Aadhaar’s Unabated Harassment and Disempowerment
The harassment caused to citizens for not having Aadhaar or fingerprints not matching shows no sign of abating, even as the government vociferously denies any problems with the Aadhaar scheme and stoutly defends this extraordinarily invasive programme. Here are three worrying reports in just the first two days of May. 
 
On 1st May, Asia Times published a sensational and detailed report by Saikat Datta about how the ECMP software, developed to enable enrolment partners to securely register people for the Aadhaar programme (including collection of sensitive personal data, fingerprints and iris scans), has been seriously compromised. Mr Datta writes that, sometime last year, WhatsApp groups in Punjab began to offer ‘jailbreak’ version of the ECMP software. This, when installed, could bypass biometric and geo-location safeguards of the original and allow anyone posing as an ‘authorised operator’ to make changes to the data and enrol new people from anywhere and pass their information off as legitimate. It was available for as little as Rs2,000. 
 
On 2nd May, Mozilla.org, which makes the Firefox browser, issued a statement saying, “Mozilla has long argued that the Aadhaar lacks critical safeguards. With the demographic data reportedly compromised, it is hard to see how Aadhaar can be trusted for authentication. Access to myriad vital public and private services which require Aadhaar for more than a billion Indians is now at risk.” Mozilla asked UIDAI (Unique Identification of Authority of India) to get a security audit done by an ‘independent firm’ and appealed to the Justice Srikrishna Committee to ensure that the “data protection bill strongly protects Indians, including from the privacy and security harms that they have already suffered from Aadhaar.”
 
Also on 2nd May, the Employees’ Provident Fund Organisation (EPFO) made news when a letter by Dr VP Joy, commissioner for central provident fund, was published on social media, saying,“(EPFO) data has been stolen by hackers by exploiting the vulnerabilities prevailing in the website, aadhaar.epfoservices.com of EPFO.” This time, there was no denial, only a clarification. EPFO said that it had taken “advance action and closed the server and host service through Common Service Centres (CSCs).” According to sources, the data had leaked for weeks before it was noticed. 
 
Trawling through online complaints on Aadhaar-related issues would be enough to frighten most people. The complaints board (https://www.complaintboard.in/complaints-reviews/aadhar-card-l145768/page/3) of the National Consumer Complaints Forum (NCCF) makes for depressing reading. There are pages after pages of complaints from rural folks or senior citizens whose problems don’t make news but remain unresolved. Most people don’t realise that Aadhaar; as envisaged by this government, will require repeated authentication on an on-going basis with the possibility of our biometrics letting us down at any time (maybe at an airport when you are booked to travel). Each authentication will also involve a cost which is not even being discussed as yet. 
 
The only people who may have fewer problems in dealing with Aadhaar are tech-savvy young people, with clear biometrics, living in cities with good Internet connectivity. If Aadhaar becomes mandatory, here is what most of us will deal with, on a regular basis, for every change in our bank, residence, telephone number and, maybe, more. 
 
Biometric Failure: Inability to link phones or bank accounts because of failure to read biometrics is a frequent complaint on NCCF. Some people have updated their biometrics as many as five times; but they are still unreadable. Nobody has any solution for them, although UIDAI has floated several fanciful alternatives in the media.
 
Denial of Rights/Benefits: A couple of starvation death due to denial of welfare benefits made headlines, but with a 12% authentication failure, the number of people who have been denied pension or welfare benefits is huge. Those who have been refused school admissions, scholarships or stopped from appearing for entrance exams, sports events or denied death certificates or pension don’t even make news. But the harassment suffered by them is real and traumatic. 
 
Arrogant and Unhelpful Officers: This is another big complaint on NCCF. Many Aadhaar centres process only 20-odd requests a day, despite long queues. People have made multiple trips to Aadhaar centres only to get a token. This causes serious aggravation in small towns or villages with fewer enrolment centres that require travelling long distances. Many have sacrificed several days of their wages to enrol for Aadhaar or to link phones/bank accounts, for fear of being disconnected. The alternative is to be exploited by agents.
 
