Legal Identity

Introduction

This Regional Overview synthesises findings from five sub-regional SEAP reports to map how legal identity, digital identity and data-governance frameworks are evolving across East Asia, South Asia, Southeast Asia, Central Asia and the Pacific.^[1] It brings together country-level analysis on civil registration, national ID systems and emerging digital ID infrastructures to show how these layers interact in practice, and how they shape access to rights and services. This section provides a cross-cutting view of the wider region, highlighting shared patterns and divergences that might not be visible when looking at each sub-region in isolation.

As with the country factsheets and sub-regional overviews, the regional overview is organized thematically, beginning with legal identity systems, then turning to the rollout of digital identity, and the underlying legal and data-protection frameworks. Then, it proceeds to examine states’ international commitments and the implications of these systems for citizenship and nationality rights. Within each theme, this overview intends to draw out both common trends and practices that illustrate how different institutional choices can widen or narrow exclusion. Throughout, the text signposts readers to the five sub-regional SEAP reports, which provide more detailed country-by-country information and case studies.

Taken together, the aim of the regional overview is to equip readers with an accessible entry point of identity systems that span very different legal traditions, levels of digitalisation and political contexts and how they interact with the question of statelessness.

Legal Identity

Across four out of the five sub-regions (East Asia, South Asia, Southeast Asia, and Central Asia), national ID cards, resident identity cards, or citizen ID cards, are used as the country’s primary legal identity document instead of birth certificates. The Pacific stands out in contrast to other sub-regions because nine out of the 17 countries rely on birth certificates instead of national ID cards (Federated States of Micronesia, Fiji, Kiribati, Marshall Islands, Nauru, Palau, Samoa, Solomon Islands, Tuvalu). In countries across the Pacific where birth certificates are the primary legal document, it allows access to other foundational identity documents and access to services such as passports, voting, enrollment in schools, and health insurance. In the nine countries across the Pacific where birth certificates are their primary legal identity, birth registration depends heavily on the strength and accessibility of the State’s civil registration systems; geographic distance between islands and their registries; and the level of public awareness about birth registration.^[2]

Most South Asian countries use national identity cards as the primary proof of legal identity. Nepal is the exception, where citizenship certificates serve as the official document instead.^[3] Birth registration in the sub-region acts as an essential foundational document that is required to access other primary legal identity documents and its corresponding digital ID systems (should they exist). In the case of Nepal, alternative documents besides birth certificates can be provided to acquire citizenship certificates, showing alternative options for those who may not have access to birth registration.^[4]

Legal identity in East Asia is characterized by the use of family or household registration records, which serve as prerequisite documents for applying for national ID cards in all seven countries of the sub-region.^[5] One common feature across China, Japan, Taiwan, and South Korea is the linkage between birth registration and the household registration system, which serve as the basis for establishing permanent residency status and gaining access to public services from education to healthcare.^[6]

Legal identity in Southeast Asia is characterized by civil registration–based systems where birth registration serves as the foundation for obtaining national identity cards. These cards are the primary legal identity documents across all eleven countries in the sub-region. While birth registration establishes legal identity and enables entry into population registries, national ID cards are mandatory for citizens and widely used to access services. In some countries it also serves as proof of citizenship. However, most South Asian countries maintain a legal distinction between identity and citizenship.

In Central Asia, legal identity is characterized by a layered system in which birth registration serves as a universal and mandatory foundational document, but national ID cards or internal passports function as the primary proof of legal identity for adults. While birth registration establishes initial legal identity, individuals must subsequently obtain national ID documents to access services, reflecting a system where legal identity is built progressively and does not in itself constitute proof of citizenship.

India, Australia, and New Zealand stand out as countries that do not have a single primary legal identity, and multiple forms of legal identity are accepted.^[7] For example, in India, there is no officially recognized single legal identity document, so individuals rely on a combination of documents such as birth registration records, Aadhaar numbers, voter ID cards, passports, and ration cards to establish identity in different contexts.^[8] Similarly, in Australia, legal identity is typically established through a range of documents rather than a single foundational ID, including passports, driver’s licenses, birth certificates, and citizenship certificates, depending on the service or transaction.^[9] In New Zealand, multiple documents are explicitly recognized as proof of legal identity, including passports (New Zealand or foreign), driver’s licenses, firearms licences, birth certificates, citizenship certificates, refugee travel documents, and certificates of identity, with no single document serving as the sole authoritative ID.^[10]

Table 1: Primary legal identity document across Asia Pacific

Sub-Region	Country	Primary legal identity document	Other key identity documents commonly used to prove identity/citizenship
Central Asia	Kazakhstan	National ID card	Birth certificate; passport; residence permit; stateless person certificate (where applicable)
	Kyrgyzstan	National ID card/Internal passport	Birth certificate; passport; residence permit; stateless person certificate
	Tajikistan	Internal passport	Birth certificate; passport; residence permit; stateless person certificate / permit
	Turkmenistan	Internal passport	Birth certificate; passport; stateless person certificate
	Uzbekistan	National ID card/Passport	Birth certificate; passport; stateless permanent resident ID card
East Asia	China	Resident identity card	Household registration booklet (hukou); passport; birth certificate (supporting)
	Hong Kong	Hong Kong identity card	Passport (HKSAR or BN(O)); birth certificate; Re-entry Permit
	Japan	My Number Card / residence card plus family register	Family register (koseki); passport; health insurance card; driver’s license
	Mongolia	National ID card	Birth certificate; passport; residence permit
	North Korea	Resident ID card	Family registration record; travel document (where applicable)
	South Korea	Resident registration card	Resident registration; passport; driver’s licence; foreigner registration card (for non-citizens)
	Taiwan	National ID card (for nationals with household registration)	Household registration; Alien Resident Certificate; passport; birth certificate
South Asia	Afghanistan	Tazkira (and e-Tazkira)	Birth certificate; passport; refugee or stateless documentation where applicable
	Bangladesh	National ID card (NID)	Birth certificate; passport; voter list entry
	Bhutan	Citizenship identity card	Birth certificate; National Digital Identity credentials; passport
	India	No single primary ID; plural documents used	Birth certificate; Aadhaar number; voter ID; passport; ration card; PAN; driving licence
	Maldives	National ID card	Birth certificate; passport; work permit card (for migrants)
	Nepal	Citizenship certificate (primary)	Birth certificate; voter ID; passport; alternative documents accepted for citizenship application
	Pakistan	Computerised National Identity Card (CNIC)	Birth certificate; passport; family registration certificate; Smart NICOP for overseas Pakistanis
	Sri Lanka	National identity card	Birth certificate; passport; driving license
Southeast Asia	Brunei	Smart identity card (Brunei Darussalam IC)	Birth certificate; passport
	Cambodia	National ID card	Birth certificate; family book; passport
	Indonesia	National identity card (KTP)	Family card (KK); birth certificate; passport
	Laos	National ID card	Family book; birth certificate; passport
	Malaysia	MyKad (citizen ID card)	Birth certificate; passport; MyPR / MyKAS for non-citizens
	Myanmar	NRC card / new UID smart card	Birth certificate; household registration; citizenship scrutiny cards
	Philippines	PhilID (PhilSys) plus traditional IDs	Birth certificate; passport; voter’s ID; driver’s license
	Singapore	NRIC	Birth certificate; passport; FIN card for non-residents
	Thailand	Thai national ID card	House registration book; birth certificate; pink card for some non-citizens
	Timor-Leste	National identity card (when fully rolled out)	Birth certificate; voter ID; passport
	Vietnam	Citizen ID card	Household registration books (being phased out); birth certificate; passport
The Pacific	American Samoa	US birth certificate / Certificate of Identity (US territory regime)	US passport; US Certificate of Citizenship or Naturalization
	Australia	No single primary ID; multiple documents used	Passport; driver’s licence; Medicare card; birth certificate; citizenship certificate
	Fiji	Birth certificate as primary legal identity	Passport; voter ID; driver’s license; citizenship certificate (where issued)
	Guam	US birth certificate / Certificate of Identity	US passport; US Certificate of Citizenship or Naturalization
	Kiribati	Birth certificate	Passport; voter card
	Marshall Islands	Birth certificate	Passport; certificate of citizenship (where applicable)
	Micronesia	Birth certificate	Passport; other local IDs
	Nauru	Birth certificate	Passport; Nauru ID card
	New Zealand	No single primary ID; multiple documents used	Passport; driver licence; birth certificate; citizenship certificate; refugee travel document; certificate of identity
	Northern Mariana Islands	US birth certificate / Certificate of Identity	US passport; US citizenship documents
	Palau	Birth certificate treated as proof of citizenship	Passport; Digital Residency card (non-citizen); citizenship certificate (where applicable)
	Papua New Guinea	National ID card (PNGNIC); birth certificate	Passport; voter card
	Samoa	Birth certificate treated as proof of citizenship	Passport; national ID (when rolled out); citizenship certificate (for naturalized citizens)
	Solomon Islands	Birth certificate	Passport; national ID (if implemented); voter ID
	Tonga	Nationality Identity Card	Birth certificate; passport; residence permit for non-citizens
	Tuvalu	Birth certificate	Passport; voter card
	Vanuatu	National ID card (VanuatuID)	Birth certificate; E-ID; passport

