By creating a lucrative database under UID, we are creating incentives for the wrong interests—from hackers to enemy nations. The world has studied, debated and moved on from the idea of unified personal ID. Indians should not allow ourselves to be the guinea pigs of some thoughtless “thought leaders”
“The public distribution system would have zero leaks.”
“Terrorists would be identified even if they are like needles hidden in a haystack.”
These are two big-ticket promises that originally sold Aadhaar to the common man. Many signed up for a seemingly harmless 12-digit number and believed the promise that Aadhaar would help solve two of the biggest curses on Mother India—corruption and terrorism. So all ye patriots, you ain’t one till you have one—Aadhaar card.
For those pressed for time and money, UID is free and it came to your doorstep. You are a techie? Oh, how can you be away from the best thing to happen to the country? Nandan Nilekani drives it and he sure knows it all, man. You can build apps on the Aadhaar platform. C’mon, let us join hands. If the entrepreneurial among the literate and urban middle-class were wooed thus, the biggies had their own reasons to cheer. After all, the multi-billion dollar unique experiment for the world has all sorts of tech companies salivating for a share of the pie. Some more resistance thus taken away by getting some more to join the bandwagon.
Different things were promised to different people and at different times. It was said in the initial days that Aadhaar is not mandatory to buy gas cylinders or for any civic activity. It was optional. The situation today is such that even to get married one may need Aadhaar card. (Keep your UID cards ready to get married, buy house). The Delhi government is thinking of making Aadhaar card mandatory for all government work
(http://articles.economictimes.indiatimes.com/2013-01-01/news/36094229_1_aadhaar-card-aadhaar-number-enrolment). But it is still not enough. So, next to follow—cash to your accounts through UID, gas cylinder discounts only through UID, and more. Now this is where it hurts the most. The Aam aadmi cares for nothing as much as his shrinking wallet. No Aadhaar, no gas cylinder subsidy. Sign up or pay more!
Cash to accounts will get the poor to have their Aadhaar ID. Gas subsidy refunds, shaadi and dream home would get middle-class to sign up. What more? Divorce or kids or treatment in hospitals ONLY through Aadhaar? What is the law on such boundaries on the usage of Aadhaar, if there is such law? Sorry. No such law. The tipping point achieved, nothing stops the UIDAI (Unique Identification Authority of India) from getting every resident under its scanner. Literally.
In whose hands is your personal data today?
PAN card links all your credit card, banking, income tax returns, house and other cash or immovable assets data.
Mobile number can track you down to your location. It can reveal your network of friends and expose your affiliations to activists or NGOs. It is not too difficult to get tower level data and call records for any number in India. Just requires a suitable price to the right person and a pen-drive.
Your Facebook and twitter data is at a click for regulators. Recent policy changes by both social networking giants mean they would reveal anything at drop of a hat to government agencies. If not government, all such personal data is already released to commercial entities at a price. By the way, India ranks right on top, only after US, in government surveillance over internet, indicated by number of requests seeking data from Google. India's requests for web content removal, user details rise: Google
Emails? Again, as L’affaire Patraeus showed, that be you ever so high, you would never be secure—given your digital footprint, even if mails were unsent and merely saved as drafts on a common shared account. (what-terrorist-trick-did-petraeus-and-his-mistress-use-to-cover-email-tracks) Anything on the servers of the world is within reach of a snooping government.
CCTV cameras track your every moment in every mall, toll plazas on highways, public places. CCTV feed is stored for years now, given the near-zero cost of storage these days. Every other residential society today has CCTV cameras everywhere except your bedroom (and who knows?), from elevators to corridors to gyms and halls.
Your office has RFID and other ID detecting systems that track all your movements.
Your credit card company has all information on your travel, purchases, hospital payments, fine dining, personal habits like pubbing and more.
Combine and contrast all the above with Wikileaks, RTI, social media, open data movement, data liberation, big data, high processing power and low data storage cost, etc, on the other side where citizens too have more access to establishment data. And that is not liked by the mighty. And hence the increased urge to get back at the citizens.
Enter the Big Daddy of all IDs of the citizens—Aadhaar.
Moneylife is conducting a seminar on “Why UID/Aadhaar is a medicine worse than disease”, with no cost to you, in Mumbai, on 12 January 2013. Register now! For details on registration and the event, please click here.
