In 2009, I became extremely concerned with the concept of Unique Identity for various reasons. Connected with many like minded highly educated people who were all concerned.
On 18th May 2010, I started this Blog to capture anything and everything I came across on the topic. This blog with its million hits is a testament to my concerns about loss of privacy and fear of the ID being misused and possible Criminal activities it could lead to.
In 2017 the Supreme Court of India gave its verdict after one of the longest hearings on any issue. I did my bit and appealed to the Supreme Court Judges too through an On Line Petition.
In 2019 the Aadhaar Legislation has been revised and passed by the two houses of the Parliament of India making it Legal. I am no Legal Eagle so my Opinion carries no weight except with people opposed to the very concept.
In 2019, this Blog now just captures on a Daily Basis list of Articles Published on anything to do with Aadhaar as obtained from Daily Google Searches and nothing more. Cannot burn the midnight candle any longer.
"In Matters of Conscience, the Law of Majority has no place"- Mahatma Gandhi
Ram Krishnaswamy
Sydney, Australia.

Aadhaar

The UIDAI has taken two successive governments in India and the entire world for a ride. It identifies nothing. It is not unique. The entire UID data has never been verified and audited. The UID cannot be used for governance, financial databases or anything. It’s use is the biggest threat to national security since independence. – Anupam Saraph 2018

When I opposed Aadhaar in 2010 , I was called a BJP stooge. In 2016 I am still opposing Aadhaar for the same reasons and I am told I am a Congress die hard. No one wants to see why I oppose Aadhaar as it is too difficult. Plus Aadhaar is FREE so why not get one ? Ram Krishnaswamy

First they ignore you, then they laugh at you, then they fight you, then you win.-Mahatma Gandhi

In matters of conscience, the law of the majority has no place.Mahatma Gandhi

“The invasion of privacy is of no consequence because privacy is not a fundamental right and has no meaning under Article 21. The right to privacy is not a guaranteed under the constitution, because privacy is not a fundamental right.” Article 21 of the Indian constitution refers to the right to life and liberty -Attorney General Mukul Rohatgi

“There is merit in the complaints. You are unwittingly allowing snooping, harassment and commercial exploitation. The information about an individual obtained by the UIDAI while issuing an Aadhaar card shall not be used for any other purpose, save as above, except as may be directed by a court for the purpose of criminal investigation.”-A three judge bench headed by Justice J Chelameswar said in an interim order.

Legal scholar Usha Ramanathan describes UID as an inverse of sunshine laws like the Right to Information. While the RTI makes the state transparent to the citizen, the UID does the inverse: it makes the citizen transparent to the state, she says.

Good idea gone bad
I have written earlier that UID/Aadhaar was a poorly designed, unreliable and expensive solution to the really good idea of providing national identification for over a billion Indians. My petition contends that UID in its current form violates the right to privacy of a citizen, guaranteed under Article 21 of the Constitution. This is because sensitive biometric and demographic information of citizens are with enrolment agencies, registrars and sub-registrars who have no legal liability for any misuse of this data. This petition has opened up the larger discussion on privacy rights for Indians. The current Article 21 interpretation by the Supreme Court was done decades ago, before the advent of internet and today’s technology and all the new privacy challenges that have arisen as a consequence.

Rajeev Chandrasekhar, MP Rajya Sabha

“What is Aadhaar? There is enormous confusion. That Aadhaar will identify people who are entitled for subsidy. No. Aadhaar doesn’t determine who is eligible and who isn’t,” Jairam Ramesh

But Aadhaar has been mythologised during the previous government by its creators into some technology super force that will transform governance in a miraculous manner. I even read an article recently that compared Aadhaar to some revolution and quoted a 1930s historian, Will Durant.Rajeev Chandrasekhar, Rajya Sabha MP

“I know you will say that it is not mandatory. But, it is compulsorily mandatorily voluntary,” Jairam Ramesh, Rajya Saba April 2017.

