In 2009, I became extremely concerned with the concept of Unique Identity for various reasons. Connected with many like minded highly educated people who were all concerned.
On 18th May 2010, I started this Blog to capture anything and everything I came across on the topic. This blog with its million hits is a testament to my concerns about loss of privacy and fear of the ID being misused and possible Criminal activities it could lead to.
In 2017 the Supreme Court of India gave its verdict after one of the longest hearings on any issue. I did my bit and appealed to the Supreme Court Judges too through an On Line Petition.
In 2019 the Aadhaar Legislation has been revised and passed by the two houses of the Parliament of India making it Legal. I am no Legal Eagle so my Opinion carries no weight except with people opposed to the very concept.
In 2019, this Blog now just captures on a Daily Basis list of Articles Published on anything to do with Aadhaar as obtained from Daily Google Searches and nothing more. Cannot burn the midnight candle any longer.
"In Matters of Conscience, the Law of Majority has no place"- Mahatma Gandhi
Ram Krishnaswamy
Sydney, Australia.

Aadhaar

The UIDAI has taken two successive governments in India and the entire world for a ride. It identifies nothing. It is not unique. The entire UID data has never been verified and audited. The UID cannot be used for governance, financial databases or anything. It’s use is the biggest threat to national security since independence. – Anupam Saraph 2018

When I opposed Aadhaar in 2010 , I was called a BJP stooge. In 2016 I am still opposing Aadhaar for the same reasons and I am told I am a Congress die hard. No one wants to see why I oppose Aadhaar as it is too difficult. Plus Aadhaar is FREE so why not get one ? Ram Krishnaswamy

First they ignore you, then they laugh at you, then they fight you, then you win.-Mahatma Gandhi

In matters of conscience, the law of the majority has no place.Mahatma Gandhi

“The invasion of privacy is of no consequence because privacy is not a fundamental right and has no meaning under Article 21. The right to privacy is not a guaranteed under the constitution, because privacy is not a fundamental right.” Article 21 of the Indian constitution refers to the right to life and liberty -Attorney General Mukul Rohatgi

“There is merit in the complaints. You are unwittingly allowing snooping, harassment and commercial exploitation. The information about an individual obtained by the UIDAI while issuing an Aadhaar card shall not be used for any other purpose, save as above, except as may be directed by a court for the purpose of criminal investigation.”-A three judge bench headed by Justice J Chelameswar said in an interim order.

Legal scholar Usha Ramanathan describes UID as an inverse of sunshine laws like the Right to Information. While the RTI makes the state transparent to the citizen, the UID does the inverse: it makes the citizen transparent to the state, she says.

Good idea gone bad
I have written earlier that UID/Aadhaar was a poorly designed, unreliable and expensive solution to the really good idea of providing national identification for over a billion Indians. My petition contends that UID in its current form violates the right to privacy of a citizen, guaranteed under Article 21 of the Constitution. This is because sensitive biometric and demographic information of citizens are with enrolment agencies, registrars and sub-registrars who have no legal liability for any misuse of this data. This petition has opened up the larger discussion on privacy rights for Indians. The current Article 21 interpretation by the Supreme Court was done decades ago, before the advent of internet and today’s technology and all the new privacy challenges that have arisen as a consequence.

Rajeev Chandrasekhar, MP Rajya Sabha

“What is Aadhaar? There is enormous confusion. That Aadhaar will identify people who are entitled for subsidy. No. Aadhaar doesn’t determine who is eligible and who isn’t,” Jairam Ramesh

But Aadhaar has been mythologised during the previous government by its creators into some technology super force that will transform governance in a miraculous manner. I even read an article recently that compared Aadhaar to some revolution and quoted a 1930s historian, Will Durant.Rajeev Chandrasekhar, Rajya Sabha MP

“I know you will say that it is not mandatory. But, it is compulsorily mandatorily voluntary,” Jairam Ramesh, Rajya Saba April 2017.

August 24, 2017: The nine-judge Constitution Bench rules that right to privacy is “intrinsic to life and liberty”and is inherently protected under the various fundamental freedoms enshrined under Part III of the Indian Constitution

"Never doubt that a small group of thoughtful, committed citizens can change the World; indeed it's the only thing that ever has"

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” -Edward Snowden

In the Supreme Court, Meenakshi Arora, one of the senior counsel in the case, compared it to living under a general, perpetual, nation-wide criminal warrant.

