In 2009, I became extremely concerned with the concept of Unique Identity for various reasons. Connected with many like minded highly educated people who were all concerned.
On 18th May 2010, I started this Blog to capture anything and everything I came across on the topic. This blog with its million hits is a testament to my concerns about loss of privacy and fear of the ID being misused and possible Criminal activities it could lead to.
In 2017 the Supreme Court of India gave its verdict after one of the longest hearings on any issue. I did my bit and appealed to the Supreme Court Judges too through an On Line Petition.
In 2019 the Aadhaar Legislation has been revised and passed by the two houses of the Parliament of India making it Legal. I am no Legal Eagle so my Opinion carries no weight except with people opposed to the very concept.
In 2019, this Blog now just captures on a Daily Basis list of Articles Published on anything to do with Aadhaar as obtained from Daily Google Searches and nothing more. Cannot burn the midnight candle any longer.
"In Matters of Conscience, the Law of Majority has no place"- Mahatma Gandhi
Ram Krishnaswamy
Sydney, Australia.

Aadhaar

The UIDAI has taken two successive governments in India and the entire world for a ride. It identifies nothing. It is not unique. The entire UID data has never been verified and audited. The UID cannot be used for governance, financial databases or anything. It’s use is the biggest threat to national security since independence. – Anupam Saraph 2018

When I opposed Aadhaar in 2010 , I was called a BJP stooge. In 2016 I am still opposing Aadhaar for the same reasons and I am told I am a Congress die hard. No one wants to see why I oppose Aadhaar as it is too difficult. Plus Aadhaar is FREE so why not get one ? Ram Krishnaswamy

First they ignore you, then they laugh at you, then they fight you, then you win.-Mahatma Gandhi

In matters of conscience, the law of the majority has no place.Mahatma Gandhi

“The invasion of privacy is of no consequence because privacy is not a fundamental right and has no meaning under Article 21. The right to privacy is not a guaranteed under the constitution, because privacy is not a fundamental right.” Article 21 of the Indian constitution refers to the right to life and liberty -Attorney General Mukul Rohatgi

“There is merit in the complaints. You are unwittingly allowing snooping, harassment and commercial exploitation. The information about an individual obtained by the UIDAI while issuing an Aadhaar card shall not be used for any other purpose, save as above, except as may be directed by a court for the purpose of criminal investigation.”-A three judge bench headed by Justice J Chelameswar said in an interim order.

Legal scholar Usha Ramanathan describes UID as an inverse of sunshine laws like the Right to Information. While the RTI makes the state transparent to the citizen, the UID does the inverse: it makes the citizen transparent to the state, she says.

Good idea gone bad
I have written earlier that UID/Aadhaar was a poorly designed, unreliable and expensive solution to the really good idea of providing national identification for over a billion Indians. My petition contends that UID in its current form violates the right to privacy of a citizen, guaranteed under Article 21 of the Constitution. This is because sensitive biometric and demographic information of citizens are with enrolment agencies, registrars and sub-registrars who have no legal liability for any misuse of this data. This petition has opened up the larger discussion on privacy rights for Indians. The current Article 21 interpretation by the Supreme Court was done decades ago, before the advent of internet and today’s technology and all the new privacy challenges that have arisen as a consequence.

Rajeev Chandrasekhar, MP Rajya Sabha

“What is Aadhaar? There is enormous confusion. That Aadhaar will identify people who are entitled for subsidy. No. Aadhaar doesn’t determine who is eligible and who isn’t,” Jairam Ramesh

But Aadhaar has been mythologised during the previous government by its creators into some technology super force that will transform governance in a miraculous manner. I even read an article recently that compared Aadhaar to some revolution and quoted a 1930s historian, Will Durant.Rajeev Chandrasekhar, Rajya Sabha MP

“I know you will say that it is not mandatory. But, it is compulsorily mandatorily voluntary,” Jairam Ramesh, Rajya Saba April 2017.

August 24, 2017: The nine-judge Constitution Bench rules that right to privacy is “intrinsic to life and liberty”and is inherently protected under the various fundamental freedoms enshrined under Part III of the Indian Constitution

"Never doubt that a small group of thoughtful, committed citizens can change the World; indeed it's the only thing that ever has"

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” -Edward Snowden

In the Supreme Court, Meenakshi Arora, one of the senior counsel in the case, compared it to living under a general, perpetual, nation-wide criminal warrant.

