Many of us have been against the biometrics-based identification numbers since inception and even more vocal about the frightening implications of forcing us to link the Aadhaar number to our telephones, banks, investments, education, healthcare and almost every activity of our lives including death. We hope that the Supreme Court of India will hear our concerns and halt the crazy expansion of Aadhaar’s remit to give the government extraordinary control over our lives while compromising our privacy and finances in a poorly-governed country where there is no redress for citizens for their day-to-day problems.
However, the majority of Indians have no such fears. They dutifully enrolled for Aadhaar and even supported the biometric identification. For several of them, including senior citizens, the horrendous implications of biometric linkages began to sink in only when their fingerprints were rejected. Read this comment by Ravinder on Moneylife’s website to understand the panic and helplessness of a person who faces real-life issues. It drives home the draconian implications of this Frankenstein’s monster.
Ravinder writes: “Myself, at the age of 64, also likely to lose my identity because of botched up implementation of the programme. My mobile phones are not getting linked; my bank account is likely to go inactive beyond 31st December: my pension will be stopped: my entry into airports is likely to be denied (as they are likely to introduce biometrics tools at the entry points): and all for the simple reason that the biometric machines do not recognise my fingerprints even after having them updated at Aadhaar Centre two times. The consequences are far reaching which one cannot imagine right now as more and more agencies start using the same. I have written everywhere, from UIDAI (Unique Identification Authority of India) to department of public grievances and others and also talked to mobile operators many times. Nobody listens. I am desperate and sometimes start thinking of ending of my life. It is getting too much for me to handle. It’s high time the Government and the Supreme Court does something about it.”
Worried at the tone of this comment, I called up Ravinder, hoping to reassure him. The conversation exposed how even a retired Central government officer is helpless in the face of callous officialdom. His banker reluctantly accepted his life certificate this year based on other identification, but warned him that his pension could be withheld the next time the biometrics failed. No solution was offered. His telecom service-provider’s solution was shocking—he asked Ravinder to obtain a phone in his son’s name so that Aadhaar is not a problem. This is a daft and disempowering suggestion to a financially independent senior citizen who needs his own phone for digital transactions. A similar suggestion was made regarding his property.
Do we seriously expect senior citizens to give up control over assets only because the government doesn't care? Ravinder desperately sought solutions from UIDAI and others, but nothing happened. Every other day, UIDAI announces solutions to mitigate the problems of senior citizens, including not mandating biometric verification for them. That has yet to show results; moreover, we do not know if these biometric exceptions will lead to fraud in an already unverified Aadhaar database. Yes, Aadhaar data has not been independently verified.
Meanwhile, Ravinder and other senior citizens will remain in limbo until the five-member bench of the Supreme Court conducts a full hearing in January 2018 and decides the matter.
UIDAI: Friends and Consultants Bag Lucrative Contracts
Even as conscientious objectors to the biometrics-based Aadhaar number have their eyes peeled on the Supreme Court hearing, it appears that information technology (IT) and cyber-security audit service-providers have been engaged in a quiet, but more serious tussle with the UIDAI. This is about the manner in which UIDAI empanels various service-providers and consultants.
All service-providers contracted by UIDAI are expected to have high competence, integrity and are approved through a fair selection process. But this is not being done. What better example of this than the quiet cancellation of a massive 49,000 Aadhaar enrolment centres on the ground that they were indulging in fraudulent practices? Today, when new Aadhaar linkage rules are being notified almost every other day, a number of enrolment centres where biometrics can be updated, linked or modified, have vanished. People have taken to social media to complain bitterly about the fact that even centres listed on UIDAI’s website do not exist; there are long queues at the few that remain. People are being issued about 20 to 30 tokens a day as part of a queue system to get the work done.
Meanwhile, more serious charges about UIDAI’s internal functioning have started surfacing. These include: nepotism in appointment of friends as consultants and bending rules to favour large consulting/audit firms or friends for Aadhaar enrolment as well as audit work even though they do not qualify, with disastrous results.
