Auditor-General Nancy Gathungu last week revealed how the government had little control over the giant e-Citizen system, warning that this could compromise accountability of the billions of shillings processed through the system.
Collections through it average Sh350 million daily up from Sh50 million in the financial year ended June 2023. Business Daily sat with Mr James Ayugi, founder and CEO of Webmasters, which is the firm that built the e-Citizen platform to explain how it has transitioned, data privacy issues and who now earns the controversial Sh50 convenience fee.
We have seen renewed push by government to on-board services in recent months with official reports indicating that over 10,000 new ones are active against 397 in close to a decade since e-Citizen went live in 2014. Why was the pace so sluggish previously?
One, there was a court case which made it difficult to regularise the contract. Secondly, some of these policies were not so clear. There were, for instance, the Huduma people trying e-Huduma, the Treasury doing e-Citizen and so on.
However, that extended pilot period helped us to perfect the system to a point where it could scale, the way it is now. If we were to do this in 2015, probably it would have failed.
What goes into setting up such a system? What tools, what technology goes into that?
Mostly, we adopt open source technologies just to avoid recurrent costs. This is even the technology that big platforms such as Facebook use. However, we use a more advanced language that is fault-tolerant and scalable and can handle tens of thousands of requests per second or even more with enough server locations. By Open Source, we mean the source is not encrypted. If we give a licence to the government, they are able to customise it and they are able to grow it without physical checks but cannot change the core system.
So, what is the estimated cost of setting up all these?
Crazy, crazy numbers. If the government were to pay, it would be tens of billions of shillings. Just a simple system like the NTSA (National Transport and Safety Authority) had like just five different systems and the cost would easily run into the billions (of shillings). That means when you add other systems like company registries the cost will be on the higher side. Therefore, it would be very expensive if we were to go through the normal route. However, with the progression that it has gone through over time, I can say it has matured organically.
You say that it would be expensive for this thing to happen but it happened anyway. So, who bore the cost?
During the piloting period, there was a convenience fee that was passed on to users and this was used to support the ecosystem. Currently, the same model applies but now the dues go directly to Treasury accounts and this makes the revenue that the government uses to sustain the system as opposed to using taxpayer funds in maintenance. I know there are policies in the offing for digitisation fund and all those other things that the government is looking into just to help aggregate and tap into other sources to finance digitisation efforts. However, the eCitizen is a self-sustaining project. If it were to be tax funded, it would have been super-expensive.
There has been controversy regarding the ownership of this platform. At times, the government tells us that it is fully operated by them, but then the Auditor General tells a different story. What is the actual state of affairs?
Last year, we entered into a handover agreement with the government and we agreed that we were going to transfer the IP rights of what we had developed for Kenya to the government. That one is a process, it is not an event.
It is a process because there is knowledge that needs to be transferred so that we build capacity for government officers to be able to do certain things. However, in legal terms, the government owns 100 percent of the eCitizen ecosystem, the ownership was transferred through the agreement we had. Now, there is the technical support that we continue to provide on the platform. Having been the people who developed this from the ground, it was only sensible for us to be given the opportunity since we have proven capacity.
And that’s pretty much what the government did, it regularised and gave us an opportunity to implement the proof of concept that we had done and for that we’re now a service provider engaging with the government on contractual terms.
You mention that the handover is a process. How long do you envision that the process will be complete?
It is going to be ongoing because you realise even today, you are training someone in government and tomorrow they are no longer there, they have left. However, in the current model, we usually have short contracts ranging from one to three years.
When any of our services is needed, there are those procurement choices of either retaining our services or changing to other providers. However, for now, there are clear terms and we are working with the government directly to make sure that the system works.
How was the handover agreement structured? How much did the government pay for the acquisition?
The handover was in good faith. The government wanted the ownership of the system and we wanted to be regularised. We developed it anyway for the government and so it was not a paid handover, it was an agreement that we reached.
About the teething problems that we are seeing when should we expect to see all these resolved?
e-Citizen is a multi-vendor platform. This means there are several components supporting different institutions, some using advanced technologies, some not. Integration issues might be the ones to blame, especially for these kinds of issues.
However, since there are standards that the ICT Authority aims to achieve when it comes to integration, I believe that once we perfect those standards and we go through all these tests and make sure that everything is well tested before it goes live, most of these issues will be resolved.
Let us talk about the safety of the data because this is a platform that is holding masses of sensitive and critical data. What measures did you put in place to ring-fence safety when you were building the site?
For us, we do not have access to any data that is stored within the government departments that are supporting the citizens to access these services.
Every department only has access to data that is relevant to them. Again, all the rules of data protection have been complied with by the respective organisations.