The UIDAI has taken two successive governments in India and the entire world for a ride. It identifies nothing. It is not unique. The entire UID data has never been verified and audited. The UID cannot be used for governance, financial databases or anything. It’s use is the biggest threat to national security since independence. – Anupam Saraph 2018

When I opposed Aadhaar in 2010 , I was called a BJP stooge. In 2016 I am still opposing Aadhaar for the same reasons and I am told I am a Congress die hard. No one wants to see why I oppose Aadhaar as it is too difficult. Plus Aadhaar is FREE so why not get one ? Ram Krishnaswamy

First they ignore you, then they laugh at you, then they fight you, then you win.-Mahatma Gandhi

In matters of conscience, the law of the majority has no place.Mahatma Gandhi

“The invasion of privacy is of no consequence because privacy is not a fundamental right and has no meaning under Article 21. The right to privacy is not a guaranteed under the constitution, because privacy is not a fundamental right.” Article 21 of the Indian constitution refers to the right to life and liberty -Attorney General Mukul Rohatgi

“There is merit in the complaints. You are unwittingly allowing snooping, harassment and commercial exploitation. The information about an individual obtained by the UIDAI while issuing an Aadhaar card shall not be used for any other purpose, save as above, except as may be directed by a court for the purpose of criminal investigation.”-A three judge bench headed by Justice J Chelameswar said in an interim order.

Legal scholarUsha Ramanathandescribes UID as an inverse of sunshine laws like the Right to Information. While the RTI makes the state transparent to the citizen, the UID does the inverse: it makes the citizen transparent to the state, she says.

Good idea gone bad
I have written earlier that UID/Aadhaar was a poorly designed, unreliable and expensive solution to the really good idea of providing national identification for over a billion Indians. My petition contends that UID in its current form violates the right to privacy of a citizen, guaranteed under Article 21 of the Constitution. This is because sensitive biometric and demographic information of citizens are with enrolment agencies, registrars and sub-registrars who have no legal liability for any misuse of this data. This petition has opened up the larger discussion on privacy rights for Indians. The current Article 21 interpretation by the Supreme Court was done decades ago, before the advent of internet and today’s technology and all the new privacy challenges that have arisen as a consequence.Rajeev Chandrasekhar, MP Rajya Sabha

“What is Aadhaar? There is enormous confusion. That Aadhaar will identify people who are entitled for subsidy. No. Aadhaar doesn’t determine who is eligible and who isn’t,” Jairam Ramesh

But Aadhaar has been mythologised during the previous government by its creators into some technology super force that will transform governance in a miraculous manner. I even read an article recently that compared Aadhaar to some revolution and quoted a 1930s historian, Will Durant.Rajeev Chandrasekhar, Rajya Sabha MP

“I know you will say that it is not mandatory. But, it is compulsorily mandatorily voluntary,” Jairam Ramesh, Rajya Saba April 2017.

August 24, 2017: The nine-judge Constitution Bench rules that right to privacy is “intrinsic to life and liberty”and is inherently protected under the various fundamental freedoms enshrined under Part III of the Indian Constitution

"Never doubt that a small group of thoughtful, committed citizens can change the World; indeed it's the only thing that ever has"

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” -Edward Snowden

In the Supreme Court, Meenakshi Arora, one of the senior counsel in the case, compared it to living under a general, perpetual, nation-wide criminal warrant.

Had never thought of it that way, but living in the Aadhaar universe is like living in a prison. All of us are treated like criminals with barely any rights or recourse and gatekeepers have absolute power on you and your life.

Announcing the launch of the#BreakAadhaarChainscampaign, culminating with events in multiple cities on 12th Jan. This is the last opportunity to make your voice heard before the Supreme Court hearings start on 17th Jan 2018. In collaboration with @no2uidand@rozi_roti.

UIDAI's security seems to be founded on four time tested pillars of security idiocy

1) Denial

2) Issue fiats and point finger

3) Shoot messenger

4) Bury head in sand.

God Save India

Monday, October 5, 2015

8820 - Time to replace Digital Gods with the people of India - Anupam Saraph - Sunday Guardian

By ANUPAM SARAPH | 3 October, 2015

An operator works while registering villagers in Rajasthan to the Unique Identification System in 2013. REUTERS

Every Indian should be made an active part of the nation building process.


Two days ago, my computer prompted me for the password of my Apple ID to update software I had purchased earlier from the App Store. It was not a fun moment when it rejected my password and told me my ID had been locked for security reasons. I was further not amused when after being prompted to reset my password through a link, the website reported that no such Apple ID existed in their database. 

