The UIDAI has taken two successive governments in India and the entire world for a ride. It identifies nothing. It is not unique. The entire UID data has never been verified and audited. The UID cannot be used for governance, financial databases or anything. It’s use is the biggest threat to national security since independence. – Anupam Saraph 2018

When I opposed Aadhaar in 2010 , I was called a BJP stooge. In 2016 I am still opposing Aadhaar for the same reasons and I am told I am a Congress die hard. No one wants to see why I oppose Aadhaar as it is too difficult. Plus Aadhaar is FREE so why not get one ? Ram Krishnaswamy

First they ignore you, then they laugh at you, then they fight you, then you win.-Mahatma Gandhi

In matters of conscience, the law of the majority has no place.Mahatma Gandhi

“The invasion of privacy is of no consequence because privacy is not a fundamental right and has no meaning under Article 21. The right to privacy is not a guaranteed under the constitution, because privacy is not a fundamental right.” Article 21 of the Indian constitution refers to the right to life and liberty -Attorney General Mukul Rohatgi

“There is merit in the complaints. You are unwittingly allowing snooping, harassment and commercial exploitation. The information about an individual obtained by the UIDAI while issuing an Aadhaar card shall not be used for any other purpose, save as above, except as may be directed by a court for the purpose of criminal investigation.”-A three judge bench headed by Justice J Chelameswar said in an interim order.

Legal scholarUsha Ramanathandescribes UID as an inverse of sunshine laws like the Right to Information. While the RTI makes the state transparent to the citizen, the UID does the inverse: it makes the citizen transparent to the state, she says.

Good idea gone bad
I have written earlier that UID/Aadhaar was a poorly designed, unreliable and expensive solution to the really good idea of providing national identification for over a billion Indians. My petition contends that UID in its current form violates the right to privacy of a citizen, guaranteed under Article 21 of the Constitution. This is because sensitive biometric and demographic information of citizens are with enrolment agencies, registrars and sub-registrars who have no legal liability for any misuse of this data. This petition has opened up the larger discussion on privacy rights for Indians. The current Article 21 interpretation by the Supreme Court was done decades ago, before the advent of internet and today’s technology and all the new privacy challenges that have arisen as a consequence.Rajeev Chandrasekhar, MP Rajya Sabha

“What is Aadhaar? There is enormous confusion. That Aadhaar will identify people who are entitled for subsidy. No. Aadhaar doesn’t determine who is eligible and who isn’t,” Jairam Ramesh

But Aadhaar has been mythologised during the previous government by its creators into some technology super force that will transform governance in a miraculous manner. I even read an article recently that compared Aadhaar to some revolution and quoted a 1930s historian, Will Durant.Rajeev Chandrasekhar, Rajya Sabha MP

“I know you will say that it is not mandatory. But, it is compulsorily mandatorily voluntary,” Jairam Ramesh, Rajya Saba April 2017.

August 24, 2017: The nine-judge Constitution Bench rules that right to privacy is “intrinsic to life and liberty”and is inherently protected under the various fundamental freedoms enshrined under Part III of the Indian Constitution

"Never doubt that a small group of thoughtful, committed citizens can change the World; indeed it's the only thing that ever has"

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” -Edward Snowden

In the Supreme Court, Meenakshi Arora, one of the senior counsel in the case, compared it to living under a general, perpetual, nation-wide criminal warrant.

Had never thought of it that way, but living in the Aadhaar universe is like living in a prison. All of us are treated like criminals with barely any rights or recourse and gatekeepers have absolute power on you and your life.

Announcing the launch of the#BreakAadhaarChainscampaign, culminating with events in multiple cities on 12th Jan. This is the last opportunity to make your voice heard before the Supreme Court hearings start on 17th Jan 2018. In collaboration with @no2uidand@rozi_roti.

UIDAI's security seems to be founded on four time tested pillars of security idiocy

1) Denial

2) Issue fiats and point finger

3) Shoot messenger

4) Bury head in sand.

God Save India

Tuesday, April 11, 2017

11020 - Aadhaar is a civil liberties issue: What India can learn from countries that resisted biometric databases - First Post

By Aditya Madanapalle /  10 Apr 2017 , 13:35

Despite several concerns over the Aadhaar database, the Government is increasingly making the card a necessity for the daily lives of Indians. There is little choice for citizens who want to avoid giving their biometric data to the Government. Applying for a PAN card, filing income tax returns, getting a drivers license, and using a SIM card will all soon require an Aadhaar card.
The security concerns are over the creation of the largest centralised database with biometric information in the world. As of March 2017, there are 113 crore people with Aadhaar numbers. The Government has created a honeypot, a high value target especially for state sponsored hackers. On 5 March 2017, the UIDAI assured the people that the Aadhaar database was safe following an attempt at multiple fraudulent transactions using the same biometrics.

@rsprasad Sir personal information filled in form is leaked !

@rsprasad Sir I m talking about the application which was tweeted along with picture by @CSCegov_ pic.twitter.com/EHYwzfzfKR

On 28 March 2017, cricketer MS Dhoni’s personal details were leaked by an enthusiastic employee at an Aadhaar enrollment center. The IT Minister Ravi Shankar Prasad said that the Aadhaar database is secure, and that harsh action would be taken against the agency. The collection center was banned for 10 years. Referring to the same incident, Minister of State for Electronics and IT P P Chaudhary, in the Lok Sabha, said, “I would like to inform that there is no question of leakage of Aadhaar data from the Aadhaar system. There is no leakage and it cannot be.”
In an interview with CNBC TV18, Ajay Bhushan Panday, CEO of UIDAI acknowledged that the database can potentially be breached, saying “there is nothing called fully secure and absolutely security”. However, Bhushan pointed out the flawless record of the Aadhaar database so far. Arun Jaitley responded to concerns over data breaches by saying that the possibility of hacking is no reason to not use new technologies. “If firewalls can be broken, and hacking can be done, it will be done whether Aadhaar is there or not. Don’t say it is due to Aadhaar”, Jaitley said in the Rajya Sabha.

