5979 - Aadhaar for quick passport: Is Modi government slyly getting around SC order? - First Biz

Aadhaar for quick passport: Is Modi government slyly getting around SC order?

By R Jagannathan

The NDA government is sailing pretty close to the wind by trying to sidestep a Supreme Court order that specifically says that Aadhaar, the Unique biometric ID being issued to residents (and not necessarily citizens) by the Unique ID Authority of India (UIDAI), cannot be made mandatory for anything.

In two separate cases, one in September 2013, and another in March 2014, the Supreme Court not only said that Aadhaar cannot be insisted upon for the delivery of subsidised products like LPG, but also that the government has to withdraw all orders that make the use of this ID mandatory.

There are no signs that this is happening.

Ever since Narendra Modi has been sold on the idea, the government has been stepping up efforts to make the use of Aadhaar widespread. However, it seems to be using a pressure tactic that makes life easier for those who use Aadhaar without openly flouting the Supreme Court orders.

In the Jan Dhan Yojana for opening zero-balance bank accounts for the poor, the use of Aadhaar has been more or less ubiquitous.

The newspapers today (11 November) report that you will get your passport issued faster if you have an Aadhaar. The Indian Express says that the “centre is likely to do away with police verification prior to the issuance of a passport, if the applicant has a UIDAI number…”. This is clearly an inducement for applicants to get the Aadhaar so that they can get their passports within a month’s time. Or else…

The LPG subsidy scheme, which is being rapidly shifted to direct cash transfer mode from 15 November, will depend substantially on Aadhaar as authentication. There may be no formal note indicating that this is mandatory in view of the Supreme Court’s orders, but who will argue about this at the LPG dealers’ end? Your ordinary LPG consumer will quietly go and get herself an Aadhaar to avoid hassles.

A few days ago, Finance Minister Arun Jaitley, under fire for his stand on disclosing the names of black money holders in foreign banks, announced that he would like to make Aadhaar compulsory for real estate transactions. The idea, says a story in Mint, is that it will “provide a trail of all real estate transactions by an individual.”

This is a red herring. Real estate transactions already mandate so much documentation that anyone who wants to follow the trail can do so. Among other things, PAN card numbers are mandatory for property transactions, and even lease agreements call for police verifications. Not only that, to prevent the seller from escaping capital gains taxes, the buyer of a property has to deduct 1 percent TDS from the payment and deposit it with the taxman, complete with seller’s details.

So, Aadhaar is hardly going to make things even better. If Jaitley wants to sniff black money in realty transactions, the scent should already be reaching his office.

What is becoming clear is that for various reasons, the Modi government is emphasising Aadhaar even more than the UPA. But we have not heard even preliminary noises about legislation to make Aadhaar fully above board and legal, and with in-built privacy protection provisions.

The Express report, for example, says that the National Crime Records Bureau (NCRB) is being asked to “establish a system for validation of criminal antecedents for the applicant.” Passport applicants will then be checked with the NCRB’s records for criminal antecedents.

If Aadhaar is going to be linked to the NCRB’s database, one cannot escape the suspicion that sooner than latter Aadhaar is going to be a critical element in monitoring citizen activity from an internal and external security point of view.

As I have noted before, by pushing Aadhaar without any legal protection for the citizen, enormous power is put in the hands of governments and bureaucrats. Any society that values citizen’s rights should be wary of keeping an entire population’s biometric and personal details in huge databases controlled by a faceless bureaucracy. We need only refer to the widespread accessing of mobile call data records by the powerful to know how much misuse is possible.

Aadhaar is being sold as a way to empower the poor who don’t have an identity but need government subsidies to survive. But it is being covertly pushed to the entire population using the coercive power of the bureaucrat’s pen. If bank accounts, provident funds, mutual funds, gas connections, and big financial transactions of citizens are going to need an Aadhaar number, this means the government has forced a unique ID on us indirectly without even legally being entitled to do so. Now you can add passports and real estate transactions to the list of coercive actions that will push Aadhaar.

Aadhaar empowers the state at the expense of the citizen. Once your income-tax numbers, bank accounts, credit card transactions, and asset purchases are linked through a common Aadhaar number, anyone in any part of a coercive tax system can blackmail you if your assets and financial details are leaked. Not only that, when the next big terror attack happens, suddenly the government will have a huge justification to use the data to track potential terrorists. After that, we will be sliding down a slippery slope to lower levels of privacy protection for all citizens.

We are getting into dangerous territory from the citizen’s privacy protection point of view.

5734 - Not just Aadhaar: your privacy is under threat from all kinds of players By R Jagannathan - First Post

Not just Aadhaar: your privacy is under threat from all kinds of players

By R Jagannathan

FINANCE Jul 28, 2014

The privacy of India’s citizens is under threat, thanks to a weak state. By weak state one means the absence of a strong basis in law for most of the acts allegedly carried out on behalf of the state. A strong state is one where every action of the state or its representatives is grounded in law, which itself is intended to protect the citizens from arbitrary official action.

India is a weak state as it enables powerful people manning various state or private institutions to use gaps in the law to impose mindless new costs and regulations on citizens without commensurate benefits.

Thanks to the absence of a law on privacy, and weak implementation of whatever law that exists, the Indian citizen has now been left vulnerable to fraud, blackmail and other forms of harassment by state or non-state actors. And no one can actually help you if you are a victim of one.

Consider the amount of data now being collected from private citizens either without the authority of law, or by agencies that supposedly act within the law, but which cannot mandate protection of your information or data.

The Unique Identification Authority of India collected biometric and other data from over 600 million Indian residents without any law mandating the safekeeping of your private data. Now that the Modi government has made peace with UIDAI’s Aadhaar and plans to use it for its own schemes, one wonders how it can do so without legislating a law to protect this data from misuse. When private parties collect my biometric data, what is the guarantee this won’t remain in private hands, and lend itself for misuse?

Every bank, every mutual fund and every financial institution with whom citizens have dealings demands a lot of financial and other details from citizens: father’s name, mother’s name, mother’s maiden name, date of birth, account details, annual income. Today’s Mint newspaper (dated 28 July) discusses how mutual funds are seeking details of income and from 1 August you cannot buy a mutual fund without giving these details in a second form.

As of now, you can still fib about your income, but what if tomorrow they demand salary slips and more details? All this is possible because market regulator Sebi is expected to play a policing role on behalf of the taxman. Mutual funds are supposed to report suspicious transactions to the Financial Intelligence Unit – which means spying on you by demanding income statements. 

What if this information, now lying unprotected with mutual funds, lands up with the local gangster who can now kidnap kids and demand ransom, secure in the knowledge of how much he can demand from whom?

Even mobile companies now demand bank statements as address proof. So copies of your bank statements showing incomes and salary inflows are now with mobile and phone companies. The data itself is collected by direct selling agents or staff who keep moving in and out of companies for marginal increases in pay. Who will protect our financial data given to mobile phone companies? What if the info leaks? Who is accountable?

Of course, we are not only talking about data demanded officially, but also private players. From Google to Flipkart to every transaction site, a lot of your personal data is now with private agencies who now know all your financial details, the passwords you tend to use, the things you are interested in, etc. If this data leaks out or is misused, every transaction of yours can be compromised.

The sheer amount of personal information – especially financial information – collected by all kinds of unaccountable agencies and private parties is now so staggering that no citizen can feel safe about sharing information that is demanded almost at every street corner. Even shops and cable operators now demand to know you PAN number – the former if your purchases exceed a certain level, the latter routinely.

The problem with India’s state agencies and regulators is that they collect loads of data without knowing what they will use it for, and how it will be protected.

The Radia tapes affair showed how even information legitimately collected can leak into the public domain and make waves. This clearly shows that before we impose any more rules on the kind of data we need  to collect (for tax purposes, KYC, payment of subsidies, etc) we must legislate a powerful privacy protection law.

The law must cover the following aspects.

One, it must clearly emphasise that the data given under any law or rule is the property of the private citizen and it can be used only for the specified purpose by the agency collecting it. If a bank statement is given to a mobile company, the info is only for the purpose of ascertaining the address, and not for anything else. If a mutual fund collects income statements, it is only meant for checking for any inconsistency in investments and income show. The data again cannot be shared with any outside party.

