• stumble
  • youtube
  • linkedin

Archives for : UID

Aadhaar’s insidious march continues

First they came for the journalists,
then they came for the pensioners,
then they came for the ration card holders,
then they came for the children..
The last few weeks of UID Aadhaar-related government notifications have felt like a reenactment of the Martin Niemöller poem: First they came for the journalists, then they came for the pensioners, then they came for the ration card holders, then they came for the children…. The UID project began its life as an Executive Notification dated 28th January 2009. Even as the project has been working its way into the government for the last 7 years, it only obtained legal backing in 2016. The Aadhaar Act, through a sneaky process that circumvented the scrutiny of the Upper House of Parliament, became law as a Money Bill in March 2016. A batch of petitions challenging the constitutional validity of the UID project has been ongoing in the Supreme Court since 2012. The petition has been pending a hearing by a bench of 5 or more judges on the question of whether Privacy is a fundamental right in India.No less than 5 orders of the Supreme Court have held that possession of a UID number cannot be made mandatory to access entitlements or benefits.The most recent of these orders was in October 2015. Despite the passage of the Aadhaar Act in March last year, the Supreme Court, in September 2016, recognised its earlier orders and stated that the UID number could not be made mandatory for availing certain scholarships. Thus, the UID number cannot be mandatory for any purpose whatsoever.The notifications making possession of a UID number mandatory are blatantly illegal.The UID project has always operated outside the law and continues to do so.While it might seem like we already give our data unthinkingly to various private and public bodies, the UID project is unique in its ability to connect and centralise all the dispersed and diverse information about ourselves. We as citizens are vulnerable in the absence of any regulation of data collection, data processing and surveillance. We do not even know who operates the systems that will control our data and whom they will share it with.

The latest proposal to make the UID mandatory for all those who are required to file Income Tax returns will affect a smaller chunk of the population than the notification making the UID mandatory for rations. But interestingly, if you do not file your Income Tax returns, it is not exclusion, rather you can face penal action. In effect, no tax payer will be able to choose to be outside UID system without being criminalised. Nothing allows the government to take away my entitlements, or criminalise me if I do not comply with the project declared by the highest court of this land to be voluntary.

The Aadhaar project has been marketed to us in many ways. First as a measure to improve welfare and corruption, and now as a tool for digital payments and the cashless economy. In terms of welfare, this year itself, incorrect details entered in Aadhaar enrollement led to 7 lakh pensioners being declared dead in Rajasthan. It has led to the exclusion of around 30% of ration beneficiaries, around 1 crore people, under the Public Distribution System in Rajasthan. Inflated savings claimed to be the result of the project have been repeatedly punctured by academics and the government’s own reports.In the almost inexorable onward march of this project, we have willingly and unthinkingly accepted its insidious entrance into every aspect of our lives.

When it was made mandatory for ration card holders to avail grains under the PDS, a small number of people questioned the government. More recently, when they came for the children with the notification making Aadhaar mandatory for mid-day meals, a larger furor was raised with protests in Delhi and statements from rights-based campaigns. The latest attempt to make it mandatory will bring into the net all those previously unaffected.Now is the time to speak up.They’re coming for you.

The writer is a working committee member of the Rethink Aadhaar Campaign

Related posts

#Aadhaar will make life tough for workers rescued from bonded labour #SayNoToAadhaar

Workers rescued from bonded labour in India will be unable to access compensation because the government has linked the benefit to the Aadhar card.

Workers rescued from bonded labour in India will be unable to access compensation because the government has linked the benefit to a biometric identity card that most victims do not have, activists said on Tuesday. Rights campaigners warned that rescued workers could be forced back into bonded labour if they could not claim rehabilitation grants quickly to help them get back on their feet.

India, which has announced plans to rescue over 18 million bonded labourers by 2030, increased compensation for rescued workers five-fold last year as part of wider efforts to tackle modern slavery. But it announced last week that the payouts – like many other welfare benefits – would be linked to the country’s Aadhar card. Aadhar is a 12-digit identity number issued to Indian residents that requires individuals to register their fingerprints and iris signatures.

The government says more than 90 percent of residents now have an Aadhar number. But rights activists estimate only about 1 percent of bonded workers have one. “It’s impossible for workers bonded in brick kilns to apply for an Aadhar card. Would an employer allow trafficked workers to register their credentials with the government?” said Nirmal Gorana, head of the National Campaign Committee for Eradication of Bonded Labour.