The selection of Aadhaar enrolment centres is a good example. India has two depositories connected to the two national stock exchanges that have the custody of sensitive dematerialised data and ought to be prime candidates for safe Aadhaar enrolment centres, since they already have verified data of millions of investors. Yet, the National Securities Depository Ltd is approved while the Central Depository Services Ltd (CDSL) has been rejected, although both these organisations are large and professionally-run and are owned by financial institutions. On the other hand, several registrars & transfer agents, with no prior experience, who are far lower in the pecking order, are approved as centres.
There is a lot of talk about how more sensitive contracts are being handed out too. On 11th December, UIDAI withdrew the appointment of Deloitte Touche Tohmatsu India LLP as an empanelment agency for conducting information security assessment of UIDAI ecosystem partners. This appears to have been the result of a spate of complaints about the appointment. Sources say that UIDAI had floated two similar requests for Empanelment (RFE) in May and November 2017, seeking applications for audits and e-KYC; but these weren’t widely circulated.
Further, the eligibility criteria were made ridiculously stiff, designed to keep out many qualified cyber-security firms. UIDAI imposed a requirement of a turnover of Rs300 crore in three preceding years, for work that offers a fee of just about Rs 1.65 lakh per audit! The Central Vigilance Commission has a set of guidelines to prevent government undertakings from gaming the eligibility criteria to allow their chosen firms to win bids. But this does not seem to bother UIDAI.
Strangely, Deloitte was allegedly chosen, although it did not qualify—at least, that is the case made out by one of the complaints sent to UIDAI that I had the opportunity to review. For instance, UIDAI required applicant companies to be registered in India for five years; have a minimum specified annual turnover in the past three financial years (as mentioned above); employ a specified number of technically qualified personnel; and have completed a minimum number of audit assignments. Deloitte, essentially a foreign company, allegedly, did not meet these criteria (the complainant had provided specific proof of this to UIDAI) but was still empanelled as the sole auditor of IT infrastructure security audit for a period of three years on 29th November.
We understand that several cyber-security firms have written to UIDAI in protest; soon after Deloitte’s appointment was withdrawn without explanation. UIDAI is going to be giving out a lot of contracts for cyber-security audits, given the manner in which Aadhaar linkages have been mandated by the government. Instead of entering into cosy deals with select consulting firms, UIDAI needs to create a level playing field and distribute its audits to all eligible and qualified cyber-security auditors in a fair and transparent manner. Moneylife had sought UIDAI’s comments on these allegations of favouritism; we had received no reply, at the time of writing.
http://www.livemint.com/Politics/CAXhwnpK1XQ5MkcvdExXcK/UIDAI-introduces-virtual-ID-limited-KYC-for-Aadhaar-card-ho.html
Aadhaar IS SAFE! Is as true as the Taj Mahal is in Delhi !
https://www.youtube.com/watch?v=x5sbmivMA8I
This one ends with calling anyone who has obtained the Aadhaar Card, a donkey (could not agree more).
https://www.youtube.com/watch?v=mai9215bmD8
To round-off and if you want to know (only the mentally-blind would not have) the lies we live under, see -
https://www.youtube.com/watch?v=xRJ3mdHEqOg
Do read the comments...there is a smattering of sensible folks who do not flinch from calling the PM and his lapdogs...FEKU.
The major flaw in the reasoning is the initial supposition that it asks one to 'imagine' (repeated), that we are not already living under an undemocratic/fascist regime.
*Brilliantly reasoned. Please share it widely...*
This is the current dilemma facing the Supreme Court:
The dangers of *Aadhaar/ UIDAI* aren't about privacy or data security alone:the problem is far bigger.
It is about how much power you as an individual, surrender to the government‼ï¸
To those who support *Aadhaar* and/ or the government, please bear with me for a moment: _imagine..._and I repeat, *_imagine_* for a moment, that there is an undemocratic or fascist government at the Center. Or worse, an Army general who manages a coup and then declares an Emergency.
The last time it happened, opposition leaders, including LK Advani and George Fernandes went underground. They masked their identity, traveled across the country, raised money and garnered people’s support for their pro-democracy activities.
