Opinion » Comment

Updated: February 6, 2013 00:30 IST

Questions for Mr. Nilekani

S. G. Vombatkere
Comment (10)   ·   print   ·   T  T  
EYES WIDE SHUT: Retaining biometric efficiency of data on a large scale does not seem to have been analysed while queries on privacy have not been addressed.
The Hindu
EYES WIDE SHUT: Retaining biometric efficiency of data on a large scale does not seem to have been analysed while queries on privacy have not been addressed.

The architects of the unique identification scheme are yet to provide satisfactory answers to concerns about data security

The Aadhaar scheme of the Unique Identification Authority of India (UIDAI) is to provide India’s billion-plus people with a unique identification number. Enrolment is not mandatory, though it was mentioned that it would be difficult for people to access public services if not done. The scheme requires individuals to provide their photograph, fingerprints and iris scan along with documentary personal information for data capture by outsourced operators. It is meant to bypass the corrupt bureaucratic system and deliver government subsidies and grants to the poor, and bring them into the banking system. Sceptics argue that it is an effort to capture the funds of hundreds of millions of micro- and nano-investors who are today outside the banking system, to bring them into the credit economy.

The scheme was introduced as a pilot project in Karnataka’s Mysore district. The poor and those who survive on daily wages were not enthusiastic about enrolment, because it meant losing four or five days wages, to stand in queues, to fill up forms, to produce documents, to provide biometrics, etc., and, later, to open bank accounts. The UIDAI overcame the initial reluctance by wide advertisement of the benefits of enrolment. When this too did not achieve the target set, the local administration informed the public that PDS ration and LPG supply would not be available without the Aadhaar number. This resulted in serpentine queues right through the day at enrolment centres, at the end of which the UIDAI could claim that 95 per cent of Mysore district’s population had enrolled itself into the scheme.

Media reports indicate that commencing January 1, 2013, MGNREGA, the Rajiv Gandhi Awas Yojana (RGAY), the Ashraya housing scheme, Bhagyalakshmi and the social security and pension scheme will be linked with Aadhaar in Mysore district. This linking, with rights like salary and pension, and important entitled benefits and services, has raised some hackles because enrolment is not mandatory.

It has led to questions on whether salary and pension rights, and benefits like PDS ration and LPG supply can be denied just because an individual does not possess a unique Aadhaar number. Today, teachers in Maharashtra and government employees in Jharkhand cannot draw their salaries. Apart from pro-poor projects like MGNREGA and RGAY, even jobs, housing, provident funds and registering a marriage now require enrolment. From being not mandatory, the “poor-inclusive” Aadhaar scheme appears to have quietly metamorphosed into becoming exclusionary and non-optional.

The UIDAI’s own Biometrics Standards Committee stated that retaining biometric efficiency for a database of more than one billion people “has not been adequately analysed” and the problem of fingerprint quality in India “has not been studied in depth.” Thus the technological basis of the project remains doubtful.

Criticism from the top

However, the severest critic of the entire scheme has been the Parliamentary Standing Committee on Finance (PSCF), which deliberated that the Aadhaar scheme is “full of uncertainty in technology as the complex scheme is built upon untested, unreliable technology and several assumptions.” It found Aadhaar to be “directionless” and “conceptualized with no clarity.” But the UIDAI shelters under the Prime Minister’s protective wing and continues to stonewall not only public queries and criticism, but also the unequivocal verdict of the PSCF.

Possibly even more serious is data security, and the consequent threat to privacy. The UIDAI claims that access to its database will be secure from intelligence agencies. This claim is hollow, because the Aadhaar project is contracted to receive technical support from L-1 Identity Solutions (now MorphoTrust USA), a well-known defence contractor. Contracts are also awarded to Accenture Services Pvt. Ltd., which works with the U.S. Homeland Security, and Ernst & Young to install the UIDAI’s Central ID Data Repository. It is impossible to ensure database security when technical providers are American business corporations, and U.S. law requires them to provide information demanded of them, to U.S. Homeland Security. But the UIDAI is in denial.

