The Centre for Internet and Society
https://cis-india.org
These are the search results for the query, showing results 221 to 228.
Reply to RTI Application under RTI Act of 2005 from Vanya Rakesh
https://cis-india.org/internet-governance/blog/reply-to-rti-application-under-rti-act-of-2005-from-vanya-rakesh
<b>Unique Identification Authority of India replied to the RTI application filed by Vanya Rakesh. </b>
<p style="text-align: justify; ">Madam,</p>
<ol style="text-align: justify; ">
<li>Please refer to your RTI application dated 3.12.2015 received in the Division on 10.12.2015 on the subject mentioned above requesting to provide the information in electronic form via the email address vanya@cis-india.org, copies of the artwork in print media released by UIDAI to create awareness about use of Aadhaar not being mandatory.</li>
<li>I am directed to furnish herewith in electronic form, copy of the artwork in print media released / published in the epapers edition of the Times of India and Dainik Jagran in their respective editions of dated 29.8.2015 in a soft copy, about obtaining of Aadhaar not being mandatory for a citizen, as desired.</li>
<li>In case, you want to go for an appeal in connection with the information provided, you may appeal to the Appellate Authority indicated below within thirty days from the date of receipt of this letter.<br />Shri Harish Lal Verma,<br />Deputy Director (Media),<br />Unique Identification Authority of India<br />3nd Floor, Tower – II, Jeevan Bharati Building,<br />New Delhi – 110001.</li>
</ol>
<p style="text-align: justify; "><br />Yours faithfully,<br /><br />(T Gou Khangin)<br />Section Officer & CPIO Media Division<br /><br />Copy for information to: Deputy Director (Establishment) & Nodal CPIO</p>
<hr />
<p>Below scanned copies:</p>
<table class="plain">
<tbody>
<tr>
<th>RTI Reply</th>
</tr>
<tr>
<td><img src="https://cis-india.org/home-images/RTIReplytoSh.VanyaRakesh.jpg" alt="RTI Reply" class="image-inline" title="RTI Reply" /></td>
</tr>
</tbody>
</table>
<table class="plain">
<tbody>
<tr>
<th>Coverage in Dainik Jagran<br /></th>
</tr>
<tr>
<td><img src="https://cis-india.org/home-images/DainikJagran29.08.2015.png" alt="Dainik Jagran" class="image-inline" title="Dainik Jagran" /></td>
</tr>
</tbody>
</table>
<p><b><a href="https://cis-india.org/internet-governance/blog/uid-ad" class="internal-link">Download the coverage in the Times of India here</a></b>. Read the earlier blog entry <a class="external-link" href="http://cis-india.org/internet-governance/blog/rti-response-regarding-the-uidai">here</a>.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/reply-to-rti-application-under-rti-act-of-2005-from-vanya-rakesh'>https://cis-india.org/internet-governance/blog/reply-to-rti-application-under-rti-act-of-2005-from-vanya-rakesh</a>
</p>
No publishervanyaAadhaarInternet GovernancePrivacy2016-01-13T02:40:57ZBlog EntrySupreme Court provides partial relief for Aadhaar
https://cis-india.org/internet-governance/news/livemint-october-15-2015-apurva-vishwanath-saurabh-kumar-supreme-court-provides-partial-relief-for-aadhaar
<b>In a small but significant win for the government, the Supreme Court on Thursday allowed the use of the Aadhaar number for the Mahatma Gandhi National Rural Employment Guarantee Scheme (MGNREGS), the Pradhan Mantri Jan Dhan Yojana, pensions by central and state governments, and the Employees’ Provident Fund Scheme, in addition to its current use in the public distribution system (PDS) and the distribution of cooking gas and kerosene.</b>
<p>The article by Apurva Vishwanath and Saurabh Kumar was published in <a class="external-link" href="http://www.livemint.com/Politics/XoXAlzO9SeGqB15LvBj0yN/SC-extends-voluntary-use-of-Aadhaar-for-govt-schemes.html">Livemint </a>on October 15, 2015. Sunil Abraham was quoted.</p>
<hr />
<p style="text-align: justify; ">In an interim order on 11 August, the apex court had restricted the use of Aadhaar, the unique identity number, to the PDS and the distribution of cooking gas and kerosene.</p>
<p style="text-align: justify; ">Subsequently, several state governments, government departments and regulatory agencies put up a joint defence seeking a modification of the interim order. They included the Reserve Bank of India (RBI), the Securities and Exchange Board of India and the Telecom Regulatory Authority of India, the governments of Jharkhand, Maharashtra, Uttarakhand, Himachal Pradesh, Gujarat and Rajasthan, and industry body Indian Banks’ Association, along with the Unique Identification Authority of India (UIDAI), the issuer of Aadhaar.</p>
<p style="text-align: justify; ">A five-judge constitutional bench comprising Chief Justice H.L Dattu and justices M.Y Eqbal, C. Nagappan, Arun Mishra and Amitava Roy said in an order on Thursday: “We are of the opinion that in para 3 of the interim order, we can include schemes like MGNREGS, pensions by state and central government, Jan Dhan Yojana and Employees’ Provident Fund Scheme along with PDS and LPG (liquefied petroleum gas).”</p>
<p style="text-align: justify; ">Para 3 of the 11 August interim order had allowed the voluntary use of Aadhaar only for direct benefit transfer in foodgrain, kerosene and cooking gas schemes.</p>
<p style="text-align: justify; ">The court’s interim order threw an element of uncertainty around flagship government programmes such as biometric attendance for government employees; the Jan Dhan Yojana, the Prime Minister’s ambitious financial inclusion initiative; digital certificates, and pension payments.</p>
<p style="text-align: justify; ">It also threatened to derail India’s progress towards a cashless economy where payments banks are expected to play an important role.</p>
<p style="text-align: justify; ">All of these depend on linking accounts to individuals electronically, and are dependent on the Aadhaar number.</p>
<p style="text-align: justify; ">“The government was able to convince the court on the utility of Aadhaar which is critical to provide services to the most vulnerable section of the society,” said a government official who spoke on condition of anonymity.</p>
<p style="text-align: justify; ">The apex court, however, did not allow the use of Aadhaar for the e-know-your-customer (e-KYC) specifically, which would have helped banks, including payments banks, to enrol new customers and telecom operators for issuing SIM cards. However, it is noteworthy that while obtaining bank accounts under the Jan Dhan scheme, banks use e-KYC. The clarification that RBI sought from the court, on whether the Aadhaar number can be used as proof of identification to open a bank account, still remains uncertain.</p>
<p style="text-align: justify; ">This will affect banks, mutual funds and companies that have won in-principle payments bank licences such as Airtel M Commerce Services Ltd (from the stable of Bharti Airtel Ltd, which had a customer base of 231.6 million as of July) and Vodafone m-pesa Ltd (a part of Vodafone India Ltd, which had a customer base of 185.4 million as of July).</p>
<p style="text-align: justify; ">The licensees also include the department of posts, which has 155,015 post offices across the country, of which 139,144 are in rural areas. The sheer reach of these entities is unrivalled. These entities hope to ride on the technology platform to reach customers, and e-KYC is critical to the process.</p>
<p style="text-align: justify; ">“The reason why the court has allowed use of Aadhaar for Jan Dhan Yojana and not other banking services is perhaps because the government made a humanitarian argument that the poorest will be able to avail banking services. It is, however, a technologically flawed argument, deeply so,” said Sunil Abraham, executive director of Bengaluru-based research organization Centre for Internet and Society.</p>
<p style="text-align: justify; ">The bench ordered the Union government to follow all earlier interim orders issued by the Supreme Court starting September 2013. Some of these orders include restrain on sharing of biometrics and keeping Aadhaar voluntary.</p>
<p style="text-align: justify; ">As of now, 920 million Indian citizens have been allotted Aadhaar numbers. The interim stay was affecting beneficiaries of the MGNREGS (91.7 million), pensioners (27.1 million) and recipients of scholarships (25.7 million), among others, according to data from the Unique Identification Authority of India (UIDAI). Till now, 187 million bank accounts have been opened under the Pradhan Mantri Jan Dhan Yojana.</p>
<p style="text-align: justify; ">The apex court made the interim ruling in an ongoing hearing where several pleas related to Aadhaar were clubbed together. Some relate to Aadhaar numbers being made mandatory to enable people to avail of certain government benefits and services. Others deal with the number being a violation of privacy, especially in the absence of any backing regulation or oversight, and yet others deal with possible misuse of the information.</p>
<p style="text-align: justify; ">However, the constitution bench had clarified on Wednesday that only pleas seeking clarification and modification of the interim order will be decided, and the issue concerning the right to privacy will be heard subsequently by another constitution bench.</p>
<p style="text-align: justify; ">“I am very disappointed with the court’s order. The government claims that Aadhaar is voluntary, but actually it will not be till it is delinked from all government schemes. This way, people who do have Aadhaar are excluded and will have to run from pillar to post to receive benefits if they do not have the number,” said Kamayani Bali Mahabal, a Mumbai-based lawyer, human rights activist and a petitioner in the UIDAI case. She added that the order may increase the incidents of fake Aadhaar numbers as ineligible people choose to gain from all schemes, depriving the poor and aged of real benefits.</p>
<p style="text-align: justify; ">The attorney general, Mukul Rohatgi, on Wednesday assured the court that the government has issued advertisements in over 20 languages that Aadhaar is a voluntary scheme.</p>
<p style="text-align: justify; ">On 14 Wednesday, <i>PTI </i>reported that a Right to Information application has showed that the UIDAI has identified more than 25,000 duplicate Aadhaar numbers till August.</p>
<p style="text-align: justify; ">Mathew Thomas, one of the petitioners challenging the use and validity of the Aadhaar scheme, also expressed disappointment at the court’s ruling today. “Aadhaar is a case of great importance to the billion citizens of India. It is unfortunate that the constitution bench spent only a few hours in hearing the issues,” he said.</p>
<p style="text-align: justify; ">The Supreme Court will appoint a larger bench of at least nine judges to hear the privacy issue. The court in 1954, in the case of M.P. Sharma vs Satish Chandra, ruled that the right to privacy was not a fundamental right recognized by the Constitution. This case was decided by an eight-judge bench of the apex court, and only a bench of equal or larger strength will be able to override that decision.</p>
<p style="text-align: justify; ">The Chief Justice in the order on Thursday said that the larger bench, with nine or 11 judges, will be constituted at the earliest to hear the matter on Aadhaar potentially violating privacy and other intervening applications.</p>
<p style="text-align: justify; ">The petitioners have argued that UIDAI was approved only by an empowered group of ministers during the United Progressive Alliance tenure and has no statutory authority to collect biometrics of residents. Senior counsel for the petitioners, Shyam Divan, said: “The only law in India which allows the government to collect fingerprints is the Prisoner’s Act of 1920, which is a colonial enactment.”</p>
<p style="text-align: justify; ">The UIDAI does not have any legislative backing and was constituted by notification in 2009 by the erstwhile Planning Commission. Divan, however, said that the Planning Commission notification has no effect since the body itself has ceased to exist, and added that the centre is not introducing a legislation empowering the Aadhaar scheme as it realizes the vulnerability of the entire exercise.</p>
<p style="text-align: justify; ">The National Identification Authority of India Bill was introduced in the Rajya Sabha in 2010.</p>
<p style="text-align: justify; ">In 2012, the centre was mulling a privacy law that could be enacted to support the UIDAI scheme and, in connection, the Planning Commission then formed an expert committee on privacy under A.P Shah, a former chairperson of the Law Commission.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/livemint-october-15-2015-apurva-vishwanath-saurabh-kumar-supreme-court-provides-partial-relief-for-aadhaar'>https://cis-india.org/internet-governance/news/livemint-october-15-2015-apurva-vishwanath-saurabh-kumar-supreme-court-provides-partial-relief-for-aadhaar</a>
</p>
No publisherpraskrishnaAadhaarInternet GovernancePrivacy2015-10-18T05:01:49ZNews ItemStudying the Emerging Database State in India: Notes for Critical Data Studies (Accepted Abstract)
https://cis-india.org/raw/studying-the-emerging-database-state-in-india-accepted-abstract
<b>"Critical Data Studies (CDS) is a growing field of research that focuses on the unique theoretical, ethical, and epistemological challenges posed by 'Big Data.' Rather than treat Big Data as a scientifically empirical, and therefore largely neutral phenomena, CDS advocates the view that data should be seen as always-already constituted within wider data assemblages." The Big Data and Society journal has provisionally accepted a paper abstract of mine for its upcoming special issue on Critical Data Studies.</b>
<p> </p>
<h2>Introduction</h2>
<p>Through the last decade, the Government of India has given shape to an digital identification infrastructure, developed and operated by the Unique Identification Authority of India (UIDAI). The infrastructure combines the task of assigning unique identification numbers, called Aadhaar numbers, to individuals submitting their biometric and demographic details, and the task of authenticating their identity when provided with an Aadhaar number and associated data (biometric data, One Time Pin sent to the pre-declared mobile number, etc.). The aim of UIDAI is to provide universal authentication-as-a-service for all residents of India who approach any public or private agencies for any kind of service or transaction. Simultaneously, the Aadhaar numbers will function as unique identifiers for joining up databases of different government agencies, and hence allow the Indian government to undertake big data analytics at a governmental scale, and not only at a departmental one.</p>
<p>In this paper, I am primarily motivated by the challenge of finding points and objects to enter into a critical study of such an in-progress data infrastructure. As I proceed with an understanding that data is produced within its specific social and material context, the question then is to read through the data to reflect on its possible social and material context. This is complicated when approaching a big data infrastructure that is meant to produce data for explicitly intra-governmental consumption and circulation. The problem then is not one of reading through available big data, but one of reading through the assemblage and imaginaries of big data to reflect on the kind of data it will give rise to, and thus on the politics of the data assemblage and the database state it enables.</p>
<p> </p>
<h2>Logic of the Database State</h2>
<p>Application of data to inform governmental acts have taken place at least since government has been understood as responsible for the welfare of the population and the territory. The measurement of the population and the territory – the number of people, their demographic features, amounts and locations of natural resources, and so on – have always been integral to the functioning of the modern nation-state. Database state is used in this paper to identify a particular mode of mobilisation of data within governmental acts, which is fundamentally shaped by the possibilities of big data extraction, appropriation, and analytics pioneered by a range of companies since late 1990s. The reason for not using big data state but database dtate is that big data refers to a body of technologies emerging in response to a set of data management and analysis challenges situated in a certain moment of development of information technologies, whereas database refers to a symbolic form (Manovich 1999): a form in which not only the population is made visible to the government (as a collection of visual, textual, numeric, and other forms of records), but also how the acts of government are made visible to the population (as a collection of performance indicators, budget allocation and utilisation tables, and other data visualised through dashboards, analog and digital).</p>
<p>The data production and management logic of this database state is specifically inspired by the notion of platform introduced by the so-called Web 2.0 companies: providing a common service layer upon which various other applications may also run, but under specific arrangements (including distribution of generated user data) with the original common layer provider. Data assemblages of the database state are expected to enable the government to function as a platform, as an intensely data-driven layer that widely gathers data about population individuals and feeds it back selectively to various providers of public and private services. This transforms the data assemblage from one vertical of governmental activities to a horizontal critical infrastructure for modularisation of governmental activities.</p>
