In 2009, I became extremely concerned with the concept of Unique Identity for various reasons. Connected with many like minded highly educated people who were all concerned.
On 18th May 2010, I started this Blog to capture anything and everything I came across on the topic. This blog with its million hits is a testament to my concerns about loss of privacy and fear of the ID being misused and possible Criminal activities it could lead to.
In 2017 the Supreme Court of India gave its verdict after one of the longest hearings on any issue. I did my bit and appealed to the Supreme Court Judges too through an On Line Petition.
In 2019 the Aadhaar Legislation has been revised and passed by the two houses of the Parliament of India making it Legal. I am no Legal Eagle so my Opinion carries no weight except with people opposed to the very concept.
In 2019, this Blog now just captures on a Daily Basis list of Articles Published on anything to do with Aadhaar as obtained from Daily Google Searches and nothing more. Cannot burn the midnight candle any longer.
"In Matters of Conscience, the Law of Majority has no place"- Mahatma Gandhi
Ram Krishnaswamy
Sydney, Australia.

Aadhaar

The UIDAI has taken two successive governments in India and the entire world for a ride. It identifies nothing. It is not unique. The entire UID data has never been verified and audited. The UID cannot be used for governance, financial databases or anything. It’s use is the biggest threat to national security since independence. – Anupam Saraph 2018

When I opposed Aadhaar in 2010 , I was called a BJP stooge. In 2016 I am still opposing Aadhaar for the same reasons and I am told I am a Congress die hard. No one wants to see why I oppose Aadhaar as it is too difficult. Plus Aadhaar is FREE so why not get one ? Ram Krishnaswamy

First they ignore you, then they laugh at you, then they fight you, then you win.-Mahatma Gandhi

In matters of conscience, the law of the majority has no place.Mahatma Gandhi

“The invasion of privacy is of no consequence because privacy is not a fundamental right and has no meaning under Article 21. The right to privacy is not a guaranteed under the constitution, because privacy is not a fundamental right.” Article 21 of the Indian constitution refers to the right to life and liberty -Attorney General Mukul Rohatgi

“There is merit in the complaints. You are unwittingly allowing snooping, harassment and commercial exploitation. The information about an individual obtained by the UIDAI while issuing an Aadhaar card shall not be used for any other purpose, save as above, except as may be directed by a court for the purpose of criminal investigation.”-A three judge bench headed by Justice J Chelameswar said in an interim order.

Legal scholar Usha Ramanathan describes UID as an inverse of sunshine laws like the Right to Information. While the RTI makes the state transparent to the citizen, the UID does the inverse: it makes the citizen transparent to the state, she says.

Good idea gone bad
I have written earlier that UID/Aadhaar was a poorly designed, unreliable and expensive solution to the really good idea of providing national identification for over a billion Indians. My petition contends that UID in its current form violates the right to privacy of a citizen, guaranteed under Article 21 of the Constitution. This is because sensitive biometric and demographic information of citizens are with enrolment agencies, registrars and sub-registrars who have no legal liability for any misuse of this data. This petition has opened up the larger discussion on privacy rights for Indians. The current Article 21 interpretation by the Supreme Court was done decades ago, before the advent of internet and today’s technology and all the new privacy challenges that have arisen as a consequence.

Rajeev Chandrasekhar, MP Rajya Sabha

“What is Aadhaar? There is enormous confusion. That Aadhaar will identify people who are entitled for subsidy. No. Aadhaar doesn’t determine who is eligible and who isn’t,” Jairam Ramesh

But Aadhaar has been mythologised during the previous government by its creators into some technology super force that will transform governance in a miraculous manner. I even read an article recently that compared Aadhaar to some revolution and quoted a 1930s historian, Will Durant.Rajeev Chandrasekhar, Rajya Sabha MP

“I know you will say that it is not mandatory. But, it is compulsorily mandatorily voluntary,” Jairam Ramesh, Rajya Saba April 2017.

August 24, 2017: The nine-judge Constitution Bench rules that right to privacy is “intrinsic to life and liberty”and is inherently protected under the various fundamental freedoms enshrined under Part III of the Indian Constitution

"Never doubt that a small group of thoughtful, committed citizens can change the World; indeed it's the only thing that ever has"

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” -Edward Snowden

In the Supreme Court, Meenakshi Arora, one of the senior counsel in the case, compared it to living under a general, perpetual, nation-wide criminal warrant.

Had never thought of it that way, but living in the Aadhaar universe is like living in a prison. All of us are treated like criminals with barely any rights or recourse and gatekeepers have absolute power on you and your life.

Announcing the launch of the # BreakAadhaarChainscampaign, culminating with events in multiple cities on 12th Jan. This is the last opportunity to make your voice heard before the Supreme Court hearings start on 17th Jan 2018. In collaboration with @no2uidand@rozi_roti.

UIDAI's security seems to be founded on four time tested pillars of security idiocy

1) Denial

2) Issue fiats and point finger

3) Shoot messenger

4) Bury head in sand.