Frequent Updates: People who are not Internet-savvy and cannot update information (change of address, mistakes in the Aadhaar card, mismatch between PAN and Aadhaar, changed telephone or bank account, the list is endless and on-going) end up being charged every time. One complainant says he paid Rs150 four times to get an Aadhaar card for his mother; but the UIDAI website still shows it as ‘under process’. Another person says he has visited 15 centres to get an Aadhaar for his daughter and failed. One Biplab Ghosh writes that he has enrolled five times and lists five enrolment numbers starting 2015, but no Aadhaar card has been generated. The UIDAI website says the enrolment is under ‘manual check’. Most enrollers have been charging Rs200 for each updation (irrespective of its success). This is extortionate for poor families with four or more members. 
 
Humiliation: Senior citizens, who require life-certificates to get their legitimate, hard-earned pensions, report terrible humiliation. Some have been asked to wash their hands with warm water to make fingerprints more visible. Others have been told to apply oil and dip their hands in talcum powder. These desperate tricks have worked occasionally; but most people don’t realise that it is not a solution. Government pensioners will suffer this humiliation as an annual ritual. When my 85-year old mother went to submit her Form 15J to avoid tax deduction on interest income, the official threatened to block her account since she had no Aadhaar. A friend’s father, also 85, a retired Central excise officer, actually had his account blocked by a top private bank. A private bank threatened to block the bank account of a primary school of 400 students in a village unless all trustees of the NGO that ran the school linked their account with Aadhaar. Our intervention with the bank’s head-office prevented the mischief. UIDAI offers no solution to such everyday high-handed actions on the ground. 
 
Seven years after UIDAI was set up and three years after this government began to flagrantly violate or deliberately misinterpret Supreme Court’s (SC’s) orders, there is no clear grievance redress mechanism or safeguard against corrupt or high-handed officials or data leaks and technology failures. Aadhaar linkage and tracking would expose political and social activists, or whistle-blowers to State vendetta. They can simply be shut down and denied access to their bank account or telephone and, in a broken-down legal system, it would take decades to fight this, even if that were an option. Every government will want to retain this power, unless it is politically untenable. 
 
UIDAI was a creation of a Congress government under Dr Manmohan Singh and it gave UIDAI enormous power and resources without even the pretence of statutory safeguards. Narendra Modi was against Aadhaar, until he became prime minister. After that, it took a 15-minute meeting with Nandan Nilekani, the father of UIDAI, to do a sharp about-turn without so much as an explanation to the people.
 
If the BJP is voted out in 2019, even a rag-tag coalition that replaces it is unlikely to repeal or dilute Aadhaar. Every political party wants control over people and the ability to track, tag and segregate them on the basis of various metrics. Once ratified by courts, there is no way the Aadhaar genie will be put back in a bottle easily without massive public unrest.
Like this story? Get our top stories by email.

User

COMMENTS

Vivian Fernandes

1 year ago

Aadhar enrolment and updating are a mess in Delhi. At ICICI Bank, in Acharya Niketan near Mayur Vihar Phase I, Delhi 110091, the facility has not been working for many weeks now. At the Speed Post head office in Krishna Nagar, Delhi 110051, I was told by the staff behind counter 5 on Friday, June 15 that Aadhar updates happen on Tuesdays, Thursdays and Saturdays. I was told that one had to register at 8 am. This morning I went to the Krishna Nagar Speed Post office at 8 am and got my name entered in a curled sheet of paper at the at the car parking lot. By then 24 persons had already entered their names. There was no one to man the desk. The Post Master was not aware of the procedure; he said the public had devised it on its own! At 10 a.m I checked into the office after it had opened and was told that the staff for Aadhar enrolment/updates was on leave. The Postmaster could not care less. I wrote a complaint and he got it acknowledged. There as not even a board to say that the counter would not be open today. The public was left to figure it out by itself. I next checked at another Speed Post office in Patparganj and the postmaster told me the staff was on leave and the machines only accept his/her fingerprints for activation. He also said that they were so short-staffed that they could not attend to routine Speed Post activities; Aadhar enrolment/updates and passport services were a huge imposition, he said. Finally, I succeeded at the main post office at Patel Chowk in New Delhi.
A person who was in the queue at Krishna Nagar Speed Post Office told me his ailing wife was turned away from Hedgewar Hospital in East Delhi because she did not have an Aadhar card. Another woman said she had been doing the rounds for about three months.

The Prime Minister cannot stop gloating about digitization. The UIDAI chief is busy defending Aadhar. On the ground it is chaos.

Vivian Fernandes
19 June, 2018

SuchindranathAiyerS

1 year ago

Government and PSUs are as unaccountable as the Judiciary. In The absence of credible redress, the citizens are back to the medieval feudal ages of being crushed and exploited by those on Government/PSU payroll.


For example. Just as citizens are harassed by Aadhar on a daily basis that the State refuses to acknowledge, all of the State's Information Technology is non working garbage like those on the pay roll. In Bangalore, those who had made the mistake of paying PSU Bills on line have not had their accounts updated and are facing heavy fines. Bangalore Electric Supply Company (BESCOM) is a classic case in point. The Tarriffs are also unconscionably and irresponsibly high while the quality and reliability of power supply is extremely poor.

Ravindra Dave

1 year ago

It's nothing but a harresment to d People, even as a senior citizen I have a bank account with SBI & ADHAR has already been done at d time of opening, even after that everytime for making SCSS fixed deposits I have to give PAN & ADHAR card Xerox to do it. It's really harresment.

V ganesan

1 year ago

recently i have relocated from chennai to mumbai. I entered the address change using ssup .Next day i have received sms the request is rejected due to transliteration error.H ere i approached a agent after that he is charging Rs.500 per head. I have 3 persons in my family.Now i dont know whom to complaint or whom to approach

Shrik S

1 year ago

If the Hon SC reads this news item they would probably turn in favor of the Aadhar data being used by the govt.
however with much better encryption, storage and security features.... https://www.nbcnews.com/tech/tech-news/google-sells-future-powered-your-personal-data-n870501 Aadhar should be able to get suitable hearing decision from the SC

Sunil Prakash

1 year ago

Looking into the recent developments about 10,000 voters ID, why not the Aadhar be made the mandatory for Voting also. The owner of AAdhar will have to give his finger print and thus changes of wrong use are minimised.

Hemant Chitale

1 year ago

Is "https://www.complaintboard.in a legitimate site ? A whois search shows that the domain name is owned by someone in Latvia. Similarly, whois shows that consumercomplaints.in is also owned by someone in Latvia.
You got to be careful about such sites if they are mining information about Indian Residents (particularly Aadhaar and Demographics)

Param

1 year ago

i think the last line sums up the problem nicely. we might need an arab spring like civil uprising to bury this demon for good.

Ramesh Poapt

1 year ago

vikas....vikas....vikas....!

MITHILESH PATEL

1 year ago

A few weeks back, I faced Aadhar related problem when I went to SBI for transferring funds to my daughters's college account in London. The banks computer software was not accepting my abbreviated middle name. But my bank account name and name in Aadhar had middle name in abbreviated form. So there was mismatch because bank's software was not accepting abbreviated middle name and if full middle name was typed then, it was not getting verified with aadhar. Luckily for me the bank official made phone calls to foreign exchange branch and problem was sorted out by using my driving license. But I will have to get my name corrected in aadhar. Problem is my middle is abbreviated in all of my records.

Ramesh Bajaj

1 year ago

What you write and the more I read, the world is becoming more scary and situations more worrisome. I am 70 yes. What will the future generation face ?

HARSHAD KHONA

1 year ago

I have not received my EPS for last four months as my fingerprints are not clear. The SBI bank where I have account don't have eye scanner, so I have become helpless.

UIDAI admits #Aadhaar is essentially a self-certification based identity issued without any verification
Using the submission from Unique Identification Authority of India (UIDAI) on his specific questions, Senior Counsel Shyam Divan pointed out before the Supreme Court that Aadhaar is essentially a self-certification based identity and nobody from the government has ever verified it, as admitted by the Authority in writing.
 
Submitting his rejoinder in the Aadhaar case, the Senior Counsel informed the Bench about almost all affirmative responses he received from the UIDAI. "No official from the UIDAI verifies anything at the stage of enrolment. UIDAI also takes no responsibility for correct identification of a person. The ID number is being issued without verification by UIDAI. They do not even know whether the documents presented to the enrollers are genuine or false. And they take no responsibility for it," he said.
 
 
The Bench comprising Chief Justice Misra, Justices AK Sikri, AM Khanwilkar, DY Chandrachud and Ashok Bhushan on Thursday resumed hearing in the Aadhaar case.
 
While UIDAI does not verify age or date of birth, Aadhaar does not identify a person, it only matches, Mr Divan said, adding, since there is no verification, it is blatant disobedience of the order passed by the Court.
 
"We asked them to confirm that at the time of enrolment, there is no verification that the person is not an illegal immigrant. This question was asked because there was a 23 September 2013 order of the Court, specifically stating that Aadhaar should not be given to illegal immigrants. They have said that there is no verification. This is blatant disobedience of the SC order. They were very quick to issue circulars for linking, but did they issue any circular on this?" Mr Divan said.
 
Earlier, the Senior Counsel, citing experts from both the sides contended that the design of the entire Aadhaar program, architecturally and technologically, is fundamentally flawed.
 
 
Mr Divan said, "Aadhaar may be technologically brilliant but constitutionally impermissible. Part III rights are too valuable to be sacrificed in this fashion."
 
 
Talking about Aadhaar and surveillance, Mr Divan said, there are three experts on both sides who agree that real time location tracking is possible, and there are verification logs for five years and it is now for the Court to decide if this is constitutionally permitted.
 
There was report submitted on 4 March 2018 by Manindra Agarwal, who is on the technology and architecture board as well security committee of Aadhaar. “The Report says that the biometric database is accessible to third party vendors such as Morpho, L1, and Accenture,” Mr Divan pointed out.
 
 
Justice Chandrachud said, "The report only says that you cannot have perfect security. And the report says that there is a loss of privacy in the digital world, but Aadhaar is not responsible for that."
 
Mr Divan contended that there two separate issues. "The first is a limited government issue. It deals with the coercive power of the State. Our case is that there cannot be a system that is designed to track location in real time. The coercive power of the State does not extend that far. It is not as if darkness will descend immediately if the program is allowed. The issue is that if you have this kind of location tracked across a person's lifetime, it creates a chilling effect in its classical sense. This is not about sophisticated commercial surveillance through big data. This is much more basic - name, date and time, location, for everyone and all the time," he added.
 
The Senior Counsel further said, "If the Court agrees that Aadhaar is an engine for surveillance, then there is no question of balancing. The Constitution expressly rejects it. This is not something you take a chance on, or experiment with."
 
Justice Chandrachud said that the march towards technology is inexorable and no court or government can stop it. "The human rights perspective is not only about privacy but also about providing benefits to segment of society that could not access them earlier. These are the two issues the Court has to consider when balancing. And also, what safeguards the Court has to consider when balancing," he added.
 
Mr Divan said, this is not a case where a person who was not receiving benefits earlier is receiving benefits now. He said, "The government's case is that there is a saving in welfare benefits."
 
Justice Sikri said that the government's case is that through those savings, you can then reach people who need it. Justice Chandrachud pointed out that the Maastricht Guidelines have said that the issue is not the quantity of food, but access to food.
 
Chief Justice Misra also commented, "access to food is a human right".
 
