A government database is not a neutral record of who you are. It's an infrastructure, and like all infrastructures, it embeds assumptions about what stays fixed and what is allowed to change. When those assumptions are wrong, the people who fall outside them don't experience a glitch. They experience what I've come to think of, following the structural violence literature, as a slow, distributed harm, one that rarely announces itself as a single event, but accumulates instead across a thousand small refusals.

This is the story of what happened after India's Supreme Court tried to change one of those assumptions, and what that reveals about identity infrastructure more broadly.

NALSA and the Limits of Legal Recognition

In National Legal Services Authority vs Union of India (2014), the Court recognised transgender people as a third legal gender category and affirmed a right to self-identification without surgery, without a medical certification, and without judicial sign-off. When read against the global landscape of gender recognition law at the time, this was a remarkable decision. It remains one of the most expansive judicial statements on gender self-determination anywhere.

However, the judgement itself is not an infrastructure, and infrastructures do not update themselves. I've spent a good part of my doctoral work sitting within this gap, between what the law says a person is entitled to, and what a database, a form, a registration clerk's discretion actually allows. Susan Leigh Star's classic observation about infrastructure is worth repeating here, because infrastructure becomes visible when it breaks down. For most people, an identity system is invisible precisely because it works. For a transgender person in post-NALSA India, the system becomes visible constantly, at every counter, every renewal, every moment where a self-identified gender meets a field that was never built to hold it.

The Category Was Never Built For This

Bowker and Star's work on classification systems gives us useful language here. Categories are not simply descriptive. They are infrastructural commitments, and once embedded across enough systems, they become extraordinarily costly to revise. India's Aadhaar, like most national identity systems, was built with a binary gender field, a single value captured once and treated as stable thereafter. This wasn't a deliberate act of exclusion. It reflects a design assumption so ordinary that it rarely gets examined. That assumption is that gender, like a birthdate, is fixed at the moment of registration and never needs to change again.

NALSA didn't just create a legal category. It exposed how brittle that design assumption already was. Adding a third value to a database field is trivial engineering. But it's not trivial to propagate changes to a value correctly through every downstream system that depends on the original record. An Aadhaar number touches bank details, voter registation records, school records, the PAN financial services number, and welfare enrollment. Each of these systems was built independently, on its own timeline, often by different vendors, and each carries the same unexamined assumption of stability.

The result, the for person at the centre of it, is not one singular failure but a cascading of failures and breakdowns. A gender marker updated with one authority remains unchanged with three others. Each disagreement becones its own small confrontation. An account might be flagged for review, a benefit claim delayed or cancelled, a hospital record that doesn't reconcile and shapes continuation of care for the patient. These systems were never designed to expect a person to change.

Where Law Meets The Registration Desk

This is where I think an information systems lens adds something to the legal literature. NALSA's language on self-identification was unambiguous. However, the registration desk, the bank branch, the welfare officer, these are a separate empirical question, and one that I've spent considerable fieldwork time on. Local officials, working with outdated departmental circulars or simply being unfamiliar with the judgement, have continued to demand medical proof that the ruling explicitly waived.

This is not a minor implementation lag. It is, I'd argue, the place where the actual work of exclusion happens. The law is not self-executing. It has to be carried, imperfectly, through layers of bureaucratic infrastructure and human discretion, and at every layer there is room for the original intent to be diluted, misunderstood, or simply ignored. Studying identity systems only at the level of policy systematically misses this because it only asks whether the right law exists. To see where recognition actually breaks down, you have to look at the infrastructure itself, and the people operating it.

Biometric Infrastructure and the Assumption of a Fixed Body

There's a narrower technical thread worth naming, because it follows on from my fieldwork. Biometric identity systems using fingerprints and facial matching are built on an implicit model of the body as stable and fixed over time. Someone whose facial presentation changes during transition, or whose biometric enrollment predates that transition, can trigger automated non-matches that have nothing to do with fraud and everything to do with a system encountering a case its designers never modelled. The failure isn't malicious, but it is not neutral either. It's the direct, traceable consequence of a design choice that assumed away the very possibility of bodily change.

Toward a Different Frame

I want to end where the next piece in this series will pick up. The dominant frame in digital identity work treats exclusion as a problem of absence, asking who lacks an ID, and how do we enrol them. That framing has done very tangible good. However, it also obscures a second, distinct failure mode, one that doesn't show up in enrolment statistics at all. What happens when a system cannot keep up with a person who already has an ID, but whose life has moved since the record was made?

That's not a legal problem anymore. NALSA settled the legal question a decade ago. Not it's an infrastructural question. It's a question that involves updating workflows, propagating the data changes across systems that were never meant to talk to each other in this way. It's also a question of building institutional trust that has to be rebuilt one registration at a time. In the next article in this series, I will look at what the costs are for the people caught in the gaps of an infrastructure.