If biometric data and other personal information fall into the hands of unauthorised agencies, privacy is unequivocally compromised. Compromising an individual’s personal data affects only that person, but when the personal data of many millions of people is involved, there is potential for a national disaster. The fact that the UIDAI is silent on or evasive about these security concerns does not inspire confidence in the capability of the UIDAI or the Aadhaar system to maintain the right to personal privacy.

Though the Aadhaar project is “not mandatory,” enrolment by threat of exclusion from availing benefits and services, and threat of denial of rights like salary or pension makes it non-optional. This kind of deviousness is unbecoming of a democratically elected government. Coming on top of many huge scams, the present government may suffer electorally if it persists in using unethical, extra-legal coercion to impose the security-defective, technologically unproven, very expensive UID Aadhaar scheme on the public.

(Major General S.G. Vombatkere, who retired as Additional Director General, Discipline & Vigilance in Army HQ, New Delhi, writes on strategic and development-related issues.)

More In: Comment | Opinion

linking LPG cylinders to AADHA.R is step that should not have been taken with inadequate and incorrect enrolling procedures. In my own family out of 6 people "enrolled" 5 people got rejection letters and are asked to re-enroll again. What a waste of time and effort! People who have no experience are doing the specialized work biometric data collection and uploading to the data base. I do not know who pays for these lapses.
Adequate preperation has not been made to train staff.

from:  satish
Posted on: Feb 8, 2013 at 14:41 IST

Do not understand on what basis the author says "unauthorised agencies". Does he mean to say that just because they are US agencies they are not authorised to handle data of Indians? Can he guarantee the data, if handled by Indians agencies would be foolproof?
Funny Claim. If we go by that logic, does he also brand all Indian IT companies/employees as "unauthorised agencies" because we handle financial data for most of Fotune 500 companies. Even today there was a Credit Card Fraud detected with Indian involved. Would he question the integrity of all the Indians.

from:  Vijay
Posted on: Feb 7, 2013 at 17:46 IST

Every new scheme gets launched with some defects as it is almost
impossible to envisage each and every possible scenario. The schemes
will be launched even when there are known defects. The best example
- voter id system. It took a number of years before it reached a
level of perfection. How can one forget the issues with lot of cards
having incorrect details? I got my first voter id with incorrect date
of birth. The system has just started evolving itself with the scheme
to do direct payments of gas price subsidy into the beneficiary's
account. If any government payment process is linked to it, and
automated, then obviously, they would be made promptly without human
intervention! With such a system, combined with RTI, corruption can
be minimized. I guess waiting for couple of years more to see the
effectiveness of Aadhar is not an irrational thing to do. After all,
we lived this long with so many problems and so much of inefficiency.
Eventually, security issues will be sorted.

from:  Ravi Thota
Posted on: Feb 7, 2013 at 16:22 IST

To check on any possible wrongdoing by the cooking gas distributor from
whom I get my cooking gas, the government wants to collect through my
savings bank total information about me, the consumer.Will this be right
when the whole exercise is to prevent any wrongdoing by the gas
distributor and not by me. What the government should do is to make
random check with consumers, that too with their willing co-operation.
There is no reason to suppose that consumers will not be willing to co-

from:  K.Vijayakumar
Posted on: Feb 7, 2013 at 15:00 IST

The article is not covering all view points
- It is important to know what role the non-Indian vendors are playing in
Aadhar project, before raise a red flag.
- We are mixing privacy with national security. If any intelligence
agency needs personal details, Aadhar is the not the only place to get it
- I am not sure of the meaning of untested technology. The fact that
Aadhar uses open source does not mean the data is out in the open. Most
US government organizations use open source
- Aadhar only assigns a number to an individual. It does not store any
financial or other potentially vulnerable data on their servers.
Every national project of this magnitude is bound have to some drawbacks.
We should see the positive side of it. Aadhar could help with improved
tax compliance, reduced fraud in subsidies, better detection of crime,
easier loans for the deserved etc.

