The UIDAI has taken two successive governments in India and the entire world for a ride. It identifies nothing. It is not unique. The entire UID data has never been verified and audited. The UID cannot be used for governance, financial databases or anything. It’s use is the biggest threat to national security since independence. – Anupam Saraph 2018

When I opposed Aadhaar in 2010 , I was called a BJP stooge. In 2016 I am still opposing Aadhaar for the same reasons and I am told I am a Congress die hard. No one wants to see why I oppose Aadhaar as it is too difficult. Plus Aadhaar is FREE so why not get one ? Ram Krishnaswamy

First they ignore you, then they laugh at you, then they fight you, then you win.-Mahatma Gandhi

In matters of conscience, the law of the majority has no place.Mahatma Gandhi

“The invasion of privacy is of no consequence because privacy is not a fundamental right and has no meaning under Article 21. The right to privacy is not a guaranteed under the constitution, because privacy is not a fundamental right.” Article 21 of the Indian constitution refers to the right to life and liberty -Attorney General Mukul Rohatgi

“There is merit in the complaints. You are unwittingly allowing snooping, harassment and commercial exploitation. The information about an individual obtained by the UIDAI while issuing an Aadhaar card shall not be used for any other purpose, save as above, except as may be directed by a court for the purpose of criminal investigation.”-A three judge bench headed by Justice J Chelameswar said in an interim order.

Legal scholarUsha Ramanathandescribes UID as an inverse of sunshine laws like the Right to Information. While the RTI makes the state transparent to the citizen, the UID does the inverse: it makes the citizen transparent to the state, she says.

Good idea gone bad
I have written earlier that UID/Aadhaar was a poorly designed, unreliable and expensive solution to the really good idea of providing national identification for over a billion Indians. My petition contends that UID in its current form violates the right to privacy of a citizen, guaranteed under Article 21 of the Constitution. This is because sensitive biometric and demographic information of citizens are with enrolment agencies, registrars and sub-registrars who have no legal liability for any misuse of this data. This petition has opened up the larger discussion on privacy rights for Indians. The current Article 21 interpretation by the Supreme Court was done decades ago, before the advent of internet and today’s technology and all the new privacy challenges that have arisen as a consequence.Rajeev Chandrasekhar, MP Rajya Sabha

“What is Aadhaar? There is enormous confusion. That Aadhaar will identify people who are entitled for subsidy. No. Aadhaar doesn’t determine who is eligible and who isn’t,” Jairam Ramesh

But Aadhaar has been mythologised during the previous government by its creators into some technology super force that will transform governance in a miraculous manner. I even read an article recently that compared Aadhaar to some revolution and quoted a 1930s historian, Will Durant.Rajeev Chandrasekhar, Rajya Sabha MP

“I know you will say that it is not mandatory. But, it is compulsorily mandatorily voluntary,” Jairam Ramesh, Rajya Saba April 2017.

August 24, 2017: The nine-judge Constitution Bench rules that right to privacy is “intrinsic to life and liberty”and is inherently protected under the various fundamental freedoms enshrined under Part III of the Indian Constitution

"Never doubt that a small group of thoughtful, committed citizens can change the World; indeed it's the only thing that ever has"

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” -Edward Snowden

In the Supreme Court, Meenakshi Arora, one of the senior counsel in the case, compared it to living under a general, perpetual, nation-wide criminal warrant.

Had never thought of it that way, but living in the Aadhaar universe is like living in a prison. All of us are treated like criminals with barely any rights or recourse and gatekeepers have absolute power on you and your life.

Announcing the launch of the#BreakAadhaarChainscampaign, culminating with events in multiple cities on 12th Jan. This is the last opportunity to make your voice heard before the Supreme Court hearings start on 17th Jan 2018. In collaboration with @no2uidand@rozi_roti.

UIDAI's security seems to be founded on four time tested pillars of security idiocy

1) Denial

2) Issue fiats and point finger

3) Shoot messenger

4) Bury head in sand.

God Save India

Monday, March 14, 2016

9515 - AADHAAR Cuts Into Personal Privacy and National Security - The Citizen.In

Sunday, March 13,2016

MYSORE: The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Bill, 2016 (“Aadhaar Bill”, for short) was passed in the Lok Sabha on March 11, 2016, as a money bill, a stratagem clearly meant to prevent delay in the Rajya Sabha, where the BJP does not command a majority.

Leaving aside the questionable stratagem, the Aadhaar Bill leaves much to be desired, especially considering its troubled “history” ever since the beginning of the Aadhaar scheme. In particular, according to this writer, two of the major issues involved are personal privacy and national security.

At present there is no law on privacy, but in Rajagopal Vs. State of Tamil Nadu (1994), the Supreme Court opined that privacy is inherent in an individual's right to personal liberty. Also, Section 8(1)(j) of the RTI Act 2005, protects the private individual against unwarranted invasion of his/her privacy, proof enough that privacy is a right even if it is not a fundamental right.

On whether privacy is a fundamental right, the Government of India succeeded in convincing a 3-Judge Supreme Court bench hearing a bunch of petitions challenging Aadhaar on multifarious grounds, that privacy is important enough an issue to warrant consideration by a Constitution bench.

