Fundamentally, DPI should be developed using open protocols and modular services, rather than
            monolithic applications that constrain adaptability. Inclusive co-design practices – such as engaging
            marginalized communities through user interface workshops, pilot programmes and participatory
            service design – have proven effective in increasing system legitimacy and usability. Moreover, DPI
            investments must extend beyond initial infrastructure build-out to include regular cybersecurity
            testing, system upgrades and preparedness for offline-dominant environments. These measures
            are vital to ensure that DPI systems remain secure, adaptive and equitable as they evolve over time.


            8.3     Promote human rights and digital trust


            DPI can only be as robust and legitimate as the trust it inspires among its users. Trust must be
            cultivated deliberately through technical safeguards and institutional accountability. The principle of
            PbD, central to the GDC, ensures that user autonomy and control over personal data are embedded
            at every stage of system development. Advanced technical approaches such as zero-knowledge
            proofs – which allow users to verify credentials without disclosing underlying information – have
            gained traction in international forums, including the G20. These innovations are complemented
            by legal instruments like mandatory Data Protection Impact Assessments (DPIAs), which enable
            governments to proactively identify and mitigate privacy risks before large-scale DPI deployment.


            Institutional trust, meanwhile, depends on transparency and procedural fairness. Establishing
            independent oversight bodies – such as data protection authorities or digital ombudspersons –
            ensures that DPI systems are subject to public accountability. These bodies should be complemented
            by real-time transparency tools, including open APIs, public dashboards and audit logs that are
            accessible to citizens and watchdog organizations.

            Trust and human rights must be treated not as downstream outcomes of DPI, but as design
            principles from the outset. The World Economic Forum (WEF, 2023) underscores that DPI systems
            grounded in trust frameworks enhance digital sovereignty and enable equitable participation
            in the digital economy. As the UN-led DPI Safeguards Working Group released its multisectoral
            governance framework. The imperative is clear: address risks associated with safety, inclusion,
            structural vulnerabilities through around 300 recommendations and practices to be followed in
            DPI design (Digital Public Infrastructure Safeguards, n.d.).

            A rights-based approach to DPI further ensures that citizens maintain meaningful agency over their
            data, particularly in cross-border data ecosystems characterized by emerging frameworks such
            as “Data Free Flow with Trust” (DFFT) (WEF, 2023). To this end, governments must embed ethics
            codes, privacy laws and procedural safeguards into DPI architectures.















                                                                                                          45