Draft Competition Outline

As we move out of our research phase, we are excited to share our draft competition outline for the Lost Children prize. Please review the competition direction and criteria below. What criteria are missing? Is the timeline for teams to overcome these challenges achievable? Please share any thoughts, ideas, or comments you may have in the discussion below.

**Competition Overview:
**The Lost Children XPRIZE is a two-round competition that challenges teams to develop and deploy innovative solutions that streamline and expedite the process of acquiring and maintaining accessibility of legal identity, including birth registration, for children. The prize will take place in one country split into various regions.

**The winning team will:
**Develop an accessible and secure birth registration and legal identity acquisition technology that is interoperable with core government systems and meets the best standards of identity systems; and use the system to provide birth certificates and national ID, if and where applicable, to the largest number of children within a limited amount of time.

**Draft Round 1: Solution Development (6 Months)
**The first round of the competition challenges teams to develop a user-friendly and secure software and application that streamlines the process of obtaining a birth certificate or other legal identity and allows the user to maintain a digitally retrievable copy.

Draft Criteria:

  1. Accessibility
    a. Digital and accessible both online and offline
    b. User-Friendly

  2. Security
    a. Data storage safety and security
    b. Access authentication
    c. Access limited to end user
    d. System or technology ownership

  3. Interoperability
    a. Can be integrated with data from National ID and Healthcare Systems

Draft Round 2: Solution Deployment (12 Months)
The top solutions are invited to participate in the second round of the competition which is the deployment and testing of the solution in a selected country. While all competing teams will have different solutions, the end result of all of their efforts during this round will be legally recognized and verified birth certificates and national identification if the child is of age. Teams that are able to provide these forms of identification to the largest number of children in the time period while demonstrating user-friendly and cost-effective solutions will win the XPRIZE competition.

Draft Criteria:

  1. Cost effective
    a. Information can be uploaded and sent to the government rapidly
    b. No more than one physical visit to a government office to obtain birth certificate or identity document
    c. End users are not charged for using platform or solution

2)Pace and Efficiency
a. Number of birth notifications received by civil registry office
b. Number of birth certificates issued

Ok…this looks, at first glance, like a decent, working challenge criteria outline. Here then, are my first thoughts:

Regarding: ‘The prize will take place in one country split into various regions.’

This condition must mesh (operationally) with this later one:

'The top solutions are invited to participate in the second round of the competition which is the deployment and testing of the solution in a selected country. ’

That is, the number of regions demarked in the designated country would need to be the same as the number of ‘top solutions’. This would seem clear and obvious. But this raises some potential issues regarding the ‘split’:

1] demarked regions need to be relatively ‘equal’ in terms of total geographic size,

2] relatively equal in refugee and/or total population size (this includes total urban and rural populations), and

3] relatively equal topography (rougher terrain – more heterogeneous geography – may make accomplishing the challenge criteria by a challenge team – in terms of access – more difficult than a less topographically heterogeneous region).

Resolving these issues may be challenging in and of themselves, before any XPrize even begins.

Now, there is also the large issue/question of selecting a challenge country. This may be more or less challenging depending upon political connections and governmental willingness (and societal) to take part in an XPrize challenge.

Now the top challenge solutions need not by tested on an actual refugee population, but on a willing population in the designated nation (people will need to ‘sign on’ to the challenge, since they will be agreeing to have their children as ID test subjects (and thus data security will be paramount and assured).

Ok, those are my initial comments. Feel free to critique them, positively or negatively. :slight_smile:

MR

The draft competition outline looks okay. There might be some significant supporting aspects to consider too.

Identity systems are potentially very controversial. This was debated in the UK (identity cards) and the idea was quashed. As with many new technologies it is not that the benefits were judged insignificant, it was that the potential for abuse (and error) were too concerning. So there might need to be a significant amount of legal preparation and discussion with the relevant government and its agencies before the challenge can start.

This might also include how the data is handled, both during the challenge and beyond. It is likely that strict safeguards will be required to guarantee that all personal data is erased after the challenge - unless the system is to be adopted as the national system.

Whenever research uses personal data, research ethics require that volunteers are accurately informed as to how their data will (and will not) be used. They are also given the option to change their mind and have all of their data removed. Given that this challenge is for an ID system, good practice in research ethics should be followed. This also has an influence on the nation to be selected: is the country and its government stable and considered to have a high degree of integrity both now and in the foreseeable future? Perhaps ironically though, a lost children ID system might have greatest need in countries that do not meet this criteria. A point worthy of much reflection.

We should also be mindful of the fact that prototypes, by their very nature, are often imperfect and that presents a significant extra challenge when considering data privacy and system security.

@akb - you wrote:
‘Perhaps ironically though, a lost children ID system might have greatest need in countries that do not meet this criteria. A point worthy of much reflection.’

INDEED.