Requiring rescued workers to apply for a card before they can access compensation will complicate an already lengthy claims process, putting them at further risk of exploitation, he added. The government says linking social welfare schemes to Aadhar will weed out bogus beneficiaries and ensure transparent and efficient payouts. It has set a June 30 deadline for workers to enrol or show proof they have applied.

India banned bonded labour in 1976, but it remains widespread with millions working in fields, brick kilns, brothels or as domestics to pay off debts. Rescued bonded labourers are entitled to a rehabilitation grant of 100,000 Indian rupees ($1,519). Rescued child labourers receive 200,000 rupees and victims of trafficking 300,000 rupees. Umi Daniel, regional head of the non-profit Aide et Action International, said the authorities should ensure people are registered for Aadhar before linking benefits to the card.

“This is imposing an unnecessary condition,” said Daniel, a leading activist on bonded labour. “There is a high risk of people falling (back) into the same kind of bondage if the rehabilitation is not done in a sustainable way.”

India is home to 40 percent of the world’s estimated 45.8 million slaves, according to a 2016 global slavery index published by the Australia-based Walk Free Foundation.

Related posts

Why is Modi Sarkar Force-feeding #Aadhaar

Placing conditions on access to food entitlements is not a marker of a welfare state. The recent notification by the government mandating the possession of an Aadhaar number for receiving benefits under the Mid-Day Meal Scheme has created a justifiable furore. Such a step is extraordinary given that the havoc caused by the introduction of mandatory Aadhaar authentication in some states for the public distribution system (PDS) has not yet died down. Reports from Gujarat, Jharkhand, Andhra Pradesh and other states describe the exclusion of genuine beneficiaries because of problems with the Aadhaar records and authentication issues, besides technological and infrastructural failures. This experience ought to have taught the government that the mere adoption of “technology” is not a panacea for corruption and inefficiency in the delivery of services, but is a sure way of excluding those who are socio-economically the most vulnerable.

Yet, in the last few weeks, several ministries have issued notifications that will co-opt over 30 schemes on to the Aadhaar bandwagon, including the Mahatma Gandhi National Rural Employment Guarantee Act, the Employees’ Provident Fund, pension and scholarship schemes, and recently even the compensation provided to the victims of the 1984 Bhopal gas leak. The aim is to make Aadhaar mandatory for all 84 schemes covered by the direct benefit transfer programme.

Though the government claims otherwise, these notifications are in contravention of the many Supreme Court orders over the years iterating and reiterating that Aadhaar cannot be made mandatory for people availing government benefits to which they are entitled. The matter is still sub judice. The government has just side-stepped the issue by stating again in a recent press release that “till Aadhaar number is assigned to any individual, the benefit will continue to be given based on alternate means of identification.” The recent notifications all state that an Aadhaar number is required to access these entitlements, and in the absence of which other specified identification documents would be accepted. However, beneficiaries will also have to provide proof of Aadhaar enrolment. Given this, and the tight deadlines set for providing this proof, it is clear that Aadhaar has effectively been made mandatory.

The government has been and continues to push Aadhaar as a miracle cure that would curb leakages and bring in transparency while excluding fake beneficiaries and saving “huge sums of public money.” What it does not project is that the Aadhaar scheme involves the collection and control of big data, enabling “dataveillance” (the practice of monitoring digital data relating to personal details or online activities). The Aadhaar idea was first conceptualised by the Bharatiya Janata Party-led National Democratic Alliance government after the Kargil war as a security and surveillance project. The features of the current-day Aadhaar are no different. Additionally, the state has circumvented constitutional procedures and safeguards by launching the scheme without putting in place a privacy law or a law regulating biometric data, by passing the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 as a money bill, and by continuing to flagrantly defy the Supreme Court’s orders disallowing making Aadhaar mandatory.

For the ordinary citizen, the most worrying aspect of Aadhaar is control, about who can access their biometric data. The Aadhaar enrolment form has a field that vaguely asks for “consent”: “I have no objection to the UIDAI [Unique Identification Authority of India] sharing information provided by me to the UIDAI with agencies engaged in delivery of public services including welfare services.” These terms have not been defined by the UIDAI while personnel at enrolment centres advise people to give their consent for the sake of future convenience. In the propagation of Aadhaar, the government has failed to highlight or explain this consent-taking, as also the fact that there exists a way to lock one’s biometric data (unlocked by default) on the resident portal of the UIDAI website through OTP (one time password) authentication via a registered mobile phone. The latter feature is not highlighted and is also out of reach for those without access to the internet or a mobile phone.

