The Dark Side of UID-II: Why the west dumped biometrics

UK scrapped in 2010, its The Identity Cards Act, 2006, that was Aadhaar’s equivalent and aimed to capture 50 key data about each individual, including fingerprints, facial scan, iris scan and more. It did enough deliberations on the issue almost around same time as India. Reason for scrapping—“to reverse the substantial erosion of civil liberties”

Identities like Social Security Number (SSN), or National Insurance Number (NI) in the west, or Aadhaar now in India, promise to validate not just identity. Through identity as the master-key (index field in database technology), the respective security agencies can relate identity to past, present and future personal data. For example, PDS querying the Aadhaar database for identifying a citizen then digs into its own database to validate, if the said recipient had availed the benefit before.

To access The Dark Side of UID-I, please click here.

It is important to know that all such validation means and requires more data capture of all kinds for all seemingly legitimate purposes, so that such validations can be done against it. But each custodian of data—from front-end shopkeepers to ministries and more—also starts keeping copies of such data for validation, commercial use, corruption, stalking or just like that for the future. More data and more copies of data mean a death knell for privacy. Why create such targets of interest for vicious minds. Can the creator of such a Frankenstein monster absolve itself of such consequences merely because it was not the original intent but the creator failed to see the possibilities?

Both USA and UK had a huge hue and cry over possible ramifications of such invasion of privacy despite relatively mature, trusted, independent agencies, unlike India. Australia attempted national ID cards way back in 1985 but withdrew them in 1987 after severe opposition from all quarters.

UK scrapped in 2010,  The Identity Cards Act, 2006, that was Aadhaar’s equivalent and aimed to capture 50 key data about each individual, including fingerprints, facial scan, iris scan and more. It did enough deliberations on the issue almost around same time as India. Reason for scrapping—“to reverse the substantial erosion of civil liberties”. Opinion polls and public reaction were opposed by the majority. 500 hard disks were shredded to destroy all data captured as part of the brief period of restricted implementation of the scheme. As a British politician said, “This marks the final end of the identity card scheme:
dead, buried and crushed…What we are destroying today is the last elements of the national identity register, which was always the most objectionable part of the scheme.”


On a similar note, there is a public outcry in the USA, in the aftermath of the Petraeus scandal. NSA whistleblower William Binney in a TV interview, said on the surveillance by US government, “They are building social networks on who is communicating with whom… social network of every US citizen is being compiled… .they are taking from one company alone 300 million records a day (for storage)…over time accumulated to close to 20 trillion every year… the original program that we put together to handle this was to be able to identify terrorists.”  He also said that the original plan was to encrypt all mails and decrypt only those that met certain criteria of security risk. It is actually a lot easier and efficient for the intended purpose, but now it is much worse. (

Every single tweet from twitter is archived in the US Library of Congress. Big data and the world’s best processors and servers run algorithms to not just identify terrorists but for all political purposes. It is at best a poorly kept secret.

There are eerie similarities between the ways the US government agencies track personal information, how it came into being quickly after 9/11 fears, how it was intended and where it is now at. The immense power the state gets through controlling such information is enough temptation for any ruler. We have seen through mass exposes on corruption in recent times that there is enough power-sharing between powerful elite of politicians. This includes the opposition, big businesses, bureaucrats and policing agencies. They buy out any resistance from any quarter.

The US attempt to have stronger identification systems (“Real ID” linking many IDs from driving license to SSN and more, in the aftermath of 9/11) was defeated as 25 of 50 states opposed it. Some of the irrefutable objections were:

  • “It went against Jeffersonian principles of individual liberty, free markets and limited government”.
  • “There is no practical way to make national identity document fraud-proof”.  “Costs of identification—in dollars, lost privacy and lost liberty, are greater than security provided”

Electronic Healthcare Records (EHR) in the US too aimed to create unified personal database of health history. Despite obvious efficiencies, it is not finding favour with the masses.  The people do not trust corporate entities (who lobby with the government) with personal health histories.

Many argue that even without UID, it was not difficult for the state to ferret details of any individual. The whole point now is the ease, speed and volume of such actions. And the ease, speed and volume are not altered by increments but by order of magnitude. Getting the political dirty tricks department to scour files of activists opposed to government is so common today. Ramdev, Kejriwal, Anna, VK Singh, Vinod Rai, have all had possibly true, half-true and even false witch-hunts launched based on information dug up on them selectively and viciously. How can one trust such state with omnipotent powers of handling all personal data?

A lot has been said in the media criticizing the Aadhaar on multiple lines. I desist from repeating issues of risks with process, technology, costs, promised chimera of zero corruption in PDS and more (a complete and logical argument can be made on what to expect on the PDS front—and believe it or not, it makes no dent into corruption levels in PDS. Only form changes). It is not just the one-time costs either. It is a maintenance monster on the budget.

But I restrict and further extend arguments on privacy issues that are the most serious of the risks.

Aadhaar and its aftermath


Apart from the state using information selectively against political opponents whether to buy votes in parliament, silence political opponents or power-mongering over citizens, corporates and global MNCs also have sufficient interest in prizing information of citizens.

An insurance service provider would be keen to get all personal information and then base its decision on them. This can be done with, or without, revealing the source of such information. Illegal or unethical, motives for such actions would be created by Aadhaar. Motives established, such acts are only a matter of time.

