11729 - Rhodes scholar to Carnatic singer, meet 4 young lawyers in privacy fight - Indian Express

Rhodes scholar to Carnatic singer, meet 4 young lawyers in privacy fight

(From left) Gautam Bhatia, Prasanna S, Kritika Bhardwaj and Apar Gupta outside the Supreme Court. Tashi Tobgyal

Prasanna believes that technology ruling lives can only be deemed as fair if it is “proveably so and nothing in Aadhaar has been able to convince me of that”.

Written by Seema Chishti 

New Delhi | Updated: August 7, 2017 10:11 am

AS THE Supreme Court examines whether privacy is a fundamental right, a community of young lawyers has taken it upon themselves to spread the word — that the right to privacy is “non-negotiable”. So, from sitting through every court hearing to live-tweeting proceedings, from taking on the Centre when it argues that the Constitution does not provide for privacy as a fundamental right to breaking down the web of legalese around the debate, these lawyers are trying to help shape the architecture that will govern Indian lives in the age of unique IDs, technology and machines.

Prasanna S, Apar Gupta, and Kritika Bhardwaj are assisting senior counsel Shyam Divan, who is representing four privacy petitioners, including Shanta Sinha, the former head of the National Commission for the Protection of Child Rights, and Magsaysay awardee Bezwada Wilson. Gautam Bhatia is assisting another senior lawyer, Arvind Datar, who is arguing for the Election Commission and for privacy as a fundamental right.

There are seven petitioners in the case with at least 12 active counsel in the matter before the nine-judge bench.

Prasanna S, 34

The Hosur-born, Tamil-speaking Prasanna sees nothing exceptional about his transition from the world of software to the thickets of Constitutional law four years ago. “Many technologists have moved to fields like investment banking. No questions are asked of them,” says Prasanna, now an independent, Delhi-based lawyer. Prasanna, who is also a trained Carnatic singer, believes his background in software and technology gives him “at least the vocabulary to understand new challenges to civil liberties”.

“Many technologists have moved to fields like investment banking. No questions are asked of them,” says Prasanna, now an independent, Delhi-based lawyer. Prasanna, who is also a trained Carnatic singer, believes his background in software and technology gives him “at least the vocabulary to understand new challenges to civil liberties”.

He says the general lack of opposition among the public to ideas such as Aadhaar, the unique ID programme that is at the core of the privacy debate, stems from a “fascination with technology” and a belief “that if it is a machine, it will make correct choices”.

Nothing could be more flawed, he says. “I can see through that clearly, being fully aware of how technology can have design limitations,” says Prasanna. In the case of biometrics, Prasanna says, “With an error-rate higher than 10 per cent, if this flawed technology rejects the population the size of the state of Bihar as being ineligible for rations, what is to be done? Is that acceptable?”

Prasanna believes that technology ruling lives can only be deemed as fair if it is “proveably so and nothing in Aadhaar has been able to convince me of that”.

right to privacy, privacy as fundamental right, Supreme Court on privacy fundamental right, Aadhaar card compulsion, aadhar act, latest news, india news, indian express The lawyers photographed on the central lawns of the Supreme Court in New Delhi. (Express Photo by Tashi Tobgyal)

Gautam Bhatia, 28

The Rhodes scholar is also a sci-fi geek. He edits Strange Horizons, a UK-based science-fiction magazine, and is now looking at post-colonial science-fiction. One of the lawyers on senior counsel Datar’s team, he is among the leading voices in the privacy debate, even live-tweeting the apex court’s proceedings. Bhatia was studying for a degree in legal philosophy at Yale when WikiLeaks broke, followed by Edward Snowden’s revelations in June 2013. In December 2013, the American Civil Liberties Union filed a law against surveillance and Bhatia took a train to the New York district court to hear ACLU fight the US National Security Agency for two-and-a-half hours.

After he returned to India, his alma-mater, the National Law School in Bengaluru, asked him to do a paper on surveillance in the Indian context. To Bhatia, that was a “golden moment”, when his academic pursuits and events at home and abroad got him interested in data, meta-data and privacy concerns. Bhatia believes that Aadhaar in itself is not a surveillance mechanism, but has the “potential” to be one. “If information is in different silos, the seeding of databases is okay, but the minute you combine it, then you are very well placed to be a perfect surveillance state,” he says.

Gautam speaks of how metadata gives you a deeper insight into people than actual data. “If you tape my phone conversation, you get data, but if you know who I called, who I had coffee with, visited a doctor, a divorce consultant and a physiotherapist… that gives you much more data to map me with near perfection,” says Bhatia, who is the author of Offend, Shock or Disturb: Free Speech Under the Indian Constitution.