Across South Asia, East Asia, and the Pacific, primary legal identity systems do not uniformly constitute or confer citizenship, although they are often closely tied to it in practice. In many countries, foundational identity documents, such as household registration systems in East Asia or national ID systems in South Asia, are used to access services and legal recognition, which can make them functionally equivalent to proof of citizenship even when they are not legally defined as such. In the Pacific, the relationship is more varied: while birth registration is widespread, only three countries (Fiji, Palau and Samoa) treat birth certificates as direct proof of citizenship, whereas in most cases, a birth certificate merely records a birth event and must be supplemented by additional documentation to establish nationality. Overall, while legal identity systems do not automatically confer citizenship across the five sub-regions, they play a critical role in structuring access to rights and services.

Access to legal identity for non-citizens varies significantly across all five sub-regions, particularly between birth registration systems and national ID frameworks. Birth registration is generally more accessible. In many countries it is not formally restricted by citizenship status, meaning that children of non-citizens can often be registered at birth. However, birth registration does not necessarily translate into legal status, nationality, or access to rights beyond the recording of a birth event.

By contrast, access to national ID cards and their corresponding digital identity systems depends on citizenship. In East Asia, Southeast Asia, and parts of South Asia, national ID systems are closely tied to citizenship or legal residency status. This limits access for undocumented migrants and stateless populations.^[11] In the Pacific, countries that rely on national ID cards restrict them to citizens or permanent residents, except in Tonga, where ID cards are mandatory regardless of citizenship status.

While some countries provide alternative forms of identification for non-citizens, these are typically distinct from citizen ID systems and confer more limited rights and recognition. Examples include residence cards in Japan, foreign resident registration systems in South Korea, ImmiCards in Australia, certificates of identity or refugee travel documents in New Zealand, and an Alien Residence Certificate in Taiwan.^[12] In India, where there is no single primary legal identity document, systems such as Aadhaar are accessible to residents regardless of citizenship status, but they function primarily as proof of identity and not proof of nationality.^[13]

Digital ID Overview

Digital identity systems have been introduced at varying stages of development across the five sub-regions over the past decade. South Asia has the longest-running large-scale systems with India’s Aadhaar (operational since 2009),^[14] Bangladesh’s NID (rolled out in 2007/2008)^[15] and Bhutan’s National Digital Identity, launched on 13 October 2023, billed as the first national-scale SSI system in Asia and globally.^[16]

The case of India illustrates why the distinction between legal identity and citizenship matters. Although the Aadhaar Act, 2016 expressly states that Aadhaar is not proof of citizenship, in practice Aadhaar has become deeply embedded in access to subsidized food, school enrollment and welfare.^[17] For those unable to enroll in Aadhaar, often due to lack of documentation, literacy, or education, it means exclusion from access to basic rights such as welfare or work. Aadhaar has reinforced existing structural inequalities, particularly for marginalized groups such as stateless persons, migrants, and those lacking legal identity documents. This demonstrates that even when a digital ID system is not legally tied to citizenship, its integration into welfare and governance systems can produce citizenship-like effects of inclusion and exclusion.^[18]

Digital identity development across Pacific Island countries remains at an early stage,^[19] with only Australia, New Zealand, and Vanuatu having operational systems, each differing in design and function. Australia’s myID and New Zealand’s RealMe are voluntary, service-oriented systems that enable secure access to government services but do not serve as proof of citizenship, whereas Vanuatu’s system combines a mandatory national ID card with a voluntary E-ID that functions as a foundational legal identity. Most other countries are in planning or early implementation phases: Fiji has announced a comprehensive system expected within three years; Kiribati and the Marshall Islands are advancing digital ID through broader digital government initiatives with external support; Papua New Guinea has begun rolling out SevisPass;^[20] Samoa has enacted enabling legislation but has not yet implemented its system; Tonga and Nauru are progressing through development strategies and international support; and smaller states like Tuvalu have articulated digital ambitions but face uncertain implementation timelines.

East Asian digital ID systems, across Hong Kong, China, Mongolia, South Korea, Taiwan, and Japan, generally function as voluntary, government-developed platforms (via apps or websites) that enable access to public and private e-services while remaining distinct from foundational legal identity documents such as national or resident ID cards.^[21] Japan is a notable exception, as its My Number Card integrates both foundational and functional roles through embedded electronic certificates for authentication and digital signatures. Although enrollment is formally voluntary, digital IDs are becoming increasingly necessary in practice as governments link them to essential services, as seen in Mongolia’s E-Mongolia platform and Japan’s My Number system. These systems are typically accessible to citizens and legal residents and are tied to existing identity or residency registries, meaning they do not inherently establish citizenship status; however, stateless individuals are often excluded due to documentation requirements. Implementation has largely been state-led with limited public participation, and there is little evidence of systematic engagement with inclusion or anti-discrimination experts in system design.

Central Asian countries are progressively implementing digital identity systems as part of broader digital governance strategies. Kazakhstan and Kyrgyzstan operate fully integrated foundational systems linked to national identity registers, while Tajikistan and Uzbekistan use more functional platforms focused on authentication and service access (IMZO and OneID/eID respectively), and Turkmenistan remains in the planning stage.^[22] Across the region, digital ID systems typically build on existing national ID frameworks rather than replacing them, making legal identity documents a prerequisite for access. These systems are increasingly central to accessing public services such as social benefits, healthcare, taxation, and banking, and while not always legally mandatory, they are becoming effectively unavoidable in practice. Access is generally limited to citizens and legally documented residents, excluding undocumented stateless persons, though some initiatives (such as Kazakhstan’s QazETA) aim to expand access for foreign nationals. Overall, digital ID development has been largely state-driven with support from international actors, with limited evidence of public participation or inclusion of perspectives related to discrimination, statelessness, or minority rights.

Eight of eleven Southeast Asian countries have operational or near-operational digital ID systems. Among them, Cambodia, Laos, and Timor-Leste are still developing digital ID systems as part of their broader digital government initiatives.^[23] These systems generally build on existing civil registration frameworks and function either as foundational identity systems linked to population registries (e.g., Indonesia, Philippines, Viet Nam) or as functional authentication platforms dependent on existing IDs (e.g., Singapore, Malaysia, Thailand, Laos). Digital IDs are increasingly integrated into service delivery across sectors such as healthcare, banking, and social protection, and in some countries are becoming effectively mandatory for accessing key services. Access is typically limited to citizens and documented residents, excluding many stateless persons due to documentation requirements.

Digital ID systems across the region are predominantly government-led, with limited structured public consultation during design and implementation. There is little publicly documented evidence of systematic engagement with experts on discrimination, statelessness or minority rights. Notable partial exceptions include Malaysia, which conducted public consultation before launching its National Digital ID Framework. Australia and New Zealand also have multi-stakeholder governance frameworks under their respective Digital ID statutes.