Had never thought of it that way, but living in the Aadhaar universe is like living in a prison. All of us are treated like criminals with barely any rights or recourse and gatekeepers have absolute power on you and your life.

Announcing the launch of the # BreakAadhaarChainscampaign, culminating with events in multiple cities on 12th Jan. This is the last opportunity to make your voice heard before the Supreme Court hearings start on 17th Jan 2018. In collaboration with @no2uidand@rozi_roti.

UIDAI's security seems to be founded on four time tested pillars of security idiocy

1) Denial

2) Issue fiats and point finger

3) Shoot messenger

4) Bury head in sand.

God Save India

Thursday, July 30, 2015

8389 - There Is A Privacy Issue With The Aadhaar Card by Seetha - Swarajyamag



Seetha is a senior journalist and author

The Benefits Of Aadhaar Cannot Hide The Infirmities In The Project
When Attorney-General Mukul Rohatgi argued before the Supreme Court that there was no fundamental right to privacy and petitions challenging the Aadhaar project for violating privacy, should be dismissed, many were dismayed but not surprised. After all, the Narendra Modi government has, from the outset, been giving Aadhaar a big push, never mind that the Bharatiya Janata Party had strongly opposed the project when it was in the opposition, on grounds of both compromising privacy as well as legitimising illegal immigrants. Aadhaar is now the lynchpin of the JAM Trinity – Jan Dhan Yojana-Aadhaar-mobile banking – trinity that the government is banking on for delivering subsidies in a more efficient, effective and economical way.
Giving people a unique identity number and linking it to bank accounts will undoubtedly bring about a massive reduction in the diversion of subsidies and welfare benefits that is rampant in India. But there are legitimate concerns that need to be addressed. A look at the noise over Aadhaar:

The Back Story
The first, hesitant steps to give every citizen an identity card and number were taken by the National Democratic Alliance government of Atal Behari Vajpayee. Called the Multi-Purpose National Identity Card (MNIC) project, its objective was compulsory registration of every citizen and non-citizen living in India in a National Population Register (NPR). Citizens would get a MNIC and number while non-citizens would get a multi-purpose residency card. The Citizenship (Registration of Citizens and Issue of National Identity Cards) Rules, 2003 were issued that made it compulsory for everyone to be enrolled in the NPR. A pilot project started in 13 states in 2003.

The United Progressive Alliance (UPA) government ran with the ball and the Citizenship Act 1955 was amended in 2004 to insert a Section 14A which authorises the central government to compulsorily register every citizen and issue a national identity card.

Two years later, in 2006, the UPA also initiated the Unique Identification (UID) project. To be implemented by the Department of Information Technology, this had an entirely different objective – it was about identifying beneficiaries of welfare programmes and doles and giving them a unique ID so that leakages and diversion could be eliminated.

Later the government decided to bring the two schemes – NPR and UID – together.

As the modalities for this were being worked upon by an empowered group of ministers (EGoM), the Planning Commission suggested setting up a Unique Identity Authority of India (UIDAI). The government decided to initially anchor it in the Planning Commission for five years and later make it a statutory authority. Accordingly, the UIDAI got established in 2009; it was then that the UID got the Aadhaar name.

The Aadhaar enrolment campaign by the UIDAI was launched in 2010. The enumeration exercise for the 2011 Census by the Registrar General of India (RGI) also started that year; it also involved capture of bio-metrics, though this was done after the enumeration. It was decided that the NPR database would be sent to the UIDAI for bio-metric de-duplication and assigning of a unique ID number which would be added to the NPR database.

Soon the home ministry (then headed by P. Chidambaram) and the Planning Commission were at loggerheads over the two exercises. Chidambaram was not satisfied with what he called “the degree of assurance” with which the UIDAI was going about its task. He felt the NPR was better from the perspective of internal security. Then Planning Commission deputy chairman Montek Singh Ahluwalia weighed in on the side of the UIDAI.
As a compromise it was decided that:
  • UIDAI would undertake enrollment for Aadhaar in a specified number of states where it had made significant progress, while the NPR would capture the bio-metrics of people in the rest.
  • In addition to its original target (set in phases) of covering 20 crore people, UIDAI would enroll another 40 crore.
  • The NPR would not capture bio-metrics for people who already had an Aadhaar number/card. It would, however, note the number in its records and source the bio-metric information from UIDAI.
Currently, the NPR bio-metrics collection exercise is going on in 12 states and UIDAI is doing enrolments in 24 states.
The RGI, which does the NPR exercise, sends the bio-metrics it captures to UIDAI for de-duplication and assigning of an Aadhaar number. The NPR, which is kept with the RGI, will have demographic data, bio-metrics and Aadhaar number.

