There is confusion and ambiguity about the Unique Identity aka Aadhar project implemented in India by UIDAI. This post is an attempt to compile the questions and concerns from various sources. I will update the post with clarifications when available & try to keep updated with recent developments. My personal opinions or ideas will not be added & will try to ignore anything that sounds illogical. Credit to authors will be given at all times when its possible to find the authors & this post is under Attribution-ShareAlike 2.5 India for India & under Attribution-ShareAlike 3.0 Unported in all other countries.

Concerns:

Here are some questions on Aadhaar which not answered at al1. The UID was promoted as a `voluntary’ `entitlement’. Now, people are being threatened that they canot access any services or institutions unless they are enrolled for a UID. This has not happened only because states have so decided, but are based largely on the reports of various committees.


2. This coercion has been introduced into a project where no feasibility study has been done till date. On 28 September, 2010, 17 eminent citizens had raised questions about the launch of a project of this nature without even a report on feasibility. The Parliamentary Standing Committee had raised similar concerns. There are no answers yet,and yet the coercion has become the norm.

3. The Standing Committee on Finance roundly rejected the National Identification Authority of India Bill 2010, by its report presented to Parliament on December 13, 2011. It also said that the UID project needs to be sent back to the drawing board, citing various deficiencies in its plan and execution.

The UIDAI and government have chosen to ignore the report. There is still no law. And the UID project, and the compulsion that has been introduced, are occurring beyond the protection of the law.

4. Proof of Concept studies were done only after the project was already underway. While doing the PoC on enrollment (uploaded in February 2011, over 4 months after enrollment had begun), the report says, they did not include arecanut workers and other plantation workers because this would only complicate the sample. How can such a study find validity. Also, the findings of the study are not substantiated; the evidence is not available, and those reading the report critically have found it to be self-serving.

The Fingerprint Authentication report (March 2012) and the Iris Authentication report (September 2012) suffer from similar problems. And unreasonable assumptions have been used to make it appear like the technology can be made to work: for instance, it is said in the report that iris never changes! A study by two professors at Notre Dame demonstrates that this is in fact untrue, and that those who have been saying it have done so because no longitudinal studies had been done thus far, since this is such recent technology!

5. The UIDAI, is pushing for `re-engineering’ all systems and `seeding’ all data bases with the UID number to make it `ubiquitous’. This will make all systems dependent on the UID system functioning. Already, the inability to authenticate people is showing signs of requiring the use of `manual override’, which is a magnificent source of `leakage’ and of exclusion of those the systems does not authenticate. This unseemly haste to shift to untested and undependable technology is a source of grave concern.

6. The seeding of the number everywhere also raises privacy concerns. UIDAI has not denied that the UID project raises serious privacy issues. But UDAI has sidestepped the issue, saying that it is an issue wider than the UID project and needs a general law, and so he will not worry himself about it.

Whatever his assumption of responsibility to ensure the protection of privacy — and in this case it would include concerns of profiling, tracking, tagging, convergence of data, data mining, the state and all manner of people gaining access to this data bank that is being created especially in the context of data becoming a transactable commodity — must precede consideration of any such project. Instead, there is no law governing the project and the uses to it which it may put; and there is no law on privacy either.

7. While still on privacy, it is being propagated that `the poor have no use for privacy’. This casual dismissal of such a right, especially given how vulnerable the poor, including classes of migrants, homeless, jhuggi dwellers, casualised workforce, for instance, are needs to be confronted.

8. There is much concern about the companies to whom the UIDAI has given contracts. There are companies like L1 Identity Solutions whose favoured customer has been the CIA, where a former director of the CIA, George Tenet, was even on their Board. Accenture Securities Ltd, another company shortlisted for the project, is on Smart Borders Project with the US Homeland Security. US law requires all agencies to provide any information demanded of them to the Homeland Security if asked.

When the UIDAI was sent an RTI asking why they had enlisted foreign companies such as these in the project, the answer was that they had no way of knowing whether they were foreign companies — because the way invited participation did not elicit this information!

The absence of a law means that there is nothing binding them to a legal structure within which we could hold them.
The contracts with these companies are being denied for public perusal in the name of `confidentiality’

9. The rampant outsourcing in the project means that all manner of people handle our data, including biometric data, and there is little that we can do when it is traded, misused, shared, lost ….

In January 2011, the Home Ministry had said that they could not use UIDAI data because it was insecure, unverified and could pose a security threat. Then they patched up their differences and decided to share the country 50:50! As citizens, though, the rapprochement does not answer the problems raised by the Home Ministry.

Where are the answers?

 

Confusion between NPR & UID projects.

 

It seems there is confusion regarding the purpose two identical projects and no one seems to know the difference.

 

Court orders requesting clarification:

 

Ownership of data

It seems there is no clear answer as to who owns the data and recent news articles like “Your data, going on sale soon” discusses about these ownership issues.

Safety of data collected

There are numerous incidents of data collected being found discarded. The biggest such reported event is this one : Maharashtra loses data of 3 lakh UID cards

 

 

What is the difference between a Bill and an Act ?