<p> </p>
<h2>Studying the Emerging Database State in India</h2>
<p>Government of India is presently debating the legal and technical validity of the digital identity infrastructure programme in the Supreme Court, while simultaneously carrying out the enrollment drive for the same, linking up assignment of unique identity numbers with a national drive for population registration, and rolling out citizen-facing services and applications that implement the Aadhaar number as a necessary key to access them. With the enrollment process going on and the integration with various governmental processes (termed seeding by Aadhaar policy literature) just beginning, I enter this study through two key sets of objects reflecting the imaginaries and the technical specifications of the emerging database state in India. The first entry point is through the various official documents of vision, intentions, plans, and reconsiderations, and the second entry point is through the Application Programming Interface (API) documentations published by UIDAI to specify how its identity authentication platform will collaborate with various public and private services.</p>
<p>The first section of the paper provides a brief survey of pre-UIDAI attempts by the Government of India to deploy unique identification numbers and Smart Cards for specific population groups, so as to understand the initial conceptualisation of this data assemblage of a digital identification platform. The second section foregrounds how this platform undertakes a transformation of the components and relations of the pre-existing data assemblage of the Government of India, as articulated in various official documents of promised utility and proposed collaborations. The third section studies the API documentations to track how such imaginaries are materially interpreted and operationalised through the design of protocols of data interactions with various public and private agencies offering services utilising the identity authentication platform.</p>
<p> </p>
<h2>Notes for Critical Data Studies</h2>
<p>Expanding the early agenda note on Critical Data Studies by Craig Dalton and Jim Thatcher (2014), Rob Kitchin and Tracey P. Lauriault have taken steps towards emphasising the responsibility of this nebulous research strategy to chart and unpack the data assemblages (2014). This is exactly what I propose to do in this paper. While Kitchin and Lauriault provide a detailed list of the components of the apparatus of a data assemblage (2014: 7), I find the concepts of infrastructural components and infrastructural relations very useful in thinking through the emerging infrastructure of authentication. Thus, my approach to these tasks of charting and unpacking is focused on the infrastructural relations that the digital identity infrastructure re-configures, instead of the infrastructural components it mobilises (Bowker et al 2010). This tactical choice of focusing on the infrastructural relations is also necessitated by the practical difficulty in having comprehensive access to the individual components of the data assemblage concerned. Addressing questions of causality and quality becomes difficult when studying the assemblage sans the produced data, and rigorously analysing concerns of security and uncertainty pre-requires an actually existing data assemblage, with a public interface to investigating its leakages, breakages, and internal functioning. In the absence of such points of entry into the data assemblage, which I fear may not be an exceptional case, I attempt an inverted reading. Turning the data infrastructure inside out, in this paper I describe how the digital identity platform is critically reshaping the basis of governmental acts in India, through a specific model of production, extraction and application of big data.</p>
<p> </p>
<h2>Bibliography</h2>
<p>Bowker, Geoffrey C., Karen Baker, Florence Millerand, & David Ribes. 2010. Toward Information Infrastructure Studies: Ways of Knowing in a Networked Environment. Jeremy Hunsinger, Lisbeth Klastrup, & Matthew Allen (Eds.) International Handbook of Internet Research. Springer Dordrecht Heidelberg London New York. Pp. 97-117.</p>
<p>Dalton, Craig, & Jim Thatcher. 2014. What does a Critical Data Studies Look Like, and Why do We Care? Seven Points for a Critical Approach to ‘Big Data.’ Society and Space. May 19. Accessed on July 08, 2015, from <a href="http://societyandspace.com/material/commentaries/craig-dalton-and-jim-thatcher-what-does-a-critical-data-studies-look-like-and-why-do-we-care-seven-points-for-a-critical-approach-to-big-data/" target="_blank">http://societyandspace.com/material/commentaries/craig-dalton-and-jim-thatcher-what-does-a-critical-data-studies-look-like-and-why-do-we-care-seven-points-for-a-critical-approach-to-big-data/</a>.</p>
<p>Kitchin, Rob, & Tracey P. Lauriault. 2014. Towards Critical Data Studies: Charting and Unpacking Data Assemblages and their Work. The Programmable City Working Paper 2. July 29. National University of Ireland Maynooth, Ireland. Accessed on July 08, 2015 from <a href="http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2474112" target="_blank">http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2474112</a>.</p>
<p>Manovich, Lev. 1999. Database as Symbolic Form. Convergence. Volume 5, Number 2. Pp. 80-99.</p>
<p> </p>
<p><em>Note: Call for Papers for the special issue can found here: <a href="http://bigdatasoc.blogspot.in/2015/06/call-for-proposals-special-theme-on.html" target="_blank">http://bigdatasoc.blogspot.in/2015/06/call-for-proposals-special-theme-on.html</a>.</em></p>
<p> </p>
<p>
For more details visit <a href='https://cis-india.org/raw/studying-the-emerging-database-state-in-india-accepted-abstract'>https://cis-india.org/raw/studying-the-emerging-database-state-in-india-accepted-abstract</a>
</p>
No publishersumandroBig DataData SystemsResearchFeaturedAadhaarResearchers at WorkE-Governance2015-11-13T05:54:53ZBlog EntryAadhaar Number vs the Social Security Number
https://cis-india.org/internet-governance/blog/aadhaar-vs-social-security-number
<b>This blog calls out the differences between the Aadhaar Number and the Social Security Number </b>
<p style="text-align: justify; ">In response to news items that reported the Government of India running pilot projects to enroll children at the time of birth for Aadhaar numbers - an idea that government officials in the news items claimed was along the lines of the social security number - this note seeks to point out the ways in which the Aadhaar number and the social security number are different.<a href="#_ftn1" name="_ftnref1">[1]</a></p>
<h2 style="text-align: justify; ">Governance</h2>
<p style="text-align: justify; "><b>SSN is governed by Federal legislation: </b> The issuance, collection, and use of the SSN is governed by a number of Federal and State legislation with the most pertinent being the Social Security Act 1935<a href="#_ftn2" name="_ftnref2">[2]</a> - which provides legal backing for the number, and the Privacy Act 1974 which regulates the collection, access, and sharing of the SSN by Federal Executive agencies.<a href="#_ftn3" name="_ftnref3">[3]</a></p>
<p style="text-align: justify; "><b>Aadhaar was constituted under the Planning Commission: </b> The UIDAI was constituted as an attached office under the Planning Commission in 2009.<a href="#_ftn4" name="_ftnref4">[4]</a> A Unique Identification Authority Bill has been drafted, but has not been enacted.<a href="#_ftn5" name="_ftnref5">[5]</a> Though portions of the Information Technology Act 2008 apply to the UID scheme, section 43A and associated Rules (India's data protection standards) do not clearly apply to the UIDAI as the provision has jurisdiction only over body corporate.</p>
<h2 style="text-align: justify; "></h2>
<h2 style="text-align: justify; ">Purpose<b> </b></h2>
<p style="text-align: justify; "><b>SSN was created as a number record keeping scheme for government services: </b> The Social Security Act provides for the creation of a record keeping scheme - the SSN. Originally, the SSN was used as a means to track an individuals earnings in the Social Security system.<a href="#_ftn6" name="_ftnref6">[6]</a> In 1943 via an executive order, the number was adopted across Federal agencies. Eventually the number has evolved from being a record keeping scheme into a means of identity. In 1977 it was clarified by the Carter administration that the number could act as a means to validate the status of an individual (for example if he or she could legally work in the country) but that it was not to serve as a national identity document.<a href="#_ftn7" name="_ftnref7">[7]</a> Today the SSN serves as a number for tracking individuals in the social security system and as one (among other) form of identification for different services and businesses. Alone, the SSN card does not serve proof of identity, citizenship, and it cannot be used to transact with and does not have the ability to store information. <a href="#_ftn8" name="_ftnref8">[8]</a></p>
<p style="text-align: justify; "><b>Aadhaar was created as a biometric based authenticator and a single unique proof of identity:</b> The Aadhaar number was established as a single proof of identity and address for any resident in India that can be used to authenticate the identity of an individual in transactions with organizations that have adopted the number. The scheme as been promoted as a tool for reducing fraud in the public distribution system and enabling the government to better deliver public benefits.<a href="#_ftn9" name="_ftnref9">[9]</a></p>
<h2 style="text-align: justify; ">Applicability</h2>
<p style="text-align: justify; "><b>SSN is for citizens and non-citizens authorized to work: </b> The social security number is primarily for citizens of the United States of America. In certain cases, non citizens who have been authorized by the Department of Homeland Security to work in the US may obtain a Social Security number.<a href="#_ftn10" name="_ftnref10">[10]</a></p>
<p style="text-align: justify; "><b> </b></p>
<p style="text-align: justify; "><b>Aadhaar is for residents: </b> The aadhaar number is available to any resident of India.<a href="#_ftn11" name="_ftnref11">[11]</a></p>
<p style="text-align: justify; "><b><span> </span></b></p>
<h2 style="text-align: justify; ">Storage, Access, and Disclosure</h2>
<p style="text-align: justify; "><b>SSN and applications are stored in the Numident:</b> The numident is a centralized database containing the individuals original SNN and application and any re-application for the same. All information stored in the Numident is protected under the Privacy Act. Individuals may request records of their own personal information stored in the Numident. With the exception of the Department of Homeland Security and U.S Citizenship and Immigration Services, third parties may only request access to Numident records with the consent of the concerned individual.<a href="#_ftn12" name="_ftnref12">[12]</a> Federal agencies and private entities that collect the SSN for a specific service store the number at the organizational level. The Privacy Act and various state level legislation regulates the disclosure, access, and sharing of the SSN number collected by agencies and organizations.</p>
<p style="text-align: justify; "><b><span> </span></b></p>
<p style="text-align: justify; "><b>Aadhaar and data generated at multiple sources is stored in the CIDR and processed in the data warehouse: </b> According to the report "Analytics, Empowering Operations", <i> "At UIDAI, data generated at multiple sources would typically come to the CIDR (Central ID Repository), UIDAIs Data centre, through an online mechanism. There could be certain exceptional sources, like Contact centre or Resident consumer surveys, that will not feed into the Data center directly. Data is then processed in the Data Warehouse using Business Intelligence tools and converted into forms that can be accessed and shared easily." </i> Examples of data that is stored in the CIDR include enrollments, letter delivery, authentication, processing, resident survey, training, and data from contact centres.<a href="#_ftn13" name="_ftnref13">[13]</a> It is unclear if organizations that authenticate individuals via the Adhaar number store the number at the organizational level. Biometrics are listed as a form of sensitive personal information in the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) 2011, thus if any body corporate collects biometrics with the Aadhaar number - the storage, access, and disclosure of this information would be protected as per the Rules, but the Aadhaar number is not explicitly protected. <a href="#_ftn14" name="_ftnref14">[14]</a></p>
<h2 style="text-align: justify; ">Use by public and private entities</h2>
<p style="text-align: justify; "><b>Public and private entities can request SSN: </b> Public and private entities can request the SSN to track individuals in a system or as a form of identifying an individual. Any private business is allowed to request and use the SSN as long as the use does not violate federal or state law. Legally, an individual is only required to provide their SSN to a business if they are engaging in a transaction that requires notification to the Internal Revenue Service or the individual is initiating a transaction that is subject to federal Customer Identification Program rules.<a href="#_ftn15" name="_ftnref15">[15]</a> Thus, an individual can refuse to provide their SSN, but a private business can also refuse to provide a service.<a href="#_ftn16" name="_ftnref16">[16]</a></p>
<p style="text-align: justify; ">Any public authority requesting the SSN must provide a disclosure notice to the individual explaining if the provision of SSN is required or optional. According to the Privacy Act of 1974, no individual can be denied a government service or benefit for not providing the SSN unless Federal law specifically requires the number for a particular service.<a href="#_ftn17" name="_ftnref17">[17]</a> Thus, there are a number of Federal legislation in the U.S that specifically require the SSN. For example, the Social Security Independence and Program Improvements Act 1994 allows for the use of the SSN for jury selection and allows for cross matching of SSNs and Employer Identification Numbers for investigation into violation of Federal Laws. <a href="#_ftn18" name="_ftnref18">[18]</a></p>
<p style="text-align: justify; "><b>Public and private entities can request Aadhaar:<span> </span></b> The Aadhaar number can be adopted by any public or private entity as a single means of identifying an individual. The UIDAI has stated that the Aadhaar number is not mandatory,<a href="#_ftn19" name="_ftnref19">[19]</a> and the Supreme Court of India has clarified that services cannot be denied on the grounds that an individual does not have an Aadhaar number.<a href="#_ftn20" name="_ftnref20">[20]</a></p>
<h2 style="text-align: justify; "></h2>
<h2 style="text-align: justify; ">Verification</h2>
<p style="text-align: justify; "><b>The SSN can be verified only in certain circumstances: </b> The SSA will only respond to requests for SSN verification in certain circumstances:</p>
<p style="text-align: justify; "><b> </b></p>
<ul>
<li>Before issuing a replacement SSN, posting a wage item to the Master Earnings File, or establishing a claims record - the SSA will verify that the name and the number match as per their records.</li>
<li>When legally permitted, the SSA verification system will verify SSNs for government agencies.</li>
<li>When legally permitted the SSA verification system will verify a workers SSN for pre-registered and approved private employers.</li>
<li>If an individual has provided his/her consent, the SSA will verify a SSN request from a third party.</li>
</ul>
<p style="text-align: justify; ">For verification the SSN number must be submitted with an accompanying name to be matched to and additional information such as date of birth, fathers name, mothers name etc. When verifying submitted SSN's, the system will respond with either confirmation that the information matches or that it does not match. It is important to note that because SSN is verified only in certain circumstances, it is not guaranteed that the person providing an SSN number is the person whom the number was assigned.<a href="#_ftn21" name="_ftnref21">[21]</a></p>
<p style="text-align: justify; "><b>The Aadhaar number can be verified in any transaction: </b> If an organization, department, or platform has adopted the Aadhaar number as a form of authentication, they can send requests for verification to the UIDAI. The UIDAI will respond with a yes or no answer. When using their Aadhaar number as a form of authentication individuals can submit their number and demographic information or their number and biometrics for verification.<a href="#_ftn22" name="_ftnref22">[22]</a></p>
<p style="text-align: justify; "><b><span> </span></b></p>
<h2 style="text-align: justify; ">Lost or stolen</h2>
<p style="text-align: justify; "><b>SSN can be replaced: </b> If an individual loses his/her SSN card lost or their number is fraudulently used, they can apply for a replacement SSN card or a new SNN number. <a href="#_ftn23" name="_ftnref23">[23]</a></p>
<p style="text-align: justify; "><b>Aadhaar number can be replaced: </b> If an individual has lost their Aadhaar number, there is a process that they can follow to have their number re-sent to them. If the number cannot be located by the UIDAI , the individual has the option of re-enrolling for a new Aadhaar number.<a href="#_ftn24" name="_ftnref24">[24]</a> <b> </b>The UIDAI has built the scheme with the understanding the biometrics are a unique identifier that cannot be lost or stolen, and thus have not created a system to address the possibility of stolen or fraudulent use of biometrics.</p>