These issues are not even touched upon by the Aadhaar Act, which adds to the imbroglio by way of Clause 57: “Nothing contained in this Act shall prevent the use of Aadhaar number for establishing the identity of an individual for any purpose, whether by the State or any body corporate or person, pursuant to any law, for the time being in force, or any contract to this effect.” Such a clause clearly allows non-state entities to use Aadhaar authentication and gain access to data, which has already happened. The UIDAI recently stopped 24 firms from using its data in an unauthorised manner following public complaints. Adding to the confusion is the definition of “biometric information” in the act that is being kept open to include “other biological attributes” (read DNA) in the future, as well as the Supreme Court’s puzzling order in February 2017—diametrically opposed to its orders about not making Aadhaar mandatory—to make the linking of all SIM (subscriber identity modules in mobile phones) cards with Aadhaar numbers compulsory. All this raises many troubling questions about control and access to such big data; not just demographic, but also biometric data.

Through the promotion of Aadhaar, the Indian state is behaving like a corporate entity that provides services on the condition that it gets access to our information and can potentially keep us under surveillance. Clearly, a state that wants transparency from its people is not trying very hard to be transparent itself.


– See more at:

Related posts

Aadhaar must for Bhopal gas relief – The Illegal order #WTFnews

New Delhi, March 7: The Centre has made Aadhaar essential for the 1984 Bhopal gas tragedy compensation, undaunted by the uproar over making the IDs mandatory for school mid-day meals.

All those entitled to the Bhopal cash aid will have to provide Aadhaar or enrol for one by June 30 to continue getting the assistance, according to a notification issued by the Union ministry for chemicals and fertilisers yesterday.

The compensation is paid for “death, permanent disability, injury of utmost severity, cancer, total renal failure and temporary disability” suffered by the gas victims. The process of providing the assistance continues even 32 years after the tragedy because of a long legal battle with Union Carbide, which owned the plant from where the toxic fumes leaked in December 1984, over damages.

On the midday meal, however, there were indications the HRD ministry may extend the June 30 deadline for furnishing Aadhaar or proof of having applied for one. The ministry may take up the matter with the PMO after realising the target is unrealistic.


According to the National University of Educational Planning and Administration (NUEPA), which collects information on enrolments, nearly 2.5 crore children have so far provided Aadhaar details. But given that nearly 10.5 crore schoolchildren in government schools have the meals, that still leaves a huge number out of the Aadhaar net.

Faced with protests, the Centre today said no child would be deprived of the meals and those without Aadhaar can use alternative IDs. The BJP circulated the statement.

Upset with the spate of orders making Aadhaar mandatory for a host of services – including scholarships and the maternity benefit scheme – women activists have started protests and described the diktats as an “effort to dilute hard-won legal entitlements”.

Curiously, Aadhaar has brought transparency and accountability activists on the same platform as those sceptical of giving every citizen a unique identity.

Aadhaar sceptic and researcher Usha Ramanathan said the government’s claim of the Unique Identification Authority of India (UIDAI) – which issues Aadhaar cards – being the remedy for all corruption was negated by the fact that those who fought for the Right to Information Act were opposed to it. “The UID (unique ID) inverts the idea of transparency. It makes people transparent but the state opaque.”

“First, they said the poor would be given an identity. Then it became that you will not get your entitlement if you don’t have this number. What we are seeing today is rampant and shameless illegality by the State as the Supreme Court has clearly said Aadhaar should not be made mandatory. Even in six areas, including PDS, MNREGA, Jan Dhan and LPG where the court has allowed Aadhaar, it has said this should be voluntary,” Ramanathan said.

RTI activist Anjali Bhardwaj dubbed “fallacious” the Centre’s contention that Aadhaar would end corruption.

Another activist, Amrita Johri, pointed to an audit of 42 PDS outlets in Delhi and said Aadhaar biometrics did not work most of the time, as a result of which many were denied their monthly ration. “If biometrics do not work properly in Delhi, imagine what the situation must be like in other places where (Net) connectivity is worse,” Johri said, adding the Aadhaar rule was leading to exclusion. “When the biometrics do not work, the default setting on the records is that people did not come to the PDS shops.”

