Is Aadhaar a Breach of Privacy?

Aadhaar is very poorly designed. The technology needs fixing today; the law can wait for tomorrow.

---

Aadhaar is mass surveillance technology. Unlike targeted surveillance, which is a good thing, and essential for national security and public order — mass surveillance undermines security. And while biometrics is appropriate for targeted surveillance by the state — it is wholly inappropriate for everyday transactions between the state and law abiding citizens.

When assessing a technology don't ask — "what use it is being put to today?". Instead ask "what use can it be put to tomorrow and by whom?". The original noble intentions of the Aadhaar project initiators will not constrain those in the future that want to take full advantage of technological possibilities. However, rather than frame the surveillance potential of Aadhaar in a negative tone as three problem statements — I will propose three modifications that will reduce but not eliminate the surveillance potential.

Shift from biometrics to smart cards

In January 2011, the Centre for Internet and Society had written to the parliamentary finance committee that was reviewing what was then called the "National Identification Authority of India Bill 2010". We provided nine reasons for the government to stop using biometrics and instead use an open smart card standard. Biometrics allows for identification of citizens even when they don't want to be identified. Even unconscious and dead citizens can be identified using biometrics. Smart cards which require pins on the other hand require the citizens' conscious cooperation during the identification process. Once you flush your smart cards down the toilet nobody can use them to identify you. Consent is baked into the design of the technology. If the UIDAI adopts smart cards, we can destroy the centralized database of biometrics just like the U.K. government did in 2010 under Theresa May's tenure as Home Secretary. This would completely eliminate the risk of foreign government, criminals and terrorists using the breached biometric database to remotely, covertly and non-consensually identify Indians.

Destroy the authentication transaction database

The Aadhaar Authentication Regulations 2016 specifies that transaction data will be archived for five years after the date of the transaction. Even though the UIDAI claims that this is a zero knowledge database from the perspective of "reasons for authentication" — any big data expert will tell you that it is trivial to guess what is going on using the unique identifiers for the registered devices and time stamps that are used for authentication. That is how they put Rajat Gupta and Raj Rajratnam in prison. There was nothing in the payload i.e. voice recordings of the tapped telephone conversations – the conviction was based on meta-data. Smart cards based on open standards allow for decentralized authentication by multiple entities and therefore eliminates the need for a centralized transaction database.

Prohibit the use Aadhaar number in other databases

We must as a nation get over our obsession with Know Your Customer (KYC). For example, for SIM cards there is no KYC requirement is most developed countries. Our insistence on KYC has only resulted in retardation of Internet adoption, a black market for ID documents and unnecessary wastage of resources by the telecos without preventing criminals and terrorists from using phones. Where we must absolutely have KYC for security, elimination of ghosts and regulatory compliance – we must use a token issued by UIDAI instead of the Aadhaar number. This would make it harder for unauthorized parties to combine databases. But at the same time would enable law enforcement agencies to combine database using the appropriate authorizations and infrastructure like NATGRID. The NATGRID unlike Aadhaar is not a centralized database. It is a standard and platform for the express assembly of sub-sets of up to 20 databases which is then accessed by up to to 12 law enforcement and intelligence agencies.

To conclude, even as a surveillance project — Aadhaar is very poorly designed. The technology needs fixing today, the law can wait for tomorrow.