Sri Lanka’s government is seeking to calm public anxiety over its planned electronic National Identity Card (e-NIC) system, which is being funded by a grant from India. Amid a heated debate over data privacy and national sovereignty, authorities insist that robust legal and technical safeguards will ensure sensitive personal data remains under Sri Lankan control.
The e-NIC project is central to the country’s broader digital transformation agenda, aiming to modernise outdated systems while supporting economic growth and better governance. Yet the decision to accept Indian funding has turned into a politically charged issue—highlighting both the economic pressures Sri Lanka faces and the complexities of regional geopolitics.
What is the e-NIC Project?
The electronic National Identity Card (e-NIC) is designed to replace Sri Lanka’s traditional paper-based ID with a secure smart card system. It will store demographic and biometric data, aiming to:
- Prevent identity fraud
- Streamline service delivery
- Improve targeting of welfare benefits
Officials argue that the system will reduce bureaucracy, improve access to services, and help build an integrated digital economy aligned with global best practices.
India’s $450 Million Grant: Opportunity or Risk?
Funding is at the heart of the debate. India has offered a Rs. 1.4 billion (about $450 million) grant to develop the e-NIC system. Given Sri Lanka’s severe fiscal crisis following the 2022 default, the government views this as essential support that avoids new debt.
However, critics fear the grant could come with hidden costs—particularly in terms of data sovereignty. Opposition parties and civil society groups worry India could influence system design or gain access to Sri Lankan citizens’ personal data.
They have demanded full transparency on the grant’s terms and legal guarantees that no foreign entity can access sensitive data.
Government’s Assurances: No Foreign Access to Data
Facing public concern, the government has tried to reassure citizens. Cabinet Spokesman Bandula Gunawardena stressed that while India is funding the project, all data collection, storage, and management will remain exclusively under Sri Lankan control.
“Data will be securely stored in Sri Lanka. The Government of India is only providing a grant for this project. No data will be handed over,” he said.
Officials argue these assurances should allay fears that foreign funding means ceding control over critical national infrastructure.
Legal Framework: Sri Lanka’s Data Protection Act
To back up these promises, the government points to the Data Protection Act, passed in 2022. The law regulates how personal data is collected, processed, stored, and shared, with the aim of safeguarding citizens’ privacy.
Though the Act is already in force, its implementation is ongoing—especially the creation of an independent Data Protection Authority to oversee compliance. The government says all e-NIC contracts will be subject to this law, ensuring no data can be exported or accessed without consent.
Officials argue this legal framework shows a serious commitment to protecting personal data and respecting citizens’ rights in the digital age.
Critics Demand Greater Transparency
Despite these official statements, many remain sceptical. Opposition MPs warn that Sri Lanka’s growing financial dependence on India could give New Delhi political leverage.
They cite other India-backed projects—from renewable energy investments to port management—as evidence of India’s expanding strategic influence on the island.
Civil society groups have called for:
- Publication of the full grant agreement with India
- Clarity on contractors building and maintaining the system
- Assurance of the Data Protection Authority’s independence
- Comprehensive public consultations to build trust
For critics, the problem is not just technical or legal—it’s about public confidence. Without transparency and accountability, they argue, government assurances will fall flat.
Geopolitical Context: Balancing India and China
The debate over e-NIC funding also reflects Sri Lanka’s delicate balancing act between India and China.
India played a crucial role during Sri Lanka’s 2022 crisis, extending credit lines and aid. While this support was critical, it deepened Sri Lanka’s financial reliance on its northern neighbour.
Meanwhile, China remains a major investor in infrastructure, keeping Sri Lanka in a constant diplomatic balancing act.
In this context, public wariness about foreign involvement in a national ID system is understandable—even if the government insists there is no direct threat to privacy.
The Road Ahead: Balancing Modernisation and Sovereignty
Sri Lanka urgently needs to modernise public services and embrace digital transformation to drive economic growth. But this must happen in a way that protects citizens’ rights and reassures them their personal data is safe.
Minister Gunawardena’s statements suggest the government understands these concerns and is trying to strike a balance.
The real test will be in execution:
Are the contractual terms transparent and public?
Are the technical safeguards genuinely robust?
Is the Data Protection Act fully and effectively enforced?
A Critical National Conversation
The e-NIC debate is about more than technology. It is a test of governance, transparency, and sovereignty at a time when Sri Lanka faces immense economic and geopolitical pressures.
Handled well, the project could be a showcase for responsible, citizen-centred digital transformation. Managed poorly, it risks fuelling mistrust and undermining public confidence.
As Sri Lanka moves forward, it will need sustained public dialogue, strong legal safeguards, and genuine accountability to ensure this critical national project truly serves the interests of its people.
