One of the provisions in the Aadhaar Act 2016 which makes it impossible to justify its passage as a Money Bill is Section 57. It permits the “use of the Aadhaar number for establishing the identity of an individual for any purpose, whether by the state or any body corporate or person...”.
In 2013, a grouping of technology entrepreneurs got together as iSpirt—Indian Software Product Industry Roundtable. Nandan Nilekani is their mentor. Two others who stepped down from the Unique Identification Authority of India (UIDAI)—Pramod Varma, who was Chief Technology Architect of Aadhaar, and Sanjay Jain, who was Chief Product Manager—are volunteers with iSpirt and work on creating India Stack, which is a stack of applications being built on the UID platform. Their paid employment is with Ek Step, a philanthropy established by Rohini and Nandan Nilekani. They work on the stack, and, as Nilekani says in his book Rebooting India, evangelise it to the government. Some of the components of the stack were created and adopted when Nilekani was still Chairperson of the UIDAI. In 2009, even before the first enrolment, the Aadhaar Auth API (Aadhaar Authentication Application Programming Interface) was launched. In 2011 the National Payments Corporation of India (NPCI) launched the Aadhaar Payments Bridge and Aadhaar Enabled Payments System. The “National” and “India” in NPCI are misleading; established in December 2008 with N.R. Narayana Murthy as its first Chairperson, it is a company registered under the Companies Act as a non-profit, and Nandan Nilekani and Pramod Varma are honorary consultants telling the NPCI how to adopt the UID number in its working. In 2012 eKYC was launched. Then a hiatus, after which in 2015, eSign. In 2016, the Unified Payments Interface (UPI) was launched, as was the DigiLocker.
The use of fingerprint authentication has proved to be a major hurdle for large sections of people in accessing rations across the country. In Rajasthan, for instance, government records show that up to 30 per cent of the households have not been able to avail themselves of rations using their fingerprints to authenticate. That means that in these households, nobody had fingerprints that work; in the rest, there is at least one person whose fingerprints work. Since 2011, reports from various parts of the country, including Andhra Pradesh, Karnataka and Jharkhand, have confirmed this phenomenon of mass-scale denial. Connectivity problems and quality of PoS (point of sale) devices add to the travails of the poor in a system that appears to be geared to deny what is their due. The Wattal Committee (December 2016) recognises the latter two, but makes no mention of biometric failure rates, when it asks that eKYC in the digital economy should not be made to work with biometrics. Instead, it suggests that the two-factor authentication could be a One Time Password (OTP) that is sent to a registered mobile number or email address.
Two recent episodes have exposed the insecurities in the use of biometrics in the UID system.