Table 2: Status of digital ID systems across Asia-Pacific

Sub-Region	Country	Digital ID system	Status	Functional/ Foundational	Requires citizenship for enrolment?	Accessible to stateless persons	Effectively mandatory to access services
Central Asia	Kazakhstan	eGov Mobile; digital ID linked to national registers	Operational	Foundational	Generally yes; some access routes for foreign nationals	Limited	Increasingly yes
	Kyrgyzstan	Tunduk	Operational	Foundational	Generally yes or lawful residence	Limited	Increasingly yes
	Tajikistan	IMZO	Operational	Functional	Generally yes or lawful residence	Limited	For some services, increasingly yes
	Turkmenistan	Planned USIA / no confirmed operational national digital ID	Planned	N/A	N/A	No clear access	No
	Uzbekistan	OneID / eID	Operational	Both Foundational and Functional	Generally yes or lawful residence	Limited	Increasingly yes
East Asia	China	Internet ID	Operational	Functional	Citizens and some legal residents through existing registries	No	Increasingly yes for online services
	Hong Kong	iAM Smart	Operational	Functional	Hong Kong ID holders / residents	No	Not universally, but increasingly important
	Japan	My Number Card	Operational	Both foundational and functional	Citizens and legal residents	Yes; depending on residence status	Increasingly yes
	Mongolia	E-Mongolia	Operational	Functional	Citizens and some residents	No	Increasingly yes
	North Korea	No known public national digital ID system	N/A	N/A	N/A	N/A	No clear evidence
	South Korea	Mobile ID / digital government identity tools	Operational	Functional	Citizens and registered foreign residents in some systems	No	Increasingly yes
	Taiwan	TW DIW / TW FidO / Citizen Digital Certificate	Operational	Functional	Nationals and some legal residents depending on credential	Yes; through Alien Citizen Digital Certificate IC Card	Increasingly important for e-services
South Asia	Afghanistan	e-Tazkira	Operational	Foundational	Generally tied to citizenship	No	Important for many services
	Bangladesh	National ID card (NID)	Operational	Both foundational and functional	Generally citizens	No	Largely yes
	Bhutan	National Digital Identity (NDI)	Operational	Foundational	Yes, citizens	No	Emerging, increasingly important
	India	Aadhaar	Operational	Functional	Residents can enroll (as per the law)	No	Yes for many services in practice
	Maldives	eFaas	Operational	Foundational	Citizens; foreigners may register for some use with passport or work permit	No	Increasingly yes
	Nepal	National ID	Operational	Functional	Generally citizens	No	Increasingly yes
	Pakistan	CNIC / NADRA digital identity ecosystem	Operational	Foundational	Generally citizens	No	Yes for many services
	Sri Lanka	e-NIC	Operational / rollout	Foundational	Generally citizens	No	Increasingly yes
Southeast Asia	Brunei	BruneiID	Operational	Hybrid	Generally citizens and lawful residents depending on service	Stateless with PR: Yes. Stateless without PR: No	Increasingly yes
	Cambodia	CamDigiKey / IPIS	Operational / developing	Hybrid	Generally citizens / documented residents depending on platform	No clear access	Growing but not universal
	Indonesia	IKD	Operational	Hybrid	Generally citizens with existing civil registration	Limited	Increasingly yes
	Laos	Gov-X / E-ID	Operational / developing	Functional	Generally citizens / documented residents	No	Growing
	Malaysia	MyDigital ID	Operational / rollout	Functional	Generally citizens and documented residents in some uses	No	Not yet universal, but expanding
	Myanmar	UID Smart Card	Operational / rollout	Hybrid	Generally tied to citizenship or documented status	No clear access	Increasingly important in administration
	Philippines	PhilSys	Operational	Foundational	Citizens and resident aliens in some cases	No clear access	Increasingly yes
	Singapore	Singpass / National Digital Identity	Operational	Functional	Citizens, permanent residents, and many pass holders	Limited; Stateless with PR: potentially yes	Yes for many services
	Thailand	ThaID / DGA	Operational	Functional	Generally citizens; some services tied to Thai ID	No	Increasingly yes
	Timor-Leste	UID via Dalan ba Digital	Pilot / rollout	Planned foundational system	Not yet clear	Aspirational — UID Strategic Plan explicitly includes stateless persons, refugees, and those without ID, but system not yet implemented	No clear evidence
	Vietnam	VNeID	Operational	Foundational	Citizens; some foreign residents through tiered access	Limited; stateless persons of Vietnamese origin can obtain Identity Certificates and potentially e-ID	Increasingly yes
The Pacific	American Samoa	No standalone territory-wide digital ID identified	None identified	N/A	N/A	N/A	No
	Australia	myID	Operational	Functional	No, available beyond citizens subject to identity requirements	No clear access	Increasingly important for government/tax services
	Fiji	Planned national digital ID / broader digital government initiatives	Planned	Planned foundational / hybrid	N/A	N/A	No
	Guam	No standalone territory-wide digital ID identified	None identified	N/A	N/A	N/A	No
	Kiribati	Digital ID under broader digital government initiatives	Planned	Planned / not yet clear	Not yet clear	Not yet clear	Not yet
	Marshall Islands	Digital ID under broader digital government initiatives	Planned	Planned / not yet clear	No clear evidence	No clear evidence	No clear evidence
	Micronesia	No known operational national digital ID system	None identified	N/A	N/A	N/A	No
	Nauru	Digital ID development under international support	Planned	Planned / not yet clear	No clear evidence	No clear evidence	No clear evidence
	New Zealand	RealMe	Operational	Functional	No, but requires recognised identity documents; open to citizens and some residents	Limited unless person holds underlying recognised documents	Important for many services, but not universally mandatory
	Northern Mariana Islands	No standalone territory-wide digital ID identified	None identified	N/A	N/A	N/A	No
	Palau	No general national digital ID; Digital Residency / RNS for non-citizens only	Limited / non-citizen programme only	Functional	No, aimed at non-citizens	No clear evidence	No clear evidence
	Papua New Guinea	SevisPass	Rollout / early implementation	Foundational / service identity	No clear evidence	No clear evidence	Expected to become important
	Samoa	Legal framework adopted; implementation pending	Planned	Planned foundational / hybrid	No clear evidence	No clear evidence	No clear evidence
	Solomon Islands	No known operational national digital ID system	None identified	N/A	N/A	N/A	No
	Tonga	Digital ID under development strategy; no full national rollout yet	Planned	Planned / No clear evidence	No clear evidence	No clear evidence	No clear evidence
	Tuvalu	Digital ambitions articulated; no operational national system identified	Planned / uncertain	Planned / uncertain	No clear evidence	No clear evidence	No clear evidence
	Vanuatu	E-ID / VanuatuID	Operational	Foundational	Generally citizens and lawful residents	No clear evidence	Important for access to services

Law

Domestics Laws and Policy

Across the five sub-regions, most countries regulate digital identity through broader digital governance, civil-registration, electronic-document or electronic-signature laws rather than through a single standalone digital ID statute.

In South Asia, five countries (Bhutan, India, Nepal, Pakistan, and Afghanistan) have domestic legal or policy frameworks defining digital identity, and these vary widely in scope and substance.^[24] Governments generally follow two approaches: either enacting dedicated digital ID laws (as in Pakistan’s 2025 Digital Nation Act) or adapting existing civil registration laws to include digital or biometric elements (as seen in Sri Lanka). Where defined, digital identity is typically understood as a state-issued identifier linking demographic and often biometric data for authentication and service access, though some countries provide clear statutory definitions while others rely on operational or technical descriptions within ID systems like Aadhaar. These differences influence accountability mechanisms, with dedicated laws more likely to include formal grievance redress systems, whereas amended civil registration frameworks offer more limited recourse. Across the region, digital ID systems are closely tied to citizenship: in some countries they directly function as proof of nationality, while in others like India, they do not confer citizenship but still depend on citizenship documentation and effectively act as markers for accessing rights and services.

Across Southeast Asia, ten of eleven countries have legal or policy frameworks governing digital identity, though these vary in scope and structure.^[25] Only the Philippines and Viet Nam have adopted dedicated digital ID laws while others rely on broader legal regimes such as civil registration, digital government, or cybersecurity; Laos lacks specific digital ID legislation altogether. Digital identity is generally defined as electronic credentials or authentication systems used to verify individuals and enable secure access to services, and in most countries, it is built on existing civil registration or population databases rather than functioning independently. Unlike South Asia, digital identity is not explicitly defined as proof of citizenship in any country, instead it serves as a marker of legal identity or residency linked to national ID systems. While most countries provide avenues for complaints through general administrative systems or data protection authorities, none has established a dedicated grievance mechanism specifically for digital identity systems.

In East Asia, all six countries examined have legal or policy frameworks governing digital identity, though their approaches differ.^[26] China, Japan, and South Korea have recently introduced dedicated digital ID laws or amendments (between 2023 and 2025), reflecting the relatively nascent nature of these regulatory frameworks, while Hong Kong, Mongolia, and Taiwan rely on existing laws (particularly those on electronic signatures, data protection, and cybersecurity) to provide the legal basis for digital ID systems. In countries with dedicated legislation, digital identity is explicitly defined as an electronic authentication system using identifiers or certificates to verify individuals in digital transactions, with examples including China’s “internet number” and Japan’s My Number system. In contrast, countries without specific laws regulate digital ID through broader digital governance frameworks that recognize electronic signatures and set standards for identity verification. Across all six countries, digital ID is not legally linked to citizenship, as systems are designed to be accessible to both citizens and foreign residents based on proof of legal residency rather than nationality.

