Aadhar and Privacy


#1

As most of you know, FSMK conducted it’s annual camp in SIT, Tumkur this year. This was sponsored by SFLC.in

During one of the discussions organised by SFLC, Aadhar and it’s privacy issues were brought up. Since there was another topic opened here on discuss regarding Aadhar being forced on students for enrolment in IISc, I thought it would be the right time to discuss the privacy issues too.

While many(including me) are concerned about the biometrics Aadhar hoards, according to this article in Indian Expresses, it is pointed out that a card holder has the option of blocking the information about that person and nobody else will be able to unblock it.

To test out whether the blocking actually works, I tried it here. As to no surprise, it treated me with an internal error and I wasn’t able to block my biometrics.

I tried repeating the procedure and did not get an OTP at all. Like multiple times! I have at the moment dropped an email to see what their response will be.

Any thoughts?


FSMK and Aadhar - Intervention
#2

Well, the blocking hardly counts for anything. They retain information about you, and are only going to prevent others from accessing it. It is not going to prevent a corrupt politician, police, or bureaucrat from accessing the information. Put money in the right hands, and all locks will be unlocked. It is not going to prevent malicious crackers from breaking into the database and stealing the data. Not collecting and amassing private information is the only way to keep it safe.

And, the government keeps coming back to their propaganda about the alleged benefits of Aadhaar. Do read Five Myths about Aadhar on the matter.

Other reading material:
Why you should care about privacy even if you have nothing to hide – published in scroll.in
The Aadhaar coup – published in The Hindu
Mandatory National IDs and Biometric Databases – published by the EFF


#3

Once the data is collected and aggregated into the Aadhaar database, it starts creating all sorts of possibly undesirable secondary uses. Here a few that are already happening.

Hyderabad: Aadhaar number must during vehicle checks – Deccan Chronicle
Microsoft runs pilot on linking Skype and Aadhar – Economic Times
How the government gains when private companies use Aadhaar – scroll.in – this article speaks of a company called TrustID and what they are doing with Aadhaar

If you have a friend working in some cell phone service provider’s customer care and you want to spy on somebody, you just need to give your friend the victim’s phone number, and you can have all their call records and other metadata. Aadhaar is similar to that but much worse. Aadhaar will let you access their entire life (purchases, movement, online activities, etc.), not just the call records. As it is with cell phones, we have enough of a threat to privacy and all sorts of cyber crime. With Aadhaar, we are going to end up multiplying that a thousand fold.


#4

Yeah. I cannot argue with that as I already know about the linking process. But the reason I stated the “blocking” part of the biometrics was for people (like me) who have obtained an Aadhar Id. I got it 6 years ago. Since many of our biometrics is already present on the database and it is quite impossible to delete it considering the law, it’d be of some effort to focus on the security part of it. Like the security standards used by the facilities.

Hopefully the above links might help people re think if they haven’t already enrolled!


#5

It won’t help your biometrics, but you might be able to minimize damage by not linking your Aadhaar ID to any bank account or other service.


#6

I am taking measures in that aspect!


#7

My views on Aadhar/UIDAI:

  • Draconian
  • Unconstitutional (Never even given Public Review)
  • Subversive attempt to transform citizen to subjects (As Money bill attempt)
  • Eruption of Power and Information asymmetry (Checks & Balances not working)
  • Assumption of Universal Problem Solver (It is not)

Throwing the stones at this issue only in the privacy perspective will not solve the issue. People must also start thinking about the complete UIDAI/Aadhar system in other dimensions such as:

  1. Economic
  2. Social
  3. Technical
  4. Constitution & Governance
  5. Auditing & Accountability
  6. ARMING organs of government
  7. Privacy breach

Our all wisdom overflowing government, burecracy, thinks that starving the man in the middle will solve the problem of corruption. I dont know how come people will take that, as if all our social and economic problems were solved earlier with the same strategy.

I view this as a communication problem similar to a SSH communication. Where A is the gov. B is the citizen. X be the man in middle corrupting. A says we have to form a system that starves X, so that it will die by itself, but in exchange requires B full transparency even breaching B’s privacy.

Then comes the thinker T and says, WTF A? are u crazy or nuts ??? Your proposed system is totally reversed in terms of public and private identification of a citizen. Only a amputated, cripple minded, non common sensitic person can think of such a shitty system.

T takes the problem as communication problem and solves it by comparing with PGP system. Where the private keys(biometric data) are held back with the citizens itself, where as generated public key(12 digit random number) are shared publicly. T proposes this solution as a last resort, because the shitter system is already implemented and in action in the name of draconian “Voluntarily Mandatory” Scheme - that confuses burecracy and citizens equally.


#9

Considering that it was passed in Parliament I doubt that the use of the word “unconstitutional” is relevant since the members of the Lok Sabha are supposed to have been elected from the people and hence represent the will of the people.


#10

Not necessarily. A bill can be passed in parliament and still be struck down by the judiciary as being “unconstitutional”. The parliament is not some final all-powerful authority. There are checks and balances on their power.


#11

hello, you much check out this about Aadhaar isn’t progress — it’s dystopian and dangerous
bhttps://blog.mozilla.org/netpolicy/2017/05/26/aadhaar-isnt-progress/


#12

See the discussions regarding judicial interference in Parliamentary legislation. Courts have been asked to perform certain tests before any sort of such intervention.


#13

There are checks and balances, and SC seems to honour it while Gov. seems to care it. So Parliament is not constitution. But sadly they could amend it. In this case as any oppressive laws amended, like POTA, TADA, takes a similar shape and improper way. The friction arises between critics, court and the parliament. SC has openly acknowledged that it is not going to intervene whatever decision is taken by the parliament, even it has equal powers - as provided by constitution itself.

it seems, critics/people/court on one side while State/Gov./Bureaucracy is on other… a rather interesting situation, and being we have passed several stages with this issue… now it is not a wise time to think whether it is unconstitutional or not … but unjust or not. That i would call as critical thinking.

  1. how many of us are clear about identity itself, how it is deeply underpinned to free time, personal liberty ?
  2. how many of us are clear about the economic dimension of the projects implication ? if we are going to mouth only about the privacy matter. Then we can clearly indicate and stamp ourselves as insane.
  3. we speak about net neutrality, but we speak, write less and even if we speak at all… about economy, social, political, individual aspects !!!

without speaking about such things, and just criticizing aadhaar will end only in circles and nothing more. it must be discussed equally as any other social issue.


#14

Oh… please add ur suggestions, critics, statistical help to my writings here or here:slight_smile: