The UIDAI has taken two successive governments in India and the entire world for a ride. It identifies nothing. It is not unique. The entire UID data has never been verified and audited. The UID cannot be used for governance, financial databases or anything. It’s use is the biggest threat to national security since independence. – Anupam Saraph 2018

When I opposed Aadhaar in 2010 , I was called a BJP stooge. In 2016 I am still opposing Aadhaar for the same reasons and I am told I am a Congress die hard. No one wants to see why I oppose Aadhaar as it is too difficult. Plus Aadhaar is FREE so why not get one ? Ram Krishnaswamy

First they ignore you, then they laugh at you, then they fight you, then you win.-Mahatma Gandhi

In matters of conscience, the law of the majority has no place.Mahatma Gandhi

“The invasion of privacy is of no consequence because privacy is not a fundamental right and has no meaning under Article 21. The right to privacy is not a guaranteed under the constitution, because privacy is not a fundamental right.” Article 21 of the Indian constitution refers to the right to life and liberty -Attorney General Mukul Rohatgi

“There is merit in the complaints. You are unwittingly allowing snooping, harassment and commercial exploitation. The information about an individual obtained by the UIDAI while issuing an Aadhaar card shall not be used for any other purpose, save as above, except as may be directed by a court for the purpose of criminal investigation.”-A three judge bench headed by Justice J Chelameswar said in an interim order.

Legal scholarUsha Ramanathandescribes UID as an inverse of sunshine laws like the Right to Information. While the RTI makes the state transparent to the citizen, the UID does the inverse: it makes the citizen transparent to the state, she says.

Good idea gone bad
I have written earlier that UID/Aadhaar was a poorly designed, unreliable and expensive solution to the really good idea of providing national identification for over a billion Indians. My petition contends that UID in its current form violates the right to privacy of a citizen, guaranteed under Article 21 of the Constitution. This is because sensitive biometric and demographic information of citizens are with enrolment agencies, registrars and sub-registrars who have no legal liability for any misuse of this data. This petition has opened up the larger discussion on privacy rights for Indians. The current Article 21 interpretation by the Supreme Court was done decades ago, before the advent of internet and today’s technology and all the new privacy challenges that have arisen as a consequence.Rajeev Chandrasekhar, MP Rajya Sabha

“What is Aadhaar? There is enormous confusion. That Aadhaar will identify people who are entitled for subsidy. No. Aadhaar doesn’t determine who is eligible and who isn’t,” Jairam Ramesh

But Aadhaar has been mythologised during the previous government by its creators into some technology super force that will transform governance in a miraculous manner. I even read an article recently that compared Aadhaar to some revolution and quoted a 1930s historian, Will Durant.Rajeev Chandrasekhar, Rajya Sabha MP

“I know you will say that it is not mandatory. But, it is compulsorily mandatorily voluntary,” Jairam Ramesh, Rajya Saba April 2017.

August 24, 2017: The nine-judge Constitution Bench rules that right to privacy is “intrinsic to life and liberty”and is inherently protected under the various fundamental freedoms enshrined under Part III of the Indian Constitution

"Never doubt that a small group of thoughtful, committed citizens can change the World; indeed it's the only thing that ever has"

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” -Edward Snowden

In the Supreme Court, Meenakshi Arora, one of the senior counsel in the case, compared it to living under a general, perpetual, nation-wide criminal warrant.

Had never thought of it that way, but living in the Aadhaar universe is like living in a prison. All of us are treated like criminals with barely any rights or recourse and gatekeepers have absolute power on you and your life.

Announcing the launch of the#BreakAadhaarChainscampaign, culminating with events in multiple cities on 12th Jan. This is the last opportunity to make your voice heard before the Supreme Court hearings start on 17th Jan 2018. In collaboration with @no2uidand@rozi_roti.

UIDAI's security seems to be founded on four time tested pillars of security idiocy

1) Denial

2) Issue fiats and point finger

3) Shoot messenger

4) Bury head in sand.

