In 2009, I became extremely concerned with the concept of Unique Identity for various reasons. Connected with many like minded highly educated people who were all concerned.
On 18th May 2010, I started this Blog to capture anything and everything I came across on the topic. This blog with its million hits is a testament to my concerns about loss of privacy and fear of the ID being misused and possible Criminal activities it could lead to.
In 2017 the Supreme Court of India gave its verdict after one of the longest hearings on any issue. I did my bit and appealed to the Supreme Court Judges too through an On Line Petition.
In 2019 the Aadhaar Legislation has been revised and passed by the two houses of the Parliament of India making it Legal. I am no Legal Eagle so my Opinion carries no weight except with people opposed to the very concept.
In 2019, this Blog now just captures on a Daily Basis list of Articles Published on anything to do with Aadhaar as obtained from Daily Google Searches and nothing more. Cannot burn the midnight candle any longer.
"In Matters of Conscience, the Law of Majority has no place"- Mahatma Gandhi
Ram Krishnaswamy
Sydney, Australia.

Aadhaar

The UIDAI has taken two successive governments in India and the entire world for a ride. It identifies nothing. It is not unique. The entire UID data has never been verified and audited. The UID cannot be used for governance, financial databases or anything. It’s use is the biggest threat to national security since independence. – Anupam Saraph 2018

When I opposed Aadhaar in 2010 , I was called a BJP stooge. In 2016 I am still opposing Aadhaar for the same reasons and I am told I am a Congress die hard. No one wants to see why I oppose Aadhaar as it is too difficult. Plus Aadhaar is FREE so why not get one ? Ram Krishnaswamy

First they ignore you, then they laugh at you, then they fight you, then you win.-Mahatma Gandhi

In matters of conscience, the law of the majority has no place.Mahatma Gandhi

“The invasion of privacy is of no consequence because privacy is not a fundamental right and has no meaning under Article 21. The right to privacy is not a guaranteed under the constitution, because privacy is not a fundamental right.” Article 21 of the Indian constitution refers to the right to life and liberty -Attorney General Mukul Rohatgi

“There is merit in the complaints. You are unwittingly allowing snooping, harassment and commercial exploitation. The information about an individual obtained by the UIDAI while issuing an Aadhaar card shall not be used for any other purpose, save as above, except as may be directed by a court for the purpose of criminal investigation.”-A three judge bench headed by Justice J Chelameswar said in an interim order.

Legal scholar Usha Ramanathan describes UID as an inverse of sunshine laws like the Right to Information. While the RTI makes the state transparent to the citizen, the UID does the inverse: it makes the citizen transparent to the state, she says.

Good idea gone bad
I have written earlier that UID/Aadhaar was a poorly designed, unreliable and expensive solution to the really good idea of providing national identification for over a billion Indians. My petition contends that UID in its current form violates the right to privacy of a citizen, guaranteed under Article 21 of the Constitution. This is because sensitive biometric and demographic information of citizens are with enrolment agencies, registrars and sub-registrars who have no legal liability for any misuse of this data. This petition has opened up the larger discussion on privacy rights for Indians. The current Article 21 interpretation by the Supreme Court was done decades ago, before the advent of internet and today’s technology and all the new privacy challenges that have arisen as a consequence.

Rajeev Chandrasekhar, MP Rajya Sabha

“What is Aadhaar? There is enormous confusion. That Aadhaar will identify people who are entitled for subsidy. No. Aadhaar doesn’t determine who is eligible and who isn’t,” Jairam Ramesh

But Aadhaar has been mythologised during the previous government by its creators into some technology super force that will transform governance in a miraculous manner. I even read an article recently that compared Aadhaar to some revolution and quoted a 1930s historian, Will Durant.Rajeev Chandrasekhar, Rajya Sabha MP

“I know you will say that it is not mandatory. But, it is compulsorily mandatorily voluntary,” Jairam Ramesh, Rajya Saba April 2017.

August 24, 2017: The nine-judge Constitution Bench rules that right to privacy is “intrinsic to life and liberty”and is inherently protected under the various fundamental freedoms enshrined under Part III of the Indian Constitution

"Never doubt that a small group of thoughtful, committed citizens can change the World; indeed it's the only thing that ever has"

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” -Edward Snowden

In the Supreme Court, Meenakshi Arora, one of the senior counsel in the case, compared it to living under a general, perpetual, nation-wide criminal warrant.

Had never thought of it that way, but living in the Aadhaar universe is like living in a prison. All of us are treated like criminals with barely any rights or recourse and gatekeepers have absolute power on you and your life.

Announcing the launch of the # BreakAadhaarChainscampaign, culminating with events in multiple cities on 12th Jan. This is the last opportunity to make your voice heard before the Supreme Court hearings start on 17th Jan 2018. In collaboration with @no2uidand@rozi_roti.

UIDAI's security seems to be founded on four time tested pillars of security idiocy

1) Denial

2) Issue fiats and point finger

3) Shoot messenger

4) Bury head in sand.

God Save India

Wednesday, July 10, 2013

4410 - Part v - Biometrics ~ the story so far by Usha Ramanathan - The Statesman


The Statesman
06 Jul 2013
Usha Ramanathan

Face, fingerprint, iris ~ the UIDAI is collecting all of these. The uniqueness of the UID number is to be ensured by using the biometrics collected for “de-duplicating” the 1.2 billion plus population resident in India. That sounds such an improbable task that it cannot do without some investigation of why the UIDAI thought they could pull it off. What did the UIDAI know about biometrics which gave it the confidence to roll out the project on a nationwide scale? The answer is, very little.