August 24, 2017: The nine-judge Constitution Bench rules that right to privacy is “intrinsic to life and liberty”and is inherently protected under the various fundamental freedoms enshrined under Part III of the Indian Constitution

"Never doubt that a small group of thoughtful, committed citizens can change the World; indeed it's the only thing that ever has"

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” -Edward Snowden

In the Supreme Court, Meenakshi Arora, one of the senior counsel in the case, compared it to living under a general, perpetual, nation-wide criminal warrant.

Had never thought of it that way, but living in the Aadhaar universe is like living in a prison. All of us are treated like criminals with barely any rights or recourse and gatekeepers have absolute power on you and your life.

Announcing the launch of the # BreakAadhaarChainscampaign, culminating with events in multiple cities on 12th Jan. This is the last opportunity to make your voice heard before the Supreme Court hearings start on 17th Jan 2018. In collaboration with @no2uidand@rozi_roti.

UIDAI's security seems to be founded on four time tested pillars of security idiocy

1) Denial

2) Issue fiats and point finger

3) Shoot messenger

4) Bury head in sand.

God Save India

Wednesday, November 16, 2011

1979 - Front Line - COVER STORY - Identity Concerns R. RAMAKUMAR

 Frontline
Volume 28 - Issue 24 :: Nov. 19-Dec. 02, 2011
INDIA'S NATIONAL MAGAZINE
from the publishers of THE HINDU

 COVER STORY

Identity concerns by R.Ramakumar
 The Unique Identification number, “symbolic of the new and modern India”, is of questionable legality and viability.

Prime Minister Manmohan Singh and Chairperson of the Unique Identification Authority of India Nandan M. Nilekani at a UIDAI Council meeting in New Delhi. - KAMAL SINGH/PTI

“In the Indira years, the slogan was ‘ garibi hatao'…. In the 1970s and 1980s, people's aspirations had focussed on basic essentials – roti, kapda, aur makaan…. Since the reforms in the 1990s, the emphasis moved to… bijli, sadak and paani. In recent years, as growth has accelerated and access to basic infrastructure has improved further, aspirations among the poor have shifted again…. Today, it's all virtual things – it's about UID number, mobile phone and bank account…. With that, they can access services, benefits and their rights…. We are looking at a post-Aadhaar world.”
– Nandan Nilekani

 
“MODERN” India, it would appear, has finally found the “missing link” in its superpower story. Having ensured that all its “poor” had access to “ roti, kapda aur makaan” by the 1980s, and “ bijli, sadak, paani” by the 1990s, it is surging ahead to meet the new and rising aspirations of its “poor”. The foundations of this surge are being laid with the Unique Identification (UID) number, or Aadhaar, which is also the key to the three “virtual things”. For Prime Minister Manmohan Singh, “Aadhaar… is symbolic of the new and modern India”. For Rahul Gandhi, Aadhaar is the key to “bridging the two Indias”, where you “take some” from the “India of opportunity” and “put them” into the “India without opportunity”.

Business leaders and the pink press are gaga over the spin-offs. According to one analysis, Aadhaar links “private-sector businesses to India's poor in an unprecedented manner”; another is titled: “UID: The Biggest Business Opportunity since Liberalisation”; and yet another quotes the managing director of a software giant thus: “UID gives us a business opportunity to prosper in this digital world”.

The total cost of the project is estimated at over Rs.50,000 crore. A business newspaper reveals that “for every rupee of IT spend on the project… around 60 per cent… will go to hardware vendors”. One consultancy giant estimated that within five years into that “post-Aadhaar world”, India would see a first wave of investments totalling $10 billion. From then on, “potential” is $12 billion a year.

There is no other government project that has kicked up such frenzy in recent times. However, in the midst of this frenzy, myriads of questions are begging for answers. While there are people asking these questions, there are also those tired old ways of dismissing them. Brand them as “ jholawalas” or “lefties” or “anti-technology guys” or “those who broke computers in the [19]80s”. The more lenient of the brandings would be “civil libertarians” or “privacy activists”. Whatever they be branded, one thing in common is that none of their questions has received a satisfactory answer yet.