Had never thought of it that way, but living in the Aadhaar universe is like living in a prison. All of us are treated like criminals with barely any rights or recourse and gatekeepers have absolute power on you and your life.

Announcing the launch of the # BreakAadhaarChainscampaign, culminating with events in multiple cities on 12th Jan. This is the last opportunity to make your voice heard before the Supreme Court hearings start on 17th Jan 2018. In collaboration with @no2uidand@rozi_roti.

UIDAI's security seems to be founded on four time tested pillars of security idiocy

1) Denial

2) Issue fiats and point finger

3) Shoot messenger

4) Bury head in sand.

God Save India

Sunday, November 5, 2017

12291 - ‘Critical concerns on Aadhaar’: Six former civil servants write to Prime Minister Narendra Modi - Scroll.In


‘We are deeply concerned that the authorities seem insensitive to the legitimate concerns of large sections of the target universe, especially the poor.’

Published Nov 03, 2017 · 11:15 am

                                         Reuters

Six senior retired civil servants have written to Prime Minister Narendra Modi expressing alarm at the rapid spread of Aadhaar, the government’s Unique Identity project, to virtually all walks of life.

“We are concerned that the UID has, step by little step, encroached upon, and disrupted, the lives of many and denied their entitlements to many more, particularly amongst the poor,” the former Indian Administrative Services officers wrote in their letter dated October 6, 2017.

Accusing the government of having been less than transparent in regard to several important aspects of Aadhaar, the letter said that many of the government’s decisions are difficult to justify or even comprehend. “Meanwhile, the ecosystem promoting Aadhaar has been conducting campaigns of obfuscation and misinformation,” the letter said.

Calling for an objective review of the project, the letter asked for a course correction without any loss of time. “If it is found that there has been an administrative overreach, the decisions in question should promptly be reversed.”

Following is the full text of the note enclosed by them to the prime minister detailing their critical concerns and specific suggestions.

As we await the Supreme Court’s consideration of Aadhaar, the debate on the Unique Identity rages, and the government, despite specific court orders, continues to push it vigorously.
There has never been anything like Aadhaar in India. It now affects everyone and every activity from birth to death. And yet this is not how Aadhaar was conceived. The objective of the UID was to eliminate multiple and fake identities to ensure better targeting of subsidies. How did this transformation take place?

The journey of Aadhaar has indeed been remarkable. Accorded the highest priority by successive governments at the two ends of the political spectrum, the project has covered almost the entire population of India, digitising crores of records and issuing cards to each individual. The Aadhaar UID has also been empowered for a multitude of operations from opening bank accounts to securing passports and driving licences, even mobile connections by private players. These are no mean achievements.

Meanwhile, media reports and field surveys have poured in from across the country regarding leakages, malpractices and fraud; biometric mismatch and the rejection of genuine cases; errors in the demographic data, disentitlement and exclusion. The UIDAI has registered criminal cases for preparing fake Aadhaar cards, for hacking databases and so on. Assertions made by high public authorities have been contested for not being backed by verifiable data.

We have, therefore, tried to go behind the debate to ascertain the reality by critically examining the basic premise of Aadhaar, the experience on the ground, the text of the Aadhaar Act and its subordinate legislations, and the gap between the stated objectives and their realisation.

We are disturbed by the state of affairs because we find that Aadhaar is not what it has been presented to be. There has clearly been an uncommon haste in its implementation and a determined effort to extend it well beyond what is envisaged in the Act. The enthusiasm with which the UIDAI and the government have extolled the virtues of Aadhaar, and the disdain with which all criticism has been dismissed, point to the need for an unbiased review.

The forces that are pushing Aadhaar are indeed powerful. This per se is not objectionable, since Aadhaar does open up enormous business opportunities. Unfortunately, this lobby has stooped to misinformation campaigns and to intimidation and denigration of the project’s critics. We are loath to cite an individual instance, but feel compelled to do so because of its ominous significance. 

We allude here to the campaign of the team led by Shri Sharad Sharma of iSpirit and IndiaStack, entities that are deeply involved with the Aadhaar enterprise. When these individuals were exposed on social media, instead of being chastised for spreading falsehoods, they were actually congratulated by Shri Nandan Nilekani and other luminaries of the industry for being ‘brave’ enough to apologise! With vested interests of such stature in support, Aadhaar seems to have descended into the realm of post-truth and alternative facts.

It is incredible that no one really knows how Aadhaar has been performing. This is because the UIDAI, which is the sole repository of all information on Aadhaar, has resolved not to disclose any data; it has even refused information under the RTI, on grounds of national security.