Mr Divan contended that there were two answers for this. "The first is choice and options. Choice and options are part of democracy. They promote inclusion. Please give people a choice in this. The second answer is that yes, you cannot stop technology, but you always have choices in how and which technology to deploy. For example, you can have local databases instead of a centralised one," he said.
 
Earlier questioning liking of mobile SIM to Aadhaar, Justice Chandrachud asked Attorney General KK Venugopal about its relations with Section 7 of the Aadhaar Act. The AG was trying to contend that how the order in Lokniti Foundation case actually constituted a direction to the government. 
 
 
The Court will continue hearing on next Tuesday.
 
(Based on live tweets from Gautam Bhatia @gautambhatia88 and Prasanna S @prasanna_s, who each represent one of the petitioners)
Like this story? Get our top stories by email.

User

COMMENTS

SUBHASH CHATTERJEE

1 year ago

A centralised Data base is not in fact bad in these times of high risk of human life through terrorism but it is equally important that such identification should be provided only after thorough verification and all the data protected to avoid mis use . In case the security protocols are not inplace and no verification carried out at the time of enrollment then linking should not be forced upon.

Sunil Rebello

1 year ago

SAD TO READ WHAT IS SAID IN COURT

Dayananda Kamath

1 year ago

May be it is a conspiracy to provide valid document to illegal immigrants at a later date to be regularised.
In the name of public good it has always been the policy of Govts to regularise irregular.

Aadhaar EPFO Service website data stolen by hackers?
The vulnerabilities in Aadhaar ecosystem continue to come forward in a shocking manner. The Employees' Provident Fund Organisation (EPFO) has apparently said that hackers have stolen data from its Aadhaar Seeding Service (aadhaar.epfoservices.com). However, in a statement, EPFO says it has taken advance action and closed the server and host service through Common Service Centres (CSCs).
 
Dr VP Joy, Commissioner for Central Provident Fund, in a letter had stated, "...it has been intimated that the data has been stolen by hackers by exploiting the vulnerabilities prevailing in the website, aadhaar.epfoservices.com of EPFO, which are as strut vulnerability and backdoor shells." Photo of the letter has been posted by @raydeep on Twitter and is going viral.  
 
Dr Joy’s letter, posted online is dated 23 March 2018 and addressed to Dinesh Tyagi, Chief Executive at Common Service Centre (CSC) at the Ministry of Electronics & Information Technology (MeitY). He pointed out that while the webserver is hosted at its National Data Centre, the application running on it were being remotely managed by CSC Team.
 
 
According to the letter, the Intelligence Bureau (IB) has been tasked to secure the data and run a thorough audit and assessment of the systems.
 
However, in a statement released on Wednesday, EPFO claims that it has taken advance action by closing the server and host service through CSCs pending vulnerability checks as part of the data security and protection.
 
"... it is informed that warnings regarding vulnerabilities in data or software is a routine administrative process based on which the services which were rendered through Common Service Centres have been discontinued from 22 March 2018. The news is relating to the services through CSCs and not about EPFO Software or data centre. No confirmed data leakage has been established or observed so far," EPFO had said.
Like this story? Get our top stories by email.

User

COMMENTS

SUBHASH CHATTERJEE

1 year ago

UIDAI and all other government department would have to come together and make their Data Base fool proof from any hacking etc

We are listening!

Solve the equation and enter in the Captcha field.
  Loading...
Close

To continue


Please
Sign Up or Sign In
with

Email
Close

To continue


Please
Sign Up or Sign In
with

Email

BUY NOW

online financial advisory
Pathbreakers
Pathbreakers 1 & Pathbreakers 2 contain deep insights, unknown facts and captivating events in the life of 51 top achievers, in their own words.
online financia advisory
The Scam
24 Year Of The Scam: The Perennial Bestseller, reads like a Thriller!
Moneylife Online Magazine
Fiercely independent and pro-consumer information on personal finance
financial magazines online
Stockletters in 3 Flavours
Outstanding research that beats mutual funds year after year
financial magazines in india
MAS: Complete Online Financial Advisory
(Includes Moneylife Online Magazine)