So what is an ideal right to privacy law? “Any law on privacy has to be founded on principles of informed consent and specific consent. Informed consent means the person is aware of what use it’s being put to and specific consent means that the authorities must seek consent for each specific act.”

Gautam thinks a national political culture that does not value privacy can only go one way. “Look at history — societies where privacy is devalued become totalitarian. East Germany, with its Stasi (Ministry of State Security that carried out mass surveillance), was not a strong state, but a state where the national political culture is such that privacy does not count, becomes a surveillance state,” he says.

Gautam believes that violation of privacy enables discrimination. “Bezwada Wilson has spoken of how manual scavengers do not want to be identified, nor do people like trafficked women who have been freed. Too much data about citizens with the state is anti-democratic.”

right to privacy, privacy as fundamental right, Supreme Court on privacy fundamental right, Aadhaar card compulsion, aadhar act, latest news, india news, indian express There are seven petitioners in the case with at least 12 active counsel in the matter before the nine-judge bench. (Express Photo by Tashi Tobgyal)

Apar Gupta, 33

@Aparatbar is a familiar Twitter handle to serious followers of the privacy and data debate in India. Gupta says he operates in the space between the “polar worlds of rockstar litigant Harish Salve and Prashant Bhushan, who does public interest litigation”.

A product of Columbia Law School and before that, Mount St Mary’s school in Delhi, Gupta says, “It is true society will be incredibly digital, but if you divorce it from civil rights and constitutionality, you will get something very unjust. We want to push this back.”

So why would governments want Aadhaar to be made compulsory when they have passports and PANs? “There is an administrative fetish, which is fed by Aadhaar. (Governments) get a digital dashboard and are able to create the illusion that they are administering efficiently. It’s on a good-faith basis to some degree, but all digitisation is not good. Digital IDs by themselves have resulted in savings, but that has been without Aadhaar. Conservative estimates are that nearly Rs 11,000 crore has been spent on Aadhaar,” he says.

Kritika Bharadwaj, 26

She is currently reading three books: Delete, on the Right to be Forgotten, The Second Sex by Simone De Beauvoir and Seven Minutes, a courtroom thriller. But Kritika, a political science graduate from LSR, went on to do an LLB from Delhi University’s Faculty of Law and later Masters from Cambridge in Information Law. But even before her Masters, she had cut her teeth on Aadhaar-related matters and done meticulous research on international laws, biometrics, international practices, protocols and databases in the world.

“We were shocked by the Centre’s arguments that privacy is not a fundamental right. We had prepared things pertinent to Aadhaar, of projects, exclusion and biometrics. But when the government made this plea, we all sat up and decided to help push this back,” she says.

Yet, she says, the “real challenge to us is the ‘so what’ challenge. “So what if privacy is violated, people say. We are still trying to address that convincingly,” she says. “My understanding and study tells me that the real worry is that the citizen does not even know what the government knows about him and how it will be used against the citizen. That is a lot of information asymmetry. Also, with so much data about everyone, there is implicit, a presumption of guilt of each citizen,” she says.

11726 - Aadhaar is vulnerable to identity theft because of its design and the way it is used - Scroll.In

Aadhaar is vulnerable to identity theft because of its design and the way it is used

A centralised database, dual use as identifier and authenticator, and lack of sound legal framework are its main weaknesses.

Apr 02, 2017 · 05:30 pm

Kritika Bhardwaj

Recent reports of the misuse of Aadhaar – the 12-digit unique identification number that the Indian government is pressuring all residents to obtain – have brought back concerns about the privacy and security of the project. In February, six employees of telecom service provider Reliance Jio were arrested for the fraudulent use of fingerprints to activate and sell SIM cards. There were also reports that month about Axis Bank and other entities storing and using biometric data without authorisation. Another report indicates that personal information, including Aadhaar numbers, can be freely obtained through a simple online search. In a society where Aadhaar is rapidly becoming the key for citizens to access every service, claims about its security merit more rigorous analysis.

Any robust identification mechanism must be able to prevent or adequately remedy identity theft. Identity theft occurs when someone’s identity is wrongfully appropriated, usually to commit crimes. In the case of Aadhaar, its design and application are likely to make identity theft easier. Unfortunately, even the legal framework seems inadequate to address these risks.

Flawed design

Aadhaar’s design is based on a centralised database called the Central Identities Data Repository that stores every individual’s demographic and biometric information. The aggregation of personal information in one centralised database makes it vulnerable to exploitation, making it a valuable target for hackers, states and identity thieves. Additionally, research suggests that in addition to external threats, centralised databases are also vulnerable to errors and misuse by custodians of the database themselves.