Two, breaches of privacy must carry heavy penalties. Leaks of any data should not only incur fines, but for more serious breaches, it must lead to prosecution and jailing of the officials concerned.

Three, all agencies – public or private – collecting data from the public must be forced to follow internal processes that specifically protect the data. Just as government departments have information officers to give out information sought through RTIs, there must be designated privacy protection officers who will be accountable for data leaks.

Four, institutions using private parties and direct selling agents (DSAs) to collect data will be liable for any lapses on the parts of their agents. Use of private agents cannot absolve the principal of liability if things go wrong. In the case of the UIDAI, all biometric and other data already collected must be fully protected. This means UIDAI must go back to their data collecting agencies and ensure that any data still left in private hands is either destroyed, or accounted for with full past and future liability.

The point of all this is simple: in these days of phishing and other kinds of internet frauds, the availability of so much unprotected data offers crooks and scamsters lots of options to hack into citizens’ accounts and make a killing. Moreover, financial data in the wrong hands can lead to blackmail, extortion and other forms of demands.

Just consider: when everything from date of birth to mother’s maiden names to salary info is available easily, wouldn’t hacking of accounts become easy with minor efforts?

Also, if all future payments under NREGA, etc, are made through payment banks or other mass disbursal agencies, would it be very difficult to skim 99 paise from every account without the poor account-holder guessing what is happening to her in village Rampur? A million accounts skimmed and shown as miscellaneous bank charges is unlikely to be questioned by any party – and that is a million bucks to somebody on the basis of skimming just under Re 1 from millions of account.

The government has to start taking the privacy issue seriously. The UPA never did. Will Modi’s government be different?

4690 - Aadhaar voluntary, cannot link govt services to it: SC raps Centre - First Post

Aadhaar voluntary, cannot link govt services to it: SC raps Centre

 by FP Staff Sep 23, 2013 

 While states have been linking multiple government services like admissions and gas connections to the Aadhaar number, the Supreme Court today said that the registration for the identity card was purely voluntary and government departments could not demand the card in order to provide a service. The apex court’s directions came in response to a PIL filed by a former judge questioning the legal sanctity of the Aadhaar card. The apex court told the Centre not to make the Unique Identification Card mandatory in order to provide the benefit of government schemes. The court said that the identification card could not be mandatory for states to provide services either , reported CNN-IBN. Not compulsory any more. AFP The Supreme Court also told the Centre not to issue the identification cards to illegal immigrants in in the country, reported CNN-IBN. 

 A retired judge of the Karnataka High Court, KS Puttaswamy, had filed a PIL alleging that the government is bypassing Parliament by going ahead with the distribution of UID numbers and cards to all residents. The PIL alleged that through the Aadhaar scheme, even non-citizens are likely to be given benefits such as cash transfer and illegal migrants residing in India are likely to be legitimised, thereby jeopardising the security of the nation. Multiple government departments, despite the UID scheme being voluntary, have been insisting on Aadhaar cards for various government welfare schemes and other services. As Firstpost‘s R Jagannathan had noted in an earlier piece, the rush to enrol people through the UID scheme may stem from the fact that the UPA government is hoping for the widest possible implementation of the direct cash transfer scheme for subsidied before the next elections. He noted: While the political advantages of giving money to voters in the name of economic efficiency is understandable, the UPA has completely lost sight of one simple thing: there is currently no legislation in place to make the Aadhaar scheme’s collection of private biometric data legal; even though the scheme is being promoted through administrative fiat, the fact that so much personal data will be obtained using private agents is giving privacy advocates sleepless nights. 

While the process of enrolling people for the Aadhaar scheme will not stop because of the Supreme Court’s judgement it may stop government units forcing people to get a UID card. While there are obvious benefits to having a Unique Identification card for every citizen, addressing the concerns surrounding the scheme wouldn’t hurt.