In the Pacific sub-region, only three countries (Australia, New Zealand, and Vanuatu) have established legal and policy frameworks governing digital identity, while the remaining countries are at early stages of development.^[27] Australia and New Zealand provide detailed statutory definitions, framing digital identity as an electronic means of authentication for accessing services and securely sharing personal data, whereas Vanuatu regulates its national ID system through multiple laws without explicitly defining digital identity. All three countries clearly separate digital identity from citizenship status. Samoa and Papua New Guinea have introduced legal or policy frameworks to support future digital ID systems, explicitly defining their structure and clarifying that digital ID does not confer citizenship. The rest of the region, including countries like Kiribati, the Marshall Islands, and Nauru, lacks dedicated legal definitions or frameworks, though some have general electronic transactions laws or national strategies that lay the groundwork for future digital ID implementation.

In Central Asia, digital identity is generally regulated through a mix of laws on identity documents, electronic government, electronic signatures, digital development, and data protection rather than through standalone digital ID legislation.^[28] Kazakhstan and Kyrgyzstan are exceptions, having adopted comprehensive Digital Codes that explicitly govern digital identity, biometric authentication, and digital public services, while Tajikistan, Uzbekistan, and Turkmenistan rely on broader legal frameworks such as electronic document and e-government laws, with Turkmenistan still lacking an operational digital ID system. Most countries provide general grievance mechanisms through administrative or data protection channels, but only Kazakhstan has a dedicated system for digital ID complaints, with its Digital Code mandating oversight of biometric data use and enforcement through inspections and penalties.

Across all sub-regions, domestic legal frameworks do not establish a direct statutory linkage between digital ID and citizenship. Both citizens and, in some countries, foreign residents can in principle access digital ID provided they have documentation proving legal residency. In practice, however, the requirement to possess foundational legal identity documents as a prerequisite for digital ID enrollment creates an indirect link to citizenship, since stateless persons and undocumented migrants typically lack such documents.

Dedicated complaint mechanisms remain rare. The Kazakhstan Digital Code mandates ministry-level review of complaints concerning biometric authentication and data processing,^[29] and Pakistan’s NADRA operates a centralized complaint-management system;^[30] most other countries rely on general administrative complaint pathways, data-protection authorities or agency help desks.

Table 3: Domestic legal framework for digital ID across Asia-Pacific

Sub-Region	Country	Statute for Digital ID system (yes/no)	Statute details (if any)	Other laws governing digital ID	Available grievance mechanism
Central Asia	Kazakhstan	Yes	Digital Code of the Republic of Kazakhstan (signed 9 January 2026)	Laws on e-government, electronic documents and personal data protection; provisions on biometric authentication and digital public services	Dedicated oversight and complaint provisions under the Digital Code; general administrative and data-protection complaint channels
	Kyrgyzstan	Yes	Digital Code of the Kyrgyz Republic (signed August 2025)	Laws on e-government, electronic documents and personal data protection	General administrative complaint mechanisms
	Tajikistan	No	–	E-government and e-signature laws; Law on Personal Data 2018	General administrative complaint mechanisms
	Turkmenistan	No	–	Laws on identity documents and e-government; personal-data framework	General administrative complaint mechanisms
	Uzbekistan	No	–	E-government and e-signature laws; personal-data legislation regulating biometric databases linked to identity systems	General administrative complaint mechanisms
East Asia	China	Yes	Internet ID Measures (in force 15 July 2025)	Personal Information Protection Law; Cybersecurity Law; Data Security Law; electronic-signature and e-government regulations	General administrative complaint mechanisms
	Hong Kong	No	–	Electronic Transactions Ordinance; Personal Data (Privacy) Ordinance; sectoral cybersecurity and e-government regulations	Complaints via Privacy Commissioner and general administrative procedures
	Japan	Yes	My Number Act 2013 (as amended)	Electronic-signature and PKI laws; Act on the Protection of Personal Information and related regulations	General administrative complaint mechanisms
	Mongolia	No	–	E-government and electronic-signature laws; data-protection framework underpinning E-Mongolia	General administrative complaint mechanisms
	North Korea	No	–	General identity and administrative laws; no specific digital ID framework identified	No clear grievance mechanisms
	South Korea	Yes	Resident Registration Act with 2023 Mobile-ID amendments	Personal Information Protection Act; electronic-transactions and e-government legislation governing mobile ID	Complaints via data protection authority and administrative channels
	Taiwan	No	–	Sectoral electronic-signature, data-protection and cybersecurity laws supporting TW DIW, TW FidO and Citizen Digital Certificate	Complaints through data protection authorities and general administrative mechanisms
South Asia	Afghanistan	No	–	NID statutes and civil-registration laws governing e-Tazkira; broader e-government framework	No clear grievance mechanisms
	Bangladesh	No	–	NID statutes and civil-registration laws; ICT and e-government framework; sectoral data-governance instruments	General administrative complaint mechanisms
	Bhutan	Yes	National Digital Identity Act 2023	Civil-registration and citizenship laws; ICT and cybersecurity framework governing the SSI-based NDI system	NDI Act includes explicit safeguards and redress mechanisms; general administrative remedies also available
	India	Yes	Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act 2016	Civil-registration legislation; IT and data-governance framework relating to digital public infrastructure and authentication	Grievance mechanisms under the Aadhaar framework plus general administrative routes
	Maldives	No	–	Sectoral e-government and ICT regulations; identity and civil-registration laws underpinning eFaas	General administrative complaint mechanisms
	Nepal	No	–	National ID (NID) statute; civil-registration laws; nationality legislation defining citizenship certificates	General administrative complaint mechanisms
	Pakistan	Yes	Digital Nation Pakistan Act 2025	NADRA Ordinance and regulations; civil-registration and identity laws; e-government framework	Centralised NADRA complaint management system and general administrative remedies
	Sri Lanka	No	–	Civil-registration statutes; regulations enabling e-NIC and biometric registration; ICT laws	General administrative complaint mechanisms
Southeast Asia	Brunei	No	–	Sectoral data-protection, e-transactions and civil-registration laws underpinning BruneiID	General administrative complaint mechanisms
	Cambodia	No	–	Civil-registration and digital-government laws; sectoral ICT framework supporting CamDigiKey / IPIS	General administrative complaint mechanisms
	Indonesia	No	–	Population Administration Law and implementing regulations; e-government and emerging data-protection framework	General administrative complaint mechanisms
	Laos	No	–	General ICT and e-transactions laws; civil-registration framework underpinning Gov-X / E-ID	General administrative complaint mechanisms
	Malaysia	No	–	National Registration Act; e-government and data-protection laws forming the basis for MyDigital ID	Complaints through data-protection authority and general administrative mechanisms
	Myanmar	No	–	Citizenship and registration laws; e-government and ICT framework underpinning UID Smart Card and biometric SIM registration	General administrative complaint mechanisms (in principle)
	Philippines	Yes	Philippine Identification System Act (RA 11055, 2018)	Civil-registration laws; Data Privacy Act and related regulations governing PhilSys data processing	General administrative complaint mechanisms
	Singapore	No	–	National Registration Act; Personal Data Protection Act; digital-government legislation underpinning Singpass / NDI	General administrative complaint mechanisms
	Thailand	No	–	Civil-registration and national-ID laws; Digital Government Development Agency legislation underpinning ThaID / DGA	General administrative complaint mechanisms
	Timor-Leste	No	Unique ID Strategy and Dalan ba Digital are policy frameworks; no statute	Civil-registration framework; digital-government strategies and Unique ID Strategic Plan	General administrative complaint mechanisms; system still under development
	Vietnam	Yes	Law on Identity No. 26/2023/QH15 (in force 1 July 2024)	Electronic-transactions and data-protection framework governing ID cards and VNeID	General administrative complaint mechanisms
The Pacific	American Samoa	No	–	U.S. federal and territorial identity and e-government laws; no separate digital-ID statute identified	General administrative complaint routes under U.S./territorial system
	Australia	Yes	Digital ID Act 2024	Privacy Act and related data-governance laws; e-government statutes; Digital ID data standards	Multi-stakeholder governance and complaint pathways under the Digital ID Act plus privacy-regulator oversight
	Fiji	No	–	Civil-registration and identity laws; digital-government strategies; Digital ID planning documents	General administrative complaint mechanisms
	Guam	No	–	U.S. federal and territorial identity and e-government laws; no separate digital-ID statute identified	General administrative complaint routes under U.S./territorial system
	Kiribati	No	–	Civil-registration laws; digital-government / ICT strategies laying groundwork for future digital ID	General administrative complaint mechanisms
	Marshall Islands	No	–	Civil-registration laws; digital-government / ICT strategies for future digital ID	General administrative complaint mechanisms
	Micronesia	No	–	Civil-registration and identity laws; limited ICT framework; no operational digital-ID statute identified	General administrative complaint mechanisms
	Nauru	No	–	Civil-registration and identity laws; ICT strategies; digital-ID development strategies	General administrative complaint mechanisms
	New Zealand	Yes	Digital Identity Services Trust Framework Act 2023	Privacy Act and related statutes; e-government laws; trust-framework rules for accredited providers	Complaints via accredited providers and the Privacy Commissioner; statutory oversight of the trust framework
	Northern Mariana Islands	No	–	U.S. federal and territorial identity and e-government laws; no separate digital-ID statute identified	General administrative complaint routes under U.S./ territorial system
	Palau	No	–	Legal framework for Web3-based Digital Residency Program; general ICT and identity laws	General administrative complaint mechanisms
	Papua New Guinea	No	–	Digital ID Policy 2025; civil-registration and identity laws; e-government strategies	General administrative complaint mechanisms
	Samoa	Yes	National Digital Identification Act 2024	Civil-registration and identity laws; ICT strategies; Act clarifying that digital ID does not confer citizenship	General administrative complaint mechanisms
	Solomon Islands	No	–	Civil-registration laws; ICT strategies; early digital-ID discussions	General administrative complaint mechanisms
	Tonga	No	–	Nationality Identity Card Act; Civil-registration and identity laws; planning documents for digital ID	General administrative complaint mechanisms
	Tuvalu	No	–	Civil-registration laws; national digital strategies; digital ambitions articulated	General administrative complaint mechanisms
	Vanuatu	No	–	CRIM Act 2021; VNI Act; other laws regulating VanuatuID and E-ID	General administrative complaint mechanisms