One place to ask questions in a democracy is Parliament; however, about six crore Aadhaar numbers have been issued even before Parliament has taken up the matter for legislative discussion.

Frontline was the first to publish a critical article on UID in 2009, which raised a set of questions to the government (“High-cost, High-risk”, August 14, 2009). More than two years later, most of those questions remain unanswered.

The REAL INTENT:
SECURITY OR DEVELOPMENT?
The Genesis


An important question regarding Aadhaar is how it will be used. Aadhaar is connected closely with the National Population Register (NPR) of the Union Home Ministry. The NPR is a child of the Kargil War. Following the reports of the “Kargil Review Committee” in 2000, and a Group of Ministers in 2001, the National Democratic Alliance (NDA) government decided to register compulsorily all citizens into an NPR and issue each a Multi-purpose National Identity Card (MNIC). Officially, the NPR is aimed at preventing “illegal migration”. For this purpose, the Citizenship Act of 1955 was amended and new Citizenship Rules were released in 2003.

As per Rule 7(3) in the 2003 Rules, “It shall be the responsibility of every citizen to register once with the Local Registrar of Citizen Registration and to provide correct individual particulars.” Rule 3(3) states that information on every citizen in the NPR should compulsorily have his/her “National Identity Number”. Still further, Rule 17 states that “any violation of provisions of rules 5, 7, 8, 10, 11 and 14 shall be punishable with fine which may extend to one thousand rupees”.

NPR and Aadhaar

While registration to the NPR was compulsory and a National Identity Number was linked to each name, the 2003 Rules did not approve of linking biometrics with personal information. If we analyse the annual reports of the Home Ministry, the sections on the MNIC pilot project do not refer to biometric data until 2004-05. In 2005-06, the first mention of biometric data appears. The report noted: “Data entry work for all the 30.96 lakh records… and integration of photographs and finger biometrics of 17.2 lakh… out of 20.6 lakh… has been completed.” Just how biometrics got included in the NPR without sanction from the 2003 Rules remains a mystery.
DOING AN IRIS scan as part of collecting biometric details, at a post office in Mangalore on September 27.- R.ESWARRAJ

With the introduction of biometrics into the NPR, the Home Ministry required technical expertise. The establishment of the Unique Identification Authority of India (UIDAI) in 2008 was partly to meet this requirement. If doubts remained, Home Minister P. Chidambaram clarified in 2009 that “MNIC has to be issued to every citizen, for which the government has decided to set up a UID authority.” The Home Ministry's annual report for 2008-09 went a step ahead and stated: “After the NPR is created, it will engulf the UID database, being far more comprehensive, and will become the mother database for identity purposes.”

The Home Ministry's plan was the following. To quote from the Census of India website: “Data collected in the NPR will be subjected to de-duplication by the UIDAI. After de-duplication, the UIDAI will issue a UID Number. This UID Number will be part of the NPR and the NPR Cards will bear this UID Number.” No prizes for guessing that Aadhaar is already compulsory. In the UIDAI parlance, the NPR is a “killer application”. A killer application is one that so “leverages Aadhaar” that every citizen is forced to get an Aadhaar number.

When the ownership of a “mother database” of citizens, including their biometrics, lies with the Home Ministry, there are reasons to worry. There is always the problem of “functionality creep”, where data collected serves purposes other than its original intent. There are many ways in which the state can use such a database against its own citizens. The database could be used to persecute marginalised sections of the population. The police and the security forces, if allowed access to the biometric database, could use it extensively for regular surveillance and investigative purposes. This can lead to a large number of human rights violations. Given that fingerprint matching is not error-free, such policing may further exacerbate human rights violations. A democratic society has to guard against such possibilities.