Magsaysay winner Bezwada Wilson, among the petitioners in the Supreme Court case against Aadhaar, flagged a problem faced by vulnerable groups.”Some of us, born into families involved in scavenging, may want to bury our identity but society does not allow us that. Now Aadhaar is further institutionalising it. It is an obstacle to our bid to come out of our identity.

Related posts

Aadhaar made mandatory for a host of farm sector schemes #WTFnews

Farmers without an Aadhaar card have to apply for it by the end of March and till that time they can avail welfare schemes by furnishing a proof of their application

More than 1.12 billion people have so far been enrolled under Aadhaar. Photo: Mint

More than 1.12 billion people have so far been enrolled under Aadhaar. Photo: Mint

New Delhi: For better targeting of central subsidies, the government has made Aadhaar mandatory for a host of schemes under the agriculture ministry, from soil health card and horticulture development to the Prime Minister’s flagship crop insurance scheme launched last year.

The notifications mandating Aadhaar for availing benefits under these schemes were issued last month, simultaneous to similar orders for big ticket schemes like food subsidy and mid-day meals for school going children.

For the flagship soil health card scheme, which seeks to inform farmers about nutrient levels in their land and check imbalanced use of fertilizers, a notification mandating use of Aadhaar was issued by the ministry on 20 February.

According to the notification, farmers without an Aadhaar number have to apply for it by end of March and till that time they can avail services under by furnishing a proof of their application.

Similarly another notification was issued on 8 February requiring beneficiaries to furnish their Aadhaar numbers for availing subsidies under all six sub-schemes of the mission for integrated development of horticulture (MIDH). However, for these schemes the notification does not mention any cut off date and says farmers will continue to get benefits till the time they have an Aadhaar number.

On 8 February, the ministry issued another notification mandating the use of Aadhaar for the flagship crop insurance scheme, Pradhan Mantri Fasal Bima Yojana (PMFBY). Here too, farmers can continue to avail benefits till the time they have an Aadhaar number by furnishing alternative identity documents such as employment guarantee cards or voter id cards.

Aadhaar is a 12-digit unique identification number issued by the Unique Identification Authority of India (UIDAI) after collecting biometric data of residents. Its for availing subsidies got legislative backing in March last year after the Aadhaar Bill was passed by Lok Sabha.

Earlier this week, government said that no one would be deprived of benefits of various welfare schemes due to lack of Aadhaar. So far, more than 1.12 billion people have been enrolled under Aadhaar.

Related posts

India – Linking #Aadhaar to legal entitlements will affect women, children #womensday

  • Asad Ashraf | New Delhi

Representational image (Photo: Getty Images)

The recent announcement by the Human Resource Development Ministry to link Aadhaar card with various government programmes has caused much ire among activists working on legal entitlements. Such activists working with different organisations came together here on Tuesday on the eve of Women’s day and slammed the government for making Aadhaar card compulsory for availing several schemes which apply directly to women and children.

The case against Aadhaar is pending in the Supreme Court at the moment, and legal experts believe that making it mandatory for anything in the mean time is illegal. Usha Ramanathan, an independent legal researcher, said, “To make Aadhaar mandatory as of now is completely illegal. “

“What we are seeing today is rampant and shameless illegality by the state. The Aadhaar inverts the idea of transparency. It makes people transparent but the state opaque. The Aadhaar has become about finding new ways to deny people their entitlements rather than making sure people actually receive entitlements. We are at a point when there are 50 per cent of children who are malnutritioned and now we are saying that they will not get food because they do not have an Aadhaar card,” she added.

The Statesman also spoke to those who have been denied entitlements as they do not have an Aadhaar cards.

Gita from Laal Gumbad, Delhi, said her husband, eldest daughter and she had Aadhaar numbers while her other three children did not. She said “I gave birth certificates of 3 of my children who did not have Aadhaar. But they said Aadhaar is mandatory, then I got their Aadhaar cards made but when I went again they told me that now the quota is over and I cannot get rations.”

Amrita Johri of Satark Nagrik Sangathan explained, “Aadhaar relies on internet and electricity. This might seem like a problem only of rural areas. But we don’t have to go far. In South Delhi in East Mehraam Nagar there is a ration shop with no signal, no network. Officials said we have to show that Aadhaar is a success. Finally in this South Delhi ration shop the POS  ( Public Distribution System) machine was hung on a jamun tree so it could work.”