Jaitley said “If technology can be breached, doesn’t mean we shouldn’t use technology.”
If there is no Aadhaar database, it cannot be hacked. The security concerns are only part of the problem with a centralised biometric database. The other problem is a matter of privacy. The database is there with the government, and can potentially be used or abused in new and inventive ways. The potential for surveillance is chilling and enormous. The government is collecting intimate details about the bodies of the people, which can easily be put to use for purposes other than why it was handed over to the government.

A Goa court ordered the UIDAI to share details of all individuals enrolled in the Aadhaar scheme with the Central Bureau of Investigation. The ruling was despite a clause in the Aadhaar act that only allows the biometric information to be used after the individual has given consent for such use. Biometrics systems are not absolutely foolproof, and the UIDAI themselves showed that there was a 0.057 percent possibility of a false positive. The lack of dedicated privacy and database security laws in India exacerbate the problem.

An operator arranges the Unique Identification (UID) documents submitted by people for their enrolment in the desert Indian state of Rajasthan. Image: Reuters/Mansi Thapliyal

For security and privacy reasons, there has been fierce opposition to centralised biometric databases by countries, which is the reason many developed economies do not have a system that is similar to Aadhaar. National identity databases with biometric data has been fiercely opposed in the United Kingdom, United States, Canada, France and Australia.

United Kingdom: In 2006, the United Kingdom passed the National Identity Card Act. The act introduced a mandatory identification card, and collected biometric data in the National Identity Register. After five years, the act was repealed, and the National Identity Register was destroyed. Over 500 hard disks were shredded and incinerated. Home Office minister Damian Green, who helped shred the hard disks, said “Laying ID cards to rest demonstrates the government’s commitment to scale back the power of the state and restore civil liberties.”

United States: Following the 9/11 terrorist attacks in the United States, there was a proposal for a national identity card linked to a biometric database, a system that some believe could have prevented the deadly attacks. The American Civil Liberties Union (ACLU) opposed the proposal, pointing out that such a card would be quickly adopted for other authentication procedures and purposes, placing the government in the centre of the daily lives of citizens.

A broad coalition urged the then President Barack Obama and the Congress against the implementation of a national ID that collected biometric information in a single database. ACLU was supported by the Center for Digital Democracy, Consumer Federation of America, Electronic Frontier Foundation, Privacy International and the World Privacy Forum, among others.

Canada: There were efforts to introduce a national identity card for Canada as well, following the 9/11 attacks in the United States. The Office of the Privacy Commissioner of Canada opposed the move saying that the database would contain more information than necessary for verification and authentication purposes. A centralised database could also potentially harm the relationship between the state and its citizens. The project was ultimately shelved because of the high costs involved in creating and maintaining the systems and database.

Ghewar Ram (R), 55, and his wife Champa Devi, 54, display their Unique Identification (UID) cards. Image: Reuters/Mansi Thapliyal

One of the main concerns was that a national identity card system was not enough to curb terrorism, and that the database itself would have been an attractive target for cyber terrorists. In cases of identity theft, it would have been difficult for the compromised parties to prove that theirs is the real identity. The Office of the Privacy Commissioner of Canada was opposed to using data analysis of vast databases of transactions to identify terrorism linked activities, as such a system would be highly invasive and contrary to established protections for civil liberties.

Australia: Australia has managed to repeatedly avoid efforts by the government to implement invasive multi purpose national identity programs. The Australian Privacy Foundation maintains a list of all the previous times this has taken place. Following the London bombings in mid 2005, there were renewed efforts at introducing a national identity card for Australians. The Government took stock of the benefits of such a project, and decided against a national identity card because the disadvantages were found to be many, with few advantages.

France: In France, there were efforts to link a national identity system with biometric passports, creating a central database with the biometric information of over 60 million French nationals. The move was an effort to reduce instances of documentary fraud. The attempt was considered outdated, and disrespectful towards the rights and freedoms of the citizens of France.
The Conseil national du numérique, a body that advises on the official use of digital technologies opposed the move by the Government, noting that the very existence of a centralised database invites use for other purposes than originally intended. The opposition for the creation of the database was strong, as such a database would end up being a high value target for adversaries. There were alternatives available, that prevented fraud and impersonation, and at the same time maintained the privacy of individuals without putting their sensitive information at risk.

               Aadhaar enrollment. Image: Reuters

The Electronic Frontier Foundation advises public opposition to any government that attempts to set up a centralised database with biometric data. The Foundation points out that geolocation tracking, facial recognition, and mass video surveillance networks linked to national biometric databases can potentially lead to pervasive surveillance systems. The authorities issuing such cards automatically have more power to curtail civil liberties. The Foundation condemns the use of biometric data for e-governance services, law enforcement and private sector activities.

The citizens of the country are being forced to use Aadhaar, whether they trust it or not. The way Aadhaar has been set up, using a fingerprint scanner to authenticate a transaction is as good as giving out your banking password to the seller. There is a transfer of power from the population to the state with the creation of the Aadhaar database.

The privacy situation is getting increasingly worrying, as the Government is creating a system that can is capable of mass surveillance, which can be used against the people. The UIDAI cannot dodge the responsibility for a broken Aadhaar ecosystem by repeatedly and constantly maintaining that the central database is safe.

Publish date: April 10, 2017 1:35 pm| Modified date: April 10, 2017 5:09 pm