Data Protection

Data-protection frameworks vary widely. All East Asian countries except North Korea have established data protection and privacy laws, generally providing safeguards for the collection, processing, and use of personal data within digital ID systems, including consent requirements, purpose limitation, and security obligations.^[31] China, Taiwan, Mongolia, and South Korea maintain relatively comprehensive frameworks, with China’s Personal Information Protection Law and South Korea’s Personal Information Protection Act offering strong protections for sensitive data such as biometrics, alongside enhanced rights and oversight mechanisms. However, most countries lack explicit restrictions on government access to personal data collected through digital ID systems, as seen in Hong Kong’s framework. Despite robust legal regimes in some cases, concerns persist across the sub-region regarding surveillance risks, data breaches, and the growing use of AI, particularly in China’s state-controlled digital identity infrastructure, while North Korea remains an outlier with no data protection laws and pervasive state surveillance.

Across the Pacific, most countries lack both digital ID systems and corresponding data protection frameworks, with only seven (Australia, Kiribati, New Zealand, Palau, Papua New Guinea, Samoa, and Vanuatu) having some form of legal or policy safeguards.^[32] Among these, Australia and New Zealand provide relatively comprehensive privacy regimes, though gaps remain, such as the absence of mandatory encryption and limited data erasure rights. Samoa and Vanuatu have more recent laws addressing data retention, security, and general safeguards, but weaknesses persist, particularly around biometric data regulation and government access. Papua New Guinea and Kiribati maintain broader data governance frameworks that only partially address digital ID concerns. Palau is notable for aligning its Digital Residency Program with ISO 27001 standards. Overall, uneven regulatory coverage and limited safeguards raise growing concerns about privacy risks, data misuse, and potential surveillance across the region.

In South Asia, the picture is uneven.^[33] Bhutan, India, Nepal, and Sri Lanka have data protection laws or policies, but only Bhutan’s National Digital Identity framework includes explicit, built-in safeguards for digital ID systems, such as user consent, encryption, and controlled access to biometric data. In contrast, India, Nepal, and Sri Lanka lack specific protections like mandatory encryption or robust safeguards governing the storage, use, and access to digital ID data. Across the region, significant concerns persist around privacy, surveillance, and exclusion, compounded by major data breaches in countries like India, Bangladesh, and Pakistan. Risks of state surveillance are particularly acute in contexts such as the Maldives, where digital ID metadata may be used to monitor individuals, and Afghanistan, where biometric data from e-Tazkira systems may be misused. Civil society in Sri Lanka and elsewhere has also warned that expansive digital ID systems could enable mass surveillance in the absence of strong legal protections.

Seven of eleven Southeast Asian countries (Malaysia, Singapore, Indonesia, Thailand, the Philippines, Viet Nam, and Brunei) have data protection or privacy laws that regulate personal data used in digital ID systems, generally requiring consent, imposing security measures, and offering complaint and enforcement mechanisms.^[34] However, Cambodia, Laos, Myanmar, and Timor-Leste lack comprehensive frameworks for digital ID, heightening risks of privacy violations, surveillance, and data misuse; with Myanmar’s UID Smart Card and biometric SIM registration schemes drawing particular concern. Across the sub-region, recurring problems include large-scale data breaches, expanded state surveillance powers, centralized population databases, and exclusion of those without digital credentials, illustrated by major leaks in Malaysia and the Philippines, cybersecurity and spyware abuses in Viet Nam and Singapore, and extensive surveillance using biometric and digital ID infrastructures in Myanmar, Thailand, and Brunei, often targeting migrants, refugees, stateless communities, LGBTI persons, and human rights defenders.

All Central Asian countries have personal data protection or privacy laws that regulate the collection, processing, and protection of personal data, including biometrics used in digital ID systems.^[35] These frameworks generally require lawful and purpose-limited processing, consent, and security measures. In Kazakhstan, Kyrgyzstan, Uzbekistan, and Turkmenistan, biometric data is explicitly treated as sensitive and subject to heightened safeguards. Tajikistan’s 2018 Law on Personal Data sets out general protections but does not create a distinct higher-protection regime for biometrics. None of the five countries, however, restrict government access to personal data collected through digital ID, allowing state agencies broad access for national security, law enforcement, and administrative purposes. This contributes to ongoing concerns about privacy, surveillance, and data security, particularly in relation to large biometric databases and integrated identity platforms. Tajikistan’s and Uzbekistan’s laws, for example, require security measures but stop short of mandating encryption of digital ID and biometric data, despite documented risks.

Common concerns across the region include government surveillance and access to personal data, privacy risks from centralised biometric databases, breaches, and exclusion from public services for individuals without digital ID credentials. Government agencies are generally permitted to access data collected through digital ID systems for national-security, law-enforcement or public-administration purposes; none of the sub-regions has established clear legal prohibitions on such access. The most extensively documented case of digital ID related data misuse concerns Rohingya refugees. Human Rights Watch reported in June 2021 that, between 2018 and 2021, the Bangladeshi government submitted approximately 830,000 names with biometric data to Myanmar authorities, drawing on data UNHCR had collected during refugee registration without obtaining specific informed consent for that onward transfer.^[36] Surveillance concerns connected to digital ID and biometric systems have also been documented in China, Thailand, Singapore, Viet Nam, Maldives and Afghanistan.

Table 4: Domestic legal framework for data protection and privacy across Asia-Pacific