She asked “When there are so many failures, why is there no acknowledgment of this by the government?”

Anjali Bhardwaj, of  Satark Nagrik Sangathan, said, “Official data of the Delhi Government shows there is 0% failure rate of biometric authentication using Aadhaar. Despite the fact that on the ground we have found people whose biometrics never match with the machine. Those with biometric failures are shown as not coming to collect rations. Those who are shown as not coming to collect rations are shown as bogus, cards are cancelled and these are declared as savings.

“The Prime Minister said in the Lok Sabha in February 2017 that 4 crore ration cards were found bogus through use of Aadhaar in PDS. However, there is no information in the public domain about the details of these so-called bogus cards and the basis for declaring them bogus,“ she said.

Magsaysay Award winner Bezwada Wilson of the Safai Karamchari Andolan said, “It is a problem for identity ~ identity of vulnerable communities. We (manual scavengers) want to bury our identity but society doesn’t allow us. Aadhaar is a stigma upon us forever. Aadhaar is an obstacle it makes our identity forever. “

Related posts

Why is government so desperate about #Aadhaar that it’ll let children go hungry?

Government is treating people like Big Data.


If the Supreme Court of India is anything to go by  – and it is the highest jurisprudential body in the country – the unique identity (UID), or Aadhaar, is not mandatory. At most, it’s a voluntary identification proof for a host of public services. However, the one place where routine flouting of this extremely pertinent top court order is taking place at an ever accelerated pace is the government of India.

From booking train tickets on the Indian Railways online, to accessing mid-day meal schemes, to disabled persons getting scholarships, or women rehabilitated from sexual trafficking, a host of public, or government-affiliated services would now require the Aadhaar as the mandatory proof of identity. In contravention of strict orders from the Supreme Court of India.

Aadhaar and public welfare

This report lists 11 such schemes – namely, National Action Plan for Skill Training of Persons with Disabilities, Central Sector Scholarship Schemes, Saakshar Bharat (adult literacy), Sarva Shiksha Abhiyan, National Health Mission, National Career Services, Support to Training and Employment Programme (women-centric entrepreneurial assistance), Ujjawala Scheme under the Protection and Empowerment of Women Scheme, Swadhar Greh Scheme, Support to NGOs for Adult Education.

Moreover, the deadline for obtaining Aadhaar is woefully close, barely one to three months, and in some cases, on the same date of the announcement, February 27, 2017, such as those from the ministry of labour and employment pertaining to the National Career Services schemes.

In a country which has the highest number of malnourished children in the world, denying hungry kids the most important (and often the only) meal of the day because they do not have a particular identity card is not only shameful, it’s inhumane, and a recipe for humanitarian disaster.

When a government prefers sending a hungry child back over proof of identity, it’s time to seriously doubt its intentions.

Instead of prioritising children’s health, ensuring that they get nutrition benefits, improving the quality of the meals and implementing safeguards and rules for high quality food, the government is hell bent on taking away the meagre morsel that the children could get under the mid-day meal scheme as part of free schooling under Right to Education.

Similarly, those who need skill training, guaranteed employment, help with rehabilitation after forced sexual or child labour, disaster and many other chronic problems, routinely come from the poorest backgrounds and are highly dependent of state largesse for sustenance.

Instead of bolstering the shaky public welfare system, fixing leakages and ensuring better and prompt delivery, the government is now creating hurdles to block access, going against the Supreme Court judgement.

In Jharkhand, for example, compulsory biometric authentication, Jean Dreze observes, is already denying people their basic rations. However, in Gujarat, theft of food rations is happening despite Aadhaar, and is therefore evidence how biometrics is not a fool-proof method of eliminating “de-duplication”.

Many security breaches

Moreover, there have been way too many glitches in the system and the billion-plus Aadhaar database, with the supposed unique identity number and biometric verification of over 100 crore Indians, has been accessed, illegally of course and in breach of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act 2016, by private companies. Reports of salesmen selling Reliance Jio SIM cards having Aadhaar data of potential customers they were trying to woo have already surfaced.

In addition, Axis Bank Limited, Suvidha Infoserve and eMudhra have been accused of performing multiple Aadhaar transactions using stored biometrics, in contravention of the Aadhaar Act. This means that private companies not only access Aadhaar database, they have it stored in their servers which they use to authenticate identities of customers illegally.

