India‘s Unique Identity
The project has fired the imagination of policy-makers who believe biometrics can help the state identify and verify beneficiaries of social welfare schemes, allow portability of benefits across states, and enable administrators to link and track multiple databases at a finger-click.
Those opposed to Aadhaar point out that reforms in ration and jobs schemes have already been achieved through simpler technology such as SMS alerts, computerisation of lists and community supervision. In the absence of a comprehensive law on privacy and data protection, they say, the information being collected under Aadhaar and the scale of the programme have serious implications for misuse of personal information and tracking and surveillance by the state.
The scheme, run under an executive order since 2009, is not covered by any law. Since the beginning, Nandan Nilekani, who led the UID authority, maintained that the scheme is voluntary. But to expand enrolment under the scheme, the Centre has pushed state governments to ask residents to produce Aadhaar for any interaction with the state: to get employment in government schemes, to access provident fund, to open bank accounts, to vote, to register a marriage, and most recently, to adopt a child.
Over the last two years, the Supreme Court has passed three orders saying the State cannot make having an Aadhaar number a pre-condition for accessing public services. It is now set to give its final order on this.
Here’s an update on where the project stands, what are its stated benefits, and what are the concerns around it.
What is Aadhaar and how is it generated?
Aadhaar is the brand name of the Unique Identification project which aims to assign a unique number to every resident of India. To get this 12-digit number, residents are required to submit biometrics and demographic information to private enrolling agencies hired by the state governments.
Biometrics include the scan of all fingerprints, face, and the iris of both eyes. The demographic information includes name, date of birth, gender, residential address. A resident who does not possess any documentary proof of identity or proof of address can still enrol and get an Aadhaar number by being introduced by a designated “introducer”.
The data thus collected is encrypted and a digital signature is applied to the data file. It is then sent to the Unique Identity Authority of India’s Central Information Data Repository at Bengaluru where it is compared against every other person who has previously enrolled. This is called “de-duplication”. Only after a confirmation that there is no other person with the same details, does the CIDR send a letter containing the Aadhaar number by post.
The process aims to ensure that every person has just one Aadhaar number.
Is Aadhaar legal?
The previous government introduced the National Identification Authority of India Bill in December, 2010. This bill was referred to a parliamentary committee on finance under Bharatiya Janata Party MP Yashwant Sinha. The committee rejected the bill in its report in December 2011. It said the “collection of biometric information and its linkage with personal information of individuals” without amending the Citizenship Act “appears to be beyond the scope of subordinate legislation, which needs to be examined in detail by Parliament”.
The bill was sent back but since it was not reframed, the UID project or Aadhaar continues to function without a legal framework and parliamentary oversight.
Constitutional experts and critics of the project have pointed to UID’s potential to become a powerful tool for social control and surveillance by the state, and the implications of this for dissent in a democracy. Legal scholar Usha Ramanathan describes the UID as an inverse of sunshine laws like the Right to Information. While the RTI makes the state transparent to the citizen, the UID does the inverse: it makes the citizen transparent to the state, she says.
The parliament committee too had recognised these risks. It had pointed to lessons from the United Kingdom, which had abandoned its Identity Project of 2006 and dismantled the collected biometrics database, citing it as a potential danger to public interest and to the legal rights of individuals.
How does Aadhaar improve things?
The government says biometric authentication is meant to prevent identity fraud – for example, someone collecting wages in someone else’s name. In 2012, when Aadhaar-based pilot projects were introduced, one of the biggest benefits described was doorstep delivery of welfare services to the poor.
For example, under the employment scheme MNREGA, bank accounts “mapped” with 12-digit Aadhaar numbers were to be opened for workers at the time of their enrolment in Aadhaar. Banks would hire agents called banking correspondents who would travel to villages with hand-held devices and cash. Workers’ fingerprints would serve as their PIN. Once their biometrics matched with the data in UIDAI’s database using real time-internet connectivity, they would get their wage payments on the spot from the agent.
Using Aadhaar for ‘authentication’, this benefit distribution drive ran into problems on the ground – poor internet connectivity, bank technology upgradation, lack of security, doubts over the integrity of banking corespondents.
How can Aadhaar eliminate leakages?