I suspect that the rejection of previously proposed ID systems was at least partially politically motivated…data security is often a ‘cover’ for ideological/political opposition*; consider that billions of people world-wide routinely offer up our personally identifying information (including location data) every time we use a Social Media platform or app…given this (and despite calls for more data security on SM platforms), the objection that ID systems for refugees (especially children who are in imminent danger of being trafficked for a number of purposes) carry data security risks – thus preventing their implementation – seems a bit exaggerated or even disingenuous. Nonetheless, politics are real.

Perhaps we need a research model to follow from an established research institute or organization, such as the NIH (in the US) or WHO (global) which, for example, are currently engaged in epidemiological programs world wide; more specifically, consider the Global Polio Eradication Initiative working in Pakistan, Afghanistan and Nigeria which currently administers vaccines to tens of thousands (or more)…each person receiving a vaccine must be documented for future tracking and any possible booster shots, etc. …this data may be consider comparable to personal ID data (for refugees). How do these global programs get permission to conduct their programs and overcome these ‘data security’ barriers?

Perhaps also, as @akb has suggested previously, the program should be overseen by the UN (as a supra-organizational entity with global access via UN charters and convention signatories, etc.) – although this introduces a layer of (global) bureaucracy that XPrize administrators might balk at.

  • Regarding ideological-political ‘opposition’ once you grant official/legal ID to hundreds of thousand or millions of refugees, you now have to acknowledge that they exist; they can no longer be ignored or ‘silently’/covertly shifted to another nation’s borders/territories (“not our problem, it’s their problem.”) or worse…

All good points @marz62 and it seems that there is a balance that might need to be struck between the potential bureaucracy (and slow pace) of an internationally respected body and the agile, exploratory, process of an innovation challenge.

Right, definitely. upon reflection, my word choice of ‘overseen’ was perhaps mis-chosen; a better word (and idea) would be ‘partnership’ (as in a partnership between XPrize and the appropriate UN agency). No doubt XPrize is already contemplating this – as on the initial ‘Lost Children’ forum the question was posed as to what other organizations/entities that serve refugee populations were already in place, etc.

Also: I assume that 'off line" refers to the need for a ‘low tech’ option/alternative in locales where cellular networks and/or internet access is intermittent or lacking.

I think this is a great challenge and will provide much needed stimulus to innovate in an area which has been done the same way for years…and is clearly failing many countries.

BUT…to make this challenge drive real change and impact, the choice of country is critical. It will be necessary to find a country that embraces the concept of a “legal sandbox” for the duration of the solution deployment. If solutions can only be deployed if they are aligned with existing legal and regulatory frameworks then we should not expect any great breakthroughs as these laws will probably constrain what’s (legally) possible .

Furthermore:

[list]

  • The minimum standards of a birth registration should be stipulated e.g. the data fields that must be collected, the level of trust required for each record, the quality of the data captured etc.
  • It should be made clear that the personal and confidential data cannot be held or processed in any non-encrypted form by the competition entrants.
  • The Round 2 Criteria: "Number of birth certificates issued". It would be better to be less specific as this sounds like a paper certificate. I would suggest a permanent form of legal ID which can be used for online/offline authentication.
  • That's enough for now...more to come!

    All great comments in this discussion. I am most tuned in to marz62’s comments about the political issues. I am concerned that we may have a better technology to do this, but how to get through the recipients’ questions, stated and/or thought, “What’s in this for me? Why should I trust this government to keep this information on me?” Also, the solutions proposed here are pointed at Third-World cultures: would people in First-World cultures be willing to use them? Sorry if my seemingly left-wing, non-technical questions seem non-relevant here.

    Thank you very much for the opportunity to comment on this very valuable competition and very important prize.

    I would suggest that in addition to “Information can be uploaded and sent to the government rapidly”, the competitors should be challenged to have their systems achieve deep integration and buy-in from the local government. Competitors should aim to develop solutions that are seen by the governments as potential feasible and sustainable long term solutions for the civil registration organization of the governments themselves.

    Some responses to the previous three comments (in three separate comments):
    @duffus75 - you wrote:
    “the choice of country is critical. It will be necessary to find a country that embraces the concept of a “legal sandbox” for the duration of the solution deployment.”
    > Agreed. Certainly the conducting of this XPrize will need to comport with all local/State laws/legal requirements (in the test country). You may want to clarify the phrase ‘legal sandbox’ in the context of this XPrize.
    Also: I agree that encryption of all data collected (even while experimental, or propositional, in the context of an XPrize) would be mandatory.
    As for you final comment (Round 2) and a “permanent form of legal ID”…this may be tricky; the 'deliverables of the XPrize should be a viable (legal, etc.), secure (encrypted, privacy-protected), and efficient (‘robust’ under the conditions of a putative refugee camp) refugee identification system…However, it need not be “permanent” or even 100% “legal” – in the context of the XPrize Challenge – that can come later in the ‘targeted’ refugee population (should the solution be adopted in some form). Rather, it need only be viable, secure and efficient (as noted and/or as defined by the designers) FOR THE PURPOSES of the XPrize challenge.