Questions of duplication

While the UIDAI was established to supply UID numbers to the NPR, the onus of data collection was with the Registrar General of India (RGI) under the Home Ministry. However, as an initial step, the UIDAI was allowed to enrol 200 million persons. It began this process by signing memorandums of understanding (MoUs) with “registrars”, who enrolled people either directly or through other agencies; the RGI was one of these registrars.

First, duplication of resources and work was built into this plan. There was one set of people whose data were collected by the RGI (“Group 1”) and another whose data were collected by non-RGI Registrars (“Group 2”). But data for “Group 2” could not be given to the RGI to be added to the NPR; the MoU signed between the RGI and the UIDAI did not allow for this. The MoU allowed transfer of information only for “Group 1”.

In other words, within the UIDAI's 200-million persons, duplication and wastage was already built in. Persons in “Group 2” now have to enrol again at an RGI centre. Not surprisingly, officials of the Comptroller and Auditor General (CAG) of India have made a quiet trip to the UIDAI office for an audit.

Secondly, if duplication is allowed to cross the 200 million mark, a major section of the population would have to enrol twice. This is the reason why the Home Ministry is now trying to recapture the responsibilities of enrolment. On its part, the UIDAI wants to continue with the old plan; whether the Cabinet will allow it is not clear yet.


WHITHER PRIVACY?

Another important concern is the project's potential to violate people's right to privacy. In most Western countries, projects to issue ID cards were shelved because of strong privacy concerns and adverse public opinion (see interview with Dr Edgar Whitley on page 29).

Privacy and culture

Is privacy a “Western” concept that does not apply to “eastern” societies like India, where “community-based” life predominates? Such a question is regularly raised in debates on Aadhaar. What this question ignores is that the right to privacy has the status of a shared global value (see A.G. Noorani's article on page 13). While the nature of notions around privacy differs across countries, every country has a temporally dynamic notion of privacy built into its culture. In other words, “an interest in self-governed choice” is not a by-product of “Western individualism”.

Martha Nussbaum, the renowned philosopher, has criticised the argument that privacy is a notion without value in India (see “Is Privacy Bad for Women?”, Boston Review, April/May, 2000). She writes that if the history of India is any guide, it only shows that “India draws certain concrete lines in different places than does America”. She further argues that “if we consider the general meanings of ‘privacy' typically acknowledged as most salient in American discussions, India also marks each of the notions as salient, and ascribes value to protecting the concerns that fall under them.”

To argue her point out, Nussbaum cites three cases. First, just as in the U.S., Indian “people recognise that certain types of information about oneself are privileged, and that it is bad for outsiders to publicise them without consent.” Secondly, she argues that “in India, as in the U.S., there is a deep concern for keeping certain parts of the body, and certain bodily acts, hidden from the sight of others – and also a more general concern that, whatever one is doing, one should not be watched without one's consent.” Thirdly, there is a strong “interest in decisional autonomy or liberty in certain areas especially definitive of the person”. All these lessons, Nussbaum says, are from “among the most ancient and deeply traditional concerns of both Hindu and Muslim cultures”.

It is clear then that privacy can be viewed as a globally valued “right”, “entitlement” and “freedom”. We can also work within the framework of individual freedoms elaborated by Amartya Sen. In Sen's framework, every freedom can have “intrinsic” and “instrumental” values. In the intrinsic sense, privacy enriches the lives of people in a substantive way and thus is “constitutive” of development. In the instrumental sense, privacy can be seen as contributing to other individual freedoms and socio-economic progress. It is from this standpoint that Sen has argued against consequence-independent absolute rights. Thus, the demand to trade-off one freedom for another (say, the “invasive loss” of privacy for “development”) is an untenable demand.