In 2005, researchers came out with a report examining a proposal for a unique, biometric ID in the United Kingdom. In the context of identity theft, the report stated that it was impossible to guarantee the security of such a vast database, which is likely to be accessed millions of times daily and be involved in the exchange of a large amount of valuable information. In 2010, the government there passed a legislation to repeal the project.

Problematic application

Besides structural vulnerabilities, the use of the Aadhaar number as a ubiquitous, universal identifier further heightens the risk of identity theft. The scheme of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016, suggests that the number is only to be used to authenticate one’s identity – that is, to prove if a person is who she claims to be. However, an essential feature of the Aadhaar framework is seeding. Seeding allows organisations to feed Aadhaar numbers into their own databases, allowing them to uniquely identify beneficiaries or customers. The presence of one unique number for every individual across multiple public and private databases makes the convergence of this information easier. The legal framework does not prohibit this, and the safeguards for the security of these parallel databases are scant.

The dual use of Aadhaar as an identifier as well as an authenticator increases the probability of identity theft. An authenticator works well if it is confidential (for example, a password or PIN). Conversely, an identifier’s efficacy depends on it being openly available and widely used (for example, one’s name). In 2008, the United States federal regulator for consumer protection came out with a report on the correlation between the social security number and identity theft. Identity theft affects more than 7% of the adult American population, and has resulted in losses over $100 billion.

While there are several differences between the social security number and Aadhaar, the former has become the most common way for organisations in the United States to match individuals with their information. The report attributed the high rate of identity theft in America to the twin use of the social security number as an identifier as well as an authenticator. It stated that the social security number was not suitable for authentication because it was commonly used and easily accessible. Even in Australia, the extensive use of the tax file number has had a similar impact on identity theft.

Proponents of Aadhaar would argue that this comparison is unfair as neither of these identifiers use biometrics for authentication. However, it is well established that biometrics, too, are fallible. From creating gummy fingers – artificial fingers made of gelatin – to capturing fingerprints from photographs, biometric technology has been compromised even without sophisticated tools or methods. On the contrary, the use of biometrics raises the additional concern that in the event they are compromised, they cannot be re-issued like ordinary passwords or PINs. When biometrics are combined with a universal identifier like Aadhaar and subsequently compromised, an identity thief can instantly gain access to multiple services, while simultaneously preventing the individual from obtaining legitimate benefits she might be entitled to.

Inadequate legal framework

These design and application vulnerabilities are exacerbated in the absence of strong legal protections. The Aadhaar Act and its corresponding regulations reveal several weaknesses at multiple stages – at the time of enrolment itself, in detecting identity theft, and with respect to legal remedies after the crime has been detected.

The law allows an individual to enrol for Aadhaar without any document as proof of identity, through an introducer. An introducer can be any individual who vouches for the identity of the person in question, so long as she has an Aadhaar number herself. This makes it easy for individuals to enrol with a false or fraudulent identity. Reports indicate that a bank account can now be opened using Aadhaar, enabling individuals to take part in financial transactions with fraudulent credentials.

Further, if and when identity theft is committed, individuals may never come to know as the law does not require the Unique Identification Authority of India – the agency responsible for issuing Aadhaar numbers and managing the database – to inform citizens about a data breach.

Other impediments to discovering identity theft include the fact that the law imposes a fee for individuals to inspect their own authentication logs and this, too, is limited to a period of six months. The United States experience with identity theft suggests the crime can go undetected for years.

Even if an individual were to surpass these obstacles and discover such fraud, the law provides limited avenues for relief. While identity theft is a punishable offence under the Aadhaar Act, an individual has no power to initiate proceedings even if the crime has been detected. The Act only allows the Authority to initiate criminal proceedings. The individual’s only remedy is to register a complaint with the Authority’s grievance redressal centre, which has no accountability under the law. Most importantly, identity theft has been known to result in large financial losses or emotional distress. However, the provisions under the Aadhaar Act are criminal in nature, leaving individuals without an adequate remedy for compensation.

The poor drafting of the legislation only exacerbates the architectural vulnerabilities of Aadhaar. The law lacks effective checks to prevent identity theft and provide adequate redressal to victims of the crime. In the United States, proposals to combat identity theft have repeatedly emphasised on restricting the use of the social security number, especially by private companies. In light of the recent security breaches related to Aadhaar, the government must introspect on its use as a universal identifier.

Kritika Bhardwaj works as Programme Officer with the Centre for Communication Governance at the National Law University Delhi.

11191 - Linking PAN with Aadhaar – Update from the Supreme Court Hearing (Day – III) - Legally India

Linking PAN with Aadhaar – Update from the Supreme Court Hearing (Day – III)

By CCG NLU Delhi

In the on-going case challenging the constitutionality of Section 139AA of the Income Tax Act (‘IT Act’), the petitioners concluded their arguments today. Our coverage of the arguments made over the last two days can be found here and here.