    @HumTraffBdMbr - your questions:
    1] “What’s in this for me? Why should I trust this government to keep this information on me?”
    It seems, at first consideration, that the answers to your questions MAY come down to basic Public Relations…Plus, an appeal to people’s humanitarian values and concerns. Developing trust (as always) and finding the right ‘test bed’ population on which to conduct the XPrize challenge would be key preconditions.
    2] Also, the solutions proposed here are pointed at Third-World cultures: would people in First-World cultures be willing to use them?
    Yes, perhaps the ‘first world’ (now called 'developed world, as contrasted with ‘developing world’) population could be the aforementioned ‘test bed’ population; so, we might have a ‘twofer’ (i.e., a test bed population AND a ‘buy in’ from a developed world nation, or sub-population within that nation). But you might want to clarify for us WHEN this use (of a proposed ID system) by a developed world culture would be/is to be adopted.

    @mbratschi - responding to your comments/points:
    “the competitors should be challenged to have their systems achieve deep integration and buy-in from the local government.”
    So, I see two points/goals here:
    1] achieving ‘deep integration’
    and
    2] achieving ‘buy-in’ from the local government
    Now it looks as though you address both these points (above) with the second part of your comment, to wit: '“Competitors should aim to develop solutions that are seen by the governments as potential feasible and sustainable long term solutions for the civil registration organization of the governments themselves.”
    > ‘feasible and sustainable…for the civil registration organization of the governments themselves.’ Yes, this would potentially enable the ‘deep integration’ you speak of…I am assuming that this mean integration with current governmental bureaucracy…which would also encourage ‘buy-in’ (re: ease of integration with existing bureaucracy). Much of this would be test country-dependent (and perhaps a function of our political relationship with that country).
    Also, we cannot assume that matters such as legal identification (of citizens and/or refugees) are handled by a ‘civil registration org’; they may in fact, be controlled by a military infrastructure or government (‘military regime’) and/or authoritarian/security state* – which is often the case when talking about refugee populations (from war-torn nations or regions) ‘spilling’ into neighboring nations.
    As for ‘sustainable’…I agree, this is an optimal outcome, but one that may not be provable or demonstrable in a limited-time-frame XPrize challenge (this is an issue/challenge for any adopted/introduced innovative system; political tides – ideological shifts – can tear down hard-won socio-political innovations in very short time periods).
    *This can be the case even with US-friendly states or allies, such as Pakistan, which is essentially run by its military.

    Apologies for this belated comment…I want to briefly address the point by @duffus75 - “It should be made clear that the personal and confidential data cannot be held or processed in any non-encrypted form by the competition entrants.”

    This is an important point, and presumably, it would apply to ALL parties – before,during and after the XPrize challenge time frame. That said, there arises an issue regarding WHO and HOW MANY have access to the encryption keys that permit the decoding of the ID information.

    In a post-adoption situation (after the winning Solution is adopted by one or more refugee hosting nations), we can assume that some department or agency of the respective government has full access to the encryption keys (use of which, to decrypt important individual info, is guided/controlled by an official procedure/protocol).

    Further, any refugee assistance organization (providing health or nutrition or relocation services) will require at least temporary access to the encrypted data (thus needing the keys as well). In regards to the latter service: any refugee relocation host nation will also need full access to the relocated refugees’ identification data.

    Lastly (?), we may assume that the refugee child herself/himself will/must have access to encryption keys (or password access to the program that performs the encryption/decryption) so as to either verify and/or update ID data as needed (and again, conforming with a controlled procedure/protocol).

    So, we can see form this very short list of participants (in the putative, adopted refugee ID solution system) that there are at least three – possibly four – points of ‘security [compromise] risk’ regarding the encrypted refugee data – anyone of which could be vulnerable to a ‘man-in-the-middle’ or ‘man-on-the-side’ security breach. Thus the data encryption method (which may include genetic and bio-metric data) or technology will likely be a crucial (if not central) component of any solution.

    Of course, one might wonder why refugee ID data would be of interest to any ‘outside party’ or ‘hostile actor’…but this is precisely the possibility that must be considered when providing/maintaining a secure system – one that will continue to be used in future years or decades.

    NOTE: my earlier (November 12, 2019) comment in this thread about ‘data security’ (as a cover/excuse, etc.) should be taken with a grain of salt; data security is a real issue, even if it is sometimes used as a bureaucratic cover for political opposition And, as I pointed out in the same November 12 comment: once a host nation IDs its refugees, they are thus recognized, and become more “real”; they are no longer a problem that can be kept out of sight of the public, or the world.

    Thank you @marz62 @akb @duffus75 @HumTraffBdMbr and @mbratschi for your comments here so far! We have a new discussion thread on the possible entry fields, and we would love to see any ideas or comments you might have there. Your feedback has been valuable!

    Additionally, if you have any further thoughts on this draft competition outline here that you would like to share, feel free to post them here.