God Save India

Friday, August 5, 2016

10252 - Biometric UID/aadhaar, promised as “Civilian Application” transformed into Defence application -PRESS RELEASE

Press Release

Biometric UID/aadhaar, promised as “Civilian Application” transformed into Defence application

Centre, States & Banks violating Supreme Court’s order on biometric UID/Aadhaar Number likely to face music  

July 15, 2016: In a significant development three separate notifications on Unique Identification (UID)/Aadhaar Act has been published in the Gazette of India on 12th July 2016. One of them announces the entry into force of the Act. The three notifications and UID/Aadhaar Act, 2016 are attached for ready reference. Even after notification of 'coming into force' of UID/Aadhaar Act 2016 UID/Aadhaar cannot be made compulsory unless Hon’ble Supreme Court waives its order on request from the Union of India. Hon’ble Court’s orders are attached for ready reference.

Unless Union of India moves an application in the Hon’ble Court seeking waiver and gets an order waiving its orders, the “entry into force’ notification regarding Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 (18 of 2016) cannot become operational. 

The Constitution Bench is likely to hear all the writ petitions including Jairam Ramesh's petition because a Chief Justice of India headed five judge bench of the Court passed an order underling its "urgency". The order dated 15.10.2015 passed by the Hon’ble Supreme Court of India in the ‘UID/Aadhaar’ matter, i.e. Justice (retd.) K.S. Puttuswamy v. UOI & Ors., WP (C) No. 494/2012 and related petitions are quite relevant in this regard. It is noteworthy that UID/Aadhaar scheme is presently under challenge before the Hon’ble Supreme Court of India vide a batch of petitions led by W.P (C) 494/2012 and the Hon’ble Court after hearing the parties has passed a series of interim orders starting the 23rd September 2013 and the last of which was passed on 15.10.2015 which, inter alia, states as follows.

4.We impress upon the Union of India that it shall strictly follow all the earlier orders passed by this Court commencing from 23.09.2013.

5. We will also make it clear that the Aadhaar card Scheme is purely voluntary and it cannot be made mandatory till the matter is finally decided by this Court one way or the other.

In the related case the Hon'ble Supreme Court in SLP (CRl) 2524/2014 Unique Identification Authority of India Vs CBI passed an order dated 24.3.2014 which reads as follows:

                        “More so, no person shall be deprived of any service for want of Aadhaar number in case he/she is otherwise eligible/entitled. All the authorities are directed to modify their forms/circulars/likes so as to not compulsorily require the Aadhaar number in order to meet the requirement of the interim order passed by this Court forthwith. Tag and list the matter with main mater i.e. WP (C) No. 494/2012.”

All the orders of Supreme Court are still in force as per Court's order of 15th October, 2015 and they will remain in force till the time court itself does not waive them. The Hon’ble Court’s order makes it clear that UID/ aadhaar remains voluntary.

Therefore, no one can be asked to produce UID/Aadhaar for disbursement of all Government subsidies / Scholarships /Fellowships which are to be disbursed directly into the beneficiaries' account.

The facts relevant to UID/Aadhaar are as under:

1.         UID/Aadhaar cannot be made compulsory because of orders of Hon’ble Supreme Court
2.         Passage of the Act by Parliament does not automatically imply that any agency can make UID/Aadhaar compulsory disregarding Hon’ble Court’s orders.
3.         Even after notification of 'coming into force' of Aadhaar Act 2016 UID/Aadhaar, it cannot be made compulsory unless Hon’ble Supreme Court waives its order on request from the Union of India 

Taking cognizance of these glaring facts Central Government ought to advise its agencies, State Governments and Banks to revise their orders making UID/Aadhaar mandatory in contempt of Hon’ble Court’s unambiguous order.