The Design Flaw
Chidambaram was right in voicing security-related concerns over the poor due diligence in the case of Aadhaar and rooting for NPR. The NPR is based on a house-to-house survey. The Aadhaar enrolment only requires people to approach UIDAI with some select documentary proof or, if such proof is not there, through an `introducer’ – anyone from an elected representative (gram pradhan/councillor/MLA/MP) to local teachers, anganwadi workers, doctors, representatives of NGOs, etc. This is what had the home ministry under Chidambaram worried – that the exercise would, willy-nilly, end up legalizing illegal immigrants.

The NPR is about identifying citizens; Aadhaar is only about authenticating the identity of people. Whenever he was quizzed about Aadhaar, former UIDAI chairman Nandan Nilekani would always take pains to clarify that it was not a citizenship document.

Right now, the NPR exercise, like Aadhaar, covers all usual residents in the country. The next step will be to verify citizenship status of everyone in the register. Citizens could get a smart card with the Aadhaar number, but there is no decision on this yet.


The Legal Backing . . . Or Lack of It
The NPR has got legal backing, since the Citizenship (Amendment) Act authorises it. Aadhaar has no legal backing to date. The UIDAI is still functioning on the basis of an executive action – six years after it was set up.

A National Identification Authority of India Bill was tabled in 2010. It proposed the setting up of a National Identification Authority of India (NIAI) to issue Aadhaar numbers to individuals after collecting and verifying specified documents and recording bio-metric information. This would be stored in a centralised depository and those seeking to verify a person’s identity (e.g. banks) could do so by checking the Aadhaar number given to them with this depository. The NIAI can share information about individuals, with their written consent, with government agencies and can share information with security agencies.

The Parliamentary Standing Committee on Finance, headed by Yashwant Sinha, rejected the Bill in 2011. Its concerns related to:
  • The Aadhaar number will be available to every resident – citizen or non-citizen.
  • The original mandate of identifying below poverty line families had been exceeded by extending Aadhaar to every resident.
  • The ministries of finance, home and planning, as well as the National Informatics Centre (NIC) had expressed objections to various aspects of the functioning of the UIDAI, which were being ignored.
  • The lack of clarity on whether the Aadhaar number would become compulsory.
  • The possible misuse of the huge database of people and the lack of a data protection law
  • The involvement of a large number of private vendors in an exercise relating to sensitive personal information.
The Bill is still pending, which means the UIDAI is functioning without legal sanction.

Is Aadhaar a Game Changer?
Yes it is, in some respects and for some people.
For the migrant population in cities, who live in slums or unauthorised clusters and keep shifting homes, any work that required them to provide proof of identity and residence – opening a bank account, applying for a ration card or even a gas connection – was always a problem. Aadhaar gave them an identity document that would remain valid wherever they moved. The Jan Dhan Yojana would not have been the resounding success it is if it were not for Aadhaar.

For the government, Aadhaar, when linked with a bank account or a ration card, is a fool-proof way of ensuring that doles, subsidised goods and other welfare benefits go only to the person entitled to it. It also eliminates duplication, a fairly common problem with one ration card being issued in more than one name or migrant workers holding a ration card in the village and in the towns.


True, Aadhaar is only about identification, not eligibility; it does not seek information on income or any of the parameters that put people in the BPL category. Nilekani has also often clarified that Aadhaar does not automatically entitle one for welfare benefits. But while Aadhaar does not certify that X belongs to the BPL category, it will ensure that a dole meant for X goes into his bank account. So it will eliminate chances of, say, a school principal opening a bank account and spiriting away the scholarship money meant for poor students who were not even aware they were getting money. This actually happened in a government school in South Delhi.

The danger: There is, however, a caveat to this. What happens to people who do not get an Aadhaar number/card (homeless people, for example) but may be entitled to government welfare benefits? Will they be denied these benefits because they do not have Aadhaar? There is no conclusive answer to this, but this issue needs to be addressed.

So is the Opposition Unjustified?
No, it is not. The strong opposition to Aadhaar stems primarily from three valid and inter-related concerns, which detract from its admittedly useful aspects:
  • Privacy, or the lack of it, is the biggest problem with the entire Aadhaar project. This is an issue which brings together people of different ideological persuasions, even those who agree with the concept of Aadhaar.
Bio-metric data of individuals is being collected under Aadhaar (yes, also under NPR but there is a difference between the two that will be explained later). There are many private players involved in the whole chain of registering for and generation of Aadhaar numbers before the database finally goes to the government-controlled Central Identities Data Repository (CIDR).

