In your interest.
Online Personal Finance Magazine
No beating about the bush.
The AAP leader asked for a detailed CBI probe into Air India's proposal in 2006 to install biometric passenger identification systems at select domestic and international airports
Following the recent judgement from Canada's Superior Court convicting an official from Cryptometrics, a Canadian company, for bribery. The Aam Admi Party (AAP) leader Prashant Bhushan has filed a complaint to the Central Bureau of Investigation (CBI) for initiating a detailed probe in Air India's proposal to install biometric passenger identification system.
In his complaint to the CBI, the lawyer said, "I am writing to you regarding an open and shut case of high-level corruption involving former Union Minister of Civil Aviation Praful Patel, former Chairperson of Air India V Thulasidas and others. I understand this case might have been the subject matter of some CBI investigation in the past, but nothing much has come out of that and apparently no FIR/RC has been registered. However, now with new facts are coming to light, in the form of judgments of Canadian Superior Court and a book written by Former Executive Director of Air India, there is no room for doubt that the matter is crying for a thorough investigation and swift prosecution."
Bhushan alleged that the case involves a huge scam, whereby in 2006 a proposal was mooted in Air India for installing a biometric passenger identification system at select domestic and international airports.
Here are the allegations made by the AAP leader:
1) Executives from a company called Cryptometrics had visited Mumbai to explore a biometric identification project when not even a single document regarding any such tender had been created in Air India. Only in 2006, a proposal was mooted within Air India for installing a biometric system for passenger identification.
2) The cost estimate of the Security Department was about Rs75 lakh, but the tender committee on the basis of bids received pegged the cost at a whopping Rs500 crore.
3) About 20 bids were received in response to the tender MMD/42018, but 18 of those were later disqualified.
4) Only two Canadian companies were shortlisted: Ipcon and Cryptometrics. It was clear from several facts that Ipcon’s bid was bogus and non-serious.
5) Cryptometrics stated that there should be no termination clause. This demand ought to have meant that it should be disqualified since similar demand by another company (Electronic Corporation of India Ltd, a public sector undertaking) had led to its rejection. However, this demand was accepted.
6) Cryptometrics was on the verge of being awarded the contract at a cost of Rs500 crore (at then exchange rate). Though the tender committee had almost recommended placement of contract with all three committee members having already signed the document, the project was fortunately dropped. This was due to the objections raised by an upright officer in the finance department. The huge cost also could not be justified, owing to the fact that Air India was already suffering from huge losses due to the actions of Mr Praful Patel himself in the form of unnecessary purchase of 68 aircrafts in 2005 (which also need a thorough investigation).
7) Eight years after the tender was floated, Air India still does not feel the need for any biometric identification of passengers, demonstrating that huge money was sought to be spent on an unnecessary purchase.
8) All the above facts are clear from the remarkable book written by Shri Jitender Bhargava, former Executive Director of Air India. A few relevant pages of his book ‘The Descent of Air India’ are enclosed.
9) On 15 August 2013, the Ontario (Canada) Superior Court of Justice convicted one official Mr Nazir Karigar of Cryptometrics for having offered to bribe (with other company officials) Mr Praful Patel, Mr V Thulasidas and other Indian public servants. The judgement records meetings between company officials and Mr Patel and how the money was to be paid to Mr Patel.
10) Recently, on 23 May 2014, the Ontario Superior Court has sentenced Mr Nazir Karigar to three years in prison for having offered to bribe Mr Praful Patel and other Air India officials. Despite this, no action has been taken against any Indian public official by the authorities in India.
Bhushan said this is a good example of how costly projects were conceived by Civil Aviation Minister and Air India Chairperson with the sole intention of siphoning off money. He said, "Bhargava’s book lists further such examples: Purchase and leasing of aircrafts, refurbishment and conversion of aircrafts. All these projects were being designed in order to serve the corrupt designs of the Ministry and Air India Management."
"In view of these glaring facts, I implore you to immediately register an RC/FIR and get this matter thoroughly investigated so that all those guilty can be swiftly prosecuted," the AAP leader added.
Bhushan also said that if an FIR is not registered in the case he would then approach Supreme Court in the next two weeks.
The six member delegation including three ministers and three MLAs from Goa said everyone has decided to pay for the Brazil trip out of their pocket
Goa's six legislators, including three ministers, whose proposed trip to watch the football World Cup in Brazil on State funds had kicked off a row, on Friday said that they have decided to pay for all expenses of the visit out of their own pocket without taxing the State exchequer.
The Brazil visit of the six members of legislative assembly (MLAs), including ministers Ramesh Tawadkar (Sports), Avertano Furtado (Fisheries), and Milind Naik (Power), sparked a controversy after the State sports department sanctioned Rs89 lakh for the tour.