In a related development Shailesh Gandhi, former Information Commissioner, Central Information Commission personally faced the adverse consequence of UID/Aadhaar based system of Unique Identification Authority of India (UIDAI). In written note dated 14th July, 2016 he observes, “If the system cannot recognize people from its database with the thumb impression, what would happen to those whose foodgrains, pension or EGS wages depend on it?  I think there is an urgent need to check over a large sample of maybe 10,000 people in different places to validate whether the system does what is claimed. Otherwise we will only have a pretension of having a system to identify every individual in the country. It is necessary that the truth be revealed by actual verification of a large sample across different parts of the nation.”

It is evident from numerous such testimonies about online UID/Aadhaar database, the Central Identities Data Repository (CIDR) of UIDAI that it is one of the most vulnerable databases. 

The making of CIDR is contrary to the principle of decentralisation in cybersecurity.  The offices for CIDR operations are at Bengaluru and Manesar.

Notably, Aadhaar Act 2016 lists breaking into CIDR as an offence but this law criminalises a technological impossibility. In a bizarre act, it provides that only UIDAI can file a complaint when the data of a resident of India is misused or abused instead of the victim of abuse.

As per Section 47, “Courts will take cognizance of offences under this Act only upon complaint being made by the UIDAI or any officer authorised by it.” This deprives the victim of a right to file complaint although Section 34 of the Act provides that “Impersonating or attempting to impersonate another person by providing false demographic or biometric information will punishable by imprisonment of up to three years, and/or fine of up to ten thousand rupees.” 

Victims cannot file complaint even when someone changes or attempts to change any demographic or biometric information of an Aadhaar number holder by impersonating another person (or attempting to do so), with the intent of i) causing harm or mischief to an Aadhaar number holder, or ii) appropriating the identity of an Aadhaar number holder although it is punishable under Section 35.

 Victims of abuse cannot file complaint in cases wherein collection of identity information is done by one not authorised by this Act, by way of pretending otherwise despite the fact that the Act makes it punishable under Section 36.

Unless authorized by UIDAI or any officer authorised by it, victims cannot file complaint even when there is “Intentional disclosure or dissemination of identity information, to any person not authorised under this Act, or in violation of any agreement entered into under this Act” under Section 37 although it is punishable.

Unless authorised by the UIDAI, the intentional acts like accessing or securing access to the CIDR; downloading, copying or extracting any data from the CIDR; introducing or causing any virus or other contaminant into the CIDR; damaging or causing damage to the data in the CIDR; disrupting or causing disruption to access to CIDR; causing denial of access to an authorised to the CIDR; revealing information in breach of (D) in Section 28, or Section 29; destruction, deletion or alteration of any files in the CIDR; stealing, destruction, concealment or alteration of any source code used by the UIDAI , will be punishable under Section 38. Even in such cases victims cannot file complaint without authorization by UIDAI.

Section 39 reads, “Tampering of data in the CIDR or removable storage medium, with the intention to modify or discover information relating to Aadhaar number holder will be punishable”. Thus, it admits that such acts are possible and imminent but the Act does not empower the victims of such tampering or removal instead it empowers UIDAI.
 While Section 40 makes “Use of identity information in violation of Section 8 (3) by a requesting entity will be punishable with imprisonment up to three years and/or a fine up to ten thousand rupees (in case of an individual), and fine up to one lakh rupees (in case of a company)”, it is incomprehensible as to how a company or an individual feel deterred by such meager punishment when they can harvest big database of personal sensitive information which is admittedly a “national asset” and “rich asset”.   
Section 43 visualize a situation wherein offences can be committed by a Company but they can be excused “if they can prove lack of knowledge of the offense or that they had exercised all due diligence to prevent it.” It also underlines the possibility of an offence committed by a Company with the consent, connivance or neglect of a director, manager, secretary or other officer of a company but they too can be excused if they can prove their ignorance, inability and inevitability.
In a stark admission of the involvement of foreign locations and persons, Section 44 states that the Act “will also apply to offences committed outside of India by any person, irrespective of their nationality, if the offence involves any data in the CIDR.”