 

Legislative proposals are brought before either house of the Parliament of India in the form of a bill. A bill is the draft of a legislative proposal, which, when passed by both houses of Parliament and assented to by the President, becomes an Act of Parliament. As soon as the bill has been framed, it has to be published in the news papers and suggestions are invited from the general people, and after going through the suggestions of the people the bill is amended and then Bill may be introduced in the Parliament by ministers or private members. The former are called government bills and the latter, private members’ bills. Bills may also be classified as public bills and private bills. A public bill is one referring to a matter applying to the public in general, whereas a private bill relates to a particular person or corporation or institution. The Orphanages and Charitable Homes Bill or the Muslim Waqfs Bills are examples of private bills. – wikipedia.org

US Patriot Act & security of Indian citizen data

In a nutshell, the act can force companies registered in the United States or their subsidiaries elsewhere to share any or all data to law enforcement agencies. A detailed description can be found here: USA Patriot Act

This is a major issue for many technology companies including Google, Apple, Microsoft, Facebook, Yahoo, Salesforce, Data.com etc. The act is in clear violation of EU data protection regulation, UK privacy act which clearly states individual data can be stored only in UK or safer harbors but access must not be allowed. Swiss regulations makes this more complicated. As far as India is concerned IT act 2000 and its 2008 amendments  and not talking about any of these issues. The privacy law is still under scrutiny. There are incidents of many firms deciding against doing business with US based companies of which some are listed below.

  1. European Firm Refuses To Go On the Microsoft Cloud Due to PATRIOT Act Concerns
  2. Microsoft admits Patriot Act can access EU-based cloud data
  3. PATRIOT Act and privacy laws take a bite out of US cloud business

Now lets back to our context. This simply means that other countries can access all our biometric data without any permission whatsoever from us or our government. If one thinks, this is OK, then this discussion is definitely for such people.

The question has been raised here long back but I am not sure how and why we are going to circumvent it. Here is a discussion about it which even activists seem to be not noticing – The Trouble With Big Brother’s Eye

 

To be added:

Time period of validity of a bill, Reasons for a bill not be presented in Parliament, Is there a provision under RTI to find out why a bill is not presented to the parliament.

 

Mullaperiyar, Kerala, Tamilnadu, Idukki

Yesterday, the Christmas day I had gone out to get few vegetables which we had missed out during the shopping. Everywhere the discussion was about Indian Prime minister meeting with the head of a province / state to discuss about a dam which is supposed to collapse any moment killing millions of people.

For the uninitiated: Mullapperiyar is masonry gravity dam which 100+ year old, built during the British rule and it helps millions of people in Tamilnadu to earn their lively hood. The farmers in around 4 – 5 districts depends on this water to grow vegetable which feeds among other people, lots of people in the 100% consumer oriented, white collar job preferring, well informed and literate masses the neighboring state Kerala. The dam under dispute is made of largely mud and is situated in a tectonically sensitive region prone to tremors. The dam may collapse in 10 – 15 years if there are no natural calamities and there is a probability of causing the biggest tragedy known to humans. In the long term it will make another set of people who is using the same water to grow agriculture products will be perished. This makes the scenario a tough one to solve. The information overload created by social media, the trend following masses of Kerala is under a mass hysteria.

The main stream media shows only what people needs and no-expert opinion or condition of other dam etc are not considered and from young to old, everyone in Kerala believes the dam will break any moment and the neighboring state and some of the forces is using the occasion to gather some attention. Its interesting to note that the Kerala side is ready to build a new dam, somehow they believe that earth quakes will not happen during the period and are open to share water with neighboring state. The other side claims that the dam made of mud will withstand more water and claims that there will not be earthquakes.

Now from a logical point of view, I have no opinions or I am not biased. As far as I am considered, all the dams should be destroyed, all the nuclear plants must be destroyed and no plastics should be used etc etc. A long term solution without impacting both the sides seems to be a solution – which is not about building a new dam or decommissioning the existing one but reducing the water level and then both the sides sitting together around a table and discussing the matters the natural way. Yes, what is happening now is manglish speaking, sorry manglish spitting VJs and radio jockies are celebrating this as a Facebook revolution and this very post has a heading to attract some organic keyword based search from search engines.

 

Now, back to the photo and Christmas New year celebrations. People tend to believe its their last time to celebrate and not leaving any opportunity to celebrate. Years back I remember it was lot more difficult to educate and bring people together to fight against causes. Now its lot more easier. The only trouble is no-one seems to be bothered about real causes. Say Aadhaar aka UID project of India which is about slaving people for their entire life time and probably even after death if their bodies are not burned. In a land of poets and generations of people who never bothered about death or pain but only about freedom and fought for it this is indeed a strange phenomenon.

We had poets who wrote, slavery is unacceptable but death is. Have we forgotten ? The irony is complete when another set of people are promoting anarchy in the name of freedom and even using the father or nation for media campaigns. Right now media teams will be getting ready for the 4th season of Lokpal and finding stories supporting and against Anna Hazzare. There are nuclear reactors being built in the neighboring regions which will again make all of us live a dangerous life, probably eating mutated fish, with bulged bellies or long ears and we may not die. We will not die in a immediate flood but suffer, we will have mutated children looking like aliens in hollywood movies. Yet we prefer to live like zombies ?

Or are we just zombies who lost the ability to use common sense and educational background to choose between right and wrong ?

Anyways, I have my post with enough keywords, I will get lot of clicks just like some main stream news papers who has landing pages filled with the proper keywords. Give me my hits, help me make money. I wish I had a FM station & a TV station or two also !!

On a different note, the Idukki dam is about to complete its 50 year life span and we have to start a facebook page and start campaigning to build a new one right away. (And thus, I got one more keyword – Idukki. Hurray!!!)

Wishing a Happy New Year and its us who paints our lives happy or miserable and no one can help you do that.