After the Aadhaar-based ‘authentication’ model failed, the government abandoned the focus on last-mile delivery. It limited its efforts to using Aadhaar for ‘de-duplication’, or eliminating fake and ghost beneficiaries.
Essentially, the government wants to match its welfare databases against the Aadhaar database. This could have been done most easily by getting people to record details of their ration cards while enrolling for Aadhaar. But given the lack of legal framework and subsequent Supreme Court orders, the government could not do this. Instead, through state governments, orders have been issued to local authorities asking them to get beneficiaries to mandatorily submit their Aadhaar numbers to access welfare services like food rations under the public distribution system, NREGA wages, pensions, among others.
In the first step, local authorities collect the numbers and upload them to the UID database. In the second step, a verifier based anywhere in the country compares the demographic details in two databases – the names and residences in the ration list and the demographic information collected by UID to check if the two match or not. In the third step, random checks are done on a few people in the system. After that, the Aadhaar data is “seeded” in the PDS database.
The discrepancies that become apparent during the process have been described as “ghosts” or “fake claimants”, essentially people who do not exist or who have duplicate cards. The government claims to have removed lakhs of fake and ghost beneficiaries through this process in various schemes.
A few academics and legal experts, however, have questioned whether some of the “ghosts” are those who missed enrolment, or those who did not know about the “seeding” requirements, or those simply not interested in enrolling for a Unique Identity card. District officials admit that while rushing through the process, in some instances names of beneficiaries were simply struck offwhen they could not be located immediately.
How many have enrolled so far?
Till July 2015, 87 crore, or 72% of India’s population of 120 crore, had been provided a Unique Identity number at a cost of Rs 5,980 crore. According to UIDAI Deputy Director General Sreeranjan, this covers over 94% of adult population in 18 states, with mostly children and adolescents below 18 years age still left out. (Those below 18 will have to enrol twice for their biometrics to be fixed in the database.)
However, the extent of “seeding”, or linking Aadhaar to welfare schemes, is quite low. For the public distribution scheme, it is as low as 11% of the beneficiaries, said a Finance Ministry official.
Concerned about this, the government is putting pressure on central ministries and state governments to speed up the process. For instance, despite its stated position in the Supreme Court that Aadhaar enrolment is voluntary, from April 1, the central government made UID mandatory for MNREGA payments in 300 districts. Workers who did not have an Aadhaar card were to be “escorted” to the enrolment centres. Last month, it required all those drawing social pensions be enrolled in Aadhaar, even setting aside funds for their transport and refreshments.
What explains the government’s haste? Maintaining two lists of beneficiaries, one with Aadhaar and others without will be a hassle, the government says. Further, officials explain that Aadhaar will work best when everyone opts for it. Every time a new person enrols their biometrics and demographics are matched against every other person who has previously enrolled, in what is called “de-duplication”. Only when everyone is on the system can this de-duplication be done most reliably. In effect, Aadhaar will not work until everyone is on it.
“The system would work best if everyone is enrolled, with their details seeded at the time of enrolment, even if this took a few years,” explained an advisor to government who worked on implementing Aadhaar. “In the future, if more and more people without Aadhaar started appearing in the database, it will make it harder to authenticate who they are.”
This is how the UIDAI describes it:
“Since de-duplication in the UIDAI system ensures that residents have only one chance to be in the database, individuals are made to provide accurate data. This incentive will become especially powerful as benefits and entitlements are linked to Aadhaar.”
So far the government has maintained that Aadhaar is not mandatory for welfare benefits. But in the course of the final hearing in the Supreme Court last week, the government filed an affidavit asking the court to lift its stay orders and allow it to make Aadhaar mandatory. Further, it has said that it plans to link Aadhaar to more and more public services: to providing passports, PAN cards, railway bookings, to telecommunications (mobile, internet, data), and prison management systems.
This would create a situation where a citizen has no choice but to get on to the government’s Aadhaar database.
The petitioners say this would be disastrous since India does not have a law on privacy and data protection.
On Wednesday, countering the petitioners’ case that Aadhaar imperilled privacy, Attorney General Mukul Rohatgi argued that there is no fundamental right to privacy under the Indian constitution. He asked that the petitions be referred to a larger constitutional bench. This will delay a decision on the project’s fate for now and allow the government to continue enrolling residents under the scheme.