In the meanwhile, Secretary Government of India, Ministry of Communication and Information Technology wrote a letter to the Secretary Department of Defence Production asking him to introduce Aadhaar enabled Biometric Attendance System in the department of defence production. The system would enable an employee with an Aadhaar number to register his/her attendance (arrival/ departure) in the office through biometric authentication. It also says that a web based application software system will enable online recording of attendance and that the dash board relating to real time attendance and related statistics, can be viewed by everyone.

Citizens Forum for Civil Liberties (CFCL) had sent a legal notice to Department of Electronics and Information Technology (DeitY), Ministry of Communications and Information Technology. DeitY responded stating, “Aadhaar is being used for Biometric Attendance System and this does not form part of Defence application”.   

The fact is that the application of biometric UID/Aadhaar was restricted to ‘civilian application’ and was not meant for defence application. Central Government’s Biometrics Standards Committee had categorically stated that UID/aadhaar’s is meant only for “civilian application” but the order on aadhaar enabled biometric attendance system has been extended to defence employees as well. The fact remains UID was first adopted by USA’s Department of Defence, later by NATO. It has subsequently been pushed through World Bank’s etransform Initiative in partnership with France, South Korea, Gemalto, IBM, L1, Microsoft, Intel and Pfizer. L1 was a US a company when it got a contract from UIDAI but it got purchased by French Conglomerate Safran Group after security clearance by US Government. This constitutes breach of national security as no such clearance was granted by Government of India. Some of these companies have partnership with Chinese Government as well. 

Across the globe very stringent data privacy law has been framed wherein one’s personal data cannot be used by anyone including the government without your specific consent. But in India there is no data protection law. Aadhaar is akin to a piece of collar which the transnational powers want to tie on the neck of Indian citizens. Government has allowed itself to be misled and it has failed to protect personal sensitive information which has already gone to foreign companies and continues to flow in their direction.

The entire information of the employees working in the department of defence production, which will include related statistics, will be stored online and on cloud will be available to everybody. Besides application of UID in the Department of defence production not being in national interest making it available to everyone and on the cloud, including to the foreign companies like Safran Group, its L1 Solutions, Accenture and Ernst & Young will violate the order of Hon’ble Court.  It is evident that the coverage of defence employees under Aadhaar enabled Biometric Attendance System does establish conclusively that it Aadhaar is being put to defence application contrary to the claim of DeitY.

DeitY argues, “Attendance of Govt. employees is already being maintained and the Biometric Attendance System, maintained by the attendance.gov.in is just digital equivalent of the age-old attendance register. This is part of contractual relationship between the Public Servant and the Employer, viz. the Government of India, wherein the former has consented to/agreed to the terms of service and is therefore, contractually bound to follow the rules and regulations as specified for him by his/her employer.”     

DeitY will have us believe that there is no difference between “age-old attendance register” and UID/Aadhaar enabled Biometric Attendance System.

In order to comprehend the sophistry involved in such averments, it is germane to recall the intervention of National Human Rights Commission (NHRC) in the case wherein Indian students in USA were made to wear radio collars. NHRC ensured that the government acted to ensure that the human rights of students are protected. It is germane to note that radio collar is based on biometric data like voice print. If making Indian students wear biometric radio collar constitutes an act which Government of India admitted as an act of violation of human rights, indiscriminate biometric profiling is also an act of violation of human rights. As per Section 2 (G) of Aadhaar Act 2016, “biometric information” means photograph, fingerprint, Iris scan, or any other biological attributes specified by regulations. Thus, it clearly includes biological attributes like voice print and DNA.

If UID/Aadhaar enabled Biometric Attendance System is indeed a “digital equivalent” of “age-old attendance register”, why did NHRC object to radio collar which can also be argued by sophists to be “digital equivalent”. If the “digital equivalent” means biometric equivalent as well then it makes DNA based identity and attendance will also be deemed equivalent to “age-old attendance register”. It is quite evident that such is deeply misleading.       