Today, the petitioners’ counsel elaborated on the concept of informational self-determination, as propounded by the German Federal Constitutional Court in the landmark Census decision of 1983.[1] Relying on three scholarly pieces[2], he explained that informational self-determination stemmed from the fundamental rights of human dignity and personal liberty. Collectively, these two rights formed the constitutional right to personality under the German legal framework. Informational self-determination was therefore not just a necessary condition for the free development of one’s personality, but also an essential element of a democratic society. He argued that irrespective of whether this was a constitutional value under the Indian framework, it was a legitimate value and concern for the petitioners before the Court.

The petitioners, and others who object to the Aadhaar project must have the right to informational self-determination to not give their personal information to private entities empanelled by the Government. The counsel argued that UIDAI’s enrolment process was through a network of private entities and reiterated that more than 34,000 had been blacklisted for various reasons. This, in his view established the lack of control exercised by the government during the enrolment process. Further, he relied on UIDAI’s Handbook for Registrars[3] to show that even registrars (who may be state governments, or other public or private entities) are at liberty to retain biometrics and use them for other purposes. In his view, this represented a complete destruction of personal autonomy. He argued that the IT Act could not compel him to part with his biometrics under such circumstances.

The second main ground advanced by the petitioners’ counsel was ‘compelled speech’ as a violation of Article 19(1)(a). He distinguished giving demographic information to government authorities for a singular, defined purpose from information collection under Aadhaar. As per him, the state could not compel an individual to provide fingerprints and iris scans to private third parties. He cited Bijoe Emanuel v. State of Kerala (1986) 3 SCC 615 in support of this contention.

On proportionality, it was argued that the number of PAN cards for individuals (as per the Central Government’s figures) was 29 crore. When seen against the government’s figures for duplicates, this would only amount to 0.4% of all PANs. On the other hand, the intrusion caused by enrolling for Aadhaar would be tremendous.

The petitioner’s counsel reiterated his argument on the legislature lacking competence to enact Section 139AA. He stated that the doctrine of eminent domain was limited to land and could not be extended to one’s body, except under narrowly tailored circumstances under legitimate circumstances. 

Therefore, the legislature lacked competence under Entry 82 of List I or any residuary power to enact a statute compelling parting with such intimate information.

While summing up, he also reiterated the argument on voluntariness, relying on Lord Atkin’s dissent in Liversidge v. Anderson (1942 AC 206) to emphasise that voluntary could never be interpreted as mandatory.

Finally, he urged the Court to strike down Section 139AA of the IT Act, or alternatively, read down the mandatory nature of the provision to make it voluntary. He also suggested that if the bench thought issues such as informational self-determination and compelled speech are too intertwined or if it appeared not appropriate to decide this matter independently, they may be referred to a larger bench. However, considering the irreversible consequences created by the 1st July deadline, he pressed for interim relief to stay the application of the Act or restrain the government from taking coercive steps for non-compliance. He added that protecting against invalidating one’s PAN would also be essential.

A third petition, which was subsequently filed, was also argued in Court today. The counsel for this petitioner (Mr. Dashrathbhai Patel) contended that Section 139AA was a ‘confused, self-defeating and self-destructive’ provision. He pointed out that the Explanation to the section assigned meanings to several terms as per their definitions under the Aadhaar Act. In such a circumstance, borrowing the definition of ‘enrollemt’ from the Aadhaar Act (where it was a voluntary exercise), made it impermissible to make it mandatory under the IT Act. Secondly, it was contended that the definition of demographic information under the Aadhaar Act specifically prohibited collecting information related to income. By linking PAN with Aadhaar, Section 139AA was facilitating the convergence of income information, in direct contradiction with the Aadhaar Act. He argued that what was impermissible directly could not be permissible in an indirect manner.

With this, the petitioners concluded their arguments before the Supreme Court today. The Central Government will respond on 2nd May (Tuesday).

­­

Disclosure: The author assisted the petitioners’ (Maj. Gen. Vombatkere and Mr. Bezwada Wilson) lawyers for today’s arguments.

[1] BVerfGE 65, 1.

[2] Bernd R. Beier, Genetic Testing and the Right of Self- Determination: The Experience in the Federal Republic of Germany 16(3) Hofstra Law Review 601-614 (1988); and Susanne Baer, Dignity, Liberty, Equality: A Fundamental Rights Triangle of Constitutionalism 59(4) University of Toronto Law Journal 417-468 (2009); Gerrit Hornung and Christoph Schnabel, Data protection in Germany I: The population census decision and the right to informational self-determination 25(1) Computer Law & Security Report 84–88 (December 2009).