The UIDAI now processes more than two crore Aadhaar authentications every day; 331 crore cases were dealt with between September 2012 and December 2016. About 40,000 cases have been registered for malpractices by the UIDAI. And yet no analysis of the experience has been made available to the public. This secrecy not only undermines the credibility of the UIDAI, but also raises questions about its intentions. Could it be that the data is so damaging as to vitiate the entire Aadhaar exercise? The UIDAI has chosen to keep its decision making opaque and its data beyond the pale of public scrutiny.

The fears of surveillance, security and profiling are possibly more real than we might believe them to be. We shall, however, confine ourselves to issues closer to the field and focus here on five aspects of Aadhaar where the decisions clearly need to be revisited.

1. The biometric fiasco
The first is the total dependence on fingerprint biometrics, an intrinsically unreliable technology, given that devices for iris recognition will not be widely available for use in the near future.

The UIDAI’s own proof of concept (POC) trials for fingerprint recognition showed an error of up to 15 percent with the best finger and 5 percent when two fingers were tried. There is little public awareness of these limitations.

The implications are serious and worrisome, for the numbers involved are very large. Thus, with a population of 80 crore under PDS, rejections can be as high as 12 crore, and will not be less than 4 crore; the technology ensures that this be so. Evidence from reports and surveys in Rajasthan, Andhra Pradesh and Jharkhand support this assumption.

According to the State of Aadhaar Report 2016 -17 by IDinsight, in the case of pensions in Andhra Pradesh, the rate of fingerprint authentication failure after three attempts was as high as 17.4 percent. In Telangana, the failure rate under MGNREGA averaged 7.8 percent.

A five percent error rate in fingerprint recognition has been confirmed both by the CEO of UIDAI and its former Chairman. Granted that there may be variations from state to state and, over time, improvements may be made and the initial glitches overcome, yet the exclusions would continue to be unacceptably high.

The problem is further compounded in rural areas disadvantaged by the poor quality of basic facilities and services. Critical to the success of Aadhaar are uninterrupted power supply, Internet connectivity, efficient fingerprint recognition devices, secure and reliable encryption and transmission of data, and well-trained staff. If one or more of these requirements are not met, the rates of rejection increase sharply. Field experience across states corroborates this assertion.

On these considerations alone, the proposal for the complete and exclusive dependence on fingerprint biometrics should have been eschewed.

Further, a clear provision for alternative modes of establishing one’s identity in the event of a failure of the Aadhaar identification ought to have been made. Instead, every case of mismatch is being celebrated as the elimination of a duplicate; and, in consequence, claims of huge savings are being made. In contrast, in Chhattisgarh, where this problem was duly acknowledged, the state government decided to accept alternative modes of identification.

The following steps are essential to remedy the situation:
  •   The complete reliance on biometric identification must be discarded and alternatives specific to each scheme adopted. This is the only way the ensuing disentitlement and exclusion can be avoided. Suitable modifications will be required in the Aadhaar Act, in the Aadhaar (Enrolment and Update) Regulations and in the Aadhaar (Authentication) Regulations.  
  •   In particular, Section 7 of the Aadhaar Act, which enables the government to make Aadhaar mandatory, must be amended to recognise first, the possibility of the failure of Aadhaar authentication and second, in the event of such failure, specifically to provide for alternate means to establish one’s identity.    
  •   In the same vein, any notification or guideline issued to make Aadhaar mandatory for a scheme, process or activity, should clearly provide for alternate methods of recognition when the Aadhaar fails.  
  •   Until such time as the availability of basic infrastructure - electricity, Internet connectivity, secure and efficient recognition devices - is ensured in a given area, alternative modes of identification should be accepted there.  
2. The defective demographic database
The second is that the demographic database for Aadhaar is not authenticated.

The credibility of this database is of vital importance. Any error of recording or transcription may lead to a mismatch and in consequence, to the rejection of the Aadhaar identification. In view of this, it is intriguing that at the time of enrolment, no verification of the information provided was considered necessary; the instructions were that information should be recorded in whatever form and manner it was given. On this basis, 100 crore Aadhaar cards were issued before the Act was passed by Parliament.

Moreover, the desired data could be provided even without any supporting documents: by an “introducer” or by the head of family, if he himself was an Aadhaar number holder. Documents like the ration card and PAN card, though considered unreliable, were also accepted for Aadhaar enrolment.

