What the UIDAI CEO Did Not Say about Aadhaar

The 22nd day of the Aadhaar hearings resumed on March 27. The UIDAI (Unique Identification Authority of India) CEO, Dr Ajay Bhushan Pandey continued with his presentation on the technical aspects of Aadhaar. He told the Court that the UIDAI is currently working with the Justice Srikrishna panel for a robust data protection regime. He also told the Court that the UIDAI does not retain any data other than biometrics and requests for authentication. In this regard, he also mentioned that information regarding the location of the request as well as the purpose of the request is not stored. He further said that all the news reports on data leakages are false. He informed the Court on the rates of acceptance of Aadhaar biometric verification. What is important in these submissions is not what Dr Pandey said, but rather what he did not say.

He mentioned the robust data protection regime employed by the UIDAI. However, the chain in the UIDAI process is where any potential leak could occur. The point of enrolment for most of the Aadhaar process was initially private enrolment agencies. On this point, Dr Pandey stated that the new updation and enrolment centres would be at banks and post offices – presumably nationalised banks. However, most of the enrolment has already been done by private entities. It is not inconceivable that such a private entity may want to monetise the data collected for the UIDAI. However, the UIDAI CEO had stated that the retention of data by a private entity is an offence under the Aadhaar Act. Then again murder is an offence under the IPC, does this mean murder cannot occur?

The petitioners had argued for extending the stay on Aadhaar use to the six schemes for which they are mandatory. This was on the ground of the abysmal acceptance rate. However, the UIDAI informed the Court that the acceptance rate stood at 88% for government requests, 95% at banks, and 97% for telecom operators. Senior citizens had a 95% acceptance rate when only fingerprint or iris scan was used, the acceptance rate reached 99% when both were used. Firstly, the acceptance rate of 88% in government also means a rejection rate of 12%, likewise 5% rejection rate at banks, and 3% rejection for telecom operators. In 2016, there were 80 crore beneficiaries under the Antyodaya Anna Yojana scheme. Beneficiaries under this scheme are entitled to receive heavily subsidised food grains. By the UIDAI’s estimates 9.6 lakh people would have had their biometric identification rejected.

The 2011 census showed that around 8% of the population was above the age of 60, hence senior citizens. The current population estimate for India is around 135 crores. Hence, using the 2011 percentage of senior citizens with the current estimated population, there are around 10 crore senior citizens in India. With a rejection rate of 5% for senior citizens when only fingerprints or iris scans are used, this means that 54 lakh senior citizen’s biometrics are rejected. Now the Union Government has stated that if biometric identification fails, then proof of possessing an Aadhaar card is enough. If this is the case, what is the need to even attempt biometric verification? Further Aadhaar is only a proof of identity, hence the basic feature for proving one’s identity is biometric scans. If this component is taken out, anybody could print a forged Aadhaar card.