How Aadhar Cards Make Our Private Information More Exposed Than You Thought

Posted on August 20, 2014 in Politics, Society

By Devadutta Bhattacharjee:

The Aadhar card registration, a part of the government’s Unique Identification Authority of India, was all the rage a few months back. A normal middle class person would remember standing in lines and having their palm prints taken, retinal scans done and address confirmed through various documents. However, only after billions of people countrywide lined up and later assured themselves that this will be the only identification proof they will need from now on, it was brought into light that the Aadhar card was not in the simplest of terms- legitimate.


While its legal enforceability is still being argued, the UID card was intended to be a substitute for all other forms of identification, and some even said that it would render the voter’s ID useless.

What isn’t common knowledge is that it’s not the Aadhar card that is important here, but the unique identification of the individual lies in the number. Montek Singh Ahluwalia, Deputy Chairman of the Planning Commission, told NDTV, ‘I can tear up the card, as long as I have the number, I don’t need the card.’ The Aadhar Card was continuing in India without the Parliamentary support. But that isn’t even its biggest problem.

How our private information is more exposed than you thought
The Aadhar card makes use of registration machines which are borrowed from private contractors and NGOs to collect information about the citizens. As high-end as it sounds, there are serious security threats to this. Firstly, these machines do not belong to the government of India. Anything which does not belong to the state cannot guarantee that these machines will be wiped clean of the sensitive and private information of its citizens after being used. Secondly, since the UID has been going without parliamentary backing for quite some time, it is very possible that the state itself can misuse the information.

A very crucial loophole the state overlooked was that these machines had no way of actually recognizing if the data is being taken inside India or outside. The data collected can be taken outside the border and used without the knowledge of the owner. In a nation where simple discarded photocopies of ID proofs have a chance of being used in terrorist acts, one can only imagine how large quantities of personal data like this can be misused. Also, a UID card holder’s introduction is enough for any individual without an ID proof to obtain an Aadhar card. Thus, fake IDs can be made with ease with the backing of just one individual with a UID card.

Personal Data Protection act: Is this the answer?
A Personal Data Protection Bill has been proposed to the Parliament. According to this Bill, all personal information of any citizen, including their political affiliation and sexual preferences would be collected in accordance to the provisions of this Act. However, this is only a proposed Bill, and even if it gets approved certain flaws jump out of the official text.

The state gets to decide when it is an exceptional case, like an imminent threat or an illegal act, and violate the norms in this act. Like the preventive detention law, authorities can decide what constitutes as a threat to the national security and can obtain information about the person without notifying him/her.

Why the issue of UID is more relevant than ever now
On the first of July, the former UIDAI chairman Nandan Nilekani met Mr. Modi and finance minister Arun Jaitley. With the new government, there have been demands to scrap the Aadhar initiative altogether. Nilekani coaxed the PM not to discontinue this and only four days later in a public speech, Mr. Modi supported his claim, to everyone’s surprise. Mere nine days after this, the budget allotted by Mr. Jaitley showed an increase in the UIDAI grant, from 1,550 crores to a whopping 2,039 crores. Interestingly, it was BJP who didn’t support the Aadhar initiative during its campaigning days.

This recent development and a sea change in the opinions of the government have left a question lingering: what has been done so far to increase the privacy security measures in the whole Aadhar process? Officials would argue that the public information cannot be hacked as they are encrypted files and most of the work is done offline. But when the information extracting source is the culprit here, there is no point in safeguarding the information after it has been taken. Seeing it from that perspective, it is a direct violation of our Fundamental Rights.

James Bovard had said, ‘Democracy must be something more than two wolves and a sheep voting on what to have for dinner.’ India, the biggest democracy in the world, is yet to realize the power of enlightened masses, but when it does, the government better have the answers ready.