The UIDAI has taken two successive governments in India and the entire world for a ride. It identifies nothing. It is not unique. The entire UID data has never been verified and audited. The UID cannot be used for governance, financial databases or anything. It’s use is the biggest threat to national security since independence. – Anupam Saraph 2018

When I opposed Aadhaar in 2010 , I was called a BJP stooge. In 2016 I am still opposing Aadhaar for the same reasons and I am told I am a Congress die hard. No one wants to see why I oppose Aadhaar as it is too difficult. Plus Aadhaar is FREE so why not get one ? Ram Krishnaswamy

First they ignore you, then they laugh at you, then they fight you, then you win.-Mahatma Gandhi

In matters of conscience, the law of the majority has no place.Mahatma Gandhi

“The invasion of privacy is of no consequence because privacy is not a fundamental right and has no meaning under Article 21. The right to privacy is not a guaranteed under the constitution, because privacy is not a fundamental right.” Article 21 of the Indian constitution refers to the right to life and liberty -Attorney General Mukul Rohatgi

“There is merit in the complaints. You are unwittingly allowing snooping, harassment and commercial exploitation. The information about an individual obtained by the UIDAI while issuing an Aadhaar card shall not be used for any other purpose, save as above, except as may be directed by a court for the purpose of criminal investigation.”-A three judge bench headed by Justice J Chelameswar said in an interim order.

Legal scholarUsha Ramanathandescribes UID as an inverse of sunshine laws like the Right to Information. While the RTI makes the state transparent to the citizen, the UID does the inverse: it makes the citizen transparent to the state, she says.

Good idea gone bad
I have written earlier that UID/Aadhaar was a poorly designed, unreliable and expensive solution to the really good idea of providing national identification for over a billion Indians. My petition contends that UID in its current form violates the right to privacy of a citizen, guaranteed under Article 21 of the Constitution. This is because sensitive biometric and demographic information of citizens are with enrolment agencies, registrars and sub-registrars who have no legal liability for any misuse of this data. This petition has opened up the larger discussion on privacy rights for Indians. The current Article 21 interpretation by the Supreme Court was done decades ago, before the advent of internet and today’s technology and all the new privacy challenges that have arisen as a consequence.Rajeev Chandrasekhar, MP Rajya Sabha

“What is Aadhaar? There is enormous confusion. That Aadhaar will identify people who are entitled for subsidy. No. Aadhaar doesn’t determine who is eligible and who isn’t,” Jairam Ramesh

But Aadhaar has been mythologised during the previous government by its creators into some technology super force that will transform governance in a miraculous manner. I even read an article recently that compared Aadhaar to some revolution and quoted a 1930s historian, Will Durant.Rajeev Chandrasekhar, Rajya Sabha MP

“I know you will say that it is not mandatory. But, it is compulsorily mandatorily voluntary,” Jairam Ramesh, Rajya Saba April 2017.

August 24, 2017: The nine-judge Constitution Bench rules that right to privacy is “intrinsic to life and liberty”and is inherently protected under the various fundamental freedoms enshrined under Part III of the Indian Constitution

"Never doubt that a small group of thoughtful, committed citizens can change the World; indeed it's the only thing that ever has"

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” -Edward Snowden

In the Supreme Court, Meenakshi Arora, one of the senior counsel in the case, compared it to living under a general, perpetual, nation-wide criminal warrant.

Had never thought of it that way, but living in the Aadhaar universe is like living in a prison. All of us are treated like criminals with barely any rights or recourse and gatekeepers have absolute power on you and your life.

Announcing the launch of the#BreakAadhaarChainscampaign, culminating with events in multiple cities on 12th Jan. This is the last opportunity to make your voice heard before the Supreme Court hearings start on 17th Jan 2018. In collaboration with @no2uidand@rozi_roti.

UIDAI's security seems to be founded on four time tested pillars of security idiocy

1) Denial

2) Issue fiats and point finger

3) Shoot messenger

4) Bury head in sand.