Sub-Region	Country	Comprehensive data-protection / privacy law? (yes/no)	Biometric data treated as sensitive?	Notable gaps/risks for digital ID
Central Asia	Kazakhstan	Yes	Yes	Government access remains broad; risks from integrated biometric databases persist.
	Kyrgyzstan	Yes	Yes	Legal safeguards exist, but government access remains broad and oversight is limited in practice.
	Tajikistan	Yes	No	Law on Personal Data provides general safeguards, but biometrics are not given a separate higher-protection regime; no clear limits on state access.
	Turkmenistan	Yes	Yes	Biometric data is treated as sensitive, but there are no clear restrictions on state access and transparency is limited.
	Uzbekistan	Yes	Yes	Personal data law exists, but encryption and limits on government access remain weak in relation to digital ID and biometrics.
East Asia	China	Yes	Yes	Extensive state access, surveillance risks and AI-linked identity infrastructure raise major concerns.
	Hong Kong	Yes	Partially / not explicitly	Privacy law exists, but there are limited explicit restrictions on government access to digital ID related data.
	Japan	Yes	Yes	Cases of forged ID cards, and incidents of fraud.
	Mongolia	Yes	Yes	Centralised service integration and limited evidence of strong exclusion safeguards remain concerns.
	North Korea	No	No	No data protection law identified; pervasive state surveillance and no meaningful privacy safeguards.
	South Korea	Yes	Yes	Concerns around data breaches and expanding digital ID linked state and private-sector use.
	Taiwan	Yes	Yes	Concerns around digital ID security and cybersecurity threats still present.
South Asia	Afghanistan	No	Unclear	High risk of misuse of biometric data from e-Tazkira systems; no robust privacy safeguards in practice.
	Bangladesh	No	Unclear	Major breach and data-sharing concerns, including Rohingya biometric data transfer; weak specific safeguards for digital ID.
	Bhutan	Yes	Yes	The privacy provisions ensure that the data collected at the time of registration is stored and safely secured, creating accountability on those involved in the process
	India	Yes	No clear biometric safeguards	Major breach risks, inadequate safeguards on storage/use/access, and broad state-linked surveillance concerns.
	Maldives	No	Unclear	Metadata and digital ID linked systems may be used for monitoring; safeguards remain limited.
	Nepal	Yes	No clear biometric safeguards	Data-protection measures exist, but no strong encryption or digital ID specific limits on storage, use and access.
	Pakistan	No	Unclear	Significant breach risks and limited dedicated safeguards for digital ID related personal data.
	Sri Lanka	Yes	No clear biometric safeguards	Civil society has warned that large-scale digital identity could enable mass surveillance absent stronger protections.
Southeast Asia	Brunei	Yes	No clear biometric safeguards	Centralised identity infrastructure and surveillance concerns remain, especially for vulnerable groups.
	Cambodia	No	No	No comprehensive framework; heightened risks of privacy violations, surveillance and misuse of digital identity data.
	Indonesia	Yes	Partly	Data-protection law exists, but risks remain from centralised databases, exclusion, and uneven implementation.
	Laos	No	No	No comprehensive framework for digital ID; limited safeguards and elevated privacy risks.
	Malaysia	Yes	Partly	Legal protections exist, but major data leaks and implementation gaps continue to raise concerns.
	Myanmar	No	No	Extremely high surveillance and misuse risks linked to UID Smart Card and biometric SIM registration; no meaningful comprehensive privacy protection.
	Philippines	Yes	Partly	Comprehensive law exists, but PhilSys-related breach and exclusion risks remain significant.
	Singapore	Yes	Partly	Strong legal framework, but spyware/cybersecurity concerns and broad state digital integration raise persistent risks.
	Thailand	Yes	Partly	Privacy law exists, but biometric and digital ID infrastructures have been linked to surveillance and exclusion risks.
	Timor-Leste	No	No	No comprehensive framework for digital ID yet; privacy and misuse risks remain under-addressed.
	Vietnam	Yes	Partly	Data-protection framework exists, but spyware, cybersecurity abuses and state surveillance remain major concerns.
The Pacific	American Samoa	No	Unclear	No specific digital ID/privacy framework identified; rely largely on broader U.S./territorial rules.
	Australia	Yes	Partly	Relatively comprehensive framework, but gaps remain including limited erasure rights and no universal mandatory encryption requirement.
	Fiji	No	Unclear	No dedicated safeguards.
	Guam	No	Unclear	No specific digital ID/privacy framework identified; rely largely on broader U.S./territorial rules.
	Kiribati	Yes	Unclear	Some safeguards exist, but they only partially address digital ID risks.
	Marshall Islands	No	Unclear	Legal safeguards remain unclear and uneven.
	Micronesia	No	Unclear	No clear digital ID/privacy safeguards
	Nauru	No	Unclear	Legal safeguards remain unclear.
	New Zealand	Yes	Partly	Relatively comprehensive framework, but gaps remain including limited data-erasure rights and no universal mandatory encryption requirement.
	Northern Mariana Islands	No	Unclear	No specific digital ID/privacy framework; would rely largely on broader U.S./territorial rules.
	Palau	Yes	Unclear	Without comprehensive data protection laws or strong oversight mechanisms, citizens’ biometric and identity information could be misused or commercially exploited.
	Papua New Guinea	Yes / broader data-governance framework	Unclear	Broader framework only partially addresses digital ID concerns.
	Samoa	Yes	Unclear	Recent law addresses retention, security and safeguards, but weaknesses remain around biometrics and government access.
	Solomon Islands	No	Unclear	No specific digital ID/privacy safeguards identified in the overview.
	Tonga	No	Unclear	No clear privacy framework identified for future digital ID development.
	Tuvalu	No	Unclear	Digital ambitions are articulated, but implementation and safeguards remain uncertain.
	Vanuatu	Yes	Unclear	Recent laws address security and retention, but weaknesses remain around biometric regulation and government access.

International Commitments

There is no international treaty specifically regulating digital identity systems. Most countries are, however, parties to international human rights treaties that create obligations relevant to legal identity, non-discrimination and access to essential services — including the ICCPR, ICESCR, CRC, CEDAW, CERD and CRPD. Article 7 of the CRC and Article 24(2) of the ICCPR are particularly relevant for birth registration; Article 24 ICCPR and Article 8 CRC for the right to identity.^[37]

Ratification of the Statelessness Conventions across the region remains low and uneven.

Table 5: Ratification of Statelessness Conventions across Asia-Pacific

Sub-Region	Country	Party to the Convention relating to the Status of Stateless Persons (1954)	Convention on the Reduction of Statelessness (1961)
Central Asia	Kazakhstan	No	No
	Kyrgyzstan	No	No
	Tajikistan	No	No
	Turkmenistan	Yes (7 December 2011)	Yes (29 August 2012)
	Uzbekistan	No	No
East Asia	China	No	No
	Hong Kong	Yes; Covered by prior UK extension to 1954 Convention	No
	Japan	No	No
	Mongolia	No	No
	North Korea	No	No
	South Korea	Yes (22 August 1962)	No
	Taiwan	No	No
South Asia	Afghanistan	No	No
	Bangladesh	No	No
	Bhutan	No	No
	India	No	No
	Maldives	No	No
	Nepal	No	No
	Pakistan	No	No
	Sri Lanka	No	No
Southeast Asia	Brunei	No	No
	Cambodia	No	No
	Indonesia	No	No
	Laos	No	No
	Malaysia	No	No
	Myanmar	No	No
	Philippines	Yes (22 September 2011)	Yes (24 March 2022)
	Singapore	No	No
	Thailand	No	No
	Timor-Leste	No	No
	Vietnam	No	No
The Pacific	American Samoa	No	No
	American Samoa	U.S. territory; the United States is not party to either Statelessness Convention
	Australia	Yes (13 December 1973)	Yes (13 December 1973)
	Fiji	Yes (12 June 1972)	No
	Guam	No	No
	Guam	U.S. territory; the United States is not party to either Statelessness Convention
	Kiribati	Yes (29 November 1983)	Yes (29 November 1983)
	Marshall Islands	No	No
	Micronesia	No	No
	Nauru	No	No
	New Zealand	No	Yes (20 September 2006)
	Northern Mariana Islands	No	No
	Northern Mariana Islands	U.S. territory; the United States is not party to either Statelessness Convention
	Palau	No	No
	Papua New Guinea	No	No
	Samoa	No	No
	Solomon Islands	No	No
	Tonga	No	No
	Tuvalu	No	No
	Vanuatu	No	No

Regional and international digital governance frameworks provide further, albeit non-binding, structuring influences on digital ID policy. Japan, South Korea, Australia, New Zealand, the Philippines and Singapore participate in the APEC Cross-Border Privacy Rules system, which operates as a voluntary certification mechanism for cross-border data transfers. It also indirectly shapes standards for handling digital ID related personal data.^[38] Japan, South Korea and New Zealand are adherents to the OECD Recommendation on the Governance of Digital Identity, adopted in June 2023, which sets out principles for trusted, user-centred, and interoperable digital ID ecosystems.^[39] In Southeast Asia, states engage with ASEAN’s Framework on Personal Data Protection and the ASEAN Digital Economy Framework Agreement; while both instruments are non-binding, they signal a regional commitment to converging approaches on data protection and digital economy enablers, including digital identity.^[40]

At the multilateral level, commitments on civil registration and vital statistics form a key part of the normative environment for digital ID. States across the five sub-regions that endorsed the Ministerial Declaration adopted at the Third Ministerial Conference on Civil Registration and Vital Statistics in Asia and the Pacific have committed to a Decade of Action for Inclusive and Resilient CRVS. This includes registering every birth and death by 2030 and addressing the exclusion of digitally marginalised populations.^[41] This regional agenda links foundational CRVS reforms with the development of digital public infrastructure, reinforcing the expectation that digital-ID systems should support universal, non-discriminatory access to registration and services.
The CRC General Comment No. 25 (2021) is identified as the most directly applicable international interpretive instrument requiring that digital systems be designed so that all children can safely access essential public and educational services without discrimination.^[42] When read alongside core treaty provisions on birth registration and identity, this guidance positions digital ID and associated data-governance frameworks as central to states’ obligations to prevent exclusion, protect privacy. It also emphasises the need to ensure that stateless, undocumented or otherwise marginalized children are not left outside legal-identity and service-delivery systems.