Coincidentally, NHRC’s views on National Identification Authority of India Bill, 2010 (Aadhaar Bill, 2010) helped Parliamentary Standing Committee on Finance in its recommendation to trash the Bill and the biometric data based UID/Aadhaar programme. Fearing further censure from Rajya Sabha, the Central Government withdrew the pre-existing Aadhaar Bill from Rajya Sabha and inappropriately introduced the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 as a Money Bill. It faces legal challenge in the Hon’ble Supreme Court.                   

There is a logical compulsion for withdrawing the letter and all consequential letters by which UID is made applicable to defence application i.e. Department of Defence Production in the interest of supreme national security.

It is possible that such civilian and non-civilian applications are being bulldozed by some commercial entities in order to store and read biometric and DNA script of Indian population in the aftermath of the sequencing of Human Genome for epigenetics, medicine, big data, social control, inheritance, eugenics and genetic determinism.  

Under the tremendous influence and unprecedented onslaught from unregulated and ungovernable technology companies, Central Government and State Governments have failed to national security and safeguard citizens’ privacy which is part of their right to life. The role of opposition parties of all shades leaves a lot to be desired because their State governments are naively implementing a project which a grave threat to federalism as well. The sterile political and legal imagination of opposition parties is a case study.  

As to the ruling parties, it has righty been said that “Office-holding is a necessary but not a sufficient condition of governing.” In The Problem of Party Government, Prof Richard Rose wrote, “Where life of party politics does not affect government policy, the accession of a new party to office is little more significant than the accession of a new monarch; the party reigns but does not rule.” The colossal breach of trust by BJP on the issue of UID/Aadhaar demonstrates how a party reigns but fails to rule.  

In such a backdrop, all eyes are on Supreme Court because a Bench of five judge headed by Chief Justice of India ordered:  "Since there is some urgency in the matter, we request the learned Chief Justice of India to constitute a Bench for final hearing of these matters at the earliest" in its order dated 15th October, 2015 in the Writ Petition(s) (Civil) No(s). 494/2012 wherein a former judge, a former defence scientist and a former Major General from engineering branch are among the petitioners in supreme national interest.

The concerns against indiscriminate biometric identification of Indians was raised by Justice VR Krishna Iyer, Retired Judge, Supreme Court of India, S R Sankaran, retired IAS Officer, Prof. Romila Thapar, Prof. Upendra Baxi and other eminent citizens in a Statement of Concerns dated September, 2010. Their views have been reiterated in August 2015 in a Public Statement by Prof. Anil Sadgopal, noted educationist, Prof. Kalpana Kannabiran and other concerned citizens.

At a brainstorming cum workshop on “Understanding Aadhaar and its New Challenges” held at the Centre for Studies in Science Policy, Jawaharlal Nehru University in May, 2016, the scholars critically examined the robustness of the official discourse and the current status of the project, the technology, the law, the constitutional position and the safeguards. It explored the implications of the exploitation of biometrics (facial recognition, fingerprints and iris) for identification of individuals and authentication of their identities and underlined how UID/Aadhaar presents new scientific, technological as well as social and political challenges.

CFCL has been working on the issue of surveillance and biometric Unique Identification (UID) Number branded as “Aadhaar” since 2010. It had appeared as an expert to give testimony in front of Parliamentary Standing Committee on Finance which examined the National Identification Authority of India Bill, 2010 (Aadhaar Bill, 2010).

For Details: Gopal Krishna, Citizens Forum for Civil Liberties (CFCL)*, Mb: 08227816731, 09818089660, E-mail-1715krishna@gmail.com  *A series of articles on the subject are available at http://www.moneylife.in/author/gopal-krishna.html

P.S.: MS Word version of the release is attached