Why is Aadhaar becoming the end in itself, from its initial inception as the means to an end?

Moreover, Aadhaar has been issued to illegal immigrants, to non-existent persons, to dead persons, duplicated several times, used for religious profiling, commercially exploited by companies for selling their products.

Yet, there’s no mechanism by which the citizen whose identity has been compromised can redress the issue, register a complaint, or even lodge an FIR. Security breach in Aadhaar is tilted woefully against the citizen whose privacy stands dearly compromised and prone to misuse.

So is the government forcing Aadhaar – a biometric identity and database with huge, huge loopholes and security/prvacy issues – on citizens by linking it with basic welfare, banking and public services? Yes. Is this illegal? Yes. Absolutely.

Surveillance and control

Why then, we must ask, is Aadhaar becoming the end in itself, from its initial inception as the means to an end? The biggest Aadhaar enthusiasts, particularly Nandan Nilekani, the former chairman of the Unique Identity Authority of India, saw Aadhaar as the portal to a technological utopia, and biometric identity as the means to have in India something like the American social security number.

However, the push towards making Aadhaar mandatory by linking it with public welfare schemes and the public distribution system, is in violation of basic human rights. As data shows, in over 99 per cent of cases, Aadhaar wasn’t the first and primary proof of identity that was given. In order to obtain Aadhaar, another redoubtable proof of identity was already required.

Therefore, the government push to make Aadhaar mandatory is less about establishing identity and more about having a staggering database that links biometric identity to almost each and every public and private facility, making surveillance and control by the government, and the private companies that can access Aadhaar, increasingly seamless.

This is exactly what the Aadhaar skeptics feared from the beginning. A unique identity-driven database of over 100 crore people that has been seamlessly linked with all the government facilities – including banking, schooling, healthcare, education, skill training, employment, as well as commercial experiences such as shopping, eating out, travel, accommodation, etc., means that each and every activity of an individual is now trackable, making the citizen extremely vulnerable to government control, and indeed government wrath.

As this report shows, the Aadhaar database is more intrusive than the US surveillance system. It was none other than Edward Snowden, the opposer-in-chief of the US-led mass surveillance, whose NSA files revealed the extent of Aadhaar intrusion. It’s almost boundless, with iris scan, finger prints, and if Arun Jaitley is to be believed, soon even the DNA details, connected to “biometric identity” of over a billion people.

Why would I need my DNA to withdraw money – my own, hard-earned money – from the bank? Wouldn’t it leave me terribly, terribly susceptible to both online frauds and government wrath, in case I voice my opinion on something that is not in keeping with the ideas that sit happily with the regime?

Resistance and government coercion

While the UPA government brought in Aadhaar, the NDA government, despite Narendra Modi-led BJP staunchly opposing it during the Lok Sabha election campaign, has not only made a volte-face, it is resorting to ever draconian measures to push Aadhaar down our collective throats.

Combined with domonetisation and the cashless push, the emphasis on Aadhaar as a one-stop citizen database has enormous implications when it is in the hands of a regime that is so overtly xenophobic, militaristic and vindictive.

While Aadhaar-related security breaches leave the individual wide open to commercial exploitation and identity fraud, they put the dissenting citizen at the mercy of a government which has biometric identity as the one-stop information catalogue. Can you imagine what a particularly malevolent regime would wield on individuals who criticise it, or expose fraudulence, discrimination, policy-level incompetence, corruption at the highest level?

Exactly as the government becomes ever more demanding of transparency from its citizens, it’s turning into an opaque black hole, with very little real information and too much noise, political distractions, and other means of keeping the citizenry looking away from Parliament and the ministries, as it passes more draconian legislations.

Moreover, while the civil resistance to Aadhaar is slowly building up, and while issues like right to privacy are gaining ground, the government is accelerating the pace at which it wants to complete its task of compiling the largest ever biometric database in the world.

When a government prefers sending a hungry child back over her proof of identity, it’s time to seriously doubt its intentions.

Related posts

Here’s Why You May Never Find Out If Your Aadhaar Data Has Been Hacked

The debate over the security of data collected and stored under the Aadhaar project is heating up. While the Unique Identification Project has always had strong supporters and equally strong detractors, the latest controversy has been sparked off by an alleged breach of biometric data.