[3] p. 16

First published here.

Author: kritikaccg

10968 - Explainer: Aadhaar is vulnerable to identity theft because of its design and the way it is used - Scroll.In

Explainer: Aadhaar is vulnerable to identity theft because of its design and the way it is used

A centralised database, dual use as identifier and authenticator, and lack of sound legal framework are its main weaknesses.

Kritika Bhardwaj

Published Apr 02, 2017.  

Recent reports of the misuse of Aadhaar – the 12-digit unique identification number that the Indian government is pressuring all residents to obtain – have brought back concerns about the privacy and security of the project. In February, six employees of telecom service provider Reliance Jio were arrested for the fraudulent use of fingerprints to activate and sell SIM cards. There were also reports that month about Axis Bank and other entities storing and using biometric data without authorisation. Another report indicates that personal information, including Aadhaar numbers, can be freely obtained through a simple online search. In a society where Aadhaar is rapidly becoming the key for citizens to access every service, claims about its security merit more rigorous analysis.

Any robust identification mechanism must be able to prevent or adequately remedy identity theft. Identity theft occurs when someone’s identity is wrongfully appropriated, usually to commit crimes. In the case of Aadhaar, its design and application are likely to make identity theft easier. Unfortunately, even the legal framework seems inadequate to address these risks.

Flawed design

Aadhaar’s design is based on a centralised database called the Central Identities Data Repository that stores every individual’s demographic and biometric information. The aggregation of personal information in one centralised database makes it vulnerable to exploitation, making it a valuable target for hackers, states and identity thieves. Additionally, research suggests that in addition to external threats, centralised databases are also vulnerable to errors and misuse by custodians of the database themselves.

In 2005, researchers came out with a report examining a proposal for a unique, biometric ID in the United Kingdom. In the context of identity theft, the report stated that it was impossible to guarantee the security of such a vast database, which is likely to be accessed millions of times daily and be involved in the exchange of a large amount of valuable information. In 2010, the government there passed a legislation to repeal the project.

Problematic application

Besides structural vulnerabilities, the use of the Aadhaar number as a ubiquitous, universal identifier further heightens the risk of identity theft. The scheme of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016, suggests that the number is only to be used to authenticate one’s identity – that is, to prove if a person is who she claims to be. However, an essential feature of the Aadhaar framework is seeding. Seeding allows organisations to feed Aadhaar numbers into their own databases, allowing them to uniquely identify beneficiaries or customers. The presence of one unique number for every individual across multiple public and private databases makes the convergence of this information easier. The legal framework does not prohibit this, and the safeguards for the security of these parallel databases are scant.

The dual use of Aadhaar as an identifier as well as an authenticator increases the probability of identity theft. An authenticator works well if it is confidential (for example, a password or PIN). Conversely, an identifier’s efficacy depends on it being openly available and widely used (for example, one’s name). In 2008, the United States federal regulator for consumer protection came out with a report on the correlation between the social security number and identity theft. Identity theft affects more than 7% of the adult American population, and has resulted in losses over $100 billion.

While there are several differences between the social security number and Aadhaar, the former has become the most common way for organisations in the United States to match individuals with their information. The report attributed the high rate of identity theft in America to the twin use of the social security number as an identifier as well as an authenticator. It stated that the social security number was not suitable for authentication because it was commonly used and easily accessible. Even in Australia, the extensive use of the tax file number has had a similar impact on identity theft.

Proponents of Aadhaar would argue that this comparison is unfair as neither of these identifiers use biometrics for authentication. However, it is well established that biometrics, too, are fallible. From creating gummy fingers – artificial fingers made of gelatin – to capturing fingerprints from photographs, biometric technology has been compromised even without sophisticated tools or methods. On the contrary, the use of biometrics raises the additional concern that in the event they are compromised, they cannot be re-issued like ordinary passwords or PINs. When biometrics are combined with a universal identifier like Aadhaar and subsequently compromised, an identity thief can instantly gain access to multiple services, while simultaneously preventing the individual from obtaining legitimate benefits she might be entitled to.

Inadequate legal framework

These design and application vulnerabilities are exacerbated in the absence of strong legal protections. The Aadhaar Act and its corresponding regulations reveal several weaknesses at multiple stages – at the time of enrolment itself, in detecting identity theft, and with respect to legal remedies after the crime has been detected.

The law allows an individual to enrol for Aadhaar without any document as proof of identity, through an introducer. An introducer can be any individual who vouches for the identity of the person in question, so long as she has an Aadhaar number herself. This makes it easy for individuals to enrol with a false or fraudulent identity. Reports indicate that a bank account can now be opened using Aadhaar, enabling individuals to take part in financial transactions with fraudulent credentials.