<h2 style="text-align: justify; ">Implementation</h2>
<p style="text-align: justify; "><b>Legislation and formal roll out: </b> The SSN program was brought into existence via the Social Security Act and officially rolled out while eventually being adopted across Federal Departments.</p>
<p style="text-align: justify; "><b>Bill and pilot studies:</b> The UID scheme has been envisioned as being brought into existence via the Unique Identification Authority Bill 2010 which has not been passed. Thus far, the project has been implemented in pilot phases across States and platforms.</p>
<p style="text-align: justify; "><b><span> </span></b></p>
<p style="text-align: justify; "><b><span>Enrollment</span></b></p>
<p style="text-align: justify; "><b>Social Security Administration: </b> The Social Security Agency is the soul body in the US that receives and processes applications for SSN and issues SSN numbers. <a href="#_ftn25" name="_ftnref25">[25]</a></p>
<p style="text-align: justify; "><b>UIDAI, registrars, and enrolling agencies: </b> The UIDAI is the soul body that issues Aadhaar numbers. Registrars (contracted bodies under the UIDAI_ - and enrolling agencies (contracted bodies under Registrars) are responsible for receiving and processing enrollments into the UID scheme.</p>
<h2 style="text-align: justify; ">Required supporting documents</h2>
<p style="text-align: justify; "><b>SSN requires proof of age, identity, and citizenship: </b> To obtain a SSN you must be able to provide proof of your age, your identity, and US citizenship. The application form requires the following information:</p>
<ul>
<li>Name to be shown on the card</li>
<li>Full name at birth, if different</li>
<li>Other names used</li>
<li>Mailing address</li>
<li>Citizenship or alien status</li>
<li>Sex</li>
<li>Race/ethnic description (SSA does not receive this information under EAB)</li>
<li>Date of birth</li>
<li>Place of birth</li>
<li>Mother's name at birth</li>
<li>Mother's SSN (SSA collects this information for the Internal Revenue Service (IRS) on an original application for a child under age 18. SSA does not retain these data.)</li>
<li>Fathers' name</li>
<li>Father's SSN (SSA collects this information for IRS on an original application for a child under age 18. SSA does not retain these data).</li>
<li>Whether applicant ever filed for an SSN before</li>
<li>Prior SSNs assigned</li>
<li>Name on most recent Social Security card</li>
<li>Different date of birth if used on an earlier SSN application.</li>
<li>Date application completed</li>
<li>Phone number</li>
<li>Signature</li>
<li>Applicant's relationship to the number holder.<a href="#_ftn26" name="_ftnref26">[26]</a></li>
</ul>
<p style="text-align: justify; "><b> </b></p>
<p style="text-align: justify; "><b>Aadhaar requires proof of age, address, birth, and residence and biometric information:</b> The application form requires the following information:</p>
<ul>
<li>Name</li>
<li>Date of birth</li>
<li>Gender</li>
<li>Address</li>
<li>Parent/guardian details</li>
<li>Email</li>
<li>Mobile number</li>
<li>Indication of consenting or not consenting to the sharing of information provided to the UIDAI with Public services including welfare services</li>
<li>Indication of if the individual wants the UIDAI to facilitate the opening of a bank account linked to the Aadhaar number and permits the sharing of information for this purpose</li>
<li>If the individual has no objection to linking their present bank account to the Aadhaar number and the relevant bank details</li>
<li>Signature<a href="#_ftn27" name="_ftnref27">[27]</a></li>
</ul>
<div style="text-align: justify; "><br clear="all" />
<hr />
<div id="ftn1">
<p><a href="#_ftnref1" name="_ftn1">[1]</a> Sahil Makkar, "PM's idea to track kids from birth hits practical hurdles", Business Standard. April 11<sup>th</sup> 2015. Available at: http://www.business-standard.com/article/current-affairs/pm-s-idea-to-track-kids-from-birth-hits-practical-hurdles-115041100828_1.html</p>
</div>
<div id="ftn2">
<p><a href="#_ftnref2" name="_ftn2">[2]</a> The Social Security Act of 1935. Available at: http://www.ssa.gov/history/35act.html</p>
</div>
<div id="ftn3">
<p><a href="#_ftnref3" name="_ftn3">[3]</a> The United States Department of Justice, "Overview of the Privacy Act of 1974". Available at: http://www.justice.gov/opcl/social-security-number-usage</p>
</div>
<div id="ftn4">
<p><a href="#_ftnref4" name="_ftn4">[4]</a> Government of India Planning Commission "Notification". Available at: https://uidai.gov.in/images/notification_28_jan_2009.pdf</p>
</div>
<div id="ftn5">
<p><a href="#_ftnref5" name="_ftn5">[5]</a> The National Identification Authority of India Bill 2010. Available at: http://www.prsindia.org/uploads/media/UID/The%20National%20Identification%20Authority%20of%20India%20Bill,%202010.pdf</p>
</div>
<div id="ftn6">
<p><a href="#_ftnref6" name="_ftn6">[6]</a> History of SSA 1993 - 2000. Chapter 6: Program Integrity. Available at: http://www.ssa.gov/history/ssa/ssa2000chapter6.html</p>
</div>
<div id="ftn7">
<p><a href="#_ftnref7" name="_ftn7">[7]</a> Social Security Number Chronology. Available at: http://www.ssa.gov/history/ssn/ssnchron.html</p>
</div>
<div id="ftn8">
<p><a href="#_ftnref8" name="_ftn8">[8]</a> History of SSA 1993 - 2000, Chapter 6: Program Integrity. Available at: http://www.ssa.gov/history/ssa/ssa2000chapter6.html</p>
</div>
<div id="ftn9">
<p><a href="#_ftnref9" name="_ftn9">[9]</a> UID FAQ: Aadhaar Features, Eligibility. Available at: https://resident.uidai.net.in/faqs</p>
</div>
<div id="ftn10">
<p><a href="#_ftnref10" name="_ftn10">[10]</a> Social Security Numbers for Noncitizens. Available at: http://www.ssa.gov/pubs/EN-05-10096.pdf</p>
</div>
<div id="ftn11">
<p><a href="#_ftnref11" name="_ftn11">[11]</a> Aapka Aadhaar. Available at: https://uidai.gov.in/aapka-aadhaar.html</p>
</div>
<div id="ftn12">
<p><a href="#_ftnref12" name="_ftn12">[12]</a> Program Operations Manual System. Available at: https://secure.ssa.gov/poms.nsf/lnx/0203325025</p>
</div>
<div id="ftn13">
<p><a href="#_ftnref13" name="_ftn13">[13]</a> UIDAI Analytics -Empowering Operations - the UIDAI Experience. Available at: https://uidai.gov.in/images/commdoc/other_doc/uid_doc_30012012.pdf</p>
</div>
<div id="ftn14">
<p><a href="#_ftnref14" name="_ftn14">[14]</a> Information Technology (Reasonable security practices and procedures and sensitive personal data or information rules 2011) available at: http://deity.gov.in/sites/upload_files/dit/files/GSR313E_10511(1).pdf</p>
</div>
<div id="ftn15">
<p><a href="#_ftnref15" name="_ftn15">[15]</a> IdentityHawk, "Who can lawfully request my social security number?" Available at: http://www.identityhawk.com/Who-Can-Lawfully-Request-My-Social-Security-Number</p>
</div>
<div id="ftn16">
<p><a href="#_ftnref16" name="_ftn16">[16]</a> SSA FAQ " Can I refuse to give my social security number to a private business?" Available at: https://faq.ssa.gov/link/portal/34011/34019/Article/3791/Can-I-refuse-to-give-my-Social-Security-number-to-a-private-business</p>
</div>
<div id="ftn17">
<p><a href="#_ftnref17" name="_ftn17">[17]</a> The United States Department of Justice, "Overview of the Privacy Act of 1974". Available at: http://www.justice.gov/opcl/social-security-number-usage</p>
</div>
<div id="ftn18">
<p><a href="#_ftnref18" name="_ftn18">[18]</a> Social Security Number Chronology. Available at: http://www.ssa.gov/history/ssn/ssnchron.html</p>
</div>
<div id="ftn19">
<p><a href="#_ftnref19" name="_ftn19">[19]</a> Aapka Aadhaar. Available at: https://uidai.gov.in/what-is-aadhaar.html</p>
</div>
<div id="ftn20">
<p><a href="#_ftnref20" name="_ftn20">[20]</a> Business Standard, "Aadhaar not mandatory to claim any state benefit, says Supreme Court" March 17<sup>th</sup>, 2015. Available at: http://www.business-standard.com/article/current-affairs/aadhaar-not-mandatory-to-claim-any-state-benefit-says-supreme-court-115031600698_1.html</p>
</div>
<div id="ftn21">
<p><a href="#_ftnref21" name="_ftn21">[21]</a> Social Security History 1993 - 2000, Chapter 6: Program Integrity. Available at: http://www.ssa.gov/history/ssa/ssa2000chapter6.html</p>
</div>
<div id="ftn22">
<p><a href="#_ftnref22" name="_ftn22">[22]</a> Aapka Aadhaar. Available at: https://uidai.gov.in/auth.html</p>
</div>
<div id="ftn23">
<p><a href="#_ftnref23" name="_ftn23">[23]</a> SSA. New or Replacement Social Security Number Card. Available at: http://www.ssa.gov/ssnumber/</p>
</div>
<div id="ftn24">
<p><a href="#_ftnref24" name="_ftn24">[24]</a> UIDAI, Lost EID/UID Process. Available at: https://uidai.gov.in/images/mou/eiduid_process_ver5_2_27052013.pdf</p>
</div>
<div id="ftn25">
<p><a href="#_ftnref25" name="_ftn25">[25]</a> Social Security. Availabl at: http://www.ssa.gov/</p>
</div>
<div id="ftn26">
<p><a href="#_ftnref26" name="_ftn26">[26]</a> Social Security Administration, Application for a Social Security. Available at: http://www.ssa.gov/forms/ss-5.pdf</p>
</div>
<div id="ftn27">
<p><a href="#_ftnref27" name="_ftn27">[27]</a> Aadhaar enrollment/correction form. Available at: http://hstes.in/pdf/2013_pdf/Genral%20Notification/Aadhaar-Enrolment-Form_English.pdf</p>
</div>
</div>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/aadhaar-vs-social-security-number'>https://cis-india.org/internet-governance/blog/aadhaar-vs-social-security-number</a>
</p>
No publisherelonnaiAadhaarInternet GovernancePrivacy2015-07-24T01:24:00ZBlog EntryLive Chat: Aadhaar: An identity crisis?
https://cis-india.org/internet-governance/news/the-hindu-march-17-2015-aadhaar-an-identity-crisis
<b>The Aadhaar card is not compulsory for citizens and "no person should be denied any benefits or ‘suffer’ for not having the Aadhaar cards issued by Unique Identification Authority of India," the Supreme Court ruled on Monday. </b>
<p class="body" style="text-align: justify; ">The live chat was <a class="external-link" href="http://www.thehindu.com/news/national/the-debate-around-aadhaar-card/article7003376.ece">published in the Hindu</a> on March 17, 2015. Sunil Abraham took part in the discussions.</p>
<hr />
<p class="body" style="text-align: justify; ">Four years after Aadhaar was launched – and touted as a panacea to access social services and subsidies – its users continue to be dogged by an array of problems ranging from technical glitches to procedural delays. And those who do not have an Aadhaar card find themselves quizzed by government authorities.</p>
<p class="body" style="text-align: justify; "><i>The Hindu</i>’s Tamil Nadu edition today <a href="http://www.thehindu.com/news/cities/chennai/issues-in-obtaining-aadhaar-from-glitches-to-lack-of-forms/article7000268.ece" target="_self">highlighted the challenges</a> ordinary citizens - both those who have cards and those who do not – face, be it from non-availability of application forms or glitches in the biometrics process.</p>
<p class="body" style="text-align: justify; ">We will be hosting a live chat on Aadhaar at 5 pm today. You can pose questions and share your views with Sunil Abraham, Executive Director of Bangalore-based research organisation, Centre for Internet and Society; K. Gopinath, Professor at the Computer Science and Automation Department at the Indian Institute of Science (IISc) and The Hindu’s K. Venkatraman.</p>
<p class="body" style="text-align: justify; "><b>Comment From Anon </b></p>
<p class="body" style="text-align: justify; ">What could have happened such that the current government, who were once in the opposition, were members of the parliamentary committee that strongly opposed UIDAI, now suddenly wants to use it everywhere? What could have transpired such that the PM got so convinced that it would help its citizens more than it could potentially harm?</p>
<p class="body" style="text-align: justify; "><b>Sunil Abraham: </b>Usually the party that is in power is pro-surveillance and anti-censorship and the opposition is pro-privacy and pro-free speech. After the elections - if the parties swap positions as a result of the mandate - then they usually also swap positions on surveillance and censorship. This phenomenon is not specific to India.</p>
<p class="body" style="text-align: justify; "><b>K. Gopinath:</b> The leakage in the current models is very high. Hence, the attraction.</p>
<p class="body" style="text-align: justify; ">The issue earlier was whether there was some costs to the use of sw (esp. proprietary) from outside the country. Probably, these have been addressed.</p>
<p class="body" style="text-align: justify; "><b>Comment From Saurabh </b></p>
<p class="body" style="text-align: justify; ">Aadhaar was supposed to be a good 2 factor authentication mechanism, what happens to it now ?</p>
<p class="body" style="text-align: justify; "><b>Sunil Abraham:</b> Aadhaar architecture was designed to allow for multiple authentication factors. Unfortunately biometrics is a poor authentication factor since it cannot be revoked. Any two-factor authentication scheme where one factor is biometrics is in reality only a one-factor scheme. Pin code as with credit cards and debit cards would have been much more secure for authentication.</p>
<p class="body" style="text-align: justify; "><b>K Venkataramanan:</b> It will continue to be relevant, but is unlikely to be mandatory for quite some time.</p>
<p class="body" style="text-align: justify; "><b>K. Gopinath:</b> Real-time 2-factor auth (biometrics, signatures) are not easy, esp over Internet, and would require a much longer rollout</p>
<p class="body" style="text-align: justify; "><b>Comment From Saurabh </b></p>
<p class="body" style="text-align: justify; ">I did not get Aadhar for myself or my family. Does this mean, I will not have to as yet.</p>
<p class="body" style="text-align: justify; "><b>Sunil Abraham:</b> As per the UIDAI - Aadhaar is not mandatory. Also according to the latest remarks from the Supreme Court - Aadhaar should not be made mandatory without enabling law. But many state and central government agencies have ignored the comments made by the SC and have made Aadhaar mandatory for various programmes and schemes.</p>
<p class="body" style="text-align: justify; "><b>The Hindu:</b> Is Aadhaar virtually redundant now following the SC order? Nothing more than an expensive experiment?</p>
<p class="body" style="text-align: justify; "><b>K. Gopinath: </b>I think it will be used as an addl auth mechanism (just like elec./ph. receipts). May be once the technology is demo'ed properly (it has not been done seriously anywhere else), it will be taken up again.</p>
<p class="body" style="text-align: justify; "><b>Comment From Abubacker </b></p>
<p class="body" style="text-align: justify; ">I am an NRI and need to have Aadhaar Card? How to obtain Appointmet - I am from Tuticorin, Tamil Nadu</p>
<p class="body" style="text-align: justify; "><b>K Venkataramanan:</b> Your family member or representative living in Tuticorin may apply for Aadhaar through the local body. It may be possible to get a date for recording biometrics. However, you have to come down here for recording biometric details.</p>
<p class="body" style="text-align: justify; "><b>Comment From Kishore J </b></p>
<p class="body" style="text-align: justify; ">Why is Govt. not able to legalize the Aadhar, I'm assuming the only reason Supreme court keeps blocking it is because its not a law passed by Parliament ?</p>
<p class="body" style="text-align: justify; "><b>K. Gopinath:</b> SC goes by the constitution. If there is some concern someone is being "excluded", they will block it.</p>
<p class="body" style="text-align: justify; "><b>Sunil Abraham: </b>The NIA bill was proposed in parliament and then referred to a Standing Committee. Our summary and detailed feedback to the Bill is available here: http://cis-india.org/intern... The Standing Committee harshly criticized the Bill. See: http://164.100.47.134/lsscommittee/Finance/42%20Report.pdf After which the Bill has not been reworked by the UIDAI or the Planning Commission /Niti Aayog for re-presentation to the Parliament.</p>
<p class="body" style="text-align: justify; "><b>Sunil Abraham:</b> No - it is not just an expensive experiment. It is much more dangerous - it is what security experts call a Honey Pot. A centralized repository of biometrics harvested from residents of India. These biometrics can be used to authenticate transactions in the UIDAI database and other services. If there is a breach - then this huge collection of authentication factors will end us in the hands of criminal elements or some foreign state.</p>
<p class="body" style="text-align: justify; "><b>Comment From vaz </b></p>
<p class="body" style="text-align: justify; ">Aadhar is a joke, i have so many IDs and i cannot get any benefits out of it, it is simply wasting time, if Govt really want mandate make it easy for people, i pay taxes and Govt should treat me like one , i can not waste my time standing in queues to get that card, get me time slot and don't waste my time.</p>
<p class="body" style="text-align: justify; "><b>Sunil Abraham:</b> This is because the process of registration has been outsourced to private agencies. These private agencies have futher outsourced to others and so on and so forth. Consequently, there is very poor management and quality control by these agencies. If indeed corruption was a priority - we should have tackled high-ticket corruption first. We could have had biometric registration just for only the politicians and bureaucrats. We could use biometric authentication with them to create a non-repudiable audit trail of subsidies flowing from the Centre to the Panchayat. Unfortunately, we tried to register everybody simultaneously and that has resulted in poor quality of biometrics and demographic data. We have visited some of the registration centre and have seen the reality on the ground.</p>