The actual enrolment was often conducted by relatively small agencies with a local presence, at times several stages removed from the original contracting parties; there was virtually no supervision or check on the correctness of the data recorded. There was a wide variation in the quality of equipment, training of personnel and fidelity of recording and transmission of biometrics and demographic data. Government agencies were not associated.

There are reports of large-scale inaccuracies, with instances of entire populations of villages recording the same date of birth, of errors in the names or addresses and so on. This has occasioned great hardship in authentication, but the authorities seem to be in denial.
  • It is imperative that the demographic data be correct. This can only be ensured through a comprehensive exercise similar to the revision of electoral rolls to enable individuals to rectify errors in their Aadhaar cards. This drive must be conducted in a systematic manner to cover every village and every ward in the country.
  •   In parallel, the provisions for enrolment in the Aadhaar Act and its Regulations should be made more stringent and rigorous.  
3. The Extension of Aadhaar without reason, as a policy imperative
The third is the persistent, and accelerated, extension of Aadhaar to every activity.
Aadhaar is now required by a new-born for her birth certificate, by a couple for registering its marriage, and by every soul before leaving for its heavenly abode.

An Act of Parliament sets out both the scope and the limitations of Aadhaar. Section 7 of the Act governs the adoption of Aadhaar for any scheme. Having been passed as a money bill, the Act has a direct nexus with the Consolidated Fund of India, and cannot, therefore, apply to activities falling outside this domain. The legality of each case of extension must be examined with reference to this context.

And yet, there seem to be no norms or procedures for prescribing Aadhaar for a particular activity. Evidently, the extension of Aadhaar is being pursued under a policy directive. It is being mandated mechanically, with inadequate deliberation. There is little attempt to analyse, evaluate the pros and cons, and assess the implications.

