A former United Nations employee is speaking out regarding his concerns about the UN’s internal digital ID program, as well as what it means for digital ID initiatives being rolled out around the world.
“My biggest concern on the internal rollout is that the UN is establishing an extremely risky and invasive technology without transparent consultation with staff. So far there’s no consideration that staff may not consent to this,” says Alexander Ray, a former communications officer at the United Nations Environment Programme (UNEP).
He believes the UN is rushing forward with its internal digital ID program without proper protections for employee privacy and security. The UN began rolling out its digital ID for employees in late 2020. The first phase of implementation started in June 2024.
Ray says the way the UN is handling its rollout of digital IDs for employees is an indication of how the organization is approaching digital ID projects around the world.
“The UN’s approach to their internal staff digital ID reflects the same attitudes seen in national-level digital ID roll-outs—inadequate concern for legal liability, disregard for individual informed consent, and overconfidence in the strength of the technology’s privacy and security implications,” Ray told The Last American Vagabond (TLAV).
Starting in 2019, Ray served in various roles with the United Nations Development Programme (UNDP). He was also an independent consultant for the UN between 2021 and 2023 before moving to UNEP, where he worked as a communications officer until December 2025.
Before leaving the UN in December, he emailed several UN officials seeking answers to his questions regarding the digital ID system. He says his concerns were downplayed and, ultimately, ignored.
UN Dismisses Employee Concerns, Ray Says
On Sept. 17, Ray participated in a one-hour webinar called “Innovation Day: From Spark to System – the UN Digital ID Journey,” where members of the UN digital ID program outlined the history and future of the project. He posed questions about privacy, liability, and data security, but none were addressed.
Ray took particular note that the UN Digital ID portal’s Terms of Use explicitly state the United Nations International Computing Centre (UNICC)—the agency that leads the UN Digital ID program—will not be held responsible for any unintended consequences from employees’ use of the system.
“In no event shall the UNICC or any developer or contributor of the Website (collectively ‘Non-Liable Parties’) be liable to you with respect to use of the Website and/or be liable to you for any direct, indirect, special or consequential damages including, without limitation, damages for loss of goodwill, lost profits, or loss, theft or corruption of your information, the inability to use the Website, device failure or malfunction,” the terms read.
On Sept. 24, he decided to email follow-up questions to the UNICC. He asked whether the UN had conducted any surveys to understand staff attitudes toward and consent for the project. Ray also wondered what would happen to UN staff who choose not to use the digital ID system and how the UN would manage those who do not consent to the program. Finally, he inquired as to what “legal framework” allowed the UN to “collect, store, and access personal biometric, human resources, medical, travel, security, and payroll data” via the digital ID technology.
Ray received a response from Massimiliano Merelli, the host of the Innovation Day webinar and UN Digital ID program director. Emails viewed by TLAV show Merelli responded by referring Ray to the Frequently Asked Questions (FAQ) section on the UN’s official digital ID portal.
“We will ensure that the questions you provided are included in the FAQs, as they are relevant to everyone in the Programme,” Merelli stated. “I also want to highlight that we regularly consult with OLA (Office of Legal Affairs) and Staff Federations regarding privacy concerns. We have conducted two Data Privacy Impact Assessments (DPIAs) that have been shared with the participating organizations. This level of transparency is crucial for fostering trust among all involved.”
Ray was unsatisfied with the response. He further pressed Merelli on the issue, writing, “It is unfortunately insufficient given the seriousness of the concerns raised.” He noted that the UN’s internal FAQ did not address several of his questions, while some of the responses “provide perfunctory and/or vague one- or two-sentence responses with no real detail”. He said the vague responses related to “security and privacy arrangements as well as legal frameworks governing security and liability.”
Ray requested access to a “cybersecurity framework” referenced in the FAQ, as well as a copy of the two Data Privacy Impact Assessments (DPIAs) mentioned by Merelli. He asked for details on the consultations Merelli said were held with the Office of Legal Affairs and Staff Federations.
Ray noted that the UN’s 48th Session of the High-level Committee on Management in October 2024 explicitly states that “data control and liability concerns for staff when using their United Nations Digital ID were stressed,” but there has been no further information provided to UN staff regarding these concerns.
Merelli and other UN officials affiliated with the UN digital ID program did not respond to multiple requests for comment from TLAV.
After Merelli failed to respond to Ray’s questions, he filed a complaint with the UN’s Office of Internal Oversight Services (OIOS) on Sept. 30. His complaint argued that privacy, liability, and security concerns relating to the UN’s digital ID project were being misrepresented and dismissed, and that there had been insufficient consultation and informed consent with UN staff.