Without my Apple ID, my apple devices are as good as a lock without a key. Who owns my Apple ID and all the purchases I had made with it in the Apple Store? Do I now have any rights over the digital assets I purchased from Apple as Apple declares me an unknown entity? Without rights over the purchased software, music, and books, is my Apple worth the money I paid for it? 

Encryption, or using algorithms to code your digital assets so no one can read them, is usually asserted as the catch-all for security issues. Apple, like most others, stores Apple Ids in encrypted form. This has not prevented 12 million Apple Ids to have been hacked in 2012, thanks to the very apps that run on Apple machines. 

In digital India, the loss of your Aadhaar may mean not only the loss of your digital assets with the government: your passport, driver’s license, and certificates, but also your virtual existence. 

Thankfully, I don’t have an Aadhaar number, however, I have no way of knowing if the UIDAI generated one without telling me when I renewed my passport. I might be in for a rude shock some day if using this Aadhaar number all my digital assets are stolen. I may not even be worth my biometric.

Thanks to the digital assets they build, Facebook, Twitter, WhatsApp and Aadhaar may decide who owns your digital assets. More importantly, they may expose who owns you. The bank that boasts of apps to store your real assets digitally, may one day fail to recognise you in their database. It’s not going to be a high point of your life to assert your right to your digital assets. Banks insisting on linking Aadhaar to your bank account despite the Supreme Court’s directives to the contrary is a sure way to test your relationship with lady luck. 

Who is the custodian of your digital assets? Do you have a strategy to de-risk and protect yourself from modern messiahs promising the wonders of the digital age? Is it really worth the risk to have your smartphone run your life?


By designing an API to expose IDs and encouraging developers to use it, Apple has ensured that there are literally thousands of databases linking IDs to sensitive user information on the net. A leak from any one of these — or worse, a large-scale de-anonymisation — inevitably has serious consequences, leading to users losing their digital assets. 68% of apps silently send Apple’s IDs to servers on the Internet. This is often accompanied by information on how, when and where the device is used. Users have no way to stop their device from offering their Apple ID, telling who their data is being sent to, or even telling that it’s happening at all. Android users are no safer, leaving their information just as exposed after downloading apps from the Playstore. 

The UIDAI has been designing APIs to expose IDs and encouraging developers to use it to build apps around it — particularly, financial apps and payment systems that transfer money from one Aadhaar number to another. With the Aadhaar numbers being widely copied and distributed across the country, there is no way to tell where your Aadhaar number was used by whom through what API, exposing your digital assets to be completely siphoned off. 

Like most of us, the government neither knows of nor has an inventory of its digital assets. Certifying or appostiling digital assets is unheard of. Whether it is survey of maps of India, passports, birth certificates or even Aadhaar numbers, the government knows no way to certify, verify and audit its digital assets.

As a technology fix, the babus in the Department of Electronics and Information Technology (calling themselves DEITY) decided to invoke Section 84A of the IT Act that allows them to specify the modes or methods of encryption. Instead, they came up with a rulebook for users of technology requiring the storage of encrypted data in text form for at least 90 days to enable any government officer to inspect. Even stranger, and refusing to walk their talk, the draft rules were deleted from public view when there was an outcry on social media and replaced by an addendum clarifying some apps like WhatsApp would be exempted from this requirement. Now even the addendum has been deleted in much less than 90 days.

Trust in the administration to unleash a Digital India may prove to be misplaced. The “DEITY” has failed to even create and maintain a database of the government’s digital assets. It has no policy or programmes to authenticate, certify or audit digital assets. Even what is now their programme, the Aadhaar is neither certified nor authenticated. 

In fact it is nothing more than a random number assigned to random data submitted by private parties. At best their solutions are mere technology fixes addressing only symptoms, whether it is the use of Aadhaar or the smart city initiatives. 

Stranger than fiction is the constant push to destroy net neutrality. Equally inexplicable is the move to make cities smart through apps which have no understanding of urban dynamics and rely on fixes that have failed for 68 years of urbanisation in India. 

Clearly, those driving the dream of Digital India for the Prime Minister need to understand the design of resilient systems and the dynamics of social change. For in the global marketplace, there are other interests at play than the interest of India and Indians. PM Modi took a bold decision when he replaced the Planning Commission of India. He now needs to reconfigure the Indian Administrative Service as the Indian Public Service. There must be the opportunity to involve every Indian for at least five years of their life in nation building. Prime Minister Modi will hopefully take the opportunity to make it the government of the people with minimum government. The PM must replace the Digital Gods with the people of the country to ensure swarajya and surajya.

Anupam Saraph is a Professor, Future Designer, former governance and IT adviser to former Goa Chief Minister Manohar Parrikar and the Global Agenda Councils of the World Economic Forum.