4624 - Neta Nilekani is fine, but I still wouldn’t buy his Aadhaar by R Jagannathan - First Post

Neta Nilekani is fine, but I still wouldn’t buy his Aadhaar by R Jagannathan 

Sep 18, 2013

Read more at: http://www.firstpost.com/india/neta-nilekani-is-fine-but-i-still-wouldnt-buy-his-aadhaar-1116703.html?utm_source=ref_article

The morning’s papers are awash with speculation about Nandan Nilekani, Chairman of the Unique Identification Authority of India (UIDAI), fighting the next Lok Sabha elections on a Congress ticket. Since there is no smoke without fire, one can assume that the speculation is reasonably founded in fact. Good luck to him in his career. However, there’s nothing surprising about it. Nilekani has been doing the UPA’s dirty work of shoving a quasi-illegal Aadhaar card down our throats in the name of empowering the poor. If an articulate and intelligent man like Nilekani can push such a major initiative without any law backing it and still survive the political challenges, he is surely half a politician already. Given the Congress’ good showing in Karnataka recently, Nilekani is probably home and dry even before the battle for votes begins. Let’s also not forget. Nilekani faced challenges from many parts of the government, from the Planning Commission, the finance ministry and the home ministry. If he still survived such a formidable challenge, surely he is cut out for politics.

Nilekani is the chairman of the Aadhaar card project. Reuters

Read more at: http://www.firstpost.com/india/neta-nilekani-is-fine-but-i-still-wouldnt-buy-his-aadhaar-1116703.html?utm_source=ref_article

Nilekani is the kind of guy I could have voted for, but I am not sure I would want to take his Aadhaar card. I prefer Neta Nilekani to Nilekani the UID vendor. Since the two are the same, I can’t ultimately vote for Nilekani either. 

Nobody should be under the illusion that Aadhaar is any kind of boon conferred on us by Nilekani. It is a Trojan horse gifted by a dysfunctional government which will ultimately compromise our security without even a fig leaf of statutory protection for our privacy. It has been sold as a means to reach government benefits to the poor, but it could well end up as one more tool in the hands of the powerful to exclude some and extract speed money from the rest. 

There are many reasons why I don’t think Nilekani has done us a favour with Aadhaar. First, of course, is its questionable legality. There is no law which authorises anyone, even if the PM has told him to do so, to take the Indian citizen’s most prized possession – his identity, his biometrics, his fingerprints – and pretend he is doing him a favour. Morally and ethically, no one should do this without having a law guaranteeing adequate protection against misuse of the data collected. There is no such assurance to Indian citizens that their fingerprints will not fall in the wrong hands. 

Second, the idea of keeping an entire population’s biometric and personal details – every man, woman and child living in the territory of India, even if not a citizen – in huge databases is scary. Some 1,210 million people will stand exposed when UIDAI is completed. No country has ever done this for unstated purposes, though the US does so for social security, and has strong laws protecting people against misuse. If Hitler wanted a tool to control his people, he could not have asked for a better weapon than the UID database. 

Third, the scheme is being sold as a way to empower the poor who don’t have an identity but need government subsidies to survive. But it is being covertly pushed to the entire population. It is being pushed steadily by using the coercive power of the bureaucrat’s pen to make Aadhaar critical for all basic needs. If bank accounts, provident funds, mutual funds, gas connections, and almost any financial transaction by any citizen are going to need an Aadhaar number, this means the government has forced a unique ID on us indirectly without even legally being entitled to do so. If this is not a Trojan horse, what is? 

Fourth, today all kinds of private parties are being used to collect finger-prints and iris biometrics. If the collection of private data is in private hands at the start, what is to prevent this data from remaining in private hands illegally? 

Remember, at some point the idea is to use Aadhaar numbers to validate identity for financial transactions. But if my Aadhaar information is with a private party, will Nilekani guarantee that I cannot be impersonated? And if it does happen, who will protect me? The banks, which are being pressured to use Aadhaar numbers? 

Fifth, the real economic purpose of Aadhaar is to cut out fake and duplicate beneficiaries of government subsidies. This is a good reason to use the Aadhaar. However, in practice, this will increase bribery and corruption on an unimagined scale. Since no politician wants to lose any vote by specifically excluding the middle class or the non-poor from receiving subsidies, the chances are Aadhaar will be improperly used. To prevent exclusion from subsidies, everyone from gas dealers to power suppliers will seek bribes to ensure you continue to be subsidised. It is only a matter of time before politicians and middlemen figure out how to use Aadhaar to enrich themselves. 

