dailyO
Politics

Aadhaar is not foolproof. India needs to rethink its strategy

Advertisement
MG Arun
MG ArunJan 15, 2018 | 11:21

Aadhaar is not foolproof. India needs to rethink its strategy

Since its launch under the UPA government in 2009, Aadhaar, the 12-digit unique identity number issued to Indian residents based on their biometric and demographic data, has grown to boast of 1.19 billion members as on November 30, 2017. It is the world’s largest biometric ID system, with experts calling it the most sophisticated ID programme in the world.

Yet, recent events have proven that this mammoth exercise, which the present government has further pressed hard to make a standard requirement for availing the most commonplace of benefits and services, also faces the equally mammoth threat — data leakage.

Advertisement

On January 3, The Tribune said its correspondent was given access to personal data, including names, addresses, postal codes, photos, phone numbers and emails of Aadhaar card holders for as little as Rs 500 over WhatsApp. What’s more, with an additional Rs 300, illegal operators provided her a "software" that could facilitate printing of the Aadhaar card after entering the Aadhaar number of any individual.

The initial response of UIDAI (Unique Identification Authority of India), which implements Aadhaar, was one of the proverbial "shooting the messenger", but following the cacophony the issue raised, it stepped into some positive action. UIDAI restricted access of around 5,000 designated officials to the Aadhaar portal.

It also allowed citizens to use a virtual ID that could be shared with all agencies, including the government, rather than the 12-digit Aadhaar ID, lending it more privacy. The next question that is being asked is, has the decision to provide a virtual ID made the Aadhaar more complicated for the masses? How many of the citizens will actually use the virtual ID? Wouldn’t there be a large section which is still vulnerable?

While the concept of providing every Indian a unique ID was hailed by all, it was the manner of it being made compulsory to avail services — right from the distribution of subsidies, to paying income tax to purchasing mobile SIM cards and insurance or even procuring a death certificate — that made it controversial. Giving out the ID for such services so rampantly also exposed it to misuse by fraudsters.

Advertisement

aadhaar-copy_011518104625.jpg

The issue has reached the apex court, which is hearing a slew of petitions relating to privacy issues around Aadhaar, including whether privacy is a fundamental right. On October 30, the Supreme Court referred all Aadhaar related cases to a five-judge Constitution bench. The Court, on December 15, extended the deadline to link Aadhaar with insurance policies, mutual funds holding and mobile phones to March 31 this year. The next hearing is scheduled on January 17.

This is not the first time that issues of Aadhaar data breach have been raised. In July last year, there have been reports that customer data of a telecom firm, comprising sensitive details of millions of its users, including their Aadhaar numbers, was leaked online. Even then, there was a demand from experts that India needs to strengthen its privacy laws in line with the 2012 recommendations of the Justice AP Shah-led group of experts on privacy.

In its report, the panel had said that a framework on the right to privacy in India must include privacy-related concerns around data protection on the internet, appropriate protection from unauthorised interception, audio and video surveillance, use of personal identifiers, bodily privacy including DNA as well as physical privacy. In the absence of strict privacy laws, intimate details of citizens can easily fall into the hands of fraudsters, which need to be avoided at all costs.

Advertisement

Even the staunchest of opponents to Aadhaar feel that the government is unlikely to back away from continuing to insist on Aadhaar ID for most benefits and services unless the top court comes out with some severe strictures. Certain countries, however, have backtracked on such initiatives after discovering flaws in it. Reports say the UK scrapped its biometric identification plan in 2010 and destroyed the associated database.

Meanwhile, the Social Security Number in the US is not biometric and is not used for basic services such as phones and credit cards that can lead to mass surveillance and breach of privacy. Moreover, countries like Germany do not impose biometric identification to deliver public services. It can be argued that the situation in India is different, given the rampant leakages in the subsidy system, which calls for a more foolproof identification system.

(Courtesy of Mail Today.)

Last updated: January 17, 2018 | 11:44
IN THIS STORY
Please log in
I agree with DailyO's privacy policy