Further, if and when identity theft is committed, individuals may never come to know as the law does not require the Unique Identification Authority of India – the agency responsible for issuing Aadhaar numbers and managing the database – to inform citizens about a data breach.

Other impediments to discovering identity theft include the fact that the law imposes a fee for individuals to inspect their own authentication logs and this, too, is limited to a period of six months. The United States experience with identity theft suggests the crime can go undetected for years.

Even if an individual were to surpass these obstacles and discover such fraud, the law provides limited avenues for relief. While identity theft is a punishable offence under the Aadhaar Act, an individual has no power to initiate proceedings even if the crime has been detected. The Act only allows the Authority to initiate criminal proceedings. The individual’s only remedy is to register a complaint with the Authority’s grievance redressal centre, which has no accountability under the law. Most importantly, identity theft has been known to result in large financial losses or emotional distress. However, the provisions under the Aadhaar Act are criminal in nature, leaving individuals without an adequate remedy for compensation.

The poor drafting of the legislation only exacerbates the architectural vulnerabilities of Aadhaar. The law lacks effective checks to prevent identity theft and provide adequate redressal to victims of the crime. In the United States, proposals to combat identity theft have repeatedly emphasised on restricting the use of the social security number, especially by private companies. In light of the recent security breaches related to Aadhaar, the government must introspect on its use as a universal identifier.

Kritika Bhardwaj works as Programme Officer with the Centre for Communication Governance at the National Law University Delhi.

We welcome your comments at letters@scroll.in.

10464 - India is enrolling infants and children in Aadhaar – but what about their consent? - Scroll.In

IDENTITY PROJECT

India is enrolling infants and children in Aadhaar – but what about their consent?

by Kritika Bhardwaj

Published Sep 19, 2016 · 10:30 am.   Updated Sep 19, 2016 · 02:16 pm.

Within minutes of birth, children are being signed up for the contentious identification programme.

On September 7, Seema (name changed) became the youngest person in India to get an Aadhaar number, after she was enrolled within five minutes of her birth in Khajuwala, Rajasthan.

The government’s biometric-based identification system, which assigns each citizen a unique number, covers 98% of India’s adult population, according to the latest figures. The coverage among children, however, is far less, and when taken into account, brings total enrolment to 82%

To plug this gap, the government has proposed to link five child-specific schemes to Aadhaar. The inclusion of the mid-day meal scheme among others in this list means that for children in government schools, even getting a hot cooked lunch would be contingent on their biometrics.

Lifelong decision at infancy

Passed in March, the Aadhaar Act makes no distinction between the enrolment of infants (below five years old), children (aged 5 to 18) or adults.

This gives rise to two concerns. First, more than 2.5 crore children have already been enrolled under the programme, without any procedural safeguards that look into issues pertaining to consent, or review of information.

Second, though the Unique Identification Authority of India, which operates the Aadhaar programme, has been asked to take “special measures” while issuing an Aadhaar number to children, the Act does not make any mention of what the measures are, and the programme does not allow children to opt out at a later stage. This is an important clause because children are largely not the ones deciding to enroll in the first place.

Researchers agree that children differ from adults in terms of their capacity to make decisions. They point out that the ability to make logical and rational decisions comes with age and the development of one’s cognitive skills. This is not a new finding – lawmakers have been aware of children’s inherent incapacity for a long time. The need for parental consent for children’s medical treatment or the legal invalidity of contracts by minors are examples of this.

In the context of Aadhaar however, these concerns seem to have completely escaped the consideration of our lawmakers. Raising an entire generation in an environment of biometric ubiquity merits a hard look at the implications of such a society and its impact on our children.

Practical concerns

In recent months, the government has been pushing to register children under Aadhaar right at birth, at the hospital itself, to ensure full enrolment in India by 2017.

Children under the age of five do not need to provide biometrics for enrolment. Their Aadhaar number is mandatorily linked to that of their parents. Children are required to submit their biometrics once at the age of five and subsequently at the age of fifteen. This is because biometrics such as fingerprints and irises are yet to fully develop.

However, several problems arose during the pilot project for this. Enrolment agencies found it tough to capture acceptable images because newborns would not keep still. The absence of distinguishing features between children made the photographs meaningless. Further, many children in India are not named immediately at birth. Despite these practical hurdles, the government seems undeterred from its plan of enrolling infants at birth.

Privacy issues

The information collected by the Unique Identification Authority of India is stored on a central database. Apart from the personal details, including biometric information, the database also keeps a record of all transactions made using the Aadhaar number

As a result, every time someone uses the number, a new entry gets created against their record in the system. With children being forced to enrol, this database can become a lifelong trail of all their transactions.