Sixth, extortion will become easier. Once your income-tax numbers, bank accounts, credit card transactions, and asset purchases are linked through a common Aadhaar number, anyone in any part of a coercive tax system can blackmail you if your assets and financial details are leaked, you will be vulnerable. Remember, the whole 2G scam was unveiled when the Radia tapes were illegally leaked. Today, laws are in place to listen to every mobile conversation you make, every website you visit, and every transaction you conduct. 

Enter Aadhaar, and the ability of the establishment to connect all your conversations and transactions will magnify 10-fold. Do we want to be that vulnerable? 

Seventh, the collective wisdom of the parliamentary standing committee on finance clearly warned against the UIDAI. It vetted the UPA’s National Identification Authority of India Bill 2010 and recommended that it be trashed and replaced with something better. A report in India Today said the committee “strongly disapproved” of the “hasty manner” in which the scheme was being implemented, and pointed out that the data could be “misused”. (Nilekani, incidentally, is the man hastening Aadhaar. The report said: “The committee has questioned the technology used in Aadhaar.” It questioned the “technology as ‘unreliable and untested’. It has also cited the experience of foreign countries with similar schemes and said that many European nations withdrew their UID projects after opposition from the public.” This is not to say that Nilekani was brought in specifically to intrude into citizens’ privacy. Neither Manmohan Singh nor Nilekani could have had that thought in mind when they started out with Aadhaar. 

But during the course of the last five years it should have been obvious to Nilekani that the original purpose was going to be compromised in the minefield of politics. None of this also means that we don’t need an Aadhaar. 

There are, and can be, many legitimate uses for the Aadhaar number. But there is little doubt about its current dangers. Should Nilekani have gone ahead and still done the job without ensuring citizen safeguards and a legal backing? It is quite possible that Nilekani was sold a pup by the UPA. But should he have then sold the pup to us, in turn? He is already part of a messy political compromise where the integrity of the citizen’s privacy is now up in the air. Maybe he will fix the problem once he is elected and gets to take Aadhaar forward. But no one can bet on that any more. I, for one, would not like to get myself an Aadhaar number.

Read more at: http://www.firstpost.com/india/neta-nilekani-is-fine-but-i-still-wouldnt-buy-his-aadhaar-1116703.html?utm_source=ref_article

3457 - Between KYC, Aadhaar and CMS, India will be a police state - FirstPost

Between KYC, Aadhaar and CMS, India will be a police state

by R Jagannathan Jun 26, 2013

What is the main purpose of issuing citizens a passport? The idea, as the name suggests, is to enable a you and me to pass through another country’s port. It helps identify one as a citizen of a country, so that other countries know where you or I belong. The passport is one country’s guarantee to another that it is responsible for the person carrying the document.

But surprise! Thanks to stringent identity checks everywhere, the soft police state that India has become is forcing many citizens to carry their passports around to get into domestic airports, buy gold or start a bank account. From being an external validation document, the passport has become a domestic ID document.

What is the purpose of issuing taxpayers a PAN card? The idea is to give them a unique number so that their transactions can be matched, mapped and checked through backend software for potential tax evasion. But in India, the PAN card now travels in wallets, jostling for space with cash, credit cards and driving licences.

The PAN card has also become a primary identity confirmer. It is an essential requirement for opening bank accounts, or doing any kind of high-value financial transaction, but its largest role is about establishing identity. And getting it in future will become harder, Business Standard assures us.

What is the purpose of the Aadhaar card? It is proof of identity and residence -– not citizenship. The Unique Identification Authority of India (UIDAI) collects the biometrics of individuals residing in India—iris prints, fingerprints, demographic details, etc.—and issues you a unique number with which you can be identified anywhere and for validating any transaction. It is the ultimate weapon a police state can possess – and currently the Aadhaar card operates under no law, and has no legislation to protect the privacy of your data.

3251 - Why is Aadhaar being shoved down our throats? by R. Jagannathan

Why is Aadhaar being shoved down our throats?

by R Jagannathan Apr 15, 2013

Electoral logic is driving the UPA towards a patent illegality: forcing people to part with sensitive private information such as biometric data or finger-prints without having any law to protect privacy in place.

