, Prime Minister Balendra Shah’s Cabinet approved $185 million in loans: $90 million earmarked for the Digital Nepal Transformation Project. The World Bank loaned $50 million and the Asian Development Bank (ADB) chipped in $40 million. The stated goals are familiar: an integrated citizen services portal, a national social registry, a government-wide data exchange, a digital locker for verifiable credentials, the digitisation of land administration.
Efficiency, inclusion, modernisation, in short.
With an almost two-third majority in the legislature, the leaders of the current government have acted and communicated unilaterally in their own terms. The Prime Minister has not addressed the nation after over a month of the formation of the government. The institutional mechanisms, constitutional bodies and bureaucratic forces are riddled with outdated governance, incompetent staffs, and corruption.
Elected on a promise of clean and competent governance, the government has so far shown more appetite for digital infrastructure than for the oversight frameworks that make such infrastructure safe.
Dovan Rai, a computer scientist and executive director of Body and Data is a strong critic of what she sees as precursors of authoritarianism and a surveillance state. “I support digitalisation on a technological level, but we must understand the negatives and positives of it first,” she says.
She speaks of The Digital Nepal Framework 2019, as a good document because it includes economy, agriculture, health, education. But what it lacks is the consultation over it, and the prerequisite question of ‘how are we going to keep the data safe?’ Data protection laws must come before the drive for digitalisation in Nepal.
Nepal’s total public debt stood at Rs2.878 trillion by mid-March, 47.13% of GDP. Members of Parliament raised concerns about the borrowing, adding to a chorus that has grown across party lines as successive governments have turned to foreign loans to fund an expanding range of programs.
The RSP government inherited a fiscal situation under strain, and its first major borrowing decision was to go deeper. The $185 million digital transformation loan is co-financed by the World Bank and ADB under a new joint lending mechanism called the Full Mutual Reliance Framework, supposedly designed to reduce duplication and move faster.
The World Bank approved its portion in February; the ADB followed in March. What the 5 April Cabinet meeting did was formally accept what had already been agreed in Washington and Manila. The RSP government did not negotiate this deal, it signed on the dotted line.
The remaining $95 million from the World Bank is designated for a Sustainable and Inclusive Development Project covering social protection and environmental goals. The SDG framing is broad enough to resist easy scrutiny – precisely the kind of mandate civil society organisations have criticised the World Bank for. Inclusion rhetoric creates political cover for moving quickly, before countries have built the capacity to govern what gets built.
Nepal has been trying to issue national digital identity cards since 2009. The program was funded in its earlier phases by the ADB and has moved slowly. By mid-2025 nearly 66% percent of applicants had not collected their ID cards even though biometric data, fingerprints, facial images, of 9 million Nepalis had already been collected. But no card.
The new project would consolidate biometric records into an integrated national registry, link them to land records, social protection access, and government services, and create a single data exchange through which ministries can share citizen information. However, Dovan Rai urges us to ask a critical question: what are we willing to compromise for convenience?
Nepal’s digital capacity in both software and hardware is limited. Although the government claims that ownership of the data rests in its own hands, dependency on foreign entities is inevitable, and the country’s procurement history bears this out.
From Oberthur Technologies to IDEMIA, from the ADB-funded identity program to the World Bank-backed digital transformation project, foreign firms and multilateral lenders have shaped the architecture of Nepal’s identity infrastructure at nearly every turn.
Nepal has not yet disclosed which vendors it intends to use for the new digital transformation project, but its established relationship with IDEMIA, cemented through repeated, and at times non-competitive, contracts, makes the question of continuity worth pressing.
A Bloomberg and Lighthouse Reports investigation spent nine months examining digital ID programs in Uganda, Mozambique, and the Democratic Republic of Congo, all funded in part by the World Bank, all justified in the language of inclusion and development, all producing outcomes their architects did not advertise. In all three countries, the investigation found that the systems had disproportionately enriched technology vendors rather than served the public.
Foreign technology firms dominate Africa’s biometric ecosystems, IDEMIA and Thales from France, Semlex from Belgium, Huawei from China. African governments typically financed these projects through World Bank loans, creating procurement dependencies that shaped which companies won contracts and on whose terms. Nepal’s own record suggests it is not immune to this pattern.
The question of who builds the system, under what contractual terms, and with what access to the data, already urgent in the African context, is one that Nepal’s new, technology savvy Parliament has not yet asked loudly enough.
Perhaps digitalisation drive should not be the priority at all for Nepal. “Without undermining the required efficiency in the process of governance … if we do not have the capacity to digitalise on our own, if we are not going to be transparent about our process of acquiring vendors and even then if it is taking years to procure them, for people to to get their IDs, then why are we doing it?” asks Rai.
Countries like Nepal whose GDP are smaller than the net worth of big tech firms must participate in the global digital market with caution, and with safeguarding mechanisms in place.
Body and Data researched the National ID, where bureaucrats have expressed problems over retaining IT staffs and skilled workers for maintenance of the infrastructures. Without procuring them, government services actively use Big Tech platforms like Facebook to publish their notices, with critical identifying information such as citizenship number or license number.
Even when infrastructure like the Nagarik App already exists, why is the government allowing its agencies to publicly disclose citizens’ information through social media platforms?
For the RSP government, digital governance is not the test of whether the portals get built or the cards get issued in a single day. It is whether the government that champions digitalisation and efficiency also builds enough safeguarding mechanisms for our digital identities.
The loans have been approved. The project is moving. Nepal has 9 million people’s biometric data sitting in government servers, under no legal framework that governs its use. It is about to add 10 million more.
Ayusha Chalise is a communication and development scholar specialising in how politics is experienced in the digital space. She contributes the Cyberia column for Nepali Times.