Designed to Include?

The Impact of Digital ID and Legal Identity on Citizenship and Nationality Rights

Across the five sub-regions, digital ID systems have not significantly reduced statelessness. Access to digital identity remains conditional on possession of foundational legal identity documents — birth certificates, national ID cards or residence permits. Stateless persons are disproportionately likely to lack these documents and are therefore typically excluded from digital ID systems and the services tied to them. Where digital ID becomes de facto mandatory for accessing services, exclusion from legal identity is reproduced and entrenched at the digital level.

Services commonly inaccessible to stateless persons without digital ID include government e-services, healthcare systems, social protection, school enrollment, banking and financial services, employment registration, SIM-card registration, tax and licensing, and property registration. Exclusion is most acute in South Asia (Bangladesh, India, Pakistan, Sri Lanka), parts of Southeast Asia (Indonesia, Philippines, Viet Nam, Myanmar), Central Asia (Kazakhstan, Kyrgyzstan), and increasingly East Asia (Japan). In the Pacific, where most countries are still developing digital ID systems, the risk of entrenching exclusion is yet to be determined.

Good Practices

Notwithstanding this broad pattern, several country-level practices offer partial models for more inclusive digital identity:

Bhutan’s NDI was launched on 13 October 2023 as the first national-scale Self-Sovereign Identity system, with a statutory basis in the National Digital Identity Act 2023.^[43] Unlike conventional centralized models, the SSI architecture gives individuals control over their identity data, allowing them to share credentials selectively without exposing an entire database.^[44] Data is encrypted and accessible only with user consent. Significant limits remain, such as access being restricted to Bhutanese citizens, and leaving the historically displaced Lhotshampa population stateless and excluded.^[45] However, the design philosophy of consent, minimization and decentralization is a meaningful contribution to rights-respecting digital identity architecture.

Timor-Leste’s Unique Identity Strategic Plan 2021–2025, developed with UNDP and EU support, is the only digital identity framework in Southeast Asia that explicitly aspires to include stateless persons, refugees and people without existing documents.^[46] The system is not yet fully operational, but the explicit commitment to inclusion at the policy-planning stage, before the system is built, is a model for other countries developing digital ID frameworks.

Thailand’s Cabinet adopted a resolution on 29 October 2024 directing accelerated administrative pathways to nationality for an estimated 480,000 stateless persons across 76 provinces; implementation guidelines were issued in June 2025 and eligibility for the accelerated procedure began on 30 June 2025.^[47] The measure addresses statelessness at the legal identity level rather than through digital ID (Thailand’s ThaID and DGA platforms remain available only to Thai citizens, excluding pink-card holders). However, it creates conditions under which formerly stateless persons could in due course access digital ID upon acquiring citizenship.

In Vietnam, The Law on Identity No. 26/2023/QH15 provides for an Identity Certificate for persons of Vietnamese origin with undetermined nationality, enabling some access to education, healthcare and basic services without conferring citizenship.^[48] The VNeID digital identity system extends some e-ID access to foreign residents through tiered accounts. The pathway for non-Vietnamese stateless persons remains legally undefined. However, the creation of a specific document for persons of undetermined nationality, linked to service access, is an incremental yet meaningful step.

All five Central Asian states issue specific legal identity documents for stateless persons: Stateless Person Certificates in Kazakhstan, Kyrgyzstan and Turkmenistan; certificates of stateless persons and residence permits in Tajikistan; and stateless permanent resident ID cards in Uzbekistan. Kazakhstan has gone further by extending some digital service access to stateless persons holding these certificates, including through dedicated digital portals for foreign nationals.^[49] The combination of legal recognition and a degree of digital service access represents a more inclusive model than is found in most other sub-regions.

Turkmenistan’s National Action Plan to End Statelessness (2019–2024) culminated in November 2024, when the government announced that all known cases of statelessness had been resolved through grants of citizenship to more than 32,000 formerly stateless persons.^[50] This was achieved through civil registration reforms, application of nationality law and statelessness determination procedures rather than through digital ID systems. The measure demonstrates that systematic, rights-based statelessness resolution is feasible when backed by political commitment. Across Central Asia as a whole, UNHCR-supported initiatives have led to the grant of citizenship to more than 220,000 formerly stateless people over the past decade.^[51]

New Zealand is the only Pacific state to provide specific, statutorily recognized identity documents for refugees (refugee travel document) and stateless persons (certificate of identity), each accepted as proof of legal identity alongside passports and driver licenses within New Zealand’s pluralistic identity framework.^[52] Although stateless persons cannot directly access RealMe without the underlying foundational documents, recognition of their identity through alternative documents is more inclusive than in most countries in the region.

Palau has developed a Web3-based Digital Residency Program, originally launched in 2022, aimed at non-citizens and providing access to financial platforms, government services and digital contracts via Root Name System (RNS) technology.^[53] The program does not confer Palauan citizenship or residence rights and does not directly address statelessness. However, it demonstrates that a separate, dedicated digital identity track for non-citizens is technically and legally feasible without requiring citizenship documentation as a prerequisite.

Japan and Mongolia have adopted accessibility measures aimed at reducing barriers for elderly and digitally less literate populations. Japan’s My Number Card program provides multilingual call-center support and digital literacy assistance;^[54] Mongolia’s E-Mongolia 5.0, launched on 20 September 2025, expanded mobile access and made selected services available to foreign residents.^[55] Although these measures target the digital divide for citizens and residents rather than stateless persons specifically, they demonstrate that accessibility can be designed into digital ID frameworks rather than retro-fitted.

Across the five sub-regions, the following structural conditions emerge as preconditions for digital identity systems that do not entrench exclusion of stateless persons and other marginalized groups:

Universal birth registration accessible regardless of citizenship status, as a prerequisite for any rights based digital identity framework.
Civil-registration systems that explicitly extend registration access to non-citizens and stateless persons, rather than restricting registration to citizens.
Legal identity documents specifically designed for stateless persons (as seen in Central Asia, New Zealand and Viet Nam).
Integration of digital identity systems with statelessness determination procedures, civil registration systems and alternative identity pathways.
Alternative mechanisms for accessing essential services that do not require digital ID, ensuring that de facto mandatory digital identity systems do not produce new forms of exclusion.
Rights-based data protection frameworks that place robust limits on government surveillance, require encryption of biometric data and establish independent oversight bodies.
Dedicated complaint mechanisms for digital ID related grievances, allowing affected individuals to challenge exclusion.
Inclusive design processes that engage statelessness experts, civil society and affected communities before systems are built.
International cooperation on statelessness, including ratification of the 1954 and 1961 Statelessness Conventions, as a foundation for domestic legal frameworks

Without such safeguards, digital ID systems risk deepening existing inequalities in access to legal identity and public services for the region’s most marginalized populations.

References

1.^

‘The Pacific - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/the-pacific/> accessed 14 May 2026; ‘South Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/south-asia/> accessed 14 May 2026; ‘Southeast Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/southeast-asia/> accessed 14 May 2026; ‘Central Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/central-asia/> accessed 14 May 2026; ‘East Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/east-asia/> accessed 14 May 2026.

2.^

The Pacific - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

3.^

‘Nepal: Vital Documents and Identification’ (I Am Here: obtaining your identification and vital documents, January 2024) <https://iamhere.bakermckenzie.com/-/media/minisites/iamhere/pdf/case3402583i-am-here-nepal.pdf?rev=32197328f0fd4615948a70a6d4b1e2cc&sc_lang=en> accessed 17 November 2025; ‘Nepal - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/south-asia/nepal/> accessed 18 May 2026.

4.^

‘Nepal: Vital Documents and Identification’ (n 3); ‘Nepal - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 3).

5.^

‘East Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

6.^

ibid; ‘China - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/east-asia/china/> accessed 21 May 2026; ‘Japan - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/east-asia/japan/> accessed 21 May 2026; ‘Taiwan - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/east-asia/taiwan/> accessed 21 May 2026; ‘South Korea - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/east-asia/south-korea/> accessed 21 May 2026.