“As the program stands, it breaches many UN ethical standards on consent, liability, and transparency, and should be thoroughly investigated and suspended until such questions are answered and available for UN staff to consider,” Ray stated in his complaint.
On Sept. 30, while waiting for a response, Ray initiated his own informal survey among colleagues at the UNEP Copenhagen Climate Centre. He asked four questions, including “Do you feel the UN needs a staff digital ID?” and “Would you consent to using this digital ID as a mandatory condition of employment within the UN system?” Of the 19 responses he received, 68% said no to a mandatory ID for employment, and 84% said they do not believe the UN staff need a digital ID. The following day, he was reprimanded by a senior official who said that his circulation of the survey violated UN Code of Conduct.
On Oct. 20, the OIOS Investigations Division informed him that it would not be investigating the complaint and instead directed him to the Office of Information and Communications Technology (OICT) and the Department of Management Strategy, Policy and Compliance (DMSPC).
Ray expressed frustration with the dismissal by the OIOS and requested the issue be elevated to a more senior official, while objecting to referral to OICT—an agency he said has “close ties to the initiative under question.”
“It is disappointing to hear you have no interest in one of the largest issues of informed consent to ever face the UN,” Ray wrote.
The OIOS reiterated in follow-up emails that the complaint was “not a misconduct matter warranting OIOS investigation” and again directed Ray to OICT.
On Oct. 27, Ray pushed back, noting that his role in the UN Secretariat (one of the agencies signed up for the digital ID) placed it within OIOS jurisdiction, but received no further meaningful response. This marked the end of communications between Ray and UN officials on the issue. His employment with the UN ended in December.
For his part, Ray says he felt his questions—as well as those of other UN employees—were dismissed by Merelli.
“As the terms of use state, they are taking no legal or technical responsibility for any data breaches or issues with the digital ID, while expecting staff to carry this liability on their personal phones,” Ray told TLAV. “There is also no explanation given for why salary payments should be processed through such an app when bank transfers are much more secure and currently operating adequately.”
While Merelli did not directly address Ray’s concerns via email, in a UN Q&A session from Jan. 8, he did speak to concerns about who has access to user data.
“When it comes to data privacy, I just wanted to reiterate the fact that our systems do not store any data unless you’re creating a backup. So the privacy of your data stays within your wallet,” Merelli stated. “For me, UNICC is hosting my information, my personal records, I can get it into my wallet if I want to. And then I get to choose who I share that information with. Nobody else sees my information. It’s completely fully locked to my wallet.”
Origins of the UN Digital ID Program
On July 8, 2020, the United Nations launched the “Reimagine the UN Together Challenge,” calling on staff to submit ideas for new projects that might help transform the organization in the face of the COVID-19 panic. By November 2020, the projects had been narrowed down—including a proposal for a UN Digital ID initiative led by Massimiliano Merelli, then at the UN World Food Programme (WFP). Ultimately, Merelli’s project was chosen as the winner of the challenge.
The UN Digital ID is designed to be “secure, portable, and interoperable” across all UN organizations. The program uses blockchain technology and biometrics to offer what the UN describes as a “seamless experience in managing and sharing” staff’s verified personal data. The UN says the digital ID “reduces data duplication and fragmentation, streamlining processes for the UN workforce and organizations” and allows users to “securely, smoothly and seamlessly share personal and professional data while maintaining full control and visibility.”
According to the UN, Merelli’s idea “sparked a digital transformation” within the international organization.
The first version of the UN Digital ID was launched in June 2024 within the WFP and the United Nations Joint Staff Pension Fund (UNJSPF) related to pension processing. Further developments came in June and November of 2025, with the UN Digital ID app being expanded for United Nations Children’s Fund (UNICEF) retiring staff.
“The UN Digital ID isn’t just about tech—it’s a cultural shift. One digital handshake to unlock access, equity, and expertise across the UN system,” Merelli stated at the June event.
The UN and the Future of Digital ID
The United Nations is not only an advocate of digital IDs for their own employees—the organization is one of the most vocal proponents for digital ID programs in nations around the world.
The UN has called on developing nations to embrace digital ID as part of the Sustainable Development Goals (SDGs), particularly SDG 16, which states that “by 2030, provide legal identity for all, including birth registration.” As TLAV has previously reported, the UN promotes digital identity as a “human right” despite the potential dangers posed by the technology, including individuals being excluded for not participating in the digital ID schemes.
In part two of this investigation we will examine the various UN bodies that are involved in promoting digital ID programs to developing countries and the risks posed by these efforts. We will also continue our look at the UN’s internal digital ID program by uncovering which companies are involved in the digital wallet.