That prompted the opposition Congress on Thursday to term the trip a 'wasteful expenditure' while seeking Prime Minister Narendra Modi’s intervention to 'stop the junket'.
“The six (of us) legislators met last evening. We decided to go to Brazil on our own without taking money from the State government. We don’t want to spend money from the State treasury. We don’t want to be a burden on the State coffers,” Furtado told reporters.
He said that the decision was unanimously taken by the six of them, including MLAs Benjamin Silva (Independent), Glen Ticlo and Carlose Almeida (both BJP), after the media created a 'hype' over the tour.
“It was a big hype created that we are going at the cost of the State exchequer. All six of us decided that we will pay from our own pockets and visit Brazil,” said Furtado, a former goalkeeper of Salgaocar Football Club.
All six MLAs are expected to meet Chief Minister Manohar Parrikar later in the day to convey their decision.
Defending the decision to send the MLAs on a State – sponsored 10-day trip, Parrikar had said that the tour was “an investment by the State government which has declared soccer as a State sport”.
“We are looking at this as an investment. Goa has declared football as a State sport. The delegation, which has been approved by the State government, has MLAs who are actually footballers. The government considers this to be an investment,” Parrikar had told reporters.
“The decision (to send a delegation) has been taken in the interest of the State. Recently, we held the Lusofonia games, which had Brazil as a participating country. The current trip is a continuation of the organisation of Lusofonia games,” he had said.
The decision of the State government had not gone down well with the two Goan footballers who were supposed to be a part of the delegation.
Arjuna award winners Bruno Coutinho, a former India captain, and Brahmanand Shankhwalkar had said they were hurt at not being included in the delegation.
The mandatory biometrics registration in Chardham Yatra scheme of Uttarakhand shows how the ability of citizens and residents to partake of public service as consumers also becomes dependent upon implied waiver of their privacy rights otherwise guaranteed by the law
A few weeks back, the Government of Uttarakhand aired an FM radio jingle inviting pilgrims to undertake the Chardham Yatra, while also mentioning as fine print, that biometric registration would be mandatory for all pilgrims. The jingle encouraged interested persons to check the official website www.uttarakhandtourism.gov.in for more information; however, despite repeated visits to the website, requisite details remained unavailable till the writing of this note, particularly on important legal and public policy aspects such as: (i) purpose and justification for such mandatory biometric registration; (ii) the language and form of consent to be obtained from pilgrims for sharing (or withholding of sharing) of their sensitive personal information vis-à-vis third party access to biometric information; (iii) privacy protection infrastructure put in place for securing sensitive personal information; and (iv) identity of the agency authorised to handle, store and secure personal biometric information so gathered. Interestingly, all these elements comprise informed consent requirements that are mandated under Rules 4 and 5 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (the IT Rules).
One news item mentioned that the scheme would be implemented by the Uttarakhand Tourism Development Board (UTDB), a “body corporate” as per section 3 of the UTDB Act, 2001 read with section 43A of the Information Technology Act, 2000 (the IT Act), operations that the UTDB had apparently further outsourced to a private Indian company; while another report claimed that the registration process remained for “name sake” only. More details about actual providers of the underlying technology for biometric registration and/or authentication could not be located on official websites.
Law of Fingerprint Sharing in India
In order to fully appreciate various potential implications of mandatory biometric registration and/ or authentication, an introduction to existing privacy provisions protecting biometric information in India may be useful. The basic law is contained in Sections 3 and 5 of the Identification of Prisoners Act, 1920 (the IOP Act), which protect citizens and residents from forcible disclosure of their fingerprints to police officials. Essentially, the only four ways a police officer can obtain a person’s fingerprints are: (i) to obtain her/ his consent; (ii) to arrest her/ him in connection with an offence punishable with rigorous imprisonment more than an year; (iii) where a person has been ordered to give security under the Code of Criminal Procedure, 1973; or (iv) to obtain a (appealable and challengeable) court order.
These protections are reinforced by Section 72 of the IT Act, which lays down penalties for breach of confidentiality and privacy—both fines and imprisonment—where electronic personal information is disclosed by an official or private agency without the consent of the person concerned. Importantly, these protections are in addition to the overall protection under Article 20(3) of the Constitution of India, whereby no person accused of an offence can be forced to be a witness against her/ himself. Read together, there is clearly a strong framework for privacy protection of fingerprints already in existence in India, irrespective of whether the fingerprints are available only with the person her/ himself, or whether they are available with any entity that happens to come have come in possession of an electronic form for some other purpose (e.g. biometric office attendance systems).