God Save India

Friday, June 28, 2013

3460 - The missing Act - Front Line


Print edition : July 12, 2013


An expert panel recommends a comprehensive law and changes in the existing legal framework to protect the right to privacy. By V. VENKATESAN

THE Indian citizen’s right to privacy is under threat from the increasing efforts to collect data about individuals for various purposes, but there is no specific legislation to regulate any such action. In October last year, a Group of Experts on Privacy (comprising 12 experts) constituted by the Planning Commission under the chairmanship of a former Chief Justice of the Delhi High Court, Ajit Prakash Shah, submitted its report making specific recommendations to the government in order to formulate a suitable framework for a Privacy Act. The group agreed that such a piece of legislation must apply both to the government and the private sector.

The report has noted that with the initiation of national programmes such as Unique Identification Number, National Intelligence Grid (NATGRID), Crime and Criminal Tracking Networking Systems (CCTNS), Rashtriya Swasthya Bima Yojana (RSBY—a health insurance scheme), DNA profiling, privileged communications and brain mapping, most of which will be implemented through ICT (Information, Communication and Technology) platforms, concerns have emerged on their impact on the privacy of persons. The government collects data relating to citizens’ health, travel, taxes, religion, education, financial status, employment, disability, living situation, wealth, citizenship, marriage, crime record, and so on, without an overarching policy. This, according to the report, has led to ambiguity over who is allowed to collect data, what data can be collected, what are the rights of the individual, and how the right to privacy will be protected. The report has further observed that the extent of personal information being held by various service providers, especially the enhanced potential for convergence that digitisation carries with it, is a matter that raises issues about privacy.

The report has enunciated nine fundamental privacy principles to form the bedrock of the proposed Privacy Act. These are based on the need to hold the data controller accountable for the collection, processing and use to which the data are put, thereby ensuring that the privacy of the data subject is guaranteed. The nine principles are as follows:

1. A data controller shall give simple-to-understand notice of its information practices to all individuals before any personal information is collected from them.
2. A data controller shall give individuals choices with regard to providing their personal information and take individual consent only after providing notice of its information practices. Only after consent has been taken will the data controller collect, process, use, or disclose to third parties such information, except in the case of authorised agencies. The data subject shall, at any time while availing himself/herself of the services or otherwise, also have the option to withdraw his/her consent given earlier to the data controller.
3. A data controller shall only collect personal information from data subjects as is necessary for the purposes identified for such collection, regarding which notice has been provided and consent taken. Such collection shall be through lawful and fair means.
4. A data controller shall collect, process, disclose, make available, or otherwise use personal information only for the purposes as stated in the notice after taking the consent of individuals. If there is a change of purpose, this must be notified to the individual. After personal information has been used in accordance with the identified purpose, it should be destroyed as per the identified procedures. Data retention mandates by the government should be in compliance with the National Privacy Principles (NPPs).
5. Individuals shall have access to personal information about them held by a data controller; shall be able to seek correction, amendments, or deletion of such information where it is inaccurate; be able to confirm that a data controller holds or is processing information about them; be able to obtain from the data controller a copy of the personal data.
6. A data controller shall not disclose personal information to third parties, except after providing notice and seeking informed consent from the individual for such disclosure. Third parties are bound to adhere to relevant and applicable privacy principles. A data controller shall not make personal information public.
7. A data controller shall put in place the necessary technical, administrative and physical safeguards for protecting personal information in his/her custody from unauthorised use, destruction, modification, access, and retention, etc.—both from insiders and outsiders.
8. The data controllers shall make their privacy policies, practices, systems, and related developments open, transparent and accessible to individuals through mechanisms such as providing information in multiple languages, and adopting an open standard/accessible format for the disabled.
9. The data controllers shall be accountable to the individual subject, privacy commissioner, and other stakeholders for compliance with all NPPs.
The report has observed that currently, privacy protection in India is piecemeal and does not uphold these principles in a systematic manner. An overarching Privacy Act, which specifically incorporates these principles and sets up an enforcement mechanism to ensure compliance, is an immediate necessity, the report suggests. The report is significant for making a detailed analysis of existing and proposed legislation by applying the NPPs. These include the draft DNA Profiling Bill, 2012; the Citizenship Act, 1955 and Rules, 2003; the Collection of Statistics Act, 2008, and the Collection of Statistics Rules, 2011; the National Identification Authority of India Bill, 2010; and the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011. The report has revealed that these pieces of legislation lack many provisions which ought to have been incorporated in conformity with the NPPs or they have provisions which conflict with the NPPs.

The report has recommended that the proposed Privacy Act must articulate the constitutional basis of privacy as a fundamental right deriving from Article 21 of the Constitution. It has suggested national security; public order; disclosure in the public interest; prevention, detection, investigation, and prosecution of criminal offences; protection of the individual or of the rights and freedoms of others; and historical and scientific research and journalistic purposes as possible exceptions to the right to privacy. To measure the extent and validity of an exception, the report suggests that it should be in proportion to the harm that has been caused or will be caused and the objective of the limitation. Secondly, the limitation on the right to privacy should be in accordance with the laws in force and should extend only to that aspect which is necessary in a democratic state, it says.

The report has found that there are at least 50 laws, rules, regulations and executive orders that articulate privacy principles and practices. The proposed Privacy Act, it says, will be used to harmonise, but not homogenise, these different policy documents in order to ensure that there is consistency and compliance with the NPPs. Once the Privacy Act becomes law, other laws with privacy implications may be amended to ensure broad harmonisation and compliance with the NPPs, the report suggests.