Pages

27 July 2015

Alarm Bells On Aadhar


Our worse privacy nightmares will come true if Aadhar is mounted without a stringent and water-tight law backing it.

Privacy remains the major concern of activists in the run up to the introduction and roll out of the Unique Identification (UID) number or Adhaar in India. Strong concerns persist on how peoples' privacy could be compromised given the faulty premise and process on which the exercise is being mounted.

In fact, right from the beginning, Aadhar was attacked by various activists over its data collection methods and the process followed to give shape to this gigantic activity. This had the potential to compromise people's privacy and give access to people's data to unscrupulous quarters. There was a strong pitch to have the process scrapped despite Aadhar having moved ahead into mapping the Indian population.

But this week, attorney general Mukul Rohtagi has sung a different tune saying that privacy, the main concern over Adhaar was a non issue. He told the Supreme Court that Indian citizens cannot claim privacy as a fundamental right. He cited a 1954 judgment that says that privacy is not a fundamental right. As such, he said, the Adhaar exercise cannot be scrapped on grounds of privacy.

Privacy has been one of the major concerns surrounding Adhaar and many experts have questioned the process on this ground. At the centre of the debate is the UIDAI's process of using multiple registrars and enrolment agencies to collect individual data as well as its system of relying on 'secondary information' via existing identification documents. The use of private players to collect the data was also said to open the data being misused and going into wrong hands. Many questions have been asked about the Adhaar's potential in surveillance tapping, tracking and profiling of people in gross violation of their privacy.

Initially, the UIDAI sought basic information like name, address, gender, date of birth, father and mother's name and biometrics. Later, the Adhaar form also had a section B which sought other additional personal information like phone and mobile number and email which though optional, were pressed on to unsuspecting people by the enrolling agencies, often without the knowledge or concurrence of UIDAI. In some states, found experts, a Section C was also added which sought financial information and an option to link one's bank account with Adhaar. So at the end, a lot of crucial personal information is riding on Adhaar which, if opened to unbridled public hands, has the potential for rampant misuse.

It is also evident that as more government departments and agencies sign on to Adhaar, it will become a common thread that will link all the databases together. Gradually, when private enterprises also use the Adhaar for identification purposes and for delivery whether individually or as a government appointed agency, the data will go out in the open for anyone to use or misuse.

Then there was the fact that there was nothing in the law that defined what the data would be used for and by whom, also opened up the privacy debate as to who would have access to this crucial personal data of people. Above all, the entire process was mounted without any law backing it despite the seriousness of privacy and security concerns. Owing to public pressure and questioning, a draft Bill was prepared by the UIDAI in June 2010 and was introduced in Parliament in December 2010. It was then sent to a Standing Committee. The bill is yet to be cleared.

Yet, today the Adhaar has been made compulsory for many services, government schemes and programmes, for getting a passport, gas connections or to register property. The Narendra Modi government has also pushed forward making Adhaar mandatory for many services including banking and direct benefit transfer, and has given the UIDAI a fresh leash of life and a mandate to cover the rest of the population.

Understandably, the more its scope increases, and the more it spreads, more privacy concerns will come to the fore. If privacy concerns are not protected, it will open up the scope of misuse of Aadhaar data by anyone who can lay their hands on it. There are enough takers for this kind of data and many service providers are ready to pay top dollars for it.

No comments:

Post a Comment