The only possible downside to the Indian legal position is that these strong privacy protections contained in laws enacted by the Parliament contrast sharply with various parts of the (subsidiary) IT Rules issued by the Department of Information Technology; and the latter’s provisions allow, inter alia: (i) public officials tasked with investigation or national security functions to access personal fingerprints directly from a body corporate holding such information without intimation or consent of the person concerned; and (ii) the body corporate itself to share with its contractual partners or any other agency personal fingerprints based on legal requirements or contractual understanding, without intimation of consent of the person concerned—issues discussed in detail by this author elsewhere in an academic paper on the subject . The IT Rules thus have an unintended effect of derogating important constitutional and legal protections available to India’s citizens and residents, in contradiction to the provisions of the parent IT Act itself—a contra-intuitive aspect that was highlighted in a memorandum by the Centre for Internet and Society (CIS) to the Committee on Subordinate Legislation of the 15th Lok Sabha () last year, but any decisions thereon are still not known.
Possible Legal Implications of the Scheme
Given that the IT Rules facilitate, in effect, implied sharing of sensitive personal information held by a body corporate with law enforcement/ national security agencies and/ or their contractual partners without intimation or consent of potential pilgrims, a scheme for mandatory biometric registration as practised in Uttarakhand implies, inter alia, the following:
(i) firstly, that only those persons willing to waive their privacy rights under the IOP Act and the IT Act would be permitted to undertake the pilgrimage and avail of public services; and (conversely)
(ii) secondly, that any Indian citizen or resident not willing to waive such privacy rights would be prevented from undertaking the pilgrimage, thus potentially interfering with her/ his constitutional right to freedom of movement. As a corollary, if a person registers her/ his biometrics at the first check-post of entry, but changes his/ her mind later at any consequent stage, s/he may not be able to return unless s/he is willing to share her/ his fingerprint upon exit: thus implying, in a strictly legal sense, that the State could end up virtually incarcerating a person between two checkposts unless pilgrims have waived their privacy rights under the IOP Act and the IT Act.
An added legal complication is the doubtful nature of “informed” personal consent, if any, obtained by the State and private agencies at the time of such bulk registration or authentication. In a practical situation where lakhs of (largely legally illiterate) persons would line up at the checkposts eager to undertake the Yatra, it may be difficult to conclude if consent obtained under such circumstances would fulfil the “informed consent” requirements imposed by Rules 4 & 5 of the IT Rules.
Potential Public Policy Implications of the Scheme
The public policy implications of mandatory biometric registration under the Chardham Scheme are equally interesting:
Firstly, given that technologies for electronic de-duplication and authentication of personal fingerprints are not available in India, and were in all probability licensed by the Indian company from foreign entities without any associated technology transfer, the Chardham Scheme could well be the only government scheme anywhere in the world where delivery of public services and identity verification of citizens becomes completely dependent upon foreign proprietary technology platforms.
Secondly, given that the number of such foreign technology holders is really less than a handful and given the absence of meaningful technology transfer, cartelisation and rent-extraction could become severe in the near future once such a scheme has stabilised, leading to almost permanent vendor lock-in with concomitant public policy implications.
Thirdly, in complex public projects, the registration, de-duplication and authentication functions have hitherto typically been assigned to separate arms-length entities so as to prevent conflict-of-interest; but such conflicts could indeed be serious in the Chardham case, where one single company is apparently able to control all these sensitive functions.
Fourthly, it may be difficult for operators facing queues of eager pilgrims to have sufficient time for ensuring proper identity or address verification, implying that secondary identity and address verification may anyway have to be undertaken by concerned state agencies while handling disputes and claims arising out of any unfortunate incidents and mishaps during the pilgrimage—leading to extra and duplicated burden on pilgrims and their families.
The possible legal and public policy implications of the Chardham Scheme as outlined above—making public services delivery contingent upon implied waiver of privacy rights, and creating state dependency in perpetuity on foreign technology platforms—are thus complex and challenging indeed: they together create a situation where the ability of citizens and residents to partake of public service as consumers also becomes dependent upon implied waiver of their privacy rights otherwise guaranteed by law.
Given that professional legal advice may not be easily available to state governments in general, proper public consultations at the time of programme design could perhaps have better informed the decision-making process. In fact, early this year, the Committee of Secretaries in the Government of India made a recommendation for mandatory public consultations prior to policy formulation by default—an important feature of most national and state/ provincial governments in almost all developed countries, but one that is yet to be fully embedded and integrated into public policy-making processes in most states of India.
In that sense, the Chardham case highlights the imperative need for full public disclosure and prior meaningful discussions on proposed schemes and policies by state governments before their adoption, so that public interest and legal rights of citizens remain fully protected while rolling out innovative or ambitious programmes for public services’ delivery that could end up with adverse unintended consequences for citizens as consumers of such public services.
NOTE: Views contained in this short academic note are purely personal; and do not reflect the official position or policy of the Government of India or any of her departments or agencies.
(Sandeep Verma is a civil servant and holds an LLM with highest honours, having specialised in Government Procurement Law from The George Washington University Law School, Washington DC.)