from:  Venkat
Posted on: Feb 6, 2013 at 17:43 IST

the facts and concerns raised by author is genuine and of highly
priority,but i think Mr. Nilkani must be aware of the threats and
government must be examining all pro and con of the scheme before
fully implementing the scheme. but one thing really envisage doubt the
policy of making it not mandatory, is it due to democratic freedom or
to keep self from future legal accountability. government should take
steps to keep privacy and data hiding of its citizens first before
implementing the scheme in whole country as it may in future become a
bane instead of boon.

from:  anupam swain
Posted on: Feb 6, 2013 at 17:39 IST

I agree with the author's objections. This is a scheme to trap the
uneducated and ignorant masses. The government is lax in
paying the legitimate dues of it's citizens. How can it be expected
to pay these subsidies promptly? To give a few examples of this
please note the following:-
The SC in it's judgement of 4 September,2012 asked the
government to pay certain arrears within 12 weeks. It is more
than 5 months and this has not been paid. In August a committee
met to improve the pensions of ex-servicemen. In September it
announced that they had met the demand of OROP, though they
actually tried to cover up an anomaly of granting pension as per
the Pay Commission report. To cover up this and to avoid paying
huge arrears they corrected the mistake but admitted it only
prospectively. This increase in pension has yet to see the light of
day in payment of pensions.
Therefore expecting payment of subsidies to millions of citizens
is just a dream and the results will be disastrous.

from:  S N IYER
Posted on: Feb 6, 2013 at 09:43 IST

I had mentioned when Nandan Nilekeni started this exercise that it
will be a flop show.
Who has the time to wait for days to get the card? Why could he not
bring a system wherein the card is generated on the spot and issued!
And why should it not be made compulsory for all citizens?
The card not being made mandatory in itself is a room to commit fraud
by various sections.
Nandan needs to have guts and cant be a yes master to the top. He
either quits with grace or finish the job started by him. Cant waste
public money this way.

from:  B S Mani
Posted on: Feb 6, 2013 at 09:41 IST

There is no secret information of anybody that is stored in the
Database. Name, Address, Age, Gender are nothing to be secretive of.
If you go in a front of a person's house the full name and address are
written in bold letters. Also people more personal information in
facebook and other social media. What is the particular information
that people are worried will be compromised?
Biometric information has done wonders in Dubai. It will work in India
as well. Please give it sometime. I hope they create a database for
infants that will help in prevention of kidnapping.

from:  Kannan
Posted on: Feb 6, 2013 at 03:06 IST

Didn't see a very strong case here.
- UIDAI is enrolling 600 million people and the rest are being covered by National Population Register - not under Mr. Nilekani's remit
- Doubting global firms like Accenture on integrity is creating needless doubts; co.s like Accenture handle sensitive information around the world including defense
- Basing the article on the Parliamentary committee report without getting the facts right is exactly doing the same thing of which you are accussing Mr. Nilekani. Not expected from Hindu.

from:  Abhishek
Posted on: Feb 6, 2013 at 01:37 IST
Show all comments
This article is closed for comments.
Please Email the Editor

The Government of India has taken a serious view of the concentration of Pakistani troops along the border between India and East Pakistan.

Read more »



Recent Article in Comment

“While Mr. Modi’s invitation to Mr. Sharif to his swearing-in ceremony had been hailed as a ‘masterstroke’, the strokes played since have puzzled many in both Islamabad and in New Delhi, including the government’s supporters.” Picture shows Mr. Modi and Mr. Nawaz Sharif at the opening session of the SAARC summit in Kathmandu in 2014.

Best poised to deliver results

Mr. Modi has been proactive and successful in foreign relations but has stalled in Pakistan. It is time he scripted a new narrative. »