<p class="body" style="text-align: justify; "><b>Comment From Guest </b></p>
<p class="body" style="text-align: justify; ">I have been threatened by Gas Agency people if i don't link Aadhar to Bank Account, won't be given a refilling cylinder.Is this a right one?</p>
<p class="body" style="text-align: justify; "><b>K Venkataramanan:</b> There is an option for getting DBT even without Aadhaar. The bank account and the gas agency consumer account can be linked without Aadhar. Please check www.mylpg.in for knowing how to apply for DBT registration without Aadhaar</p>
<p class="body" style="text-align: justify; "><b>The Hindu: </b>Your views Prof Gopinath? Do you see it as a biometrics Honey Pot too?</p>
<p class="body" style="text-align: justify; "><b>K. Gopinath: </b>From a security pov, it is certainly risky. It needs really robust technologies before one can think of rolling out. For example, we have "denial of service" attacks. ie, a service can be shut out by random bombardment of msgs. Most curr large scale systems are designed to handle it but some cannot handle it if large numbers collude. This only prevents access to service but other attacks can exfiltrate (take out) data, modify data, etc.</p>
<p class="body" style="text-align: justify; "><b>The Hindu:</b> And Mr. Venkataramanan, your thoughts?</p>
<p class="body" style="text-align: justify; "><b>Comment From kuldeep singh chauhan </b></p>
<p class="body" style="text-align: justify; ">We need a strong law for data security. Aadhar is collecting data but there is no provision except some provisions of IT Act and IPC for data security.</p>
<p class="body" style="text-align: justify; "><b>K. Gopinath:</b> Yes, the legislation is weak or unnecessarily vague (eg. the IT2000 act) or too broad in scope. I think what we need is a citizen's charter for data access, security and privacy. Also, what needs to be done when systems do not work!</p>
<p class="body" style="text-align: justify; "><b>Sunil Abraham:</b> There are two interpretations of Sec. 43A of the IT Act. Acccording to most experts it only applies to Body Corporates in other words it does not apply to the Government when it plays the role of a data controller. According to an order issued by the IT Secy of Maharastra [the court of first instance for 43A of ITA] -this section will also apply to the Government. But beyond that order we have no clarity on this question.</p>
<p class="body" style="text-align: justify; "><b>Comment From Pavan </b></p>
<p class="body" style="text-align: justify; ">With no privacy laws, isn't it a bad idea to store citizen's data in a database? We all know how inept our government is in ensuring any security/privacy.</p>
<p class="body" style="text-align: justify; "><b>Sunil Abraham:</b> With or without laws. Centralized approaches to identity/authentication management are much more fragile and vulnerable compared to decentralized options. The Internet is secured by digital signatures - there is no centralized repository of all these signatures. Therefore there is no centralized point of failure for the Internet. If the Aadhaar project was based on Smart Cards instead of Biometrics - then just like the Internet it would be robust without a central point of failure. http://cis-india.org/intern...</p>
<p class="body" style="text-align: justify; "><b>K. Gopinath:</b> Storing all info in a single place is a big security risk. It needs very robust technologies (such as replication and "secret sharing protocols") that work inspite of failures. These have been done here and there but doing it on a large scale requires care.</p>
<p class="body" style="text-align: justify; "><b>Comment From Kunal Soni </b></p>
<p class="body" style="text-align: justify; ">SC Adhar card recommendations, ok Got it! But what about the banks for example SBI who ask for adhar cards stating its the bank's rule? Who's going to answer the question as they would never listen to common man and they never did.</p>
<p class="body" style="text-align: justify; "><b>Comment From Sandeep </b></p>
<p class="body" style="text-align: justify; ">Hi,May be it is a strong message, but what exactly is the need to make/introduce the Adhaar card, which is not recognizable worldwide? Why dont we make our passport smart enough and reduce it to a chip as in Europe. This will also enable everyone to get enrolled in our administrative system. Basically, we are only repeating the entire process with no international recognition.</p>
<p class="body" style="text-align: justify; "><b>Comment From Krishna Rao </b></p>
<p class="body" style="text-align: justify; ">Need to make it mandatory in the lines of SSN in US. Else it would be very difficult to manage and ensure the subsidies and benefits reach the really deserved section.</p>
<p class="body" style="text-align: justify; "><b>Comment From Ramesh </b></p>
<p class="body" style="text-align: justify; ">It is a great concept it all information like property purchases, tax returns, ration card, pf, esi, bank accounts , rail, air tickets are all linked. will reduce corrupt practice considerably. It should be the main identity of an Indian</p>
<p class="body" style="text-align: justify; "><b>Comment From arun </b></p>
<p class="body" style="text-align: justify; ">@Sunil what are the privacy safeguards that are in place currently regarding protection of information collected by the government and private agencies designated for this?</p>
<p class="body" style="text-align: justify; "><b>Sunil Abraham:</b> Do you mean legal or technical?</p>
<p class="body" style="text-align: justify; "><b>K Venkataramanan:</b> @The Hindu: Yes, there are serious privacy issues involved in a centralised database. However, their is a counter-view that this is no different from any other data base available in the hands of the government such as the one relating to PAN. The main concern of those worried about the privacy problem in Aadhaar is that data collection is done by private agencies, and details such as biometric data could be misused</p>
<p class="body" style="text-align: justify; "><b>The Hindu:</b> Sunil, a question for you from arun</p>
<p class="body" style="text-align: justify; "><b>Comment From Pawan </b></p>
<p class="body" style="text-align: justify; ">Govt should give it legal recognition and give legal guarantee about the usage and storage of the data... After that there would be no concern related to identity security or enforcing it on the people.. People would trust it and come forward to register for it.</p>
<p class="body" style="text-align: justify; "><b>Sunil Abraham:</b> Legal recognition and guarantees are not sufficient. You cannot use the law to fix poor technology design. The security of the Internet is not a function of good law. It is a function of good technological design.</p>
<p class="body" style="text-align: justify; "><b>Comment From Pappan </b></p>
<p class="body" style="text-align: justify; ">the so called Europe, US an other developed countries already have Social security numbers, why cant we just look at it like that?</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: Social Security Number are an additional identifier. The database just contains a collection of identifiers. If that database is compromised the information cannot be used to authenticate transactions. This is very unlike the UIDAI centralized database which is a collection of authentication factors. Think of it as a database filled with the passwords of all Indian residents.</p>
<p class="body" style="text-align: justify; ">K Venkataramanan: @Kunal Soni - SBI can't insist on it as of now. The person who issued any circular to that effect may be hauled up in court</p>
<p class="body" style="text-align: justify; ">Comment From Guest</p>
<p class="body" style="text-align: justify; ">I have two questions. First, why is the honourable supreme court strking down aadhar, on what grounds? Second, how can the government come around those objections and allay the courts fears/objections? The informed panelists may please give their opinions too. Thank you</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: There are 3 sets of petitioners who are being heard by the SC in the combined case. Some of them associated with the right are arguing that the UID is a threat to national security as it legitimizes illegal immigrants. Those associated with the left are arguing that it is a violation of the right to privacy. Still other who are ex-officers from the armed forces are arguing that the project is mired in corrupt practices.</p>
<p class="body" style="text-align: justify; ">K Venkataramanan: The Court has not struck down Aadhaar. It has only passed interim orders protecting the access to services of those who have not yet had them.</p>
<p class="body" style="text-align: justify; ">Comment From Aashish Gupta</p>
<p class="body" style="text-align: justify; ">Aadhaar was supposed to usher in portability of benefits. That is, you could migrate to a different state and still get the benefit you deserved.</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: The Aadhaar database only contains information that identifies you and also allow you to authenticate against that database. It does not indicate eligibility for various schemes/subsidies. The migration across State level eligibility lists has to be done by the State. It is not a functionality provided by the UIDAI.</p>
<p class="body" style="text-align: justify; ">Comment From Ramesh</p>
<p class="body" style="text-align: justify; ">Supreme Court should have suggested a better option instead of coming down heavily on the Aadhar Card. The card will straight eliminate multiple rations cards and voter ids.</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: The previous technology adopted by the NDA government - smart cards or SCOSTA [for the MNIC]. This technology option is free from many of the flaws of UIDAI's current design.</p>
<p class="body" style="text-align: justify; ">Comment From Mrigesh</p>
<p class="body" style="text-align: justify; ">Why is Aadhaar needed? I am for a middle class or for the elite class?</p>
<p class="body" style="text-align: justify; ">Comment From Geetha</p>
<p class="body" style="text-align: justify; ">Has the government (or concerned agencies/departments) formulated any policy on using the Aadhar information collected? For instance, what agency can use the information, under what conditions, with whose approval, for what limited purposes? Is this policy publicly available?</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: No. Anyone who is approved by the UIDAI as a legitimate can use the KYC API. Absolutely anyone can use the Authentication API. There is no policy on what data collection/retention practices must be adhered to by the users of both these APIs.</p>
<p class="body" style="text-align: justify; ">Comment From Arun Jayapal</p>
<p class="body" style="text-align: justify; ">Has the government ever considered/analyzed a way to link the existing resources (such as ration card, DL, passport, voter id, etc.,) and not have come up with a completely new system (aadhaar). Is this not an absolute waste of time and resources?</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: Yes, you are absolutely right. The government should have used biometrics as a means to dedup an existing high value database like the Electoral Rolls or more importantly the PAN Card database. That would have been better RoI for our anti-corruption Rupee.</p>
<p class="body" style="text-align: justify; ">K Venkataramanan: @Ramesh The Court has come down heavily on only officials who insist on Aadhar for delivery of services when there are clear orders that it should not be mandatory</p>
<p class="body" style="text-align: justify; ">Comment From George J</p>
<p class="body" style="text-align: justify; ">I'm an NRI. I presently work and live in a country where the first order of business on landing/Birth is to register one self and get a unique ID number and ID. This the case for expats as well as residents be they foreigners or Citizens. The registration process includes collection of Biometric data. This single No and Id is used for everything from Bank Accounts to School Admissions. It is good that India is doing something similar. It is high time people with multiple ration cards, Passports and the like are weeded out and provided a single verifiable identity. Data Security is of essence and necessary safeguards are available.</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: Could you name the country? And can you use biometrics your country to authenticate transactions in a centralized database for all sorts of transactions? If yes, then the technology design in your country is as poor as in ours and it is only a question of time when the centralized database leaks.</p>
<p class="body" style="text-align: justify; ">Comment From Aashish Gupta</p>
<p class="body" style="text-align: justify; ">Apart from the Honey Pot, Aadhaar does not serve its primary purpose: tackling corruption. Most pilots of Aadhaar have crash landed, and as a result, state governments have created their own simpler systems to tackle corruption.</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: See: http://www.thehindu.com/opi... If the authentication match is not working [1:1 match]. Then basically the dedup will not work [1:n] match. That is why they are doing demographic dedup before biometric dedup - because they know that the biometric dedup is fallible.</p>
<p class="body" style="text-align: justify; ">Comment From Balu</p>
<p class="body" style="text-align: justify; ">A citizenship card , backed with a strond database is a must for every citixen . Some serious thoughts should be done in this matter at the earliest , instead of wasting time and money on different schemes .</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: We should use decentralized Internet scale technologies based on open standards that are already proven. If we had used smart cards based on SCOSTA or EMV standard we would be in a much better place.</p>
<p class="body" style="text-align: justify; ">Comment From PRASHANTH</p>
<p class="body" style="text-align: justify; ">Has the government (or concerned agencies/departments) formulated any policy on using the Aadhar information collected? For instance, what agency can use the information, under what conditions, with whose approval, for what limited purposes? Is this policy publicly available?</p>
<p class="body" style="text-align: justify; ">Comment From vikash</p>
<p class="body" style="text-align: justify; ">supreme court should not have to push such legal hurdles given that the 750 million card has already been generated.A lot of money has been investad in the project</p>
<p class="body" style="text-align: justify; ">Comment From Saket</p>
<p class="body" style="text-align: justify; ">Aaadhar card is full of errors. At the place where I got registered person was issuing it in a hurry which creates lots of typing errors in DOB and Place.</p>
<p class="body" style="text-align: justify; ">Comment From Aashish Gupta</p>
<p class="body" style="text-align: justify; ">The supreme court has not struck down aadhaar, it has said that aadhaar cannot be mandatory. This is to make sure that people who do not have an aadhaar card do not miss out on their entitlements.</p>
<p class="body" style="text-align: justify; ">Comment From Ramesh</p>
<p class="body" style="text-align: justify; ">Aadhaar should be made mandatory with necessary safeguards. Unless there is an ultimatum and time frame to get the card it will never be implemented. Even now many do not know where to get it done.</p>
<p class="body" style="text-align: justify; ">Comment From Aadharam</p>
<p class="body" style="text-align: justify; ">Could you clarify whether this is an interim order or a final order on Aadhar? Is there scope for a retraction/shift on the Supreme Court's part?</p>
<p class="body" style="text-align: justify; ">Comment From Onkar Tiwari</p>
<p class="body" style="text-align: justify; ">Why supreme court doesnt understand Adhar is necessary? it can curb corruption. it wll reduce corruption specially in manrega where people enters fake details and grab the money.</p>
<p class="body" style="text-align: justify; ">K Venkataramanan: It is only an interim order. The Court will, hopefully, resolve the questions raised by the petitioners about privacy and data security issues</p>
<p class="body" style="text-align: justify; ">Comment From George J</p>
<p class="body" style="text-align: justify; ">I have taken Aadhar Card. The procedure asks the applicant themselves to verify the data entered for typing mistakes etc. before being uploaded, in fact where I registered they had asked for a sign off on the final data on a printout. So how errors can creep in is beyond me. However the photography equipment and skill of the data entry operator leave much to be desired as the mug shot is not very kind to me!</p>
<p class="body" style="text-align: justify; ">Comment From Guest</p>
<p class="body" style="text-align: justify; ">There should be a guide line which need to be followed as it is in the hands of private partners who are also ask for bribe from the poor people for the aadhar and they have no other option to pay for it as they thought that this only can help them to get the govt. facilities and subsidies.</p>
