In 2009, I became extremely concerned with the concept of Unique Identity for various reasons. Connected with many like minded highly educated people who were all concerned.
On 18th May 2010, I started this Blog to capture anything and everything I came across on the topic. This blog with its million hits is a testament to my concerns about loss of privacy and fear of the ID being misused and possible Criminal activities it could lead to.
In 2017 the Supreme Court of India gave its verdict after one of the longest hearings on any issue. I did my bit and appealed to the Supreme Court Judges too through an On Line Petition.
In 2019 the Aadhaar Legislation has been revised and passed by the two houses of the Parliament of India making it Legal. I am no Legal Eagle so my Opinion carries no weight except with people opposed to the very concept.
In 2019, this Blog now just captures on a Daily Basis list of Articles Published on anything to do with Aadhaar as obtained from Daily Google Searches and nothing more. Cannot burn the midnight candle any longer.
"In Matters of Conscience, the Law of Majority has no place"- Mahatma Gandhi
Ram Krishnaswamy
Sydney, Australia.

Aadhaar

The UIDAI has taken two successive governments in India and the entire world for a ride. It identifies nothing. It is not unique. The entire UID data has never been verified and audited. The UID cannot be used for governance, financial databases or anything. It’s use is the biggest threat to national security since independence. – Anupam Saraph 2018

When I opposed Aadhaar in 2010 , I was called a BJP stooge. In 2016 I am still opposing Aadhaar for the same reasons and I am told I am a Congress die hard. No one wants to see why I oppose Aadhaar as it is too difficult. Plus Aadhaar is FREE so why not get one ? Ram Krishnaswamy

First they ignore you, then they laugh at you, then they fight you, then you win.-Mahatma Gandhi

In matters of conscience, the law of the majority has no place.Mahatma Gandhi

“The invasion of privacy is of no consequence because privacy is not a fundamental right and has no meaning under Article 21. The right to privacy is not a guaranteed under the constitution, because privacy is not a fundamental right.” Article 21 of the Indian constitution refers to the right to life and liberty -Attorney General Mukul Rohatgi

“There is merit in the complaints. You are unwittingly allowing snooping, harassment and commercial exploitation. The information about an individual obtained by the UIDAI while issuing an Aadhaar card shall not be used for any other purpose, save as above, except as may be directed by a court for the purpose of criminal investigation.”-A three judge bench headed by Justice J Chelameswar said in an interim order.

Legal scholar Usha Ramanathan describes UID as an inverse of sunshine laws like the Right to Information. While the RTI makes the state transparent to the citizen, the UID does the inverse: it makes the citizen transparent to the state, she says.

Good idea gone bad
I have written earlier that UID/Aadhaar was a poorly designed, unreliable and expensive solution to the really good idea of providing national identification for over a billion Indians. My petition contends that UID in its current form violates the right to privacy of a citizen, guaranteed under Article 21 of the Constitution. This is because sensitive biometric and demographic information of citizens are with enrolment agencies, registrars and sub-registrars who have no legal liability for any misuse of this data. This petition has opened up the larger discussion on privacy rights for Indians. The current Article 21 interpretation by the Supreme Court was done decades ago, before the advent of internet and today’s technology and all the new privacy challenges that have arisen as a consequence.

Rajeev Chandrasekhar, MP Rajya Sabha

“What is Aadhaar? There is enormous confusion. That Aadhaar will identify people who are entitled for subsidy. No. Aadhaar doesn’t determine who is eligible and who isn’t,” Jairam Ramesh

But Aadhaar has been mythologised during the previous government by its creators into some technology super force that will transform governance in a miraculous manner. I even read an article recently that compared Aadhaar to some revolution and quoted a 1930s historian, Will Durant.Rajeev Chandrasekhar, Rajya Sabha MP

“I know you will say that it is not mandatory. But, it is compulsorily mandatorily voluntary,” Jairam Ramesh, Rajya Saba April 2017.

August 24, 2017: The nine-judge Constitution Bench rules that right to privacy is “intrinsic to life and liberty”and is inherently protected under the various fundamental freedoms enshrined under Part III of the Indian Constitution

"Never doubt that a small group of thoughtful, committed citizens can change the World; indeed it's the only thing that ever has"

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” -Edward Snowden

In the Supreme Court, Meenakshi Arora, one of the senior counsel in the case, compared it to living under a general, perpetual, nation-wide criminal warrant.

Had never thought of it that way, but living in the Aadhaar universe is like living in a prison. All of us are treated like criminals with barely any rights or recourse and gatekeepers have absolute power on you and your life.