None of this will be possible any more.
In such a circumstance, just switching off your cell phone won’t be sufficient to avoid the government tracking you down.
Thanks to Aadhaar, you won’t be able to withdraw money or make any transaction, using even a debit card.
The government is linking Aadhaar to train tickets and boarding passes: you won’t be able to travel.
*Being a centralized database, it takes just a few seconds to switch off your Aadhaar authentication.
That can:
- deny you your own money,
- deny you any movement,
- deny you any form of communication.
You can’t hide behind an alias. It is linked to your biometrics.
The government doesn't need to even arrest you. It can just deny your existence in a matter of a few seconds. You aren't dead, but you can be termed dead in a matter of seconds: You can be just "Switched Off" ‼ï¸
As databases get more and more linked - property cards, tax filings, joint bank accounts, school admissions - it takes another few seconds to identify your family members. And extend the same denial of existence to your family, friends or anyone whom you have any relationship with: "Switch them off".
Such acts don’t even require a declaration of Emergency. A Facebook post that isn't liked by someone powerful enough can trigger this in a matter of moments: "Switch Off".
The problem with Aadhaar is that it is centralized, and it owns you.
You don’t have access to your own trail or data, but someone else has unilateral access to you, anytime. And it stores data, for seven years or even more.
No law is sufficient. _Aadhaar just shouldn't exist ‼ï¸
We don’t need rights or protection for "Achhe Din." Rights and protection are meant for the bad times.
But it is during the good times, that it is important to not lose sight of how bad times can be and what we need to protect about ourselves.
The likes of Nandan Nilekani (Neelcunt) are now saying that it is a security issue. They then point fingers at Android, iOS, Google or Facebook, which also own a lot of data about us.
It isn't similar Sir, none of them have executive powers over me. I have some notional ability to delete them, sign off.
They can’t 'Switch me Off'.
His argument is akin to saying: “look, we have built a grand, free house for you to live in. Yes, the columns of the house aren't strong enough, but hey, there are other houses in town that also have weak columns".
Sir, with all due respect, you should have built protection first, before giving birth to a Frankenstein ‼ï¸
Forward this, till it reaches the powers that try to control our lives.
May Nature and the Universe, protect us‼ï¸
(author unknown)
I go to Vakrangee Service center, and get charged Rs. 100 for the service - lamination of the registration form - after they tried multiple times to get the fingerprints recorded of the kid. Finally they were able to get only 4 of the 10 fingers scanned and marked all the other fingers with X marks on the acknowledgement form.
This means that in the future there has to be a next level of Re-Registration as and when I try to use this Aadhar number for verification. This is the state of software registrations.
2. IT industry is becoming the backbone of all things government. Good for most things, since it began with the need to reduce paper and improve processes. But along the way IT as a tool has been taken, twisted and mangled to suit whatever purposes the 'influential' wanted it to suit them.
3. Now as you see multiple features being launched for Aadhar services, like biometric lock, update feature for email and mobile number, each of which are not requiring some cost to be borne by the citizen, it shows that the IT industry which designed this public service didn't get its full potential 'requirement definition' in the beginning. Requirements have evolved over time, and in the Agile way of project delivery, the Aadhar service also has evolved to prevent breaks or at times to fix break-ins. On such ground, in the news yesterday was Hon Finance Min She Jaitley ji saying that they are open to suggestions on improvements still. So indirectly there are faults accepted and ways to mend them being tried and tested. How many will succeed no one knows but definitely, the base is shaky and so is the future of this nation.
Hence it would be very interesting to see their reaction on the 17th of January, when if the SC is true to its ruling (and does not loose its orchises) on the right to privacy being a fundamental right and throws Aadhaar out, lock, stock and barrel.
Being an atheist I cannot say, I pray for the day but that does not prevent me from wishing it to be so.
Alas, if wishes were horses.........
Any system that puts personal data on the web has to be TOTALLY tamper proof and beyond hacking.
When Aadhar-linked jobs are given out..a very sound and secure system..managed by a very strong company is required