<p class="body" style="text-align: justify; ">K Venkataramanan: @Onkar Tiwari, It is up to the government to convince the court that Aadhaar will help curb corruption, and how. The Court is unlikely to stop the use of technology to improve delivery of services and curb corruption.</p>
<p class="body" style="text-align: justify; ">Comment From v subrahmanian</p>
<p class="body" style="text-align: justify; ">help line over phone and the email correspondence is total waste.. they themselves are helpless. Any query has never been replied to the caller's satisfaction. Getting them on line itself is a challenge. It's so complex. Of course, every eligible citizen of this complex country must have the identity card. Why not if it is done through employer in case of organized salaried employees?</p>
<p class="body" style="text-align: justify; ">Comment From Ramakrishna Rao</p>
<p class="body" style="text-align: justify; ">Hi !! I request the panelists to kindly sum up in few 4 or 5 points the reasons/grounds on which the parliamentary committee has rejected the aadhar</p>
<p class="body" style="text-align: justify; ">Comment From Guest</p>
<p class="body" style="text-align: justify; ">The agencies who are collecting data for Aadhar Card are not doing good. The aadhar card is full with many kind of errors including Name and DOB.. Even a person is able to register twice under this scheme.</p>
<p class="body" style="text-align: justify; ">The Hindu: Mr. Venkataramanan would you like to respond to Ramakrishna Rao?</p>
<p class="body" style="text-align: justify; ">Comment From Guest</p>
<p class="body" style="text-align: justify; ">@K Gopinath - how robust is the de-duplication UID claims to have. And in real time transactions, is it possible to authenticate n request without 'false positives' or 'negatives'?</p>
<p class="body" style="text-align: justify; ">K. Gopinath: Dedup claims assume “good” conditions. For example, a farmhand may have rough skin, etc that may make the fingerprints problematic. 1% errors have been reported in the past. Real time txns: I think the current Aadhar is not geared for it. The connectivity is not there. Also, with fingerprint technologies, the ability to check large number of fingerprints for a match is not good enough. It has never been scaled to the extent that is being planned.</p>
<p class="body" style="text-align: justify; ">Comment From Sandeep</p>
<p class="body" style="text-align: justify; ">Still not sure if Aadhaar then other ID cards not needed ? Or Still all along with Aadhaar ? then what is meaning of Aadhaar ? Only for LPG connection? Why not govt making Aadhaar is mandatory in all other fields as well , As Govt spent huge money for Aadhaar</p>
<p class="body" style="text-align: justify; ">Comment From Guest</p>
<p class="body" style="text-align: justify; ">@ Sunil - How plausible is the idea that govt can use UID data to profile public?</p>
<p class="body" style="text-align: justify; ">Comment From Sushubh</p>
<p class="body" style="text-align: justify; ">I for one is very happy that at least the Supreme Court is not falling for this privacy infringing scam. People defending this card here on this platform needs to read more about it.</p>
<p class="body" style="text-align: justify; ">Comment From Guest</p>
<p class="body" style="text-align: justify; ">Govt. created panic among public regarding adhaar. Public is highly annoyed with the way the government is handling this adhaar project. Only court reprimands,govt. backtracks as far as the adhaar is concerned. It is high time for govt. to have serious insight into this.</p>
<p class="body" style="text-align: justify; ">K Venkataramanan: The parliamentary committee on Finance had objected to the UID being extended to non-citizens on the ground that it may end up in illegal immigrants getting Aadhaar numbers.</p>
<p class="body" style="text-align: justify; ">It had also questioned the rollout ofthe scheme before legislation was passed. It had objected to its implementation without regard to its consequences.</p>
<p class="body" style="text-align: justify; ">Comment From Srinivasa</p>
<p class="body" style="text-align: justify; ">I believe Nandan Nilkeni had mentioned certain very good examples of the system flagging duplicates. So I assume the system is robust. We need to make it mandatory for all services delivery and have suitable policy and technology to protect data.</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: I don't think we can go by the assurance of someone no longer associated with the project. It is not persons that keep us safe it is proper technology and law.</p>
<p class="body" style="text-align: justify; ">The Hindu: Welcome back Sunil! Lots of questions await you</p>
<p class="body" style="text-align: justify; ">K Venkataramanan: The committee had said UIDAI had no conceptual clarity, no proper assessment of the costs involved, and that it could end up in the hands of private agencies, that the technology was untested and the UID may not meet the objectives for which it was conceived</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: Sorry I was logged out.</p>
<p class="body" style="text-align: justify; ">Comment From Guest</p>
<p class="body" style="text-align: justify; ">There was a recent news in The Hindu about linking of Adhar cards to election voter ID cards in Andhra Pradesh. Do you think that adopting such moves by every state result in mandating the procedure eventually?</p>
<p class="body" style="text-align: justify; ">Comment From Guest</p>
<p class="body" style="text-align: justify; ">First Passport then PAN , voter id and now adahar, in any country there is only passport and SSN, why india needs so many identity cards</p>
<p class="body" style="text-align: justify; ">K. Gopinath: The PAN database has been problematic just as the voter id. Hence, every technology cycle, a new system is usually attempted that attempts to be "better" than the before. However, this requires care which is not in good supply in the govt where the "lowest" bidder wins or outsourcing happens.</p>
<p class="body" style="text-align: justify; ">The Hindu: We have Prof Gopinatha back too. Sorry about that technical glitch.</p>
<p class="body" style="text-align: justify; ">Comment From Deepak Vasudevan</p>
<p class="body" style="text-align: justify; ">Why are different apex agencies managing Aadhar like UIDAI, Census and NPR? There should be one root (apex) body and others should report onto it.</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: Yes. The division of work between UIDAI and NPR is not very clear and has added to the confusion.</p>
<p class="body" style="text-align: justify; ">K Venkataramanan: The parliamentary standing committee, too pointed out the overlap of functions involving UIDAI and NPR</p>
<p class="body" style="text-align: justify; ">The Hindu: There was this question for you earlier on the thread @K Gopinath - how robust is the de-duplication UID claims to have. And in real time transactions, is it possible to authenticate n request without 'false positives' or 'negatives'?</p>
<p class="body" style="text-align: justify; ">K. Gopinath: Dedup claims assume “good” conditions. For example, a farmhand may have rough skin, etc that may make the fingerprints problematic. 1% errors have been reported in the past. Real time txns: I think the current Aadhar is not geared for it. The connectivity is not there. Also, with fingerprint technologies, the ability to check large number of fingerprints for a match is not good enough. It has never been scaled to the extent that is being planned.</p>
<p class="body" style="text-align: justify; ">Comment From Guest</p>
<p class="body" style="text-align: justify; ">When Union Of India aimed to greater transparency... these are the road blocks they get... If Aadhar is not mandatory... then make Voter ID, PAN Card, Ration card also not mandatory in their respective Govt Businesses ... make self declaration as mandatory .. lets go to the stone age in this Information age. Instead SC should direct the center to come up with procedure to accommodate legitimate citizens of India into the scheme in a time bound manner and frame policies to avoid misuse of the personal data. are we looking the current world Information age thru the same old glasses... it is time to adopt the change...</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: Indeed we need more transparency. But privacy protections must be inversely proportionate to power and as Julian Assange says transparency requirements should be directly proportionate to power See: http://openup2014.org/priva...</p>
<p class="body" style="text-align: justify; ">K Venkataramanan: Linking Aadhaar and voter ID cards is also being tried out in other states It is only one more means of eliminating fake voters or duplicates, but is unlikely tobe a ground to make Aadhaar mandatory</p>
<p class="body" style="text-align: justify; ">Comment From Ganesh</p>
<p class="body" style="text-align: justify; ">@Mr.Sunil, The current technology adopted for UIDAI is not good compared to last regime?</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: Please see my our open letter on this question http://cis-india.org/intern...</p>
<p class="body" style="text-align: justify; ">Comment From Madhavan R</p>
<p class="body" style="text-align: justify; ">Just because UPA government bring this, its not good for NDA to object it.. STOP wasting our money.. Just try to make best out of it..</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: Pouring more money into a failed project will not save it. It has serious technological flaw and without addressing it we are just making a bad situation worse.</p>
<p class="body" style="text-align: justify; ">Comment From George J</p>
<p class="body" style="text-align: justify; ">Currently all embassy's are collecting biometric data when you apply for a visa. Most of this collection is done by private parties on behalf of the respective governments. So if an Indian has travelled abroad the chances of his Biometric data being available to foreign govts is 99%. So what is the big scare about this? The need that it should be secure and should not be misused is sacrosanct. with the kind of revelations that have been made about mass eavesdropping I think people should get used to living in glass houses!</p>
<p class="body" style="text-align: justify; ">Comment From Pappan</p>
<p class="body" style="text-align: justify; ">@Sunil, please clarify about your comment on technology inadequecy</p>
<p class="body" style="text-align: justify; ">Comment From Yuvaraj</p>
<p class="body" style="text-align: justify; ">I strongly support Adhaar card implemenataion. intially they may face challeneges but for the long run its very effective mechanism to monitor every thing</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: Monitoring everything means you monitor nothing. The bigger the haystack the harder it is to find the needle. Good surveillance practices means targetting survelliance not en masse data collection.</p>
<p class="body" style="text-align: justify; ">Comment From Guest</p>
<p class="body" style="text-align: justify; ">It is heard that privacy of citizens is at stake with adhaar card. can panelists respond to this?</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: I have dealt with your question here: http://www.business-standar...</p>
<p class="body" style="text-align: justify; ">Comment From Srinivasa</p>
<p class="body" style="text-align: justify; ">That comparison of the two standards (SCOSTA and Aadhar) made interesting reading. Why not a system where you collect biometrics and iris and then issue a SCOSTA card? the biometrics and iris can be used to remove duplicates and maintain a clean registry by failing the duplicate SCOSTA cards. And all further transactions will only need a card based access.</p>
<p class="body" style="text-align: justify; ">Comment From Loganathan</p>
<p class="body" style="text-align: justify; ">This is one the worst move by any government in the center to remember. With no motive for the card, they introduced just to add to the loss in exchequer and there is no benefit out of it. Many have wrong data entered against their name and totally the waste one of all</p>
<p class="body" style="text-align: justify; ">Comment From Sabari Arasu</p>
<p class="body" style="text-align: justify; ">I am aware of someone who is not Indian citizen got Aadhar card for himself and his family. This scares me a lot as anyone(read Bangaladheshis, Sri Lankans, Pakintanis, etc..) can get Aadhar card. Is there a measure taken by Government to identify these issues?</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: This is possible because the technology [biometrics] cannot verify citizenship. Even worse biometrics can be imported from foreign countries and can be used to create resident ghosts. This is because the technology cannot even verify if the person in India. We will need surveillance cameras at every point of registration to take care of this possible fraud.</p>
<p class="body" style="text-align: justify; ">Comment From Chandra Sekhar</p>
<p class="body" style="text-align: justify; ">Aadhaar card was a huge opportunity for the government to improve the efficiency of governance.It was a challenging task and required great amount accuracy.The way this project was executed is a question mark on efficiency of governance.</p>
<p class="body" style="text-align: justify; ">The Hindu: Sunil, Venkatramanan, Gopinath - would you agree that Aadhaar was an opportunity to improve governance? @chandra sekhar</p>
<p class="body" style="text-align: justify; ">Comment From Guest</p>
<p class="body" style="text-align: justify; ">Freebee lovers/netas will always oppose when you want to implement some thing which might deny them the benefit.</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: Any evidence to backup this statement?</p>
<p class="body" style="text-align: justify; ">Comment From Guest</p>
<p class="body" style="text-align: justify; ">if the ASDHAAR is nt necessary as per SC then why everywhere it is being preferred identity such as Subsidy, Passport etc.</p>
<p class="body" style="text-align: justify; ">Sunil Abraham: Preference is not the same as a mandatory requirement.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/news/the-hindu-march-17-2015-aadhaar-an-identity-crisis'>https://cis-india.org/internet-governance/news/the-hindu-march-17-2015-aadhaar-an-identity-crisis</a>
</p>
No publisherpraskrishnaAadhaarInternet GovernancePrivacy2015-04-03T06:54:25ZNews ItemPrivacy vs. Transparency: An Attempt at Resolving the Dichotomy
https://cis-india.org/openness/blog-old/privacy-v-transparency
<b>The right to privacy has been articulated in international law and in some national laws. In a few countries where the constitution does not explicitly guarantee such a right, courts have read the right to privacy into other rights (e.g., the right to life, the right to equal treatment under law and also the right to freedom of speech and expression).</b>
<hr />
<p><i>With feedback and inputs from Sumandro Chattapadhyay, Elonnai Hickok, Bhairav Acharya and Geetha Hariharan</i>. I would like to apologize for not providing proper citation to Julian Assange when the first version of this blog entry was published. I would also like to thank Micah Sifry for drawing this failure to his attention. The blog post originally published by Omidyar Network <a class="external-link" href="http://www.openup2014.org/privacy-vs-transparency-attempt-resolving-dichotomy/">can be read here</a>. Also see <a class="external-link" href="http://newint.org/features/2015/01/01/privacy-transparency/">http://newint.org/features/2015/01/01/privacy-transparency/</a></p>
<hr />
<p style="text-align: justify; ">In other countries where privacy is not yet an explicit or implicit right, harm to the individual is mitigated using older confidentiality or secrecy law. After the Snowden affair, the rise of social media and the sharing economy, some corporations and governments would like us to believe that “privacy is dead”. Privacy should not and cannot be dead, because that would mean that security is also dead. This is indeed the most dangerous consequence of total surveillance as it is technically impossible to architect a secure information system without privacy as a precondition. And conversely, it is impossible to guarantee privacy without security as a precondition.</p>
<p style="text-align: justify; ">The right to transparency [also known as the right to information or access to information] – while unavailable in international law – is increasingly available in national law. Over the last twenty years this right has become encoded in national laws – and across the world it is being used to hold government accountable and to balance the power asymmetry between states and citizens. Independent and autonomous offices of transparency regulators have been established. Apart from increasing government transparency, corporations are also increasingly required to be transparent as part of generic or industry specific regulation in the public interest. For instance, India’s Companies Act, 2013, requires greater transparency from the private sector. Other areas of human endeavor such as science and development are also becoming increasingly transparent though here it is still left up to self-regulation and there isn’t as much established law. Within science and research more generally, the rise of open data accompanied the growth of the Open Access and citizen science movement.</p>