Under the Aadhaar Act, this information can be shared “in the interest of national security” and if ordered by a court. Consequently, detailed information from an individual’s childhood could be retrieved several years later in a completely different context.

At present, the Supreme Court is hearing petitions against the Aadhaar programme. If Aadhaar survives these legal challenges, the UIDAI must ensure that all authentication records are automatically deleted once a child turns 18.

Question of consent

The UIDAI requires parents’ Aadhaar information to be linked with children only up till the age of five. Its website clarifies that children above that age need to submit their biometrics.

However, it makes no mention of parents’ consent being required for enrolment of children between five and 18. Further, there are no rules allowing parents to access their children’s information and review or correct the same.

Sona Mani Devi gave birth on NH-33 in Latehar, Jharkhand on September 10. She was required to get Aadhaar made for her other two children by their school teacher even while she was pregnant and was not in a condition to travel, reported Indian Express.

Several countries across the world have given statutory recognition to the fact that children lack capacity to give consent. The UK Protection of Freedoms Act mandates that written consent of at least one parent is necessary before schools use biometric information of children. This consent can be withdrawn at any stage. Any objection raised by the child overrides parental consent. Further, it is the school’s duty to provide reasonable alternatives to make those services accessible if there is no consent.

Similarly, the US has the Children’s Online Privacy Protection Act to safeguard children’s information on the internet. It requires websites and applications to obtain a parent’s consent for children below the age of 13. It allows parents to access this information and request that it be deleted.

One may argue that the absence of choice with regard to Aadhaar makes the whole issue of informed consent moot. After all, the resultant exclusion from benefits as a result of non-enrolment implies that people will be forced to enroll. But it is erroneous to think that informed consent is limited only to choice.

Understanding and appreciating the consequences of a decision are inherent aspects of decision-making, and this is a capacity that children lack. However, the enrolment of children under Aadhaar continues unabated without addressing these concerns.

The processes in place for children's enrolment, if any, are completely opaque. There is little clarity on the role of parents’ consent in capturing biometrics, accessing information, correcting it and the duration that every minor’s data can be held for.

As a result, children are being enrolled in a system without any understanding of it and without an option to have their information deleted once they attain adulthood.

And so, many children like Seema will have to prove their identity throughout their lives for the most innocuous and mundane transactions. Within five minutes of her birth, her parents and the health centre officials in Khajuwala, Rajasthan, decided she must have an Aadhaar number. In all probability, she will never have an opportunity to review this decision for herself.

Kritika Bhardwaj works as Programme Officer with the Centre for Communication Governance at the National Law University Delhi.

We welcome your comments at letters@scroll.in.

10380 - The Mission Creep Behind the Aadhaar Project

The Mission Creep Behind the Aadhaar Project

BY KRITIKA BHARDWAJ ON 02/09/2016 • 

While the Aadhaar project is economically beneficial for the government, it is possible that its initially stated goals could have been achieved with cheaper and less intrusive technologies.

The laws for regulating the manner and duration of transaction records are yet to be framed. Credit: Reuters

If the Minister for Information and Broadcasting Venkaiah Naidu is to be believed, 97% of all adult Indian residents now possess an Aadhaar number. In a recent press release, he clarified that no one will be denied benefits on account of not having an Aadhaar number till such time a number is assigned to all beneficiaries. Recent reports of twenty additional schemes being linked with Aadhaar suggest that one may be forced to obtain the unique 12 digit number sooner rather than later. In this light, some technical aspects of the project warrant renewed attention.

A key feature of the Aadhaar project is the Central Identities Data Repository (CIDR) – a centralised database that stores every individual’s personal information. This personal information is a combination of demographic information such as name, age, address etc. as well as biometric information consisting of a photograph, all ten fingerprints and both iris scans. Centralised databases have been the subject of widespread criticism owing to their inherent limitations to secure privacy. But in the context of Aadhaar, the CIDR is problematic not only because it is a centralised database, but also because there’s little to justify its necessity or utility to plug leakages.

The rationale for a centralised database is based on its ability to weed out duplicate identities by checking each enrolment against an existing database of biometrics. Essentially, every Aadhaar-linked transaction involves online transmission of the unique 12-digit number and other information including biometrics to the CIDR. The CIDR verifies the correctness of this information on the basis of data already held by it. It then responds to the service provider with a ‘yes’ or a ‘no’.  This process is known as authentication. Besides the demographic and biometric information collected at the time of enrolment, the CIDR also maintains a record of every authentication request sent to it. Thus, every time a resident uses her Aadhaar number, the service provider’s identity, time and the CIDR’s response get recorded in it. The aggregation of these records could potentially create a detailed history of an individual’s transactions. The laws for regulating the manner and duration of storage of these records are yet to be framed.