On February 25, Mint reported that the Unique Identification Authority of India (UIDAI) had detected a breach of biometric data and filed a police complaint on February 15 against Axis Bank Ltd, business correspondent Suvidhaa Infoserve and e-sign provider eMudhra with the allegation of impersonation using illegally stored biometric information.

These entities deny storage of any data and claim that the business correspondent was merely testing the platform which accidentally sent authentication requests to the live server instead of the testing one. Still, the incident has sparked concerns about the security of data in the possession with the UIDAI and also the redressal mechanism in the case of a breach like this.

Interestingly, it turns out that the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act is silent on making the UIDAI liable for reporting any breaches.

Legal experts that BloombergQuint spoke to point out that while the international principles of data collection require that any breach or abnormal activity be revealed to the users and authorities quickly, the Aadhaar regulations give no such assurance.

Delhi-based lawyer Apar Gupta said that a user may never really get to know if there was a data breach in the Aadhaar database which compromised their personal data, unless the authority chooses to voluntarily disclose it.

“There is no provision under the act for notification to the public that there’s been a breach of their data. The breach includes both hacking of identity data and unauthorised authentication carried out by someone impersonating a citizen,” Gupta said adding that the authority is “whole and sole” and it isn’t liable to even disclose it under the Right To Information Act or to the parliament.

A broad comparison can be drawn to  system breach in the banking system last year which led to 32 lakh debit cards being compromised. While banks are not required to disclose details of the breach to the public, they are required to report it to regulators immediately. Customer protection provisions also ensure deposit protection to some extent.

In contrast, there is no regulatory oversight of the UIDAI which keeps it away from scrutiny, Gupta said. “There is an absence of a breach notification requirement under the Act,” he added.

Rahul Matthan, partner at law firm Trilegal said that all technological systems are likely to be breached at one point or the other and the Aadhaar Act has strong provisions against nefarious elements wronging the system.

“There is a clear violation of the law in this case no matter who has done it,” Matthan said while adding that it is  not clear where the violation has happened.

If a bank employee steals your money, there is nothing you can do since the bank expects all employees to behave properly. It’s the same thing here as all participants in the process are expected to keep information safe.

Rahul Matthan, Partner, Trilegal

Matthan said that storing of biometrics is wrong and illegal and the concern stems from the potentiality of people using this information left, right and centre.

He also added that protective provisions of the IT Act will apply to Aadhaar as well.

“Any data breach is required to be disclosed under the IT Act but whether that is followed or not is a separate question,” he said. Every authentication under the system is reported to the citizens through an SMS which is effectively informing them of unusual activity, he added.

However, there remains a loophole here for those who do not have their correct phone numbers updated in the Aadhaar system.

Gupta also said that even if one gets to know about their Aadhaar being misused, there is no guarantee under the Act that a redressal will be provided.

In chapter 7 of the Aadhaar regulations, there is a provision for a grievance redressal mechanism whereby a person can approach a call centre through phone or email which will provide residents with a tracking number till the matter is closed.

Gupta believes that this is not enough.

“Even the IT Act has the same absence of reporting principles as the Aadhaar Act so it is substantively insufficient,” he said. “There is no requirement for the call centre to give you a reasoned order like a public authority does. There is no specification to give you a reason if they don’t agree with you and why they can’t help you. The process doesn’t ensure that people’s dispute will be determined by the principles of natural justice.”

Additionally, Sunil Abraham, executive director of Bangalore-based Centre for Internet and Society told BloombergQuint that a privacy law was promised when the Aadhaar Act was being passed in the parliament. That never happened so the system remains deficient on redressal.

I don’t think there is a data breach provision in the act. They said don’t worry, a privacy bill is coming which never happened. But whether we have privacy bill or not, as long as there is centralised biometric data, we are in constant danger.

Sunil Abraham, Executive Director, Centre for Internet and Society

Related posts

Kerala HC Issues Notice In A PIL Against Use Of Aadhaar Biometric Data By Pvt Telecom Operators


A public interest litigation has been filed before the High Court Of Kerala against permitting private telecom operators to use biometric data collected under Aadhaar programme for authenticating customer identity while issuing SIM cards.

The PIL, filed by one Shyam KJ, who claims to be an “avid user of Information Technology, and a staunch advocate of enhanced transparency, personal freedom and individual privacy in internet and telecommunications”, contended that there is no law specifically enabling private entities to use biometric data for authentication purposes.