Consequently, we have several applications of Aadhaar which are an unnecessary impediment to accessing public goods and services. They only serve to cause gratuitous distress to common people. To illustrate,
  •   Midday meals for schoolchildren, when their identity is known to all and attendance is recorded for the day.   
  •   Treatment for TB patients under the national TB eradication programme, when their hospital record is available.  
  •   School admissions for children, when their admission papers and particulars of their parents, residence, etc. have already been submitted.  
  •    Lately, prospective organ donors, who had completed all the requisite formalities, have been denied this final generosity for want of Aadhaar!  
Such a situation is clearly untenable. The following correctives are needed.
  •   All further extensions of Aadhaar should be done only after intense scrutiny.    
  •   Adoption of Aadhaar for new programmes must be examined on a case-by-case basis. The objective should be efficiency, better delivery of benefits and services and convenience of the target groups. If the incorporation of Aadhaar does not lead to a significant value addition, and if the presumed inefficiencies can effectively be avoided by improving the programme design and streamlining the supervision, the proposal of extension should be dropped.  
  •   All the schemes where Aadhaar has been made mandatory (117 at last count) must be reviewed. These include all those notified under Section 7 of the Aadhaar Act, and also the activities outside the purview of the Act. Where the requirement of Aadhaar is found to be unjustified, or illegal under the Act, the orders should be withdrawn.  
  •   It is imperative to issue explicit guidelines laying down the norms and processes to be followed before extending Aadhaar to any scheme. The decision-making process should be transparent and include consultation with all the stakeholders. 
4. Corruption and the limitations of Aadhaar
The fourth is the premise that the UID is essential to bring about efficiency, to ensure that benefits reach the target groups, and to eliminate corrupt practices.
While this logic has a certain appeal in an environment of all pervasive scam fatigue, it will not be prudent to apply it across the board. The responsibility to ensure efficiency and minimise the scope for corruption lies primarily within the scheme design. Aadhaar is relevant only to the limited extent of “identity duplication”, and it is useful only where that is a major problem. It is essential, in fact, to look beyond Aadhaar and to examine the scheme in its entirety.
It is well documented that the avenues for corruption and misappropriation are multi-layered and convoluted. The loopholes in each scheme need to be plugged with reference to its framework. There are no shortcuts.
The following examples substantiate this postulate; these relate to programmes that are crucial for the most vulnerable – the landless, children and the elderly, the SC and ST communities – programmes which must not be discontinued.
  • Under PDS, the malpractices include poor quality of food grains, adulterated rations, and short weighments. In fact, under the revamped PDS post the National Food Security Act, fake ration cards do not seem to be an issue. The experience of Chhattisgarh and other states confirm this.
  • For midday meals, the large-scale pilfering of stocks, poor quality of meals, fabrication of records are the important concerns.
  • In pensions, there is misappropriation through the connivance of government officials and bank staff, short payments, and fudging of accounts.
  • In MGNREGA, the issues go well beyond fake job cards: collusion between the bank and the panchayat, ‘theft’ of a part of the wages, substandard construction material, inflated measurement books, and substitution of labour by earthmoving equipment.
Evidently, Aadhaar will not rid us of such corruption. In fact the focus on Aadhaar shifts attention away from the root causes of corruption, and Aadhaar comes to serve as a smokescreen.
  • Field verifications, inspections, door to door surveys, regular updates, supervision at disbursement time, transparent systems of payments, social audits and public hearings, measures which have fallen into disuse, need to be revived. Technology can also help with computerisation, digitalisation of databases, linkages between activities, and effective MIS.
  • What is needed is the will to take on the vested interests, break the nexus with criminal elements, and not depend merely on technological solutions or administrative interventions. There has to be a seriousness of intent. The enthusiasm that is being shown for Aadhaar could in fact be displayed in the implementation of the Lokpal Act, protection of whistle-blowers, grievance redressal and further strengthening of the RTI.
5. Regulating Commercialisation & Data Protection
The fifth area of concern is the opening up of the Aadhaar database for commercialisation.
The government seems to have adopted a laissez-faire approach in this regard. In the absence of effective regulation and control, misuse and unauthorised trading of personal data, rent seeking by intermediaries and touts, issuance of fake cards, targeting of Aadhaar number holders, and such like abuses have become all too common. The CEO of UIDAI has registered about 40,000 cases for various malpractices; there would be far more which have not come to light.
The penal provisions in the Act have not proved to be a serious deterrent. Far greater thought must be given to preserving the sanctity of the UID database and its operations. The recent hacking of Aadhaar data by an IIT alumnus has demonstrated how fragile the system is. The unabated seeding of Aadhaar in different databases has introduced new vulnerabilities into the system by providing access to hitherto isolated silos through a common platform. There is a real and patent risk of misuse of this wealth of personal information by unscrupulous elements. The possibility of unauthorised use by overreaching state agencies also cannot be ruled out.
The issue of profiteering by commercial entities offering Aadhaar based services does not seem to have been examined at all. On the contrary, there is a specific provision (14 m) in the Aadhaar (Authentication) Regulations to the effect that the government or the UIDAI shall have no say in the charges levied by service providers to their clients.
Some other aspects of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016, also need to be reviewed. The concentration of authority in the UIDAI is overwhelming. Interestingly, there is no judicial redress for an aggrieved individual. Her existence is contingent on an authentication by the UIDAI: if it fails, she is left in the lurch; she has no avenues of appeal outside the UIDAI. Further, an exasperated Aadhaar number holder does not have the liberty to surrender the Aadhaar card. Aadhaar’s voluntary label is therefore less than convincing.
The Parliamentary Committee, which had examined the National Identification Authority of India (NIAI) Bill, 2010, had made extensive recommendations for its amelioration. These suggestions have largely been ignored while formulating the present law which was rushed through Parliament as a money bill. This short-circuited the established legislative process. Clearly, the Aadhaar Act requires a rigorous, de novo scrutiny, and a broad-based discussion in public forums.
We have not gone into the larger issues of privacy, surveillance, security, and profiling, which have been addressed by the Apex Court’s Constitution bench. We must, however, observe that civil society greatly prizes the right to be left alone. It includes the right not to be put out there and exposed involuntarily. The mandatory seeding of Aadhaar numbers for accessing public utilities such as water and electricity, and banking and other state services is tantamount to forced disclosure of personal information. This gives enormous powers to the state which could misuse them to curtail the individual’s right to privacy. Such curtailment may amount to the denial of the freedoms guaranteed under the provisions of Articles 19 and 21 of the Constitution. This aspect needs deeper examination.

(MK Bezboruah)
Formerly Chairman,
3rd Delhi Finance Commission

(Surjit Kishore Das)
Formerly Chief Secretary,
Govt. of Uttarakhand

(Kamal Kant Jaswal)
Formerly Secretary to Govt. of India,
Dept. of Information Technology

(CK Koshy)
Formerly Additional Chief Secretary,
Govt. Of Gujarat

(Lalit Mathur)
Formerly Director General, NIRD,
Ministry of Rural Development

(Dr VV Rama Subba Rao)
Formerly Additional Chief Secretary,
Govt. of Gujarat