This is a Pre-enrollment and Enrollment event for the Digital ID at Kagarama, Kigali, February 2026
In 1994, a simple piece of paper — the Rwandan national identity card — became an instrument of death. A single word printed on it, “Tutsi,” was enough for a militia man at a roadblock to pull a civilian from a crowd and kill them.
In 100 days, more than one million Tutsis were slaughtered.
The ID card, as the Rwanda Law Journal, in its March 2026 issue, documented, “served, for some, as an effective death sentence.”
Now, Rwanda is attempting something no other post-genocide state has tried at scale: building a national digital ID system with privacy and consent at its core — not as an afterthought, but as a firewall against history repeating itself.
But first, the government is collecting data from nearly every citizen. Massively. And systematically.
The Great Data Harvest
Across Rwanda today, a vast national exercise is underway. Citizens are being photographed, fingerprinted, and having their irises scanned.
Children receive their first digital ID from birth — with a facial photo taken as early as age four. By age five, their fingerprints and iris scans are added to the system. By sixteen, a fresh biometric update and a digital signature complete the profile.
The government does not hide this. Billboards across Kigali announce registration centers. Officials visit villages with mobile kits. The message is simple: everyone must be enrolled.
For a population that remembers when an ID card meant death, this scale of data collection might trigger alarm. But the new system’s designers argue that mass collection is not the problem — uncontrolled access to that data was the real killer in 1994.
The Control Layer
The new Single Digital ID (SDID) introduces something the old paper card never had: a consent layer between your data and anyone who wants to see it.
Here is how it works. Your information — full name, photo, address, ID number, biometric templates — lives in a secure digital wallet that only you can authorize. When a bank, a hospital, or even a nightclub asks for your ID, they do not see everything.
Instead, their system requests only the specific data needed.
You receive an instant notification on your phone: “Bank of Kigali requests to see your name, photo, and address. Approve or deny?”
You tap approve. That is all they see. Nothing else. And you can revoke access at any time.
The system is built on the principle of data minimisation — a cornerstone of the EU’s GDPR and, as the Rwanda Law Journal argues, a human rights necessity for post-genocide societies. Only collect what is necessary. Only share what is approved. Only keep what is still needed.
Why This Matters
The Rwanda Law Journal article, “Minimisation of Sensitive Personal Ethnicity Data of a Population is Key in Transitional Justice,” makes the case directly: “The inclusion of ethnicity data in an ID is in blatant defiance of the data minimisation principle since it is irrelevant and excessive.”
Rwanda’s old ID was excessive. It carried a death sentence on page two.
The new ID carries no ethnicity data at all. But more than that, it hands citizens the keys to their own information — something almost no other national ID system does.
In most countries, when you show your ID, the officer or clerk sees everything. In Rwanda, they will see only what you say they can see.
The Risks Remain
The Rwanda Law Journal warns that “the growing shift from traditional IDs to biometric identification raises new privacy concerns, particularly regarding unique identifiers that can link data across multiple databases, potentially leading to excessive surveillance.”
If a future government wanted to misuse this system, the data exists. The photographs exist. The fingerprints and iris scans exist.
The system’s safety depends entirely on the integrity of the consent architecture and the independence of Rwanda’s Data Protection Office.
The Deeper Bet
But Rwanda is making a longer argument: that technology designed with privacy by design and human rights-based principles can outlast bad actors. The system includes audit trails — every time someone accesses your data, you can see who, when, and why. You can revoke permissions instantly. And the law imposes significant fines for violations.
The Rwanda Law Journal concludes: “Minimising the collection and use of sensitive ethnicity data is crucial for Rwanda’s transitional justice efforts. Given the country’s history, strict safeguards are needed to prevent ethnic profiling, discrimination, and misuse of personal data.”
Rwanda is now running a real-world experiment in whether those safeguards can work at scale.
The Bottom Line
The government is photographing, fingerprinting, and iris-scanning millions of its citizens. That much is not new — many countries do it. What is new is that after collecting all that data, Rwanda is handing control of it back to the individual.
For a country where an ID card once meant death, that act of handing back control is not just policy. It is a form of restitution.
The new digital ID is being phased in through June 2027. Old ID cards will be deactivated thereafter.