<p style="text-align: justify; ">So the question before us is: Are these two rights – the right to transparency and the right to privacy – compatible? Is it a zero-sum game? Do we have to sacrifice one right to enforce the other? Unfortunately, many privacy and transparency activists think this is the case and this has resulted in some conflict. I suggest that these rights are completely compatible when it comes to addressing the question of power. These rights do not have to be balanced against one another. There is no need to settle for a sub-optimal solution. <b>Rather this is an optimization problem and the solution is as follows: privacy protections must be inversely proportionate to power and as Julian Assange says transparency requirements should be directly proportionate to power.</b><a href="#fn*" name="fr*">[*] </a></p>
<p style="text-align: justify; ">In most privacy laws, the public interest is an exception to privacy. If public interest is being undermined, then an individual privacy can be infringed upon by the state, by researchers, by the media, etc. And in transparency law, privacy is the exception. If the privacy of an individual can be infringed, transparency is not required unless it is in the public interest. In other words, the “public interest” test allows us to use privacy law and transparency law to address power asymmetries rather than exacerbate them. What constitutes “public interest” is of course left to courts, privacy regulators, and transparency regulators to decide. Like privacy, there are many other exceptions in any given transparency regime including confidentiality and secrecy. Given uneven quality of case law there will be a temptation by the corrupt to conflate exceptions. Here the old common-law principle of “there is no confidence as to the disclosure of iniquity” – which prevents confidentiality law from being used to cover malfeasance or illegality – can be adopted in appropriate jurisdictions.</p>
<p style="text-align: justify; ">Around 10 years ago, the transparency movement gave birth to yet another movement – the open government data movement. The tension between privacy and transparency is most clearly seen in the open government data movement. The open government data movement in some parts of the world is dominated by ahistorical and apolitical technologists, and some of them seem intent on reinventing the wheel. In India, ever since the enactment of the Right to Information Act, 2003, 30 transparency activists are either killed, beaten or criminally intimidated every year. This is the statistic from media coverage alone. Many more silently suffer. RTI or transparency is without a doubt one of the most dangerous sectors within civil society that you could choose to work in. In contrast, not a single open data activist has ever been killed, beaten or criminally intimidated. I suspect this is because open data activists do not sufficiently challenge power hierarchies. Let us look a little bit closely at their work cycle. When a traditional transparency activist asks a question, that is usually enough to get them into trouble. When an open data activist publishes an answer [a dataset nicely scrubbed and machine readable, or a visualization, or a tool] they are often frustrated because nobody seems interested in using it. Often even the activist is unclear what the question is. This is because open data activist works where data is available. Open data activists are obsessed with big datasets, which are easier to find at the bottom of the pyramid. They contribute to growing surveillance practices [the nexus between Internet giants, states, and the security establishment] rather that focusing on sousveillance [citizen surveillance of the state, also referred to as citizen undersight or inverse surveillance]. They seem to be obsessed only with tools and technologies, rather than power asymmetries and injustices.</p>
<p style="text-align: justify; ">Finally, a case study to make my argument easier to understand – Aadhaar or UID, India’s ambitious centralized biometric identity and authentication management system. There are many serious issues with its centralized topology, proprietary technology, and dependence on biometrics as authentication factors – all of which I have written about in the past. In this article, I will explain how my optimization solution can be applied to the project to make it more effective in addressing its primary problem statement that corruption is a necessary outcome of power asymmetries in India.</p>
<p style="text-align: justify; ">In its current avatar – the Aadhaar project hopes to assign biometric-based identities to all citizens. The hope is that, by doing authentication in the last mile, corruption within India’s massive subsidy programmes will be reduced. This, in my view, might marginally reduce retail corruption at the bottom of the pyramid. It will do nothing to address wholesale corruption that occurs as subsidies travel from the top to the bottom of the pyramid. I have advocated over the last two years that we should abandon trying to issue biometric identities to all citizens, thereby making them more transparent to the state. Let us instead issue Aadhaar numbers to all politicians and bureaucrats and instead make the state more transparent to citizens. There is no public interest in reducing privacy for ordinary citizens – the powerless – but there are definitely huge public interest benefits to be secured by increasing transparency of politicians and bureaucrats, who are the powerful.</p>
<p style="text-align: justify; ">The Indian government has recently introduced a biometric-based attendance system for all bureaucrats and has created a portal that allows Indian citizens to track if their bureaucrats are arriving late or leaving early. This unfortunately is just bean counting [for being corrupt and being punctual are not mutually exclusive] and public access to the national portal was turned off because of legitimate protests from some of the bureaucrats. What bureaucrats do in office, who they meet, and which documents they process is more important than when they arrive at or depart from work. The increased transparency or reduced privacy was not contributing to the public interest.</p>
<p style="text-align: justify; ">Instead of first going after small-ticket corruption at the bottom of the pyramid, maximization of public interest requires us to focus on the top, for there is much greater ROI for the anti-corruption rupee. For example: constructing a digital signature based on audit trails that track all funds and subsidies as they move up and down the pyramid. These audit trails must be made public so that ordinary villagers can be supported by open data activists, journalists, social entrepreneurs, and traditional civil society in verification and course correction.</p>
<p style="text-align: justify; ">I hope open data activists, data scientists, and big data experts will draw inspiration from the giants of the transparency movement in India. I hope they will turn their attention to power, examine power asymmetries and then ask how the Aadhaar project can be leveraged to make India more rather than less equal.</p>
<h3 style="text-align: justify; ">Videos</h3>
<table class="plain">
<tbody>
<tr>
<th>
<p style="text-align: justify; ">Open Up? 2014: Risky Business: Transparency, Technology, Security, and Human Rights</p>
</th>
</tr>
<tr>
<td><iframe frameborder="0" height="315" src="http://www.youtube.com/embed/tDf8TFjxqiQ" width="560"></iframe></td>
</tr>
<tr>
<td><b>Open Up? 2014: Data Collection and Sharing: Transparency and the Private Sector</b></td>
</tr>
<tr>
<td><iframe frameborder="0" height="315" src="http://www.youtube.com/embed/lPHWkYZjqzo" width="560"></iframe></td>
</tr>
</tbody>
</table>
<p>The videos can also be watched on Vimeo:</p>
<ol>
<li><a class="external-link" href="http://vimeo.com/111729069">Open Up? 2014: Risky Business: Transparency, Technology, Security, and Human Rights </a></li>
<li><a class="external-link" href="http://vimeo.com/111748146">Open Up? 2014: Data Collection and Sharing: Transparency and the Private Sector </a></li>
</ol>
<hr />
<p>[<a href="#fr*" name="fn*">*</a>].<a class="external-link" href="http://prospect.org/article/real-significance-wikileaks">http://prospect.org/article/real-significance-wikileaks</a> “Transparency should be proportional to the power that one has.”</p>
<p>Read the presentation on Risky Business: Transparency, Technology, Security and Privacy made at the Pecha Kucha session <a href="https://cis-india.org/openness/blog-old/risky-business.odp" class="internal-link">here</a>. (ODP File, 35 kb)</p>
<p style="text-align: justify; "><i>Disclaimer: The views, opinions, and positions expressed by the author(s) of this blog are theirs alone, and do not necessarily reflect the views, opinions, or positions of Omidyar Network. We make no representations as to accuracy, completeness, timeliness, suitability or validity of any information presented by individual authors of the blogs and will not be liable for any errors, omissions, or delays in this information or any losses, injuries or damages arising from its display or use.</i></p>
<p>
For more details visit <a href='https://cis-india.org/openness/blog-old/privacy-v-transparency'>https://cis-india.org/openness/blog-old/privacy-v-transparency</a>
</p>
No publishersunilPrivacyFeaturedVideoAadhaarOpennessOpen Access2015-03-08T06:26:21ZBlog EntryBiometrics: An ‘Angootha Chaap’ nation?
https://cis-india.org/internet-governance/blog/biometrics-an-angootha-chaap-nation
<b>This blog post throws light on the inconsistencies in biometric collection under the UID and NPR Schemes. </b>
<h2 style="text-align: justify; ">Introduction</h2>
<p style="text-align: justify; ">Fingerprints and iris scans. The Unique Identification (UID) Number aims to serve as a proof of identity that can be easily verified and linked to subsidies and to bank accounts. Four years into its implementation, the UID Scheme seems to have the vote of confidence of the public. More than 65 Crore Indians have been granted UID Numbers,<a href="#_ftn1" name="_ftnref1">[1]</a> and only a few have been concerned enough to seek clarity through Right to Information Requests to the UIDAI about the finances and legal authority backing the scheme.<a href="#_ftn2" name="_ftnref2">[2]</a> Parallel to the UID scheme, the National Population Register scheme is also under way, with enrolment in some areas, such as Srinagar, Shimla and Panchkula, having reached 100% of the estimated population.<a href="#_ftn3" name="_ftnref3">[3]</a></p>
<p style="text-align: justify; ">The NPR scheme is an offshoot of the census. It began in census cycle 2010-11, pursuant to the amendment of the Citizenship Act in 2004, under which national identity cards are to be issued. The desired outcome of the NPR scheme is an NPR card with a chip embedded with three bits of information built into a card: (i) biometric information, (ii) demographic information and (iii) UID Number.</p>
<p style="text-align: justify; ">Both the UID and NPR schemes aspire to be conduits that subsidies, utilities, and other benefits are routed through. While the UID and NPR schemes are distinct in terms of their legal sanctity, purpose and form, the harmonization of these two schemes is one of the UIDAI’s functions.</p>
<p style="text-align: justify; ">There are substantial overlaps in the information collected and the purpose they serve leading to the argument that having two schemes is redundant. The compatibility of the two schemes was questioned and it was initially thought that a merger would be unreasonable. While there has been speculation that the UID scheme may terminate, or that it would be taken over by the Home Ministry, it has been reported that the new government has directed expedited enrolments through the UID scheme. <a href="#_ftn4" name="_ftnref4">[4]</a></p>
<p style="text-align: justify; ">Both schemes are incomplete and suffer from vagaries, including, but not limited to: their legality, safeguards against misuse of the data, the implementation of the schemes – including the collection and storage of biometric information and their convergence or divergence.</p>
<p style="text-align: justify; ">This blog will focus on understanding the process of collecting biometric data in each scheme – calling out similarities and differences – as well as areas in which data collected under one scheme is incompatible with the other scheme. It will look at existing and missing safeguards in the collection of biometrics, overlap in the collection of biometrics by the two schemes, and existing practice in the collection of biometrics. In doing so the blog will highlight the lack of privacy safeguards for the biometric information and conclude that since the policies for data collection and use policy are unclear, the data subjects do not know how their data is being collected, used, and shared between the UID and the NPR schemes.</p>
<h2 style="text-align: justify; ">Unreliability of Biometric Data</h2>
<p style="text-align: justify; ">Biometric data has been qualified as being unreliable.<a href="#_ftn5" name="_ftnref5">[5]</a> It cannot always be successfully used to identify a person, especially in India, where manual labour degrades the fingerprint<a href="#_ftn6" name="_ftnref6">[6]</a> and nutritional deficiencies mar the iris. Even experts working with the UIDAI<a href="#_ftn7" name="_ftnref7">[7]</a> admit that fingerprints are not always good indicators of identity. If the very identification of a person fails, which is what the UID seeks to do, then the purpose of the UID is defeated.</p>
<h2 style="text-align: justify; ">Biometric Data Collection under the UID Scheme</h2>
<p style="text-align: justify; ">In the current structure of the scheme, collected biometric information is stored by, and vests with the UIDAI for an undefined period. The data if used only for identification and authentication purposes, as originally intended, could very well fail to serve its intended purpose. But amassing the personal data of the entire country is lucrative, particularly to the service providers who collect the information and are mandated with the task to manually collect the data before it is fed into the UID system and encrypted. Most of the service providers that collect information, including biometric data, for the UID are engaged in information services such as IT or online marketing service providers.<a href="#_ftn8" name="_ftnref8">[8]</a></p>
<p style="text-align: justify; ">The below chart delineates the process followed for the collection of biometrics under the UID Scheme:</p>
<table class="listing" style="text-align: justify; ">
<tbody>
<tr>
<th><img src="https://cis-india.org/home-images/copy3_of_c1.png" alt="c1" class="image-inline" title="c1" /></th>
</tr>
</tbody>
</table>
<p style="text-align: justify; ">Under the NIAI Bill, all data collected or authenticated by the UIDAI, until the Bill is enacted and the National Identification Authority of India is created, vests with the UIDAI. In practice this means that the UIDAI owns the biometric data of the data-subject, without clear safeguards against misuse of the data.</p>
<p style="text-align: justify; ">In the UID scheme, the collection of biometrics at the time of enrollment by the UIDAI is severely flawed for a number of reasons:</p>
<p style="text-align: justify; "><b>1. Lack of clear legal authority and procedure for collection of biometrics:</b> The only legal authority the UIDAI has to collect biometric information is via the notification of its constitution. Even then, the powers of the UIDAI are vague and broad. Importantly, the notification tells us nothing of how biometric data is to be collected and how it is to be used. These standards have only been developed by the UIDAI in an <i>ad-hoc manner </i>when the need arises or after a problem is spotted. The lack of purpose-specification is in violation of the law<a href="#_ftn9" name="_ftnref9">[9]</a> and prevents the data subject from giving informed consent to data collection. This is discussed at a later stage.</p>
<p style="text-align: justify; "><b>2. The collection of Biometrics is regulated through only a Bill, which delegates the development of safeguards to Rules:</b> The National Identification Authority of India (NIAI) Bill<a href="#_ftn10" name="_ftnref10">[10]</a> confers the National Information Authority of India (NOT THE UIDAI) with the power to pass rules to collect biometric data and to prescribe standards for collection.<a href="#_ftn11" name="_ftnref11">[11]</a> This is a rule-making power, which is conferred under a Bill. Neither has the Bill been enacted, nor have rules for the collection of biometrics been framed and notified.</p>
<p style="text-align: justify; "><b>3. Collection</b> <b>of</b> <b>biometric</b> <b>data only with implied consent:</b> Though collection of biometrics is mentioned in the enrolment form, explicit consent for the collection of biometrics is not collected and only implied consent may be inferred. The last line in the enrollment form is titled ‘CONSENT’ and is a declaration that all data, including biometric information, is true.<a href="#_ftn12" name="_ftnref12">[12]</a></p>