Aadhaar and privacy

It is disturbing then that privacy concerns are not discussed in any document of the government or the UIDAI. On the contrary, discussions around Aadhaar have involved open calls for sharing personal information with private companies. From 2006 onwards, there was a scheme titled “Unique ID for BPL families”, implemented by the Department of Information and Technology. While critics trace the origin of the UIDAI to the MNIC project, the UIDAI itself traces its origin to this scheme. In 2006, a working group of the Planning Commission examined the possibilities of improving upon this scheme and introducing smart cards linked to unique IDs of citizens. The working group report noted that:

“…[U]nique ID could form the fulcrum around which all other smart card applications and e-governance initiatives would revolve. This could also form the basis of a public-private-partnership wherein unique ID-based data can be outsourced to other users, who would, in turn, build up their smart card-based applications…. In the context of the unique ID, part of this database could be shared with even purely private smart card initiatives such as private banking/financial services on a pay-as-you-use principle….”

The callousness that this report displays in sharing personal information with private companies is astonishing. In India, one major threat to privacy arises from here: the promotion of private players in the provision of social services, such as education, insurance and health (see Mohan Rao's article on page 19). With the privatisation of social services, personal data would be transformed into commodities in the market for Aadhaar numbers. In such a context, promises to introduce privacy laws become weak tools to gain the trust of citizens.

IS BIOMETRIC TECHNOLOGY INFALLIBLE?

Among the technological features of Aadhaar, the collection of biometrics is most significant. Apart from biometrics, there is no systemic check to prevent “identity theft”. While there is agreement among biometric and legal experts regarding critical drawbacks of biometrics in proving identity beyond doubt, the Aadhaar project demonstrates extraordinary levels of faith in the infallibility of biometrics.

First, no accurate information exists on whether errors of fingerprint matching are negligible or non-existent. A small percentage of users would always be either falsely matched or not matched at all.

Secondly, a report from 4G Identity Solutions, a supplier and consultant for the UIDAI, recognises that people above 60 years and children below 12 years have difficulties in enrolling with fingerprints. Fingerprints of manual labourers are likely to be broken or eroded, apart from accidental damages to fingers from burns, chemicals, and other agents. Owing to such bad or noisy data, “the failure to enrol is as high as 15 per cent” in India; this involves a minimum of 180 million persons. If fingerprint readers are installed at MGNREGS work sites and PDS outlets, and employment or purchases are made contingent on authentication, about 180 million persons will be excluded from accessing these schemes.

Biometric Standards Committee report
Many of the misgivings with regard to biometrics were reaffirmed by the UIDAI's Biometrics Standards Committee. This committee conducted a sample study of 25,000 persons. Even in such a small sample, 2 to 5 per cent of the respondents did not have “biometric records”. Error rates increased by 2 to 3 per cent when the software was “untuned” to local conditions. The report also noted that sensors would not usually capture fingerprints accurately when women apply mehendi on their fingers.

CAPTURING FINGERPRINTS AT a special booth set up at Patancheru in Medak district, Andhra Pradesh. - NAGARA GOPAL

For iris images, the report did not provide estimates of error because of the “absence of empirical Indian data”. It recommended that iris images should be used only “if they [UIDAI] feel it is required”. The Proof of Concept (PoC) study of the UIDAI also does not inspire confidence regarding the potential of biometrics to work in large populations (see R. Ramachandran's article on page 25).

However, despite adverse technical reports, the UIDAI decided to proceed with the collection of fingerprints and iris images for the entire population. Given that the total project cost is over Rs.50,000 crore, it is but natural that hard questions are asked on these spending decisions.

“REFORMS” IN THE SOCIAL SECTOR?

“We have to rework the system. If we simply introduce UID without re-engineering the system, it wouldn't work,” said Montek Singh Ahluwalia, Deputy Chairman of the Planning Commission, in September. He is right. Aadhaar would drastically reform the architecture of welfare provisions and qualitatively restructure the state's role in the social sector (see articles on PDS (page 16), MGNREGS (page 122) and health (page 19)). This policy has two elements, both of which are constitutive of neoliberal policy in India.

The first is a shift from universalism to targeting. Aadhaar is not intended to expand social service provisions. Its aim is to keep benefits restricted to “targeted” sections, ensure targeting with precision, and thus limit the government's fiscal commitments. As Manmohan Singh stated in July 2010: “To reduce our fiscal deficit in the coming years,… we must [be]… reducing the scale of untargeted subsidies. The operationalisation of the Unique Identification Number Scheme… provides an opportunity to target subsidies effectively.”

The second is a shift from direct provision to indirect provision of social and economic services. Here, existing institutions of direct intervention are dismantled and replaced by new institutions of indirect provision. Aadhaar, as claimed, is not a tool of empowerment; it is actually an alibi for the state to leave the citizen unmarked in the market for social services.

Aadhaar as sufficient identity proof?
A key premise for Aadhaar is that inability to prove identity is a barrier that prevents the poor from accessing services. It is true that the lack of identity prevents a large number of poor from, say, getting a ration card or opening a bank account. Will Aadhaar be sufficient proof of identity to access these services? Will Aadhaar do away with the need to present other documents for proving identity? In all probability, the answers are in the negative.

For instance, the UIDAI claims that the Reserve Bank of India (RBI) has made Aadhaar a valid identity proof for opening a bank account. It also claims that this step would lead to rapid growth of financial inclusion. How accurate are these two claims?

Indeed, through a gazette in November 2010, the government added the letter from the UIDAI, with the Aadhaar number, to the list of documents that may be accepted as proof of identification. However, in a circular, dated September 28, 2011, the RBI clarified: “It is reiterated that while opening accounts based on Aadhaar also, banks must satisfy themselves about the current address of the customer by obtaining required proof of the same as per extant instructions.” In other words, even with an Aadhaar number, banks would continue to demand other “valid” documents.

Aadhaar for financial exclusion?

Despite the phenomenal spread of public banking in rural areas after 1969, a large section of the Indian people remain “unbanked”. One of the reasons is that many of the successes achieved between 1969 and 1991 were reversed by the financial liberalisation policies after 1991. For instance, a large number of rural bank branches were closed down in the 1990s and early 2000s. In any meaningful financial inclusion policy, opening of new rural bank branches has to be a priority. However, the government has other plans. For the government, the earlier “brick-and-mortar” model of rural banking is passé. The preferred option is to encourage “branchless banking”, and this is where Aadhaar becomes important.

In a working paper on financial inclusion, the UIDAI notes that taking banking to rural areas is an “expensive proposition”. Hence, opening rural branches becomes a “social responsibility rather than a business opportunity”. It suggests that Aadhaar can usher in “an era of ubiquitous branchless banking”. Instead of opening rural branches, the bank may simply appoint “business correspondents” (B.C.), who, with the help of hand-held biometric devices, perform banking functions. To promote the B.C. model, the RBI has already permitted the appointment of “for-profit companies” as B.Cs. The size of the “B.C. market” was recently estimated at Rs.3,000 crore. Just by routing MGNREGS wages, the B.Cs are likely to earn up to Rs.600 crore a year as commission.

The B.C. model has already triggered adverse outcomes in rural areas. On March 18, 2011, an internal circular of the State Bank of India noted that B.Cs were “found to indulge in malpractices, such as asking for unauthorised money, over and above the bank's approved rates of charges from the customers”. It noted that “gullible customers” are being “exploited”, posing “serious risk” to the bank's reputation. During discussions with a leading bank union, I was told that B.Cs regularly extracted Rs.100 to 150 per gold loan in many south Indian districts. One newspaper recently quoted a B.C. employee in Punjab thus: “75 per cent of B.C. agents are village sarpanchs or their kin.”

To conclude, a project of the size and cost of Aadhaar should not be pursued without wider discussions among the public and in Parliament. Such projects should inspire public trust and confidence. However, the undue haste displayed by the proponents of the project raises many questions. The sad part of the story is that there are no satisfactory answers.

R. Ramakumar is Associate Professor at the Tata Institute of Social Sciences, Mumbai.