The problems with centralisation 

Centralised databases are subject to several criticisms. For starters, it is easier to justify new uses for the same database when all the information is aggregated at the same place. 

Known as ‘mission creep’, this allows authorities to use personal information collected for one purpose to be used for altogether different purposes. Ironically, the Aadhaar Act itself allows for this mission creep. With broad exceptions, information that is ostensibly collected for targeted delivery of government services and subsidies can legitimately be used for national security or for any other purpose a district judge thinks fit. 

Further, in 2010, it was reported that the multinational company Ernst & Young (EY) had been selected as a consultant to set up the CIDR. The report went on to state that the scope of EY’s services included “…identifying and developing business models and business cases for potential revenue streams from the CIDR among others”. This makes the very foundation of the Act suspect. Additionally, large databases are more vulnerable to identity theft. 

The Electronic Frontiers Foundation, a prominent digital rights group describes large centralised biometric databases as “a honeypot of sensitive data vulnerable to exploitation”. The extent of information and its localisation at one place may make the database an ideal target for foreign governments and hackers. 

In 2005, researchers came out with a detailed report on the UK Identity Cards Bill (‘UK Bill’) – the proposed legislation for a national identification system based on biometrics. Despite a few differences, the British project also envisaged a centralised database that would store personal information along with the entire transaction history of every individual. The report came out strongly against centralised storage of information and suggested other alternatives such as a system based on smartcards (where biometrics are stored on the card itself) or offline biometric-reader terminals. As per the report, both these alternatives would have been cheaper as neither required real-time online connectivity. Online authentication is a far greater challenge in India. In a recent survey of network readiness of a hundred and thirty-nine countries, the United Kingdom placed eighth while India ranked ninety-one. 

Poor Internet connectivity has already resulted in denial of benefits to a number of beneficiaries. The report further debunked the claim that centralised systems are more secure and pointed out the additional risk of a single point of failure, which may paralyse all transactions. The UK identification project was subsequently discarded as a result of the privacy and cost considerations raised in this report.

Limitations of centralisation 

However, the report did acknowledge the usefulness of centralised databases in preventing multiple enrolments by the same individual. But leakages in the distribution system exist due to several reasons. Reetika Khera, an economist and associate professor IIT Delhi points out that although Aadhaar can correct duplicate identities, it can do little to correct other forms of fraud. This includes instances where individuals have falsified their eligibility criteria, extortion by middlemen or collusion between middlemen and beneficiaries.

As of August 2015, the reported expense for the Aadhaar project was almost Rs. 6,700 crores. Given the extent of expenditure, it would be natural to assume that the benefits arising from removing duplicate identities outweigh the costs associated with the project. 

In 2013, the National Institute of Public Finance and Policy (NIPFP) conducted a cost-benefit analysis of the Aadhaar project (more than two years after enrolment had already begun). Its findings indicate that the project would yield an internal rate of return of 52.85% to the government. However, the underlying assumptions on which these calculations were made deserve greater attention. 

Khera pointed out several flaws with the NIPFP study. First, although the report considers seven programs, estimates of duplicate or ghost beneficiaries were available only for two schemes – the PDS and the NREGA. For the other schemes, the study either assigned a rate of 7-10% or applied the estimate of duplicate/ghost beneficiaries for one scheme to another. 

Secondly, even for PDS, the study relied on outdated data from 1997-2001. These limitations were admitted by the authors of the study but its final conclusions have nevertheless been used to justify public spending on setting up Aadhaar.

Evidence suggests that cheaper alternate technologies can be equally efficient in weeding out duplicates. For example, Tamil Nadu and Chhattisgarh have drastically reduced leakages in the PDS through computerisation and other methods. The question of whether the UIDAI’s current model is more cost-effective than other technologies was outside the ambit of the study, and hence never analysed. There’s no doubt that the Aadhaar project is economically beneficial for the government. But almost Rs. 6,700 crore rupees have been spent not knowing the extent of these benefits and whether they could be achieved by cheaper, less intrusive technologies.

Despite the government’s insistence on a centralised database, there is very little justification in the public domain about the necessity of such a system. The FAQs on the UIDAI website state that Aadhaar’s system of online authentication is more advantageous compared to an offline system of smartcards as it is ‘more cost-effective, more secure and allows portability’. Even if one assumes this to be true (though all evidence suggests to the contrary), the UIDAI has done little to demonstrate it.

Kritika Bhardwaj is Programme Officer with the Centre for Communication Governance at the National Law University Delhi.