Is Aadhaar Helping the Government Collate Data or to Spy on its Own People?

The government has called privacy an “elite” concept, pitched the Right to Privacy against Right to Food that they claim can be fully realised only through Aadhaar (a false claim widely decried by activists citing mounds of on-ground evidence showing how Aadhaar has wrecked implementation of welfare schemes), and even made the claim that it is “impossible” to track citizens using Aadhaar.

Before we get into the arguments made by the government, which denies that privacy is a fundamental right, and the petitioner — civil society activists, legal activists, cyber activists, etc — let us consider the following question.

What does it mean to have an over-centralised, digitised and (as per evidence) poorly secured biometric database of more than 1.3 billion people, with information that would potentially enable the state and any interested, co-opted non-state parties (think corporates and global capital) to seamlessly track and isolate the movements, the money-spending, the socio-politico-personal decisions and much more of a population?

First-world countries that took up similar projects abandoned them. In 2010, the United Kingdom scrapped a similar biometrics-linked National Identity Card project, meant to create a centralised register of sensitive information about residents similar to Aadhaar.

The reasons were the massive threat posed to the privacy of people, the possibilities of profiling and a surveillance state, the dangers in maintaining and securing such a huge centralised repository of sensitive information, the unreliability of large-scale biometric verification processes, and the very ethics of using biometric identification.

Take a look at this study by the London School of Economics on the implications of the ill-conceived UK Identity Cards Bill. 

Will the Big Brother be watching you?

On August 1, advocate Tushar Mehta representing the Unique Identification Authority of India (UIDAI), claimed that it was impossible to track and spy on people using Aadhaar, as there were provisions in the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016.

Mehta even announced that the state had set up a panel headed by Supreme Court judge Justice BN Srikrishna, to draft a data protection Bill.

Responding to this, former defence scientist and anti-Aadhaar activist Mathew Thomas, told Newsclick, “The advocate who made the statement is either ignorant or has committed perjury. The government’s justification for linking the sham ID called Aadhaar is for tracking income tax, rations, etc. For targeting services. How can it target without tracking? An oxymoron, is it not?”

Speaking to Newsclick, Delhi-based lawyer Prasanna S, who has appeared for and assisted some of the petitioners in the Aadhaar case before the Supreme Court, said there were two provisions in Aadhaar Act that offered some protection — one, mandating that data related to religion, caste, etc. shall be collected but not shared, and another, stating that UIDAI would not store the purpose for which an authentication transaction took place.

“But as we can see, this is meaningless,” said Prasanna. “It is easy to tell the religion and caste of people by their very surnames, and all the other information is enough for profiling, including religious profiling. As for not storing the purpose, all that matters is that a transaction took place and where. Why the transaction took place is not important to track one’s movements. Suppose you do an authentication transaction at a toll booth, it is enough information for tracking.” 

"In fact, there are already projects afoot like the State Resident Data Hub. It remains to be seen what purposes so much information about the residents will serve for the state", he added.

Prasanna and a couple of other activists, who Newsclick spoke to, pointed to a presentation made by an IRS officer of Telangana on “360-degree Profiling” of citizens, titled “Using Data Mining to convert information to actionable intelligence”, based on, among other things, Aadhaar numbers.

Referring to the same presentation, Econmist Reetika Khera said, “If this isn't surveillance, I don't know what is.”

As for the data protection panel, Prasanna said, “UIDAI was first set up in 2009, and only now, on July 31 this year, the government has set up a panel to look into the issue. Why wasn’t this done before? This was only done now to save face since the SC is hearing the matter”

He was also sceptical of the panel, saying that there was hardly any civil society representation.

“The panel has people who have appeared against the right to privacy, including UIDAI CEO Ajay Bhushan Pandey and advocate Arghya Sengupta, who represented TRAI in the privacy hearings. So it’s anybody’s guess what to expect from the panel.”  

When it comes to surveillance, another reported fact that should ring alarm bells is that the UIDAI has “contracted to receive technical support for biometric capture devices, from L-1 Identity Solutions, Inc. (now MorphoTrust USA), a US-based intelligence and surveillance corporation”, as Gopal Krishna from the Citizens’ Forum for Civil Liberties writes.

Poorly secured, corporate feed

The poor security of the UIDAI data has been evidenced in recent months in massive data breaches that have taken place, exposing personal details of 35 lakh pensioners in Kerala, 14 lakh pensioners in Jharkhand, in Andhra Pradesh, and even cricketer MS Dhoni’s details. A recent report by the Centre for Internet and Society said that poor security of four government websites had revealed details of 13 crore people.

In February this year, the UIDAI Authority had registered a police complaint against entrepreneur Sameer Kochhar, who heads the Gurgaon-based think tank Skoch Development Foundation, for writing an article exposing security vulnerabilities in the Aadhaar systems, including a video showing how unauthorised transactions could be done.

Then there are the private companies making profits off of the Aadhaar project. These are private companies supplying hardware, software, KYC (Know Your Customer) services, etc.

And there are already instances of private companies harvesting information from the Aadhaar database, including Microsoft.

Legal researcher and activist Usha Ramanathan has already written about how our data collected for Aadhaar shall be “sold back to the government through specially created, privatised, for profit utilities”.

Prasanna said, “The corporate interests are quite clear. The proponents of Aadhaar, including Mukesh Ambani, have clearly stated that ‘data is the new oil’.”

This tagline prompted Tathagata Satpathy of Biju Janata Dal to ask, if data is indeed the new oil, why not pay us for it?

Disclaimer: The views expressed here are the author's personal views, and do not necessarily represent the views of Newsclick.