When the right to privacy has become one of the focal point of debate,the cases of Aadhaar database misuse have been on a rise.The Unique Identification Authority of India(UIDAI) has accepted the need of safeguard of the biometric data.But the only thing that is valuable to the UIDAI has been compromised.The data leak has become so vulnerable that the biometric data has become available to anonymous sellers.It is daunting that the personal details of a billion of people are on sale by anonymous sellers.
On January 4, The Tribune’s reporter Rachna Khaira exposed the breach in the security database.The report talked about the procedures she followed to get the access of the billion identities on the UIDAI database by paying a small amount of Rs 500.The UIDAI,as usual,did not accept the bitter truth of breach in the data.In fact,the UIDAI called Ms Khaira’s story “misreporting”.The authorities still maintain their standard answer that ‘the database is safe and secure’.Meanwhile,the authority said that legal action will be taken against those involved in the case.An FIR was filed against the reporter and the anonymous dealers for breaking the story on the breach of database.
The frequency of breach has increased the doubts among the people and denying these regular episodes of data breach by the UIDAI has proved unconvincing.Media have been religiously following to report on any loopholes of the Aadhaar data breach.A big headline was made in November last year when some of the government websites and educational institutes put up the personal details along with the Unique Identification Number. The irony is that, UIDAI accepted that the breach happened in November but denied that the leak happened because of them.Even after admitting the breach happened, they are still reiterating that the ‘the database is safe’.They also somehow threatened those who exposed the breaches with some legal actions. In another instance,Airtel misused the personal details to open accounts in it’s payment bank by using the details procured at the time of verifying the SIM cards. When some beneficiaries of subsidies complaint of not receiving the subsides, it was later on identified that the subsidies had gone to the accounts opened by the Airtel payment bank without the consent of the customers.
According to the Aadhaar Act 2016,private companies are not given the permission to use the UID.Therefore, the government exercises it’s power to grant permission to the private companies like that of mobile phones and banks to collect the personal details.The state governments have been given the responsibility for enrolment of the UID,thereby they would collect the required Know Your Resident(KYR) as mandated by the UIDAI. The state government may also collect any other data that is not mandated by the UIDAI. With this, both the state governments and UIDAI have charted the way to put a surveillance upon the people and the communities. The state governments have initiated different schemes/programmes that will help in their endeavour of data collection e.g. in Haryana,programme like Jan Kalyan and Suraksha Survey requires the collection of household details along with the details of the individuals.How keen is our governments to know about us? Is it just for the betterment or are we moving towards the similar citizen surveillance like that in the United States?
When the Aadhaar enrolment started,it was not made mandatory for people to leave this digital footprint to avail the benefits of the government schemes and projects.Lately,with all the circulars and official notifications from the government,it has become a chaos and almost made mandatory to avail benefits.Students who wants to avail scholarships need an Aadhaar number.There is also the bizarre story about Aadhaar requirement for mid-day meals.The level of coercion is high and the state is exercising it’s ultimate power to coerce it’s citizens.Is it right to achieve universality of Aadhaar through coercion?It should be left to the people’s wish and Aadhaar should be just an Identity document and not to be used to avail benefits.
Not effective biometrics
The UIDAI can still claim that ‘the biometrics are safe’.But even if the biometrics are safe, has it served the purpose? There are several reports of biometrics failure.In most of the north Indian states like Rajasthan and the Uttar Pradesh,there have been reports of exclusion of people from Public Distribution System(PDS) due to the problems of biometrics authentications.In parts of central India,farmers and some families belonging to below the poverty line have failed to link Aadhaar with the ration card.This has led to many deaths and suicides.At the time of enrolment,while taking the fingerprints,the prints of all the fingers are not done successfully.We can see cross signs on those fingers which have failed to register.With this kind of procedure,it is not justified to make Aadhaar universal.It is still in the experimental phase and the citizens are coerce to participate in this experiment of breaching privacy.To increase the effectiveness of the Aadhaar authentication,high speed internet connection should be provided along with the availability of high quality equipment and machines for capturing the biometric details.
As one of the measures to strengthen privacy and to prevent any future event of data breach, the UIDAI has come up with the system of virtual authentication for the enrolled citizens in January. This move will give limited access of the database and other details to the service providers.This step was taken considering the widespread concern regarding breach on the database and the misuse of the biometrics.The UIDAI has assured that utmost care is taken for the ‘world’s largest repository of citizen data’.The 16 digits virtual ID can be used instead of the 12 digit Aadhaar number for any authentication purposes. The Virtual ID will be a temporary and revocable 16 digit random number mapped to a person’s Aadhaar number and the Aadhaar-issuing body will start accepting it from March 1, 2018.