As things stand, getting yourself an Aadhaar card issued by the Unique Identification Authority of India (UIDAI) is voluntary; you are not legally bound to part with this information to anyone, leave alone the UIDAI. A report in The Times of India today also flags off privacy concerns and emphasises that citizens are essentially being “coerced” to get themselves an Aadhaar number.

At last count, nearly 320 million Indian residents have been enrolled under Aadhaar – and all of it despite a warning from the Parliamentary Standing Committee on Finance which wanted the scheme shut down.

Driven by its own electoral compulsions, the Centre is pushing states to make Aadhaar the norm for every kind of entitlement so that it can proceed with its direct cash transfers (DCT) scheme before the next elections. Aadhaar is supposed to provide foolproof identification of subsidy beneficiaries and weed out duplications and bogus entries.

The UPA thinks DCT is a vote-winner and a game-changer. This is why late last year the Congress announced that scheme would cover the whole country by the end of 2013 after starting out with only a few schemes in 51 districts.

To convert Aadhaar into a voter ATM scheme, you need to roll it out really fast, since elections could happen either later this year or in April-May next year. To make sure that cash is given out to people using Aadhaar, you need bank accounts to be linked to this ID number, and also marry it with data from the ministries advocating these schemes.

Finance Minister P Chidambaram has already announced that cooking gas (LPG) subsidy is next on the list for coverage under Aadhaar and direct cash transfers, but the linkage to bank accounts is taking time. Banks, in fact, are not chary of depending too much on Aadhaar, and The Economic Times today reports that if money is transferred on the basis of this identification, anything going wrong should be the UIDAI’s responsibility.

Why this tearing hurry?

Cooking gas subsidy is a big ticket DCT initiative because of the amounts involved: subsidies amount to Rs 430-440 per cylinder at current international crude prices. Since each family is entitled to nine subsidised cylinders a year, a shift to DCT would mean putting nearly Rs 4,000 into the bank accounts of beneficiaries annually.

While the political advantages of giving money to voters in the name of economic efficiency is understandable, the UPA has completely lost sight of one simple thing: there is currently no legislation in place to make the Aadhaar scheme’s collection of private biometric data legal; even though the scheme is being promoted through administrative fiat, the fact that so much personal data will be obtained using private agents is giving privacy advocates sleepless nights.

In fact, there is a good reason to stop Aadhaar in its tracks—it is already supposed to have covered 320 million residents—before the project is put on a legal footing. Reason: there is simply no protection if your biometric data falls in the wrong hands and your ID has been commandeered by someone else.

A public interest litigation in the Supreme Court has challenged the constitutional validity of the UIDAI headed by former Infosys scion Nandan Nilekani. As Firstpost reported earlier, the petition alleges that “There is no regulatory mechanism to ensure that the data collected is not tampered with or remains secure. When there is no legislation, there is no offence in parting with this information. And when there is no offence, there can be security issues.”

Ankit Goel, one of the lawyers for the PIL, has gone on record to say that “the state is asking for biometrics of an individual. The mere asking of biometric data is encroaching into someone’s privacy. It is tantamount to phone tapping. Whereas in phone tapping there is legislation, there is no legislation here… In the absence of a law passed by Parliament there can’t be any collection of private information. This is against the law laid down by the Supreme Court.”

The parliamentary standing committee on finance headed by Yashwant Sinha, which looked at the National Identification Authority Bill introduced in the Rajya Sabha, also came to the same conclusion: “Despite the presence of serious differences of opinion within the government on the UID scheme…the scheme continues to be implemented in an overbearing manner without regard to legalities and other social consequences.”

The committee rejected the bill, and Mint last December quoted Gurudas Dasgupta, MP, as saying that there was no need for it: “We found that the project is not necessary as there are many other ways of identification such as BPL (below the poverty line) card, voter identification card, etc. There is no merit in the project, it is just a wastage of government money.”

The point is this: isn’t it downright irresponsible for the UPA government to ask citizens to share vital personal information when there is such little political support for it and when there is no guarantee of how the information will be protected?