Enrolling individuals for Aadhaar is done by registrars which are mainly government and public sector agencies. But they can hire enrollment agencies which can be private players to collect demographic and bio-metric information. Enrollment agencies cannot outsource work but they can hire enrollment operators and supervisors through third parties.

While the UIDAI claims that it has robust security measures in place to ensure that there is no leak from the CIDR, there is no foolproof system in place to guard against breach of data from any of these points. Or to ensure that enrollment agencies and operators do not keep a copy of the database when they hand it over to the government. Usha Ramanathan, who has been crusading against Aadhaar for several years, has often pointed out the casual manner in which enrollment agencies and operators handle the information available with them.

The UIDAI lists severe penalties for fraud or unauthorized access or use of data, but says “following are the possible criminal penalties in the Bill [the NIAI Bill]”. But the Bill has not been passed yet. Right now the only safeguard against breach of privacy is good behaviour on the part of everyone involved. There is no legal guarantee against it. Remember also that India does not have a data protection law.
  • The lack of legal backing is the second big problem with Aadhaar. Swarajya columnist J. Sai Deepak has written extensively about the problems with Aadhaar. One of the points he makes is that Article 21 of the Constitution, which deals with the fundamental right to life and personal liberty says “no person shall be deprived of his life or personal liberty except according to procedure established by law”. He also points out the Supreme Court, while delivering judgments in various cases relating to state surveillance and privacy has always emphasized that any action of the government must be backed by a formal statute or legislation.
Saideepak also draws attention to the wide mandate of the UIDAI, which includes defining the usage and applicability of Aadhaar for the delivery of various services. Giving so much power to a body which has no legislative sanction is, indeed, unprecedented and extremely worrying.
  • In its defence, the UIDAI has always held that the fears relating to privacy are unfounded, that the information it collects is very basic – name, gender, date of birth and address – and is already in the public domain in various forms. It also says that it does not divulge any information but only confirms or rejects any bio-metric data that is sent to it for verification.
That argument holds only if Aadhaar is a standalone piece of document that establishes one’s identity. But that is not the case. Aadhaar is the go-to document to access various public services and, as Ramanathan has been pointing out in various articles, is extending to private services as well. This is the third main concern with Aadhaar – the confusion over whether it is voluntary or mandatory and whether the lack of it can be used to deny someone a service. Related to this is the fact that it will become a single point of access to information about everything concerning an individual. That is why the privacy issue is paramount.

If Aadhaar remains, as the original intention was, a document for people who lack proof of identity and address to enable them to access banking services as well as welfare programmes, then there is perhaps not much of a problem. Only those who need such a document will enroll for it and any sharing of information between agencies will relate to name, address and bank account and the welfare provision they are accessing. The only agencies that will be involved will be government departments and banks.

But Aadhaar is not confined to this. A provision in the NIAI Bill allows Aadhaar information to be shared with security agencies. A column in the Aadhaar form asks people to tick if they want the Aadhaar number to be linked to their bank account or whether the information can be shared. When even educated people miss this, it would be too much to expect poor and near-illiterate people to be aware of this provision.

Aadhaar is slowly becoming compulsory for a wide variety of services, despite the Supreme Court ruling that this should not be done. Seeking consent for linking the Aadhaar number with the bank account means nothing when banks insist on customers providing Aadhaar numbers. Income tax assessees are being asked to provide their Aadhaar numbers from the 2015-16 assessment year.

The Election Commission is putting out advertisements asking people to link their Aadhaar numbers with their election identity cards. In Delhi, even witnesses to property-related transactions registered in courts have to provide their Aadhaar numbers. A Goa court asked UIDAI to give the Central Bureau of Investigation the bio-metrics of everyone enrolled under Aadhaar in the state to help it solve a gangrape case, as this report in the Indian Express shows.

The UIDAI may be right in saying that it only verifies if an identity is genuine, but with Aadhaar becoming compulsory for a whole host of services, what is there to stop a government agency tracking all of a person’s actions through the Aadhaar number, without even approaching UIDAI for verification? Or for someone else to do the same without hacking the CIDR?
The government may have sound reason to push Aadhaar. But it needs to address the many genuine concerns that are developing around it.

Also read: