In 2009, I became extremely concerned with the concept of Unique Identity for various reasons. Connected with many like minded highly educated people who were all concerned.
On 18th May 2010, I started this Blog to capture anything and everything I came across on the topic. This blog with its million hits is a testament to my concerns about loss of privacy and fear of the ID being misused and possible Criminal activities it could lead to.
In 2017 the Supreme Court of India gave its verdict after one of the longest hearings on any issue. I did my bit and appealed to the Supreme Court Judges too through an On Line Petition.
In 2019 the Aadhaar Legislation has been revised and passed by the two houses of the Parliament of India making it Legal. I am no Legal Eagle so my Opinion carries no weight except with people opposed to the very concept.
In 2019, this Blog now just captures on a Daily Basis list of Articles Published on anything to do with Aadhaar as obtained from Daily Google Searches and nothing more. Cannot burn the midnight candle any longer.
"In Matters of Conscience, the Law of Majority has no place"- Mahatma Gandhi
Ram Krishnaswamy
Sydney, Australia.

Aadhaar

The UIDAI has taken two successive governments in India and the entire world for a ride. It identifies nothing. It is not unique. The entire UID data has never been verified and audited. The UID cannot be used for governance, financial databases or anything. It’s use is the biggest threat to national security since independence. – Anupam Saraph 2018

When I opposed Aadhaar in 2010 , I was called a BJP stooge. In 2016 I am still opposing Aadhaar for the same reasons and I am told I am a Congress die hard. No one wants to see why I oppose Aadhaar as it is too difficult. Plus Aadhaar is FREE so why not get one ? Ram Krishnaswamy

First they ignore you, then they laugh at you, then they fight you, then you win.-Mahatma Gandhi

In matters of conscience, the law of the majority has no place.Mahatma Gandhi

“The invasion of privacy is of no consequence because privacy is not a fundamental right and has no meaning under Article 21. The right to privacy is not a guaranteed under the constitution, because privacy is not a fundamental right.” Article 21 of the Indian constitution refers to the right to life and liberty -Attorney General Mukul Rohatgi

“There is merit in the complaints. You are unwittingly allowing snooping, harassment and commercial exploitation. The information about an individual obtained by the UIDAI while issuing an Aadhaar card shall not be used for any other purpose, save as above, except as may be directed by a court for the purpose of criminal investigation.”-A three judge bench headed by Justice J Chelameswar said in an interim order.

Legal scholar Usha Ramanathan describes UID as an inverse of sunshine laws like the Right to Information. While the RTI makes the state transparent to the citizen, the UID does the inverse: it makes the citizen transparent to the state, she says.

Good idea gone bad
I have written earlier that UID/Aadhaar was a poorly designed, unreliable and expensive solution to the really good idea of providing national identification for over a billion Indians. My petition contends that UID in its current form violates the right to privacy of a citizen, guaranteed under Article 21 of the Constitution. This is because sensitive biometric and demographic information of citizens are with enrolment agencies, registrars and sub-registrars who have no legal liability for any misuse of this data. This petition has opened up the larger discussion on privacy rights for Indians. The current Article 21 interpretation by the Supreme Court was done decades ago, before the advent of internet and today’s technology and all the new privacy challenges that have arisen as a consequence.

Rajeev Chandrasekhar, MP Rajya Sabha

“What is Aadhaar? There is enormous confusion. That Aadhaar will identify people who are entitled for subsidy. No. Aadhaar doesn’t determine who is eligible and who isn’t,” Jairam Ramesh

But Aadhaar has been mythologised during the previous government by its creators into some technology super force that will transform governance in a miraculous manner. I even read an article recently that compared Aadhaar to some revolution and quoted a 1930s historian, Will Durant.Rajeev Chandrasekhar, Rajya Sabha MP

“I know you will say that it is not mandatory. But, it is compulsorily mandatorily voluntary,” Jairam Ramesh, Rajya Saba April 2017.

August 24, 2017: The nine-judge Constitution Bench rules that right to privacy is “intrinsic to life and liberty”and is inherently protected under the various fundamental freedoms enshrined under Part III of the Indian Constitution

"Never doubt that a small group of thoughtful, committed citizens can change the World; indeed it's the only thing that ever has"

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” -Edward Snowden

In the Supreme Court, Meenakshi Arora, one of the senior counsel in the case, compared it to living under a general, perpetual, nation-wide criminal warrant.

Had never thought of it that way, but living in the Aadhaar universe is like living in a prison. All of us are treated like criminals with barely any rights or recourse and gatekeepers have absolute power on you and your life.

Announcing the launch of the # BreakAadhaarChainscampaign, culminating with events in multiple cities on 12th Jan. This is the last opportunity to make your voice heard before the Supreme Court hearings start on 17th Jan 2018. In collaboration with @no2uidand@rozi_roti.

UIDAI's security seems to be founded on four time tested pillars of security idiocy

1) Denial

2) Issue fiats and point finger

3) Shoot messenger

4) Bury head in sand.

God Save India

Monday, March 26, 2012

2478 - The UIDAI project: why some of the optimism might be Nir-aadhar - KR activist


The UIDAI project: why some of the optimism might be Nir-aadhar

A few months ago Nandan Nilekani had published an editorial in the National Medical Journal of India extolling the virtues of the Aadhar project for health. His article is available at Editorial-II.pdf

Anant Bhan  and Sunita Bandewar have responded to this article questioning some of the claims in the editorial.The resposne has been published in the latest NMJI and is  below

The UIDAI project: why some of the optimism might be nir-aadhar
The article by Nandan Nilekani in the NMJI 2011 May-June issue[1] provides an interesting laundry list of advantages which an Aadhar number could provide to those registered through the Unique Identification Authority of India (UIDAI). 

Nonetheless, it is surprising to see no equivalent of a limitations section. The article fails to present a holistic and full picture of the landscape- in absence of any reference to expected challenges, the potential for duplication of existing mechanisms; and threats the Aadhar project poses, particularly to privacy of personal information of individuals, and data security- and mention of any proposed measures the UIDAI is taking to address these.  Even a cursory uninformed examination of the claims in the article will lead the reader to believe that while the intention is laudable, the process and means can definitely be causes of concern. As readers, we had several questions related to the approach to, implementation of as well as legislative
adequacy of the UIDAI initiative and their implications for its success. .

Why two sets of identification data?
It is unclear as to why two sets of identification data – demographic and bio-informatics – are required for securing an Aadhar number. Also, the operational aspects and possible misuse could be causes of concern. Currently individuals face many problems in fulfilling the expectations of producing proof of residence, birth date etc. for securing other key government identification documents (such as voting card, passport and ration card) and it is unspecified how similar tribulations would be minimized for those seeking an Aadhar number?

Would securing an Aadhar number truly remain voluntary? 
While some benefits of having an Aadhar number are pointed out like immunization tracking for children, the system also worrying suggests a clear link between basic health provisioning (such as immunization) and the need for official proof of being an Indian resident (to be certified through the possession of an Aadhar number). If this is indeed the case, it would mean that providers especially in the public healthcare system might not be able to provide any kind of health services to vulnerable populations like ‘illegal’ immigrants in the country. It should not be the duty or responsibility of a healthcare provider to sit in judgment on a patient’s legal status of entitlement of health services. A patient presenting at a healthcare facility without an Aadhar number might be suspected of being a non-citizen- and stigmatized- and not provided any health services, or even worse, pursued by the state machinery. Linking Aadhar to essential public health services like immunization could mean that undocumented immigrants, among other vulnerable groups, would shun health programs and hence put themselves and others in the community at risk of vaccine-preventable and other communicable conditions.

Although, it is currently voluntary to opt to secure an Aadhar number, the emphasis on its use in health care context in the way Nilekani advocates in the article might run the risk of Aadhar number becoming almost inevitable and “mandatory” for better, swifter and smoother access to health care in due course of time. Aadhar has already become compulsory for LPG provision by government oil companies as part of a pilot project in Mysore[2]. Similar concerns have been expressed by others, too[3].

Wouldn’t the proposal of use of Aadhar for immunization tracking be duplication of efforts? 

The government has already launched a separate system for maternal and child health tracking,including immunization[4] through the National Rural Health Mission Health Management Information System  (http://nrhm-mis.nic.in/mchtracking.htm     http://nrhm-mcts.nic.in/) and it’s not clear why 

UIDAI should aim to replicate the same through Aadhar. We believe there might be other instances where such replication of efforts might be probable- this is both a waste of resources and increases the chances of threats to data security.

Is the health system sufficiently equipped to use Aadhar number? 
Assuming the Aadhar number could finally be used in the health care context as Nilekani delineates, is our health system equipped with the required e-platform across the nation; and are there adequately trained human resources to run such a sophisticated system  available, or being recruited, at every level within the health system?  It appears that the use of the Aadhar number as envisioned would warrant inter-ministerial and inter-sectoral coordination and resource investment for its meaningful realization. It is not clear as to how this is being planned and executed.

Would the system to protect privacy and data protection be truly foolproof? 
The issue of privacy of personal information (especially health) and associated challenges are not mentioned in the article. It is also not clear as how data safety will be ensured. In response to one of the questions in the parliament regarding mechanisms to protect data from unauthorised use in UIDAI, it was said that the data would be encrypted at source along with measures such as limiting physical use, and putting standard security infrastructure[5].

We wonder if that would be sufficient given the current trends of data theft from the supposedly safe and well protected sectors, such as banking and information technology which use similar mechanisms. As instances of theft and misuse of information becomes commonplace, as evidenced by increasing credit card fraud and frequent hacking of government websites[6],any framework for information collection which does not have robust safeguards  should be grounds for concern. As well, India does not have any coherent policy or law governing data encryption [7],[8], [9].

In the contemporary context of globalised terrorism, it would also be challenging for the UIDAI to comply with the promise of confidentiality towards data collected if faced with mounting pressures from investigation and intelligence agencies, whether domestic or foreign, to share bioinformatics information of individuals suspected to be associated with terrorism and violence.  Although a
somewhat different context, the recent episode of a vaccination campaign launched by the US intelligence agency CIA aimed specifically at collecting DNA samples from the Osama Bin Laden household in Abbottabad in Pakistan[10] is representative of reasons for our concerns on this front of the potential of misuse of a public health program collecting identifiable data.

The initial Aadhar registration system being implemented also provides reason for worry. As the enrolment process has been sub-contracted via tenders to private firms, there is seemingly no guarantee of how information and data security will be maintained. Moreover, ensuring data protection from interested parties such as insurance companies who could choose to deny health insurance coverage to individuals based on their health profiles is paramount. Unless stringent safeguards are built in, the Aadhar number could be a serious and risky intrusion into our privacy.

Furthermore, it is ambiguous as to how harmonization and reconciliation across various legal apparatuses, such as, the National Identification Authority of India Bill and the proposed Right to Privacy Bill[11] would be achieved with regards to protecting personal information gathered under the Aadhar project.

Against this backdrop,we believe the editorial by Nilekani raises more questions than provides answers, and hence it is apt to question the claims of the article.
Finally, we also find it disconcerting that though the author declares his affiliation with the UIDAI, there is no conflict of interest statement in the article. Nilekani as head of the initiative is expected to have a positive bias towards the program. We believe it would have been good practice for a conflict of interest statement to have been appended with the article.

Anant Bhan, Pune, Maharashtra
anantbhan@gmail.com

Sunita V S  Bandewar, Pune, Maharashtra
sunita.bandewar@utoronto.ca
REFERENCES
________________________________
[1]Nilekani N. Building a foundation for better health: The role of the Aadhaar number. Natl Med J India.2011 May-Jun;24(3):133-5.

[2]Milton L. Aadhaar number to be must for LPG services. The Times of India. 2011 Aug 8 [cited 2011 Aug 18]. Available: http://timesofindia.indiatimes.com/city/mysore/Aadhaar-number-to-be-must-for-LPG-services/articleshow/9533385.cms

[3]Ramanathan U. A private right or a public affair? Tehelka Magazine. 2011 Jul 9 [cited 2011 Aug 18]; Vol 8, issue 27. Available:  http://www.tehelka.com/story_main50.asp?filename=Ne090711PROSCONS.asp

[4]Government Health. Now, a tracking system for immunisation in India. 2011 August 3 [cited 2011 August 18]. Available:
http://www.igovernment.in/site/now-tracking-system-immunisation-india

[5]  Unique Identification Authority of India. Government of India Planning Commission, Rajya Sabha Questions. Question no 393(Answered on 2011 Feb 24) [cited 2011 Aug 20].  Available:http://uidai.gov.in/index.php?option=com_content&view=article&id=171&Itemid=150#rs

[6]Kurup D. ‘State actor’ linked to major cyber intrusions in India, world. The Hindu Bangalore edition. 2011 Aug 4 [cited 2011 Aug 18]. Available: http://www.thehindu.com/news/article2319894.ece

[7]Data Security Council of India.Recommendations for Encryption Policy Regulation u/s 84A of the Information
Technology (Amendment) Act, 2008.  Prepared by DSCI/NASSCOM with inputs from the industry.  2009 Jul 13 [cited 2011 Aug 16]. Available:http://www.dsci.in/sites/default/files/encryption_policy_dsci_final_submission_to_dit.pdf

[8]Dalal, P.Encryption policy of India needed.  2011 Jun 19 [cited 2011 Aug 5]. Available: http://ictps.blogspot.com/2011/06/encryption-policy-of-india-is-needed.html

[9]Waris S. Government asleep over encryption regulations. 2009 Aug 20 [cited 2011 Aug 21], Available: http://www.legallyindia.com/20090820138/Legal-opinions/government-asleep-over-encryption-regulations

[10]Reardon S. Pakistan. Decrying CIA vaccination sham, health workers brace for backlash. Science.2011 Jul 22;333(6041):395.

[11]Venkatesan J. Bill on ‘right to privacy’ in monsoon session: Moily. The Hindu, 2011 June 7 [cited 2011 Aug 17]. Available: http://www.thehindu.com/news/national/article2082643.ece

Related articles

CLICK ON TITLE TO SEE ORIGINAL ARTICLE - Posted by
Labels: ,