According to the petitioner, Section 57 of the Aadhaar Act 2016 permits private entities to use only the Aadhaar number for establishing the identity of a person. Therefore, use of biometric data for such purposes by private entities is not contemplated by the Act.

However, the Aadhaar (authentication) regulations framed by the Unique Identification Authority of India (UIDAI) enable private entities to make use of biometric data for authentication. The regulations permit private entities to be registered as ‘e-KYC user agencies’ that can make use of biometric and demographic data for authentication purposes. Therefore, it is contended that the regulations are ultra-vires the Aadhaar Act.

Also, a circular dated 16.08.2016 issued by the Department of Telecommunications, Ministry of Communications, Govt of India, was also stated to be repugnant to the Aadhaar Act, as it directs telecom licensees to make use of Aadhaar e-KYC for customer authentication.

It was alleged in the writ petition that the agents and retailers of mobile operators were not following the procedure laid down in the regulations while using biometrics of customers.

It was also alleged that the informed consent of the customer is not taken before using his biometric data, and that no proper record of authentication transactions is maintained in the manner mandated by the Act. In this context, it is relevant to note that LiveLaw had earlier published an article that raised concerns about the use of biometric data by private operators.

The petition raised apprehensions about the safety and confidentiality of biometric data.

According to the petitioner, use of biometric data for authentication was grossly unreasonable, unwise and dangerous, as any compromise in data safety could lead to irreversible damage. The petition, therefore, sought a declaration that private entities cannot use biometric data, in view of the language of Section 57. The petition also sought to quash the provisions of the regulations that permit the private operators to use biometric data, and also the circular dated 16.08.2016, to the extent that it is repugnant to the Aadhaar Act.

The court issued notices to the respondents and posted the matter for their response.

Related posts

FIR against Chairman, Skoch Group for his article on Aadhaar #WTFnews


A police source said that they received a complaint regarding this from Yashwant Kumar, the assistant director general of UIDAI.

Kochhar has claimed that the Aadhaar ecosystem is flawed, vulnerable, has very poor security, and can be easily hacked.

 Kochhar has claimed that the Aadhaar ecosystem is flawed, vulnerable, has very poor security, and can be easily hacked.

New Delhi: The Delhi police has registered the first case under violation of Aadhaar Act 2016 against a man for allegedly spreading rumours on various social networking sites that the Aadhaar ecosystem is vulnerable. The complaint said that one Sameer Kochhar wrote a misleading article against the Aadhaar ecosystem and also uploaded a video to substantiate his claims.

The Unique Identification Authority of India (UIDAI) found the video and the article to be misleading and filed an FIR with the cyber cell of the Delhi police.

A police source said that they received a complaint regarding this from Yashwant Kumar, the assistant director general of UIDAI. The source said that they were yet to approach Mr Kochhar who wrote the article.

It is worth noting that the above-referred Mr. Kochhar is the Chairman, Skoch Group and also the author/editor of a book, ‘Modi’s Odyssey: Digital India Developed India’ – published in 2016, that includes an article – ‘Aadhaar at the Core of Digital India’, by Mr. Ram Sewak Sharma, former Director General, UIDAI (2009–2013) and currently the Secretary, D/o Electronics and Information Technology,M/o Communications & Info Tech, Govt of India. The article,
as expected, enunciates the official take on the subject issue.

In his article Mr Kochhar has claimed that the Aadhaar ecosystem is flawed, vulnerable, has very poor security, and can be easily hacked. He has also written that India is being taken for a ride by those with vested interest on Aadhaar enabled payment. He has further stated that the national security is at stake. The UIDAI discussed the matter with its legal team and it was decided that the article and the video was in violation of the Aadhaar Act 2016. The police said that they have registered a case, however, no arrest has been made so far.

The UIDAI has said in its complaint that Sections 34, 37, 9, 5 of Aadhaar regulations and Section 17-sub section 1 of chapter 3 of Aadhaar (authentication) regulations were violated by Mr Kochhar.

The police said that they have also added other relevant Sections of IPC and IT Act in the FIR. However, no arrest has been made so far.

The Delhi police has written in the FIR that the Aadhar Act System was not updated in their CCTNS system and hence they had to write it manually on the FIR.

Related posts