<p style="text-align: justify; "><b>4. Collection of biometric data outsourced to third party:</b> Collection of biometric information in the UID scheme is outsourced to third parties through tenders. For instance, Accenture has been declared a biometric service provider under a contract with the UID.<a href="#_ftn13" name="_ftnref13">[13]</a> The third party may be a company, firm, educational institution or an accreditation agency. The eligibility criteria are quite straightforward, they relate to the entity’s structure and previous experiences with small projects.<a href="#_ftn14" name="_ftnref14">[14]</a> Since the ability to protect privacy of the data subject is entirely absent from the eligibility criteria, a successful bidder may not have adequate procedure in place or sufficient experience in managing confidential data, to ensure the privacy of the data subject. By outsourcing the data collection, the UIDAI has arguably delegated a function it never had the legal authority to perform. Thus, the agency of the data collection is equally defective. To heighten the irregularity, these contract agents can sub-contract the job of physical data collection.<a href="#_ftn15" name="_ftnref15">[15]</a> This means that the data operator and the ground supervisors, who come into direct contact with the raw data, including biometric data, are not appointed by the government, or the UIDAI, but by a private agency, who is further removed from the chain. The data operator scans the documents submitted for verification and has physical access to the document.<a href="#_ftn16" name="_ftnref16">[16]</a></p>
<p style="text-align: justify; "><b>5. Biometric data is admittedly vulnerable to sale and leakage: </b>In an ongoing case in the Supreme Court of India, the national Capital Territory of Delhi has, in its counter-affidavit, admitted that data collected under the UID is vulnerable to sale and leakage.<a href="#_ftn17" name="_ftnref17">[17]</a> To quote from the counter-affidavit ‘<i>..in any exercise of gathering identities whether it is by census authority… or through the present process… there is always a possibility of leakage. Enumerators can scan and keep copies of all the forms and sell them for a price.- this (sic) it can never be said that the data gathered… is safe.’<a href="#_ftn18" name="_ftnref18"><b>[18]</b></a></i> Anyone who has registered for either UID is therefore a candidate for identity theft or unsolicited commercial information. This is also true for the NPR, as census data is the basis for the NPR.</p>
<h2 style="text-align: justify; ">Data collection under the NPR Scheme</h2>
<p style="text-align: justify; ">The declaration of courts that it is unnecessary to link the UID number for public utilities and the admission by Delhi in the case that a data subject cannot be compelled to provide biometrics or to obtain a UID Number under the Aadhaar scheme<a href="#_ftn19" name="_ftnref19">[19]</a> are steps forward in ensuring the voluntariness of UID. However, the UID Number is mandatory by implication. It is a pre-requisite for registration under the National Population Register, which is compulsory, pursuant to S. 14-A of the Citizenship Act. The below diagram delineates the collection of biometric information under the NPR scheme:</p>
<p style="text-align: justify; "><b>DATA FLOW PROCESS</b></p>
<table class="listing" style="text-align: justify; ">
<tbody>
<tr>
<th><img src="https://cis-india.org/home-images/copy4_of_c2.png" alt="c2" class="image-inline" title="c2" /><br /></th>
</tr>
</tbody>
</table>
<h2 style="text-align: justify; ">Flaws in the collection of biometric data under the NPR scheme<b> </b></h2>
<ol style="text-align: justify; ">
<li><b>Compulsion:</b> Registration in the NPR is legally mandated and individuals who fail to do so can face penalty. As a note, arguably, the compulsion to register for the NPR is untenable, as the Rules prescribe penalty, whereas the Act does not. <a href="#_ftn20" name="_ftnref20">[20]</a> A word of caution is appropriate here. The penalty under the Rules stands till it is deleted by the legislature or declared void by courts and one may be held liable for refusing to register for the NPR, though the above argument may be a good defense.</li>
<li><b>Duplicity: </b>Duplicity is a problem under the NPR Scheme. Biometric data is collected twice before the NPR exercise is completed. Even if one has registered under the UID scheme, they have to give their biometric information again under the NPR scheme. The first instance of collection of biometric information is for the UID number and the second, under the NPR scheme. The latter is necessary even if the data has already been collected for the UID number. Since the parties collecting biometric information for NPR are empanelled by the UIDAI and the eligibility is the same, the data is subject to the same or similar threats of data leakage that may arise when registering for the UID. The multi-level data collection only amplifies the admitted vulnerability of data as unauthorized actors can unlawfully access the data at any stage. This, coupled with the fact that UIDAI has to harmonize the NPR and UID schemes, and that the data comes to the UIDAI for de-duplication, means that the NPR data could be used by the UIDAI, but it may not result in a UID Number. There is no data that disproves this potential. This is a matter of concern, as one who wishes not to register for a UID number, in protection of their privacy, is at peril for their data falls into the hands of the UIDAI.</li>
<li><b>Biometric data collectors under the NPR scheme empanelled by the UIDAI:</b> The service providers collecting biometric data under the NPR are selected through bids and need to be empanelled with the UIDAI.<a href="#_ftn21" name="_ftnref21">[21]</a> Most enrolment agencies that are empanelled with the UIDAI are either IT or online marketing companies<a href="#_ftn22" name="_ftnref22">[22]</a>, making the fear of targeted marketing even more likely.</li>
<li><b>Public display and verification: </b>Under the NPR scheme, the biometric and demographic information and UID number of registrants is publicly displayed in their local area for verification.<a href="#_ftn23" name="_ftnref23">[23]</a> However, it is a violation of privacy to have sensitive personal data, such as biometrics put up publicly. Not only will the demographic information be readily accessible, nothing will prohibit the creation of a mailing list or collection of data for either data theft or for sending unsolicited commercial communication. The publicly available information is the kind of information that can be used for verification (Know Your Customer) and to authorize financial transactions. Since the personal information is displayed in the data subject’s local area, it is arguably a more invasive violation of privacy, since the members of the local area can make complex connections between the data subject and the data.</li>
<li><b>Smart Card: </b>The desired outcome of the NPR scheme is an NPR card. This card is to contain a chip, which is embedded with information such as the UID Number, biometrics and the demographic information. It is still unclear as to whether this information will be machine-readable. If so, this information may be just a swipe away. However, this cannot be confirmed without information on the level encryption and how the data will be stored on the chip.</li>
</ol><ol style="text-align: justify; " type="1"> </ol>
<h2 style="text-align: justify; ">‘Privacy safeguards available under the UID and NPR schemes are ad-hoc and incomplete</h2>
<p style="text-align: justify; ">The safeguards under both the UID and NPR schemes are quite similar, since the UIDAI and its empanelled biometric service providers are involved in collecting biometric information for both the UID and the NPR.</p>
<p style="text-align: justify; ">Pilot studies for the UID scheme, including the use of biometrics, were not conducted in advance to implementation. In line with this, the enactment of a legislation governing the UID and the implementation of policies with respect to data handling and use will be made as and when the need arises. The development of safeguards in relation to the NPR will also be ad-hoc.</p>
<p style="text-align: justify; ">Also, the data standards for one will potentially influence that of the other scheme. For instance, the change in privacy standards for handling biometrics under the UID may affect the empanelment of biometric service providers. This will automatically affect the data security level the NPR can seek to achieve.</p>
<p style="text-align: justify; ">Being developed ad-hoc and after the fact, there is a risk that these regulations may unreasonably curtail the rights of data subjects.</p>
<p style="text-align: justify; ">The existing Indian laws on data protection and privacy are not comprehensive. Certain laws protect privacy only in specific situations. For instance, the IT Act and related rules protect privacy in relation to digital information.</p>
<p style="text-align: justify; ">Any body that collects sensitive personal data such as biometric data, or any other data for processing and storage has a legal mandate under the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal data or Information) Rules, 2011 to make certain disclosures BEFORE OR WHILE THE DATA IS COLLECTED. This includes, <i>inter-alia,</i> disclosures of (i) the purpose of information collection, (ii) the intended recipients of the information and (iii) name and addresses of the collector and of the party retaining the data.<a href="#_ftn24" name="_ftnref24">[24]</a></p>
<p style="text-align: justify; ">Under the Rules, the data collector has a duty to give the data subject an option to withhold personal sensitive information.<a href="#_ftn25" name="_ftnref25">[25]</a> A conversation with a data subject shows that this safeguard has not been upheld. The subject also conveyed a lack of knowledge of who the collection agency was. This is a problem of lack of accountability, as the data path cannot be traced and the party responsible for misuse or breach of security cannot be held liable.</p>
<h2 style="text-align: justify; ">Conclusion</h2>
<p style="text-align: justify; ">The data collection under the NPR and UID schemes shows several vulnerabilities. Apart from the vulnerabilities with biometric information, there is a real risk of misuse of the data and documents submitted for enrolment under these schemes. Since the data collectors are primarily online marketing or IT service providers, there is likelihood that they will use this data for marketing.</p>
<p style="text-align: justify; ">We can only hope that in time, data subjects will be able to withdraw their personal data from the UID database and surrender their UID number. We can only wait and watch to see whether (i) the UID Number is a legal prerequisite for the NPR Card and (ii) whether the compulsion to register for NPR is done away with.</p>
<hr style="text-align: justify; " />
<p style="text-align: justify; "><a href="#_ftnref1" name="_ftn1">[1]</a> <a href="https://portal.uidai.gov.in/uidwebportal/dashboard.do">https://portal.uidai.gov.in/uidwebportal/dashboard.do</a> accesed: 21 August, 2014</p>
<p style="text-align: justify; "><a href="#_ftnref2" name="_ftn2">[2]</a> As of January 2013, only 25 RTI requests were made to the UIDAI <a href="http://uidai.gov.in/rti/rti-requests.html">http://uidai.gov.in/rti/rti-requests.html</a> accessed: 21 August, 2014</p>
<p style="text-align: justify; "><a href="#_ftnref3" name="_ftn3">[3]</a> DIT-NPR Management Information System accessed: 22 August, 2014 <a href="http://nprmis.nic.in/NPRR33_DlyDigitPrgGraph.aspx">http://nprmis.nic.in/NPRR33_DlyDigitPrgGraph.aspx</a></p>
<p style="text-align: justify; "><a href="#_ftnref4" name="_ftn4">[4]</a> Cloud Still Hangs Over Aadhaar’s Future, Business Standard, accessed 28 August, 2014. <a href="http://www.business-standard.com/article/current-affairs/cloud-still-hangs-over-aadhaar-s-future-114081401131_1.html">http://www.business-standard.com/article/current-affairs/cloud-still-hangs-over-aadhaar-s-future-114081401131_1.html</a></p>
<p style="text-align: justify; "><a href="#_ftnref5" name="_ftn5">[5]</a> Frost & Sullivan, Best Practices Guide to Biometrics, accessed: 13 August, 2014 <a class="external-link" href="http://www.google.co.in/url?sa=t&amp;rct=j&amp;q=&amp;esrc=s&amp;source=web&amp;cd=5&amp;cad=rja&amp;uact=8&amp;ved=0CD8QFjAE&amp;url=http%3A%2F%2Fwww.frost.com%2Fprod%2Fservlet%2Fcpo%2F240303611&amp;ei=6VbsU4m8HcK58gWx64DYDQ&amp;usg=AFQjCNGqan81fX6qtG0S4VV6oh_B5R_QYg&amp;sig2=cOOPm1JJ79AcJq2Gfq1_3Q&amp;bvm=bv.73231344,d.dGc">http://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=5&cad=rja&uact=8&ved=0CD8QFjAE&url=http%3A%2F%2Fwww.frost.com%2Fprod%2Fservlet%2Fcpo%2F240303611&ei=6VbsU4m8HcK58gWx64DYDQ&usg=AFQjCNGqan81fX6qtG0S4VV6oh_B5R_QYg&sig2=cOOPm1JJ79AcJq2Gfq1_3Q&bvm=bv.73231344,d.dGc</a></p>
<p style="text-align: justify; "><a href="#_ftnref6" name="_ftn6">[6]</a> Malavika Jayaram, “India’s Identity Crisis”, Internet Monitor 2013, reflections of a digital world, accessed: 13 August, 2014 <a href="http://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID2366840_code727672.pdf?abstractid=2366840&mirid=1">http://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID2366840_code727672.pdf?abstractid=2366840&mirid=1</a></p>
<p style="text-align: justify; "><a href="#_ftnref7" name="_ftn7">[7]</a>M. Vatsa, et.al, “Analyzing Fingerprints of Indian Population Using Image Quality: A UIDAI Case Study” , accessed: 13 August, 2014 <a href="https://research.iiitd.edu.in/groups/iab/ICPR2010-Fingerprint.pdf">https://research.iiitd.edu.in/groups/iab/ICPR2010-Fingerprint.pdf</a></p>
<p style="text-align: justify; "><a href="#_ftnref8" name="_ftn8">[8]</a> Prakash Chandra Sao, The Unique ID Project in India: An Exploratory Study, accessed: 21 August, 2014 <a href="http://subversions.tiss.edu/the-unique-id-project-in-india-an-exploratory-study/">http://subversions.tiss.edu/the-unique-id-project-in-india-an-exploratory-study/</a></p>
<p style="text-align: justify; "><a href="#_ftnref9" name="_ftn9">[9]</a> R. 5(3) of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal data or Information) Rules, 2011, accessed: 20 August, 2013 <a href="http://deity.gov.in/sites/upload_files/dit/files/GSR313E_10511(1).pdf">http://deity.gov.in/sites/upload_files/dit/files/GSR313E_10511(1).pdf</a></p>
<p style="text-align: justify; "><a href="#_ftnref10" name="_ftn10">[10]</a> National Identification Authority of India Bill, 2010 (Bill No. LXXV of 2010), accessed: 26 August,2014 http://164.100.24.219/BillsTexts/RSBillTexts/asintroduced/national%20ident.pdf</p>
<p style="text-align: justify; "><a href="#_ftnref11" name="_ftn11">[11]</a> Clause 23 of the NIAI Bill, 2010</p>
<p style="text-align: justify; "><a href="#_ftnref12" name="_ftn12">[12]</a>The UID Enrollment form, accessed: 26 August, 2014 <a href="http://uidai.gov.in/images/uid_download/enrolment_form.pdf">http://uidai.gov.in/images/uid_download/enrolment_form.pdf</a></p>
<p style="text-align: justify; "><a href="#_ftnref13" name="_ftn13">[13]</a> Documents filed and relied on in Puttuswamy v Union of India</p>
<p style="text-align: justify; "><a href="#_ftnref14" name="_ftn14">[14]</a> Request for empanelment, accessed: 28 August, 2014. <a href="http://uidai.gov.in/images/tenders/rfe_for_concurrent_evaluation_of_processoperation_at_enrolment_centers_13082014.pdf">http://uidai.gov.in/images/tenders/rfe_for_concurrent_evaluation_of_processoperation_at_enrolment_centers_13082014.pdf</a></p>
<p style="text-align: justify; "><a href="#_ftnref15" name="_ftn15">[15]</a> This information is available from the documents filed and relied on in Puttuswamy v Union Of India, which is being heard in the Supreme Court of India</p>
<p style="text-align: justify; "><a href="#_ftnref16" name="_ftn16">[16]</a> An anonymous registrant observes that the data was scanned behind a screen and was not visible from the registered counter. The registrant is concerned that, in addition to collection of information for the UID, photocopies or digital copies could be taken for other uses and the registrant would not know.</p>
<p style="text-align: justify; "><a href="#_ftnref17" name="_ftn17">[17]</a> Counter Affidavit filed in the Supreme Court of India on behalf on New Delhi in K. Puttuswamy v Union of India</p>
<p style="text-align: justify; ">It is also admitted that the census is equally vulnerable. The information collected through census is used for the NPR exercise.</p>
<p style="text-align: justify; "><a href="#_ftnref18" name="_ftn18">[18]</a> Para. 48 in the Counter Affidavit filed by NCR Delhi.</p>
<p style="text-align: justify; "><a href="#_ftnref19" name="_ftn19">[19]</a> Affidavit in K. Puttuswamy v Union of India.</p>
<p style="text-align: justify; "><i>See also: </i>FAQs: Enrollment Agencies, accessed 22 August, 2014 <a href="http://uidai.gov.in/faq.html?catid=37">http://uidai.gov.in/faq.html?catid=37</a></p>
<p style="text-align: justify; "><a href="#_ftnref20" name="_ftn20">[20]</a> Usha Ramanathan, A Tale of Two Turfs, The Statesman, accessed: 20 August, 2014 <a href="http://www.thestatesman.net/news/10497-a-tale-of-two-turfs-npr-and-uid.html?page=3">http://www.thestatesman.net/news/10497-a-tale-of-two-turfs-npr-and-uid.html?page=3</a></p>
<p style="text-align: justify; "><a href="#_ftnref21" name="_ftn21">[21]</a> RFQ for Engaging MSP for Biometric Enrolment for the Creation of NPR, accessed: 26 August, 2014 http://ditnpr.nic.in/pdf/120102_RFQBiometricUrban_rebidding-Draft.pdf</p>
<p style="text-align: justify; "><a href="#_ftnref22" name="_ftn22">[22]</a> Prakash Chandra Sao, The Unique ID Project in India: An Exploratory Study, accessed: 21 August, 2014 <a href="http://subversions.tiss.edu/the-unique-id-project-in-india-an-exploratory-study/">http://subversions.tiss.edu/the-unique-id-project-in-india-an-exploratory-study/</a></p>
<p style="text-align: justify; "><a href="#_ftnref23" name="_ftn23">[23]</a> <a href="http://censusindia.gov.in/2011-Common/IntroductionToNpr.html">http://censusindia.gov.in/2011-Common/IntroductionToNpr.html</a>, accessed: 26 August, 2014</p>