Announcing the launch of the # BreakAadhaarChainscampaign, culminating with events in multiple cities on 12th Jan. This is the last opportunity to make your voice heard before the Supreme Court hearings start on 17th Jan 2018. In collaboration with @no2uidand@rozi_roti.

UIDAI's security seems to be founded on four time tested pillars of security idiocy

1) Denial

2) Issue fiats and point finger

3) Shoot messenger

4) Bury head in sand.

God Save India

Thursday, June 21, 2012

2621 - In Japan, National ID Proposal Spurs Privacy Concerns -eff.org


EFF has been monitoring governmental proposals for national identification schemes, with an eye toward evaluating the privacy implications of these new systems. In Japan, where an existing program issues unique ID numbers to citizens at the municipal level and shares information on a national network, a bill is under consideration that would create a new ID framework. Submitted by the Japanese Cabinet in February of 2012, the “My Number Bill” would issue new unique ID numbers to participating citizens. The stated purpose is to streamline information sharing between governmental bodies administering tax, social security, and disaster mitigation programs. If the law is enacted, the My Number system will begin operating in 2015.
           
So far, there are no signs that Japan's government will follow the increasingly common trend of requiring citizens to submit biometric data, such as fingerprint or iris scans, in order to enroll. Nevertheless, it’s clear that data submitted by participating citizens will be subject to greater information sharing than under the prior system. This planned expansion gives rise to serious questions about whether individuals’ personally identifiable information will be adequately protected. While the existing ID framework is highly controversial due to privacy concerns, this proposal will disseminate personal data farther and wider, making it even harder for individuals to exercise control their own information.


Japan’s current unique ID system
            Under the mandatory Basic Resident Register program, every Japanese citizen must provide his or her name, birthdate, gender and physical address to municipal governments. With the implementation of the Resident Basic Register Network System in 2002, these four types of information began to be fed into a nationwide computer network, the Juki-net, set up to share data between government agencies. The new system combined the resident registration databases of 3,200 municipal governments, and assigned every Japanese citizen an ID number. [1] Under this framework, citizens may also opt to obtain ID cards, which contain integrated circuit chips.
            When an individual moves to a new city, or changes his or her name following marriage or divorce, the informational updates are logged in the Juki-net. The practice of logging such updates afforded government for the first time the ability to instantly obtain information about personal histories and to track individuals' movements over the course of multiple years, according to the analysis of Midori Osagawara, a former journalist who reported on the Juki-net for national Japanese newspaper Asahi Shimbun. “In the past, [a government] official could barely track [an individuals’] data by looking at the paper-based Resident Basic Registry, because the registry was discretely stored in the municipal office,” Osagawara noted in her thesis on Japan ID systems. “By removing the constraint of a stored location, the government could transcend the constraint of time, too. Now, personal data on Juki-net are automatically updated with references to the past.”[2]
            The Juki-net became a major source of controversy in Japan when it was launched. A newspaper opinion poll conducted just before implementation found that 86 percent of respondents were afraid of data leakage or improper use of information, while 76 percent thought implementation should be postponed. Several lawsuits challenged the new system, charging that it constituted a violation of the right to privacy guaranteed by Article 13 of the Japanese Constitution. Protests were mounted as well; 70 municipal assemblies and 29 mayors passed resolutions demanding the government postpone Juki-net’s implementation. In one city, whose mayor made it possible for citizens to opt out, 839,539 citizens went to city offices to register for non-participation.[3] Following a Supreme Court ruling that found Juki-net to be constitutional, the citizens who’d requested to opt out were enrolled anyway.
            In 2008, the Juki-net withstood a legal challenge when Japan’s Supreme Court ruled that it was constitutional, reversing a lower court’s 2006 ruling that the system violated privacy rights guaranteed by Article 13 of the Japanese Constitution.
            Plaintiffs had argued that Juki-net illegally subjected citizens to risks of personal information leakage, and that it infringed upon rights guaranteed under Article 13 of the Japanese Constitution, which states, “all of the people shall be respected as individuals. Their right to life, liberty, and the pursuit of happiness shall, to the extent that it does not interfere with the public welfare, be the supreme consideration in legislation and in other governmental affairs.” Yet the court rejected these arguments when it found the Juki-net system did not violate Article 13.
            The court determined that there was a low risk that information could be leaked due to the technical system design, and highlighted the absence of a centralized database that would enable consolidated control over personal information by any single governmental agency. It also found that the nature of the collected data was not highly confidential.
            While Japan’s decision to prevent the creation a centralized database places it ahead of the curve on privacy when compared with many other countries that have implemented national ID systems, it’s important to remember that any digital collection of personal information opens the door to potential data breaches. Meanwhile, the court’s assertion that the data is not of a highly sensitive nature fails to take into consideration the fact that reliable inferences can be made about highly sensitive data by building upon multiple categories of non-sensitive data. For instance, Carnegie Mellon researchers Alessandro Acquisti and Ralph Gross published an article in 2009 demonstrating how social security numbers could be easily predicted by combining various kinds of widely available data, such as individuals’ birthdates and places of birth.


Expanded information sharing
            The My Number Bill would essentially take the Juki-Net a step farther, by generating new unique ID numbers and allowing information sharing between the agencies that administer social security, tax, and disaster mitigation programs. The newly generated unique ID numbers would be used as a "key" to link records of individuals' income and payments, and benefits for pensions, health care and other services.
            The My Number Bill also seems to be envisioned as a first step toward an increasingly networked system that would integrate highly sensitive information and could be opened up to private-sector use.
            The bill was drafted based on a policy outline that won Cabinet approval in June of 2011. The policy outline hints at plans to formulate special statutes around highly confidential personal information, such as medical records. It also describes the possibility of linking unique ID numbers to medical data for research purposes, as long as patients’ anonymity is maintained. Yet this sets a dangerous precedent; researchers Arvind Naravayan and Vitaly Shmatikov, among others, have shown that attempts at “de-identification” are not always effective.
            Under the bill, the lack of a centralized database is designed to prevent single governmental body from storing personal information, and an independent monitoring body will be created to ensure personal information is adequately protected. Nevertheless, these measures against data leakage can never be guaranteed to be 100 percent effective.
            According to the policy framework paper, the program would be launched in January 2015 in the spheres of social security, tax, and disaster mitigation; by around 2018, the government will evaluate progress and consider expansion to other areas, such as the medical field. Taking into account political controversy currently surrounding Japan’s consumption tax increase, which is tangentially linked to the unique ID proposal since the program aims to streamline tax administration and processing, it’s still too early to say whether the My Number Bill will win approval.


Reactions from the Japanese public
            The Japan Federation Bar Association has publicly opposed the My Number Bill, criticizing the program for failing to respect the right to control one’s own personal information.
            A number of nongovernmental organizations, such as Japan’s Privacy Action and the Anti Ju-Ki Net Association, also came out against Japan’s proposed unique ID system in public comments submitted to the Cabinet Secretariat in July and August of 2011. They argued that the national ID isn’t really necessary to reform social security and tax programs, and that human rights and personal privacy will be jeopardized no matter what, since it’s impossible to guarantee 100 percent safety when it comes to technology and the potential for human error or active exploitation. Others argued that statutory protections of personal information are ineffective, and that not enough consideration has been given to the shortcomings of the Ju-ki Net. Some NGOs expressed doubts that the ID system would protect citizens’ rights, and called for a cost-benefit analysis prior to implementing the new program.
            The Japan Medical Association has voiced concerns about the idea of linking unique ID numbers to medical records. At a press conference in March, the organization noted that highly sensitive patient information could be leaked.
            Osagawara, the Japanese journalist and surveillance scholar, offered a sharp critique of the Juki-net, focusing on the expanding requirements for information sharing. “Even in a short-term observation, Juki-net’s development shows how a computer network inevitably expands for data sharing,” she wrote. “Once it is established, it increases the scope of data, engages in multiple tasks, and escapes from legal constraints and democratic transparency.”
            We have concerns that the unique ID proposal seems to be moving Japan in a worrisome direction of expanded information sharing that is more sensitive in nature. As we have seen in places such as the UK, where leaks of everything from medical histories to criminal records were attributed to the very government agents entrusted with overseeing a database administered by the UK government’s Department for Work and Pensions, serious challenges arise when digital records of sensitive personal information are created and incorporated into a national network.
[1] Graham Greenleaf, "Comparitive Study on Different Approaches to New Privacy Challenges in Particular in the Light of Technological Developments," Country Studies, B.5 - Japan, Directorate-General Justice, Freedom and Security, European Commission [online], available at http://ec.europa.eu/justice/policies/privacy/studies/index_en.htm
[2] Midori Ogasawara, "ID Troubles: The National Identification Systems in Japan and the (mis) Construction of the Subject" (Master’s Thesis, Queen’s University, 2008), 103 [online], available at http://qspace.library.queensu.ca/handle/1974/1222
[3] Ibid.