Similarly, any marketer would love to obtain such information to do targeted marketing. Companies want it and when demand exists, through bribery or legal means, such information would be public. Attending one such govt-industry event where entrepreneurs showcased their proposed business models riding on UID data, was, to say the least, scary in terms of threats to personal data privacy. Even today, most civil/ criminal cases in courts are fought on evidence of illegally obtained telephone bills, call records and bank/credit card details. Tomorrow there will be more and easier availability of proofs and a larger grey market trading in private information would emerge.

Moneylife is conducting a seminar on “Why UID/Aadhaar is a medicine worse than disease”, with no cost to you, in Mumbai, on 12 January 2013. Register now! For details on registration and the event, please click here. 

The corporate sector has vested interests, short-sighted though, in supporting UID for the moolah it generates through the projects. That some of these companies/ partners working on projects have CIA directors on board and gather crucial biometric data is already voiced as a risk in itself.

It is also argued with good reason that by having such a lucrative database, we are creating incentives for wrong interests—from hackers to enemy nations. Probability is low or high is a premature question and not of primary concern. But given the risks, it is enough to worry about.

The way ahead is to raise public awareness and stall this costly and dangerous experiment by over-riding the vested interests of a few. Step by step, adding data agency by agency, and integrating link by link we are headed towards an Orwellian state that wishes to control all aspects of our lives. The benefits of not having such controls over our lives far exceed the restriction on our freedom. The world has studied, debated and moved on from the idea of unified personal ID. Indians should not allow ourselves to be the guinea pigs of the world.

Moneylife recently published a 9-part series on how and why Aadhaar is a bane more than a benefit. To read the complete analysis, click here.


(Sandeep Khurana is an independent consultant and researcher. Views expressed are personal. He can be reached at his twitter Id @IQnEQ.)

uttamkumar dubey
1 decade ago
Another Feather in the CAp for UID lovers.Even dogs and chairs can have UID !!!!

jai hind!!!
Firdaus Khan
1 decade ago
Big Data, petty intent
WorldWideWeb's clear portent.

"Tis not the gun but the man behind the gun"
Poverty enthusiasts, technocrats...all cannot be won.

UID ain't unique after all!
Western philo - eastern brawl.

Why oh why do we patch India's wounds with a UID band-aid?
What it needs is real solutions, genuine and staid.

Thank you for an interesting read Mr. Khurana.
Best wishes!
Firdaus Khan
Dr Paresh Vaidya
1 decade ago
Much has been talked about the 'privacy'. Not much exists like privacy since we have entered privatization boom. Every day we receive phone calls from Credit card companies, insurance companies etc. Who gave them our numbers? Our emails get trash meaning our mail ID and our interests are known to unknown devils. Some even kn ow which Water Filter we use and enquire if we want to get it serviced.
Unlucky among us have their Credit Card Pins and Bank Account also hijacked. Google knows what kind of friends I have and what I read.

What else do we want to protect so as to foresake a national scheme?

Mukesh kamath
1 decade ago
The author of this article does not see one crucial difference and that is poverty. India is very,very poor. It is improper to compare ourselves with UK or USA. Here due to poverty we already are compromising on privacy. People watch porn in theatres rather than their homes alone. They stay five in a room to save on rent. Aadhaar provides a means of coming out of poverty. Please stop this unholy awareness campaign.
Sandeep Khurana
Replied to Mukesh kamath comment 1 decade ago
If civil liberties are good for US and UK, they are good for India too. Fighting poverty by sacrificing civil liberties and privacy, just because Indians are poor, seems acceptable "compromise" to you on behalf of those poor. Many would disagree in that they want to end poverty without sacrificing civil liberties. Constitution is tough to administer precisely because we balance difficult extremes, not aim to get one freedom to lose other rights. Then we all can see where this down spiral of compromise will end.

U say that "Aadhaar provides means to come out of poverty"(I stayed clear on purpose from that debate in this article) but many economists have already quashed that myth. If you are right, let UIDAI set a target of reducing people below poverty line by even 10% and one could see govt seriousness, not in just words that sound noble- that Aadhaar will end poverty. If poverty reduction be the aim of Aadhaar, many other actions should have been done too, especially around ending corruption that sucks PDS money. Aadhaar will be no magic wand.
Ashok Kalbag
1 decade ago
Extract from UIDIA website:
―There are significant differences between the UK‘s ID card project and the UID project and to equate the two would not be appropriate. The differences are as follows:- a) The UK system involved issuing a card which stored the information of the individual including their biometrics on the card. UID scheme involves issuing a number. No card containing the biometric information is being issued. UK already has the National insurance number which is used often as a means to verify the identity of the individual. b) The statutory framework envisaged made it mandatory to have the UK ID card. Aadhaar number is not mandatory. c) The data fields were large and required the individual to provide accurate information of all other ID numbers such as driver‗s license, national insurance number and other such details thereby linking the UK ID card database to all other databases on which the individual was registered. UID Scheme collects limited information and the database is not linked to other databases.
d) In UK, the legislative framework and structure approached it from a security perspective. The context and need in India is different. The UID scheme is envisaged as a means to enhance the delivery of welfare benefits and services‖.
Replied to Ashok Kalbag comment 1 decade ago
Mr Kalbag knows very well that UID data will be used to drive the NPR card, and will be shared freely by UIDAI. The way things are going, UID is not necessary or mandatory for anyone who wishes NOT to get married, drive a car, buy a house, use cooking gas...who exactly is he fooling? Is he being fooled and wishes the whole country to join him in his fool's paradise?
Free Helpline
Legal Credit