If you attended any Aadhaar presentations or speaker sessions, they do not tire themselves of stating that Aadhaar is fully secure technology, has validation checks, safe storage of records, secure biometrics that have 99.99% accuracy, etc. And then, their convincing arguments go further—Aadhaar is only a number, with your name, biometrics id and bare minimum information like address and the like. “We do nothing more at UIDAI than just validate your identity to the querying department of the government like PDS agencies. UIDAI would not store any of your data other than this.”
And the UIDAI is right. But it is also being economical with truth.
A number by itself is like a dot. A dot has no weight, volume, length, area. But what they do not tell is that these dots get connected to form a web. This web of worries is around you. Worried? Let me share few examples of things to follow. Before that, what is the state of affairs on other identification methods you have today? The same Indian ‘system’ will handle Aadhaar too. Let us see how safe your ID today is with the powers that control and use/misuse your ID.
Aadhaar has the potential to link all that you have by way of multiple IDs today. Reach of Aadhaar through this web the centre of whose universe is Aadhaar itself as the master-index key to your full personal database that includes but is not limited to all that we just saw above in this section. Aadhaar links mobile, credit card, PAN number, employment, property, assets, address, family and through a two-step link all else like social media, travel data, health history and the rest. It has potential to track your entire school history and possibly then your grades and what remarks your class teacher wrote when you were in kindergarten and how many times you tweeted from a fake id as a teenager. Read this cbse-schools-get-uid-registration-noc-for-now
NATGRID (National Intelligence Grid) proposes to link 21 databases and is a privacy nightmare. Telecom networks would be linked real-time and would be obligated to provide all subscriber information as feed to it. PAN, visa, passports, driving licenses, banking system, etc, all link up to it. UID enables it. What next? DNA profiling? Would that get us rid of all corruption and terrorism? Seriousness of the government’s stated goals to end corruption and terrorism/crime as its motive, if true, would have shown up in other areas like Jan Lokpal bill or police reforms, but we observe opposite stance there. Reality is UID is the state’s intent to control the subjects, and terrorism and corruption are convincing arguments to make people give up resistance. But they are just arguments, not practical steps in the direction.
It does not matter to all of us if Aadhaar is made most secure or that it is a harmless dot. What worries is that in whose hands the web of connected dots that nets all personal information by using Aadhaar would be. It is the government and therein lies the worry. If the government builds in all laws and institutes systems and processes to implement them to secure safety of personal data, it may be acceptable to have Aadhaar. Such laws and processes would mean custodians, authorizing agencies for access, agencies with legislative powers are all distinct with iron walls. If the CBI or police or courts can authorize drawal of any data based on the Information Technology Act provisions as it is today, one would like all these agencies themselves to be free of possibilities of misuse, and incapable of being influenced. Any local politician can get your information through these agencies and any wealthy citizen can pay his way to get this information given the weak IT Act implementation. Credibility of all these, except redeeming few in judiciary, is abysmal. And abuse of personal information easy and rampant. In proposed NIAI bill, an authorized joint secretary can order release of information collected under national security clause.
Whistle-blower on IIT-JEE irregularities, Prof Rajiv Kumar alleges his personal cellphone data is illegally taken over by IIT authorities, Ratan Tata complained of selective leakage of Radia tapes data, Facebook posts and twitter tweets led to arrests of citizens repeatedly, Pranab Mukherjee’s office had bugging controversy, CBI joint director VV Lakshminarayana's call data record (CDR) was leaked. It is all happening surreptitiously taking advantage of loopholes in the IT Act.
One may also note that such data is selectively leaked, obtained through the back-door, selectively used, not shared publicly but lands up at media houses, allegations made without showing proof, etc—all to undermine political opponents and not just target terrorists or end corruption. It is a global phenomenon and Wikileaks is full of proof of all levels and classes of public figures from all nations indulging in such information abuse. The IT Act in India may have safeguards in making illegal any securing of your personal data but if your telephone call and location data is suddenly with all media houses, whom do you complain against? And who would have such access to your private information so easily? Government with Aadhaar. We need to just jog our memory on misuse of state powers through back door, on all recent challengers to governmental corruption in previous paragraph.
Moneylife recently published a 9-part series on how and why Aadhaar is a bane more than a benefit. To read the complete analysis, click here.
(Sandeep Khurana is an independent consultant and researcher. Views expressed are personal. He can be reached at his twitter Id @IQnEQ.)
Inside story of the National Stock Exchange’s amazing success, leading to hubris, regulatory capture and algo scam