7.^

‘New Zealand - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/the-pacific/new-zealand/> accessed 18 May 2026; ‘Australia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/the-pacific/australia/> accessed 18 May 2026; ‘India - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/south-asia/india/> accessed 18 May 2026.

8.^

‘India - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 7).

9.^

NSW Government, ‘Understanding Identity | NSW Government’ (17 December 2020) <https://www.nsw.gov.au/nsw-government/nsw-government-identity-strategy/understanding-identity> accessed 7 May 2025.

10.^

New Zealand Ministry of Justice, ‘Identification Check Requirements’ <https://www.justice.govt.nz/criminal-records/get-someone-elses/identification-check-requirements/> accessed 21 May 2026; ‘What Forms of Identity Are Acceptable as Proof of Identity?’ (New Zealand Police) <https://www.police.govt.nz/faq/what-forms-identity-are-acceptable-proof-identity> accessed 21 May 2026.

11.^

‘East Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1); ‘Southeast Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1); ‘South Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

12.^

Digital Agency, ‘About My Number System｜Digital Agency’ (14 October 2025) <https://www.digital.go.jp/en/policies/mynumber/explanation> accessed 22 December 2025; ‘What’s New> News & Notices | Safer and More Convenient Identification with the Mobile Resident Registration Card’ <https://www.mois.go.kr/eng/bbs/type001/commonSelectBoardArticle.do?bbsId=BBSMSTR_000000000019&nttId=101184> accessed 10 December 2025; ‘New Zealand Passports | Certificate of Identity or Refugee Travel Document’ <https://www.passports.govt.nz/what-you-need-for-your-application/certificate-of-identity-or-refugee-travel-document> accessed 6 April 2026; ‘Guidelines for the Application for Residence, Extension of Residence, and Change of Residence Reasons for Nationals without Registered Permanent Residence in the Taiwan Area’ (10 April 2024) <https://www.immigration.gov.tw/media/103476/0303-guidelines-for-the-application-for-residence-extension-of-residence-and-change-of-residence-reasons-for-nationals-without-registered-permanent-residence-in-the-taiwan-area.pdf#page=8> accessed 27 January 2026.

13.^

‘Paperless, Stateless: How India’s Aadhaar Infrastructure Rewrites Citizenship | Oxford Law Blogs’ (26 September 2025) <https://blogs.law.ox.ac.uk/border-criminologies-blog/blog-post/2025/09/paperless-stateless-how-indias-aadhaar-infrastructure> accessed 6 April 2026.

14.^

Anjishnu Das, ‘The Aadhaar Journey: From Flagship Cong Project to Cornerstone of BJP’s “Digital India”’ (The Indian Express) <https://indianexpress.com/article/political-pulse/aadhaar-journey-bjp-digital-india-9095394/> accessed 21 May 2026.

15.^

Mohammad Rafiqul Islam, Hasan Muhammad Baniamin and Md Salah Uddin Rajib, ‘Institutional Mechanism of National Identification Card: Bangladesh Experience’ (2012) 2 Public Policy and Administration Research 1.

16.^

‘Bhutan - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/south-asia/bhutan/> accessed 21 May 2026.

17.^

The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act 2016; The Aadhaar (Enrolment and Update) Regulations 2016.

18.^

‘India - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 7).

19.^

‘The Pacific - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

20.^

‘Papua New Guinea - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/the-pacific/papua-new-guinea/> accessed 21 May 2026.

21.^

‘East Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

22.^

‘Central Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

23.^

Southeast Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

24.^

‘South Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

25.^

‘Southeast Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

26.^

‘East Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

27.^

‘The Pacific - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

28.^

‘Central Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

29.^

Fatima Kemelova, ‘What Kazakhstan’s Digital Code Brings to Citizens and Businesses’ (The Astana Times, 17 February 2026) <https://astanatimes.com/2026/02/what-kazakhstans-digital-code-brings-to-citizens-and-businesses/> accessed 27 March 2026; ‘Digital Human Rights: What Kazakhstan’s Digital Code Changes’ <https://digitalrights.asia/events/kazakhstan-digital-code-human-rights-constitutionalism-edf-experts/?lang_ui=en> accessed 27 March 2026.

30.^

‘NADRA Launches Centralized Complaint Management System for Citizens’ (National Database and Registration Authority, Ministry of Interior, Pakistan, 8 February 2022) <https://www.nadra.gov.pk/mediaRelease/nadra-launches-centralized-complaint-management-system-for-citizens-ba50a4ff> accessed 5 August 2025.

31.^

‘East Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

32.^

‘The Pacific - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

33.^

‘South Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

34.^

‘Southeast Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

35.^

‘Central Asia - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 1).

36.^

‘UN Shared Rohingya Data Without Informed Consent | Human Rights Watch’ (15 June 2021) <https://www.hrw.org/news/2021/06/15/un-shared-rohingya-data-without-informed-consent> accessed 18 December 2025.

37.^

‘Human Rights Instruments’ (OHCHR) <https://www.ohchr.org/en/instruments-listings> accessed 22 May 2026.

38.^

‘APEC Cross-Border Privacy Enforcement Arrangement (CPEA)’ (APEC) <https://www.apec.org/groups/committee-on-trade-and-investment/digital-economy-steering-group/cross-border-privacy-enforcement-arrangement> accessed 14 January 2026

39.^

OECD, ‘OECD/LEGAL/0491 Recommendation of the Council on the Governance of Digital Identity’ (OECD Legal Instruments, 2023) <https://legalinstruments.oecd.org/en/instruments/OECD-LEGAL-0491> accessed 15 May 2025.

40.^

ASEAN TELMIN, ‘Framework on Personal Data Protection’ (2016) <https://cil.nus.edu.sg/wp-content/uploads/2020/08/2016-Frmwk-PDP.pdf>; Buddhi Mahindaratne, ‘ASEAN Digital Economy Framework Agreement’.

41.^

‘Asia-Pacific Nations Reaffirm Commitment to Legal Identity for All at Third Ministerial Conference on Civil Registration and Vital Statistics | Get Every One in the Picture’ <https://crvs.unescap.org/news/asia-pacific-nations-reaffirm-commitment-legal-identity-all-third-ministerial-conference-civil> accessed 7 November 2025.

42.^

‘General Comment No. 25 (2021) on Children’s Rights in Relation to the Digital Environment’ <https://www.unicef.org/bulgaria/en/media/10596/file>.

43.^

National Digital Identity Act 2023.

44.^

‘Bhutan - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 16).

45.^

Lex Harvey and Chiranjivi Ghimire, ‘Forced from Bhutan, Deported by the US: These Stateless Himalayan People Are in a Unique Limbo | CNN’ (CNN, 19 July 2025) <https://edition.cnn.com/2025/07/18/asia/bhutan-refugees-trump-deportations-nepal-intl-hnk> accessed 22 May 2026.

46.^

Government of Timor-Leste, ‘Unique Identity System Strategic Plan | 2021 to 2025’ (2021) <https://idu.gov.tl/wp-content/uploads/2021/08/Unique-ID-Strategy-Consolidated-Final_240521_-English1878.pdf>.

47.^

‘Thailand Dramatically Speeds Up Citizenship for Stateless People’ (Royal Thai Embassy, Washington, D.C.) <https://washingtondc.thaiembassy.org/en/content/2025-8-6-5> accessed 22 May 2026.

48.^

‘Law on Identity’ (vietnamlawmagazine.vn) <https://vietnamlawmagazine.vn/law-on-identity-71703.html>.

49.^

‘Kazakhstan - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/central-asia/kazakhstan/> accessed 22 May 2026.

50.^

‘Turkmenistan Holds a Leading Role in Ending Statelessness’ (Ministry of Foreign Affairs of Turkmenistan, 7 November 2024) <https://www.mfa.gov.tm/en/news/4885> accessed 22 May 2026.

51.^

‘A Region without Statelessness?: How Central Asia Proved It Is Possible’ (Baku Dialogues Journal) <https://bakudialogues.idd.az/articles/statelessness-has-ended-17-05-2025> accessed 31 March 2026.

52.^

‘New Zealand - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (n 7).

53.^

‘Palau - Statelessness Encyclopedia Asia Pacific: Digital ID and Its Impact on Statelessness’ (SEAP) <https://seap.nationalityforall.org/digital-id/regional-overview/the-pacific/palau/> accessed 22 May 2026.

54.^

‘Frequently Asked Questions - My Number Card General Site’ <https://www.kojinbango-card.go.jp/en-faq/> accessed 19 December 2025.

55.^

‘Unified E-Services Portal’ <https://e-mongolia.mn/foreigner/home> accessed 22 May 2026.

See Statelessness Overview