God Save India

Wednesday, May 10, 2017

11301 - Slow down and stop breaking things - Live Mint

Tue, May 09 2017. 02 08 AM IST

Facebook, Google etc are now custodians of the common good, with the associated ethical considerations that need to put the brakes on ‘going fast and breaking things’

On 5 May, Mint ran an interview with Nandan Nilekani that addressed data leaks and the Aadhaar card. While Nilekani was clear that Aadhaar’s infrastructure doesn’t allow it to store any data, and that it is in fact very secure, he did point to the need for getting a privacy law passed, to allow regulators to deal with the overall issue of cyber-security.
He decried the focus on Aadhaar, which by its very design, does not allow for a “man in the middle” type of attack. Nilekani separately pointed out that the proliferation of smartphones has led to Indians giving away their private data to large Internet companies such as Amazon, Apple, Facebook, Google and Microsoft, and that companies such as these are, for now at least, immune to Indian laws.

The same week has seen at least two other news items: one about Google, and the other about Facebook. Google is now fighting a “phishing” attack to its popular Google Docs service, which allows multiple users to work on the same document when they are trying to collaborate on a work product. The attackers in this phishing scam masqueraded as genuine users of Google Docs, and used this cloak of legitimacy to induce unsuspecting users into granting permissions to other applications. Google has announced that it is now taking steps to thwart this latest phishing attempt by removing the offending accounts and by pushing out security updates to its users. So now the stable door is shut, after the horse has bolted.

In the aftermath of a far more macabre tale, Facebook announced that the company will hire 3,000 people to watch for violent videos posted to its site. Facebook’s announcement comes after two grisly videos posted to the website caused horror and dismay over the last few weeks. In one instance, a murder in the US was uploaded, and in the other, a murder-cum-suicide in Thailand. Facebook already pays over 4,000 workers to screen videos flagged as inappropriate by its users, but all this work happens after the damage is done. The extra 3,000 putative hires will also work after the deed is done.

Why must we have a situation where the large Internet giants wait for horrendous things to happen before they react? Silicon Valley has so far followed a “go fast and break things” credo, which has led to enormous leaps in technology over the last few years.

Technological advances aside, every prediction regarding the amount of data being created, and therefore owned by these giants, is astronomic. And they already have the algorithms to predict suspect behaviour.

I have spoken in this column about how the death of net neutrality, which now looms over the US, and soon over the rest of the world, is likely to create oligopolistic behaviour among firms who either generate or transport such data.

In a recent interview, when referring to Reliance’s Jio, Mukesh Ambani talked about how data is the new oil. Data is now measured in zettabytes, a fantastically large unit of data, and these data appear to be growing at an exponential pace that simply beggars belief. My read is that what Ambani meant was that these data can be now be used in various ways, by applying technology-driven predictive algorithmic techniques, into schemes for Internet giants and telecom firms to discover and exploit new sources of revenue. And it shall surely follow, that nothing can be private anymore.

As Nilekani pointed out in the Mint interview, our smartphones, and the applications that run on them, already know so much about us: from where we are at any given point of time through triangulation or the use of Global Positioning System software to even whether we may be drunk or sober, by using gyroscopes and accelerometers built into each device.

In my mind, this puts the onus for data security and protection squarely on the Internet giants. With nearly 2 billion users, and untold advances in data analysis to predict human behaviour such as when two of its users appear to be falling in love with one another, is it likely that Facebook could have foreseen that someone would use its video streaming service to broadcast acts of violence? Was there no attempt to make sure that posting this sort of horror was impossible to do in the first place?

The “go fast and break things” credo has reached its ethical frontier. Does “breaking things” mean allowing horrific murders to be broadcast live? The post facto response has long been sufficient justification when it comes to hackers and the compromising of personal data, but it simply doesn’t work when horror is on the line.
The credo might have worked when Amazon, Facebook, Google et al were young start-up companies trying to blaze new trails, but they are now behemoths in their own right, and the common good of almost all the world’s “netizens” lies in their hands. At the rate we are going, it won’t be long before all the world’s citizens are also netizens. This means that in some sense, these firms have moved from being start-ups to custodians of the common good, with the associated ethical considerations that need to put the brakes on the credo of “going fast and breaking things”.

This is also a conundrum for law-makers. Simply creating stiffer penalties for those who breach Internet systems and profit from doing so will not be enough. The responsibility to police oneself before gruesome events occur probably now lies with the new oligarchs of the Internet, and they need to have a strong incentive to do so. Maybe it is time to impose stiff fines for each such infraction. That said, there is no simple answer. The nuances are endless, and points of view myriad. One thing is for sure: we are sailing in uncharted waters.

Siddharth Pai is a world-renowned technology consultant who has personally led over $20 billion in complex, first-of-a-kind outsourcing transactions.