<p style="text-align: justify; "><a href="#_ftnref24" name="_ftn24">[24]</a> R. 5(3) of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal data or Information) Rules, 2011, accessed: 20 August, 2013 <a href="http://deity.gov.in/sites/upload_files/dit/files/GSR313E_10511(1).pdf">http://deity.gov.in/sites/upload_files/dit/files/GSR313E_10511(1).pdf</a></p>
<p style="text-align: justify; "><a href="#_ftnref25" name="_ftn25">[25]</a> R. 5(7) of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal data or Information) Rules, 2011.</p>
<table style="text-align: justify; ">
</table>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/biometrics-an-angootha-chaap-nation'>https://cis-india.org/internet-governance/blog/biometrics-an-angootha-chaap-nation</a>
</p>
No publisherMukta BatraUIDAadhaarInternet GovernancePrivacy2014-09-19T06:12:17ZBlog EntryUID and NPR: Towards Common Ground
https://cis-india.org/internet-governance/blog/uid-npr-towards-common-ground
<b>The UID (Unique Identification) and NPR (National Population Register) are both government identity schemes that aggregate personal data, including biometric data for the provision of an identification factor, and aim to link them with the delivery of public utility services.</b>
<p style="text-align: justify; ">The differences between the two exist in terms of collection of data, the type of identification factor issued, authorities involved and the outcome.</p>
<p style="text-align: justify; ">Despite the differences, there has been talk of combining the two schemes because of the overlap.<a href="#_ftn1" name="_ftnref1">[1]</a> In the same breath, it has been argued that the two schemes are incompatible. <a href="#_ftn2" name="_ftnref2">[2]</a></p>
<p style="text-align: justify; ">One of the UIDAI’s (Unique Identification Authority of India) functions is to harmonize the two schemes. <a href="#_ftn3" name="_ftnref3">[3]</a></p>
<p style="text-align: justify; ">As it stands, the schemes are distinct. Enrolment for a UID does not lead to automatic enrolment in the NPR. The NPR website expressly states that even if a data subject has undergone census or has been granted a UID Number, it is necessary to visit a data collection centre to provide biometric data for the NPR.<a href="#_ftn4" name="_ftnref4">[4]</a></p>
<h2 style="text-align: justify; ">UID and NPR: The Differences</h2>
<h3 style="text-align: justify; ">The Basis of identity/ Unit of Survey</h3>
<p style="text-align: justify; ">The most striking difference between the UID and NPR Schemes is their notion of identity. The UID is individual based, whereas the NPR scheme focuses on the household or the family as a composite unit. Thus, the UID seeks to enroll individuals while the NPR seeks to gather data of the members of a household or family as a composite unit during the census and later register each person for an NPR Card, on the basis of the census data. To this extent, analysis of the data gathered from the two schemes will be different and will require differing analytical tools. The definition of the data subject and the population is different. In one scheme, the unit is an individual; in the other it is the household/family. Though the family is the composite unit in the NPR, the data is finally extracted it is unpaired to provide individuals NPR cards, but the family based association is not lost and it is argued that this household association of NPR should be used to calculate and provide subsidies. Some states have put on hold transfer of cooking gas subsidy, which is calculated for each household, through Aadhar-linked bank accounts.<a href="#_ftn5" name="_ftnref5">[5]</a> If both schemes were merged, the basis for determining entitlement to subsidies would be non-uniform.</p>
<h3 style="text-align: justify; ">Differences in Information Collection</h3>
<p style="text-align: justify; ">The UID and NPR have different procedures for collection of information. In the UID scheme, all data is collected in data collection centres whereas NPR data is collected door to door in part and in collection centres for the other part.</p>
<p style="text-align: justify; ">UID data is collected by the UIDAI themselves or by private parties, under contract. These contractors are private parties: often, online marketing service providers.<a href="#_ftn6" name="_ftnref6">[6]</a> The data subjects were initially allowed registration through an introducer and without any documentation. This was replaced with the verification system where documents were to be produced for registration for UID.</p>
<p style="text-align: justify; ">The NPR involves a dual collection process- the first stage is the door-to-door collection of data as part of the Census. This information is collected through questionnaire. No supporting documents/ proof is produced to verify this data. The verification happens at a later stage, through public display of the information. This data is digitized. The data subjects are then to give their biometric data at the data collection centres, on the production of the census slip. The biometric data collectors are parties who are empanelled by the UIDAI and are eligible to collect data under the UID Scheme. A subject’ s data is aggregated and then de-duplicated by the UIDAI. <a href="#_ftn7" name="_ftnref7">[7]</a></p>
<p style="text-align: justify; ">This shows two points of merger. It can be suggested that when data is collected for the UID number, then the subject should not have to give their biometrics for the NPR Scheme again. The sharing of biometrics across the schemes will reduce cost and redundancy. While sharing of UID data with NPR is feasible, the reverse is not true, since UID is optional and NPR is not. If NPR data is to be shared with UID, then the subject has the right to refuse. However, the consent for using NPR data for the UID is a default YES in the UID form. <a href="#_ftn8" name="_ftnref8">[8]</a> Prohibiting the information sharing is no option.</p>
<h3 style="text-align: justify; ">Differences in Stated Purposes</h3>
<p style="text-align: justify; ">The NPR is linked to citizenship status. The NPR exercise is being conducted to create a national citizen register and to assist in identifying and preventing illegal immigration. The NPR card, a desired outcome, is aimed to be a conduit for transactions relating to subsidies and public utilities.<a href="#_ftn9" name="_ftnref9">[9]</a> So is the UID Number, which was created to provide the residents of India an identity. The linkage and provision of subsidies through the NPR and UID cards have not taken off on a large scale and there is a debate as to which will be more appropriate for direct benefit transfer, with some leaders proclaiming that the NPR scheme is more suited to direct benefit transfer.<a href="#_ftn10" name="_ftnref10">[10]</a> Since the UID Number is linked to direct benefit transfer, but not to citizenship, benefits such as those under the MNREGA scheme, may be availed by non-citizens as well, though only citizens are eligible for the scheme.<a href="#_ftn11" name="_ftnref11">[11]</a></p>
<p style="text-align: justify; ">C. Chandramouli, the Registrar General and Census Commissioner of India, states that the conflict between the two schemes is only perceived, and results from a poor understanding of the differences in objective. The NPR, he states is created to provide national security through the creation of a citizen register, starting with a register of residents after authentication and verification of the residence of the subjects. On the other hand, the UID exercise is to provide a number that will be used to correctly identify a person.<a href="#_ftn12" name="_ftnref12">[12]</a></p>
<h3 style="text-align: justify; ">Difference in Legal Sanctity</h3>
<p style="text-align: justify; ">The UIDAI was set up through an executive notification, which dictates a few of its responsibility, including: assigning a UID number, collating the UID and NPR schemes, laying down standards for interlinking with partner databases and so on. However, the UIDAI has not expressed responsibility to collect, or authorize collection of data under this scheme. The power to authorize the collection of biometrics is vested with the National Identification Authority of India (NIAI), which will be set up under the National Identification Authority of India Bill, (NIAI Bill, which is at times referred to as the UID Bill).</p>
<p style="text-align: justify; ">The NPR Scheme has been created pursuant to the 2004 Amendment of the Citizenship Act. Under S. 14A of the Citizenship Act, the central government has the power to compulsorily register citizens for an Identity Card. This gives the NPR exercise sanctity. However, no authority to collect biometric information has been given either under this Act or Rules framed under it.</p>
<h2 style="text-align: justify; ">Future of Aadhaar</h2>
<p style="text-align: justify; ">The existence of both the UID and NPR Schemes leads to redundancy. Therefore, many have advocated for their merger. This seems impractical, as the standards in collection and management of data are not the same.</p>
<p style="text-align: justify; ">For some time, it was thought that the Aadhaar Scheme would be scrapped. This belief was based on the present government’s opposition to the scheme during and before the election. This was further strengthened by the fact that they did not expressly mention the continuance of the scheme in their manifesto. The Cabinet Committee on UIDAI was disbanded and the enrolment for the UID Number was stopped, only to be resumed a short while later.<a href="#_ftn13" name="_ftnref13">[13]</a></p>
<p style="text-align: justify; ">However, recent events show that the Aadhaar scheme will continue. First, the new government has stated that the UID scheme will continue. In support of the UID Scheme, the government has made budgetary allocation for the scheme to enable, <i>inter-alia,</i> it being sped-up. The Government even intends to enact a law to give the scheme sanctity. <a href="#_ftn14" name="_ftnref14">[14]</a></p>
<p style="text-align: justify; ">Second, the Government is assigning the UID Number new uses. To track attendance of government employees, the Government shall use a biometric attendance system, which is linked to the employees UID Number. <a href="#_ftn15" name="_ftnref15">[15]</a> The attendance will be uploaded onto a website, to boost transparency.</p>
<p style="text-align: justify; ">Third, direct benefit transfers under the UID will become more vigorous.</p>
<p style="text-align: justify; ">The UID is already necessary for registration under the NPR, which is compulsory.</p>
<p style="text-align: justify; ">Providing one’s UID Number for utilities such as cooking gas is also compulsory in several areas, despite the Courts diktat that it should not be so.<a href="#_ftn16" name="_ftnref16">[16]</a></p>
<h2 style="text-align: justify; ">Conclusion</h2>
<p style="text-align: justify; ">The government is in favour of continuing both the schemes. Therefore, it is unlikely that either scheme will be scrapped or that the two schemes will be combined. The registration for UID is becoming compulsory by implication as it is required for direct benefit transfers and for utilities. Data collected under NPR is being shared with the UIDAI by default, when one registers for a UID number. However, the reverse is unlikely, as the UID collects secondary data, whereas NPR requires primary data, which it collects through physical survey and authentication. Perhaps the sharing of data could be incorporated when one goes to the data collection centre to submit biometrics for the NPR. The subject could fill in the UID form and submit verification documents at this stage, completing both exercises in one go. This will drastically reduce the combined costs of the two exercises.</p>
<hr style="text-align: justify; " />
<p><a href="#_ftnref1" name="_ftn1">[1]</a> Rajesh Aggarwal, Merging UID and NPR???, Igovernment, accessed 5 September, 2014 <a href="http://www.igovernment.in/igov/opinion/41631/merging-npr-uid">http://www.igovernment.in/igov/opinion/41631/merging-npr-uid</a>; Bharti Jain, Rajnath Hints at Merger of NPR and Aadhar, Times of India, accessed 5 September, 2014 <a href="http://timesofindia.indiatimes.com/india/Rajnath-hints-at-merger-of-NPR-and-Aadhaar/articleshow/35740480.cms">http://timesofindia.indiatimes.com/india/Rajnath-hints-at-merger-of-NPR-and-Aadhaar/articleshow/35740480.cms</a></p>
<p style="text-align: justify; "><a href="#_ftnref2" name="_ftn2">[2]</a> Raju Rajagopal, The Aadhar-NPR Conundrum, Mint, accessed 5 September, 2014 <a href="http://www.livemint.com/Opinion/tvpoCYeHxrs2Z7EkAAu7bP/The-AadhaarNPR-conundrum.html">http://www.livemint.com/Opinion/tvpoCYeHxrs2Z7EkAAu7bP/The-AadhaarNPR-conundrum.html</a> .</p>
<p style="text-align: justify; "><a href="#_ftnref3" name="_ftn3">[3]</a> Cl, 4 of the Notification on the creation o fthe UIDAI, No. A-43011/02/2009-Admin.1 of the Planning Commission of India, dated 28 January, 2009</p>
<p style="text-align: justify; "><a href="#_ftnref4" name="_ftn4">[4]</a> FAQ for NPR, accessed: 3 September, 2014. <a href="http://censusindia.gov.in/2011-Common/FAQs.html">http://censusindia.gov.in/2011-Common/FAQs.html</a></p>
<p style="text-align: justify; "><a href="#_ftnref5" name="_ftn5">[5]</a> A Jolt for Aadhar: UPA Shouldn’t Have to Put on Hold its Only Good Idea,Business Standard, accessed 5 September, 2014 <a href="http://www.business-standard.com/article/opinion/a-jolt-for-aadhaar-114020301243_1.html">http://www.business-standard.com/article/opinion/a-jolt-for-aadhaar-114020301243_1.html</a></p>
<p style="text-align: justify; "><a href="#_ftnref6" name="_ftn6">[6]</a> Prakash Chandra Sao, The Unique ID Project in India: An Exploratory Study, accessed: 21 August, 2014 <a href="http://subversions.tiss.edu/the-unique-id-project-in-india-an-exploratory-study/">http://subversions.tiss.edu/the-unique-id-project-in-india-an-exploratory-study/</a></p>
<p style="text-align: justify; "><a href="#_ftnref7" name="_ftn7">[7]</a> NPR Activities, accessed 5 September, 2014, <a class="external-link" href="http://ditnpr.nic.in/NPR_Activities.aspx">http://ditnpr.nic.in/NPR_Activities.aspx</a></p>
<p style="text-align: justify; "><a href="#_ftnref8" name="_ftn8">[8]</a> R. Dinakaran, NPR and Aadhar- A Confused Process, The Hindu BusinessLine, accessed: 4 September, 2014 <a href="http://www.thehindubusinessline.com/blogs/blog-rdinakaran/npr-and-aadhaar-a-confused-process/article4940976.ece">http://www.thehindubusinessline.com/blogs/blog-rdinakaran/npr-and-aadhaar-a-confused-process/article4940976.ece</a></p>
<p style="text-align: justify; "><a href="#_ftnref9" name="_ftn9">[9]</a> More than sixty-five thousand NPR cards have been issued and biometric data of more than twenty-five lakh people has been captured, as on 28 August, 2014 <a href="http://censusindia.gov.in">http://censusindia.gov.in</a></p>
<p style="text-align: justify; "><a href="#_ftnref10" name="_ftn10">[10]</a> NPR, not Aadhaar, best tool for cash transfer: BJP's Sinha, accessed: 3 September, <a class="external-link" href="http://www.moneycontrol.com/master_your_money/stocks_news_consumption.php?autono=1035033">http://www.moneycontrol.com/master_your_money/stocks_news_consumption.php?autono=1035033</a></p>
<p style="text-align: justify; "><a href="#_ftnref11" name="_ftn11">[11]</a> Bharati Jain, NDA's national ID cards may kill UPA's Aadhaar, accessed 3 September, 2014 <a href="http://timesofindia.indiatimes.com/india/NDAs-national-ID-cards-may-kill-UPAs-Aadhaar/articleshow/36791858.cms">http://timesofindia.indiatimes.com/india/NDAs-national-ID-cards-may-kill-UPAs-Aadhaar/articleshow/36791858.cms</a></p>
<p style="text-align: justify; "><a href="#_ftnref12" name="_ftn12">[12]</a> <i>Id.</i></p>
<p style="text-align: justify; "><a href="#_ftnref13" name="_ftn13">[13]</a> Aadhar Enrolment Drive Begins Again, accessed 3 Spetember, 2014 <a href="http://timesofindia.indiatimes.com/city/gurgaon/Aadhaar-enrolment-drive-begins-again/articleshow/38280932.cms">http://timesofindia.indiatimes.com/city/gurgaon/Aadhaar-enrolment-drive-begins-again/articleshow/38280932.cms</a></p>
<p style="text-align: justify; "><a href="#_ftnref14" name="_ftn14">[14]</a> Mahendra Singh, Modi govt to give legal backing to Aadhaar, Times of India, <a href="http://timesofindia.indiatimes.com/india/Modi-govt-to-give-legal-backing-to-Aadhaar/articleshow/38336812.cms">http://timesofindia.indiatimes.com/india/Modi-govt-to-give-legal-backing-to-Aadhaar/articleshow/38336812.cms</a></p>
<p style="text-align: justify; "><a href="#_ftnref15" name="_ftn15">[15]</a> Narendra Modi Government to Launch Website to Track Attendance of Central Government Employees, DNA, accessed: 4 September, 2014 <a href="http://www.dnaindia.com/india/report-narendra-modi-government-to-launch-website-to-track-attendance-of-central-government-employees-2014684">http://www.dnaindia.com/india/report-narendra-modi-government-to-launch-website-to-track-attendance-of-central-government-employees-2014684</a></p>
<p style="text-align: justify; "><a href="#_ftnref16" name="_ftn16">[16]</a> No gas supply without Aadhaar card, Deccan Chronicle, accessed: 4 September, 2014, <a href="http://www.deccanchronicle.com/140829/nation-current-affairs/article/no-gas-supply-without-aadhaar-card">http://www.deccanchronicle.com/140829/nation-current-affairs/article/no-gas-supply-without-aadhaar-card</a></p>
<hr />
<p>Note: This is an anonymous post.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/uid-npr-towards-common-ground'>https://cis-india.org/internet-governance/blog/uid-npr-towards-common-ground</a>
</p>
No publisherMukta BatraUIDAadhaarInternet GovernancePrivacy2014-10-15T13:06:40ZBlog Entry