When the project got off the ground, and Mr Nandan Nilekani took charge, among the early decisions taken seems to have been the introduction of biometrics. On 29 September 2009, the UIDAI set up  a committee to review the state of biometrics in the country, and suggest how they may be modified, extended or enhanced to  "serve the specific requirements of UIDAI relating to de-duplication and authentication”. Interestingly, among its other tasks, the committee was asked to “obtain consensus (for) widespread propagation of biometrics in governmental and private sectors.” Significantly, no other means of achieving uniqueness and de-duplication was suggested then, nor at any time since then; biometrics was the only tool.

The December 2009 report of the committee on biometrics was cautious. The state of knowledge on biometrics was too meagre. In its sample of 25,000 people, 2-5 per cent did not have biometric records. Globally, de-duplication accuracy of 99 per cent had been reported from western populations, where there was good fingerprint quality and where the database was up to 50 million. To scale up the results from 50 million to a billion plus was fraught with uncertainty. And, importantly, there had been no study of fingerprint quality in the Indian context. Indian conditions, the report read, “are unique in two ways: larger percentage of population is employed in manual labour, which normally produces poorer biometric samples. Biometric capture process in rural and mobile environment is less controllable compared to the environmental conditions in which western data is collected.” It also found that if the way biometrics is captured is deficient, the “false acceptance rate” could be over 10%. The committee “strongly recommended that carefully designed experiments and proper statistical analysis under pilot should be carried out, to formally predict the accuracy of biometric systems for Indian rural and urban environments”.

As for iris, it is technology of recent vintage, and, “compared to fingerprinting, iris capture is less studied and less standardised”. So, they tentatively suggested combining multiple biometric modalities, in this case that would be fingerprint and iris. That was about all the committee was able to say.

Pursuant to this report, in February 2010, the UIDAI issued a “notice inviting applications for hiring of biometrics consultant” to assist in “proof of concept of biometric solutions for UIDAI project”. This document is a startling statement of the state of ignorance in which the UIDAI was, although they had already decided that they would adopt biometric de-duplication and authentication. The consultant would have to “assess the biometric de-duplication accuracy that can be achieved in the Indian context”. The National Institute of Science and Technology (NIST) in the USA “has spent considerable efforts over the past 10-15 years in benchmarking the state-of-the-art extractor and matching technology for fingerprint, face and iris biometrics on the western population,” the invitation document read. “While NIST documents the fact that the accuracy of biometric matching is extremely dependent on demographics and environmental conditions, there is a lack of a sound study that documents the accuracy achievable on Indian demographics (i.e., larger percentage of rural population) and in Indian environmental conditions (i.e., extremely hot and humid climates and facilities without air-conditioning). In fact, it went on, “we could not find any credible study assessing the achievable accuracy in any of the developing countries. UIDAI has performed some preliminary assessment of quality of fingerprint data from Indian rural demographics and environments and the results are encouraging. The “quality” assessment of fingerprint data is not sufficient to fully understand the achievable de-duplication accuracy.” And so on.  And the consultant was given six months to lead the UIDAI from this state of ignorance to profound knowledge about biometrics. At that stage, the focus was on enrolment. What would happen when people would have to be identified by their biometric markers was deferred to a later date.

The study was done between March  and June 2010. On 17 July, 2010, the Economic Times reported that “missing biometrics” was confronting the UID project. The millions working in agriculture, construction workers, manual workers would have their fingerprints worn down. Corneal scars, corneal blindness, cataract resulting from nutritional deficiencies and prolonged exposure to sunlight and ultraviolet rays were likely to jeopardise iris data. The Director General of the UIDAI reportedly admitted that they had no estimate of how many people this would affect - they expected it to be a “small number.” “We are dealing with a large country and complex issues. We have to work within these limitations,” he is reported to have said. 

They moved on regardless, to collecting biometrics and making claims of uniqueness.

The `UID enrolment proof-of-concept (PoC) report' was finally uploaded on the UIDAI website in February 2011, about five months after UID enrolment had begun to be rolled out. In a report that is gloriously vague and hazy, there is one statement that puts a question mark on the whole exercise: “The goal of the PoC was to collect data representative of India and not necessarily to find difficult-to-use biometrics. Therefore, extremely remote rural areas, often with populations specialising in certain types of work (tea plantation workers, areca nut growers, etc.) were not chosen. This ensured that degradation of biometrics characteristic of such narrow groups was not over-represented in the sample data collected.” The number of people in the sample studies to see if de-duplication worked was 40,000, and this did not include those who were not seen as representative of India! And the report maintains a deafening silence about what will be done for `biometric exceptions' - people for whom neither fingerprints nor iris work.

The UIDAI would be hard put to term this a scientific study. There is no authorship, the complexity of the population is ironed out by excluding them from the sample, the evidence is sketchy and conclusions general. Two years later, Mr Nilekani was to say, in his talk at the World Bank in April 2013, that “nobody has done this before, so we are going to find out soon whether it will work or not”.

In sum, this is an experiment. Even if it fails, biometric companies would have made their money, systems would have been re-engineered and the numbers seeded, and databases would have been created. 

Every time I have spoken to a politician, bureaucrat, senior members of research organisations, I have asked them if they have seen any of the UIDAI's own reports, and the answer is always ‘no’.

When biometrics fail ..... well, there are no consequences for project proponents, not as things stand anyway. The authentication story is mirthful, and deserves its own narrative.

(The writer is an academic activist. She has researched the UID and its ramifications since 2009)