There is little doubt that mass surveillance for suspicion-less, untargeted snooping into people's private spaces to identify a possible threat to security, is questionable.

The privacy issue was brought to international attention in 2013, with the US admitting that its National Security Agency had been clandestinely collecting billions of pieces of information worldwide including personal data and emails from computer networks and telephones. India was one of USA's many surveillance targets.

Today, the technical capability of shadowy intelligence agencies for mass surveillance to collect, sort and process enormous quantities of data or meta-data has multiplied enormously. Hacking into databases for data is not very difficult for a person with the necessary motivation, skills and time, and it is quipped that systems are hack-proof only until the first hack.

Cyber security concerns in the face of clandestine, untargeted surveillance are not only about national security but also citizens' right to privacy.

Whether or not it succeeds in its declared primary aim of targeted welfare services for the poor, Aadhaar enables surveillance and tracking. Aadhaar promoters claim that access to its data base will not be permitted to any agency, and will be secure from intelligence agencies that spy on citizens. 

This claim is questionable since, according to its website, UIDAI contracted to receive technical support for biometric capture devices, from L-1 Identity Solutions, Inc. (now MorphoTrust USA), a US-based intelligence and surveillance corporation. 

According to the corporation's website, its top executives are acknowledged experts in the US intelligence community. Other companies awarded contracts for key aspects of the Aadhaar project, are Accenture Services Pvt Ltd (implementation of Biometric Solution for UIDAI) which works with US Homeland Security, and Ernst & Young (setting up of Central Identities Data Repository (CIDR) and Selection of Managed Service Provider (MSP)).

It is difficult to have confidence in the security of sensitive national information when the technical provider which creates, holds or manages the database is a business corporation with strong connections to foreign intelligence organizations.

Furthermore US corporations are mandated by US law to reveal to the US government, information obtained during their legitimate operations, when called upon to do so. The extent to which India's cyber security has been already invaded by surveillance is not even known, and when the security of the Aadhaar system is not water-tight, compromise of the Aadhaar system's security will tantamount to compromise of national security.

When the cyber systems of high-security organizations like USA's NASA or India's DRDO have been repeatedly hacked, UIDAI's self-certification of its database security rings hollow. As far as institutional cyber security in India is concerned, barring one database protected by an indigenously developed network security system, official databases in India, including Aadhaar's Central ID Repository (CIDR), are protected by purchased commercial network security and cryptographic products.

There is little need to emphasise the vulnerability of the Aadhaar database to access by unauthorized persons/agencies for data destruction, corruption or simply copying by surveillance or hacking. The effect on individual privacy is unquestionably adverse.

Intelligence agencies operate by conducting general surveillance on citizens in public places and linking this with personal information available in various databases maintained by banks, income tax offices, ration cards, electoral rolls, airline and railway ticketing, internet and telecom service providers, etc. 

Since the Aadhaar number is “seeded” in these various data bases, Aadhaar itself will inevitably be at the core of a system to enable profiling and tracking of any and every private individual. Therefore Aadhaar is a prize target for intelligence agencies to hack or surveil to acquire data to invade individual privacy and compromise national security.
There have been a host of objections – especially including those of privacy and security – to the Aadhaar scheme itself since its inception, with several petitions still pending before the Supreme Court.

The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Bill, 2016, does nothing to address those objections including especially those articulated unambiguously and vigorously by the Parliamentary Standing Committee on Finance headed by Yashwant Sinha, in December 2011.

In particular, the Aadhaar Bill fails to address the serious systemic issues of national security and individual privacy and indeed, the word “privacy” is absent from its text. However, concerning the security and confidentiality of information, the value of individual privacy is indirectly acknowledged in Section 33(2), by specifying that an individual's Aadhaar number, and biometric and demographic information may be revealed in the interest of national security, only by a specially authorized officer not below the rank of Joint Secretary of the Government of India. Yet here again, the interpretation of the term “national interest” remains at the sole discretion of a bureaucrat.

Further, the Aadhaar Bill omits to explicitly state whether enrolling into the Aadhaar scheme is “mandatory” or “not mandatory”. This can be interpreted as a deliberate omission to justify the on-going coercive enrolment into the Aadhaar scheme. The effect of the final order of the Supreme Court on this omission remains to be seen.

The several issues pleaded in the outstanding petitions before the Supreme Court and the outcome of the privacy issue placed before a Constitutional bench will surely have a bearing on the details of the Aadhaar Bill if not on its structure. Thus, ramming the Aadhaar Bill through the Lok Sabha without waiting for the Supreme Court to give its orders may result in unnecessary litigation, besides exposing lack of respect for transparent democratic procedures.

Notwithstanding, genuine national interest may dictate that laws on data/digital privacy protection and cyber security be urgently enacted and linked with the Aadhaar Bill, before it becomes operational in the public sphere.

( Major General S.G. Vombatkere, VSM, retired in 1996 as Additional DG Discipline & Vigilance in Army HQ AG's Branch. President of India awarded him Visishta Seva Medal in 1993 for distinguished service rendered in the high-altitude region of Ladakh. He holds a PhD degree in Structural Dynamics from I.I.T, Madras. With over 470 published papers in national and international journals and seminars, his area of interest remains strategic and development-related issues.)