[GreenYouth] Public Statement: Why promoters of biometric UID Aadhaar are wrong and irresponsible?

[Gopal Krishna]

*Public Statement*


*Why promoters of biometric UID Aadhaar are wrong and irresponsible? *


When asked about why India chose to go with the UID/Aadhaar model when
several countries like France, Britain and Germany have disbanded such
identification projects, Nandan Nilekani, a former official of Unique
Identification Authority of India (UIDAI) replied, “Their purpose was not
development, inclusion, saving government money or curbing corruption. How
can you compare Aadhaar with the smart card project in some other country?
Even I would have disbanded those” in an interview with *BusinessLine*
<http://www.thehindubusinessline.com/blink/cover/nandan-nilekani-demonising-of-aadhaar-is-irresponsible/article9608232.ece>.
His reply is a classic case of outright fibbing, misrepresentation and
sophistry. It represents a sample of all the replies UIDAI’s has provided
to concerned Indians since its inception.


Take the case of Britain mentioned by Nilekani,  a 15-page Wipro document,
titled 'Does India need a Unique Identity Number?’ cited the example of the
United Kingdom's Identity Cards Act, 2006, on page no. 6 to advance the
argument for a biometric UID/Aadhaar number in India. If it was not
comparable as Nilekani will have us believe, why did Wipro cite Britain’s
identification project to make a case for UID/Aadhaar for Indians.


Wipro’s document is significant because UIDAI and UID/Aadhaar is a product
of a 14-page long document titled 'Strategic Vision: Unique Identification
of Residents' prepared by Wipro Ltd and submitted to the Processes
Committee of the Planning Commission which was set up in July 2006. Its
vision statement reads: 'Creating a unique identification system of all
residents in the country for efficient, transparent, reliable and effective
delivery of various welfare and private services to the common person.' The
cover page of the document mentions the National Institute for Smart
Government (NISG), Department of Information Technology (now named
MeitY-Ministry of Electronics and Information Technology), and Wipro
Consulting. Admittedly, Wipro was the consultant for the design phase and
programme management phase of the pilot UIDAI project. The Hyderabad-based
NISG is a not-for-profit company incorporated in 2002 by the Government of
India and Nasscom. NISG aims to 'establish itself as an institution of
excellence in e-governance and to leverage private sector resources through
a public-private-partnership mode in establishing eIndia.'


But when the UK government stopped its biometric National Identity Cards
Scheme neither Wipro nor its donors and promoters in the government
examined as to why the UK did so and why this decision too is relevant to
India. The decision was announced in the British parliament, the same
legislature which passed the India Independence Act, 1947.


It must be recalled that under Nilekani’s tenure UIDAI extended “undue
favour” to Wipro Ltd. As a consequence UIDAI incurred an avoidable
expenditure of Rs.4.92 crore on an annual maintenance contract, according
to the report of the Comptroller and Auditor General (CAG) of India
presented to the Parliament. UIDAI also incurred a loss of Rs.1.41 crore by
not routing advertisements through the Directorate of Advertising and
Visual Publicity. Unmindful of manifest conflict of interest UIDAI had
entered into a contract with Wipro in May 2011 for supply, installation and
commissioning of servers, storage systems, security systems and accessories
with incidental services in the data centres of the authority in Bengaluru
and Delhi/NCR at a cost of Rs.134.28 crore.


This is not the only case of irregularity and corruption by UIDAI. It
awarded projects to several companies without issuing tenders. In a RTI
reply UIDAI itself disclosed that total project contracts worth
Rs.13,663.22 crore were awarded without any tenders of which an amount of
Rs.6,563 crore has been already spent on issuing 90.3 crore Aadhar cards
till May 2015. It also informed that a total 25 companies were awarded
different responsibilities for the massive project and their empanelment
was done under the process guidelines of Request For Empanelment dated May
19, 2014. The companies which have been awarded more than one project works
include: Tata Consultancy Service, Mac Associates, Wipro, HCL, HP India
Sales Pvt. Ltd., National Informatics Centre, Sagem Morpho Securities Pvt.
Ltd (French Safran Group), Satyam Computer Services Ltd, L1 Identity
Solutions (earlier US company now part of Safran Group), Totem
International Ltd., Linkwel Telesystems Pvt. Ltd. Sai Infosystems India
Ltd, Geodesic Ltd, ID Solutions, NISG, SQTC, Telesima Communications Pvt.
Ltd. The companies that were awarded a single contract include: Reliance
Communication, Tata Communications, Aircel, Bharati Airtel, BSNL and
Railtel Corporation of India Ltd. Notably, companies like Accenture (USA),
L1 and Ernst & Young has been given access to sensitive data of present and
future Indians.


During his tenure at UIDAI, Parliamentary Standing Committee on Finance its
Sixty-Ninth Report on the ‘Demands for Grants (2013-14)’ observed, “A
provision of Rs. 2,620 crore has been allocated in Budget Estimate
(2013-14) for Unique Identification Authority of India (UIDAI) and a major
part of the budget provision for Rs. 1,040 crore is earmarked for
‘Enrolment Authentication and Updation’, out of which an amount of Rs.
1,000 crore has been earmarked under the head ‘other charges’.” The total
budgetary allocations made for UIDAI since its inception upto 31 March 2014
was Rs 5440.30 crores. For the year 2009-10, it was Rs 120 crores. For
2010-11, it was Rs 1,900 crores. For 2011-12, it was Rs 1,470 crores 1,200.
For 2012-13, it was 1,758 crores and for 2013-14, it was Rs 2,620.00
crores. For the year 2014-15, the budget estimate was Rs 2,039. The budget
estimate of expenditure on the project being implemented by UIDAI was Rs
2,000 crore in 20015-16. For the year 2016-17, the budget estimate was Rs
990 crores (that included 190 crore first supplementary). As of February
2017, UIDAI has incurred a total cumulative expenditure of Rs 8,536.83
crores. This includes undefined “other charges” pointed out by the
Parliamentary Committee. Shouldn’t UIDAI provide the details of the
expenses incurred under “other charges”? Take the case of the year 2009-10
when the budget estimate was Rs 120 crores. The final expenditure was Rs
26.21 crores. In the year 2015-16 the budget estimate was Rs 2,000 crores
but the final expenditure was Rs 1679 crores. In 2016-17, when budget
estimate (BE) was Rs 990 crores, the final expenditure is Rs 877.16 crore
upto February 2017.

The Parliamentary Committee on Finance has wondered in its report as to why
inflated targets were consistently being given. It observed, “the total
budgetary allocations made for UIDAI since its inception upto BE 2013-14 is
Rs 5440.30 crore, out of which Rs. 2820.30 crore has been utilized upto
31.03.2013 and the remaining amount of Rs. 2620 has been allocated in BE
2013-14. The Ministry have informed that the average cost per card is
estimated to range from Rs 100 to Rs 157. Taking the average cost per card
to be Rs. 130, the total expenditure for issue of 60 crore cards is
estimated to about Rs 7800 crore. Thus, the expected requirement of funds
during 2013-14 is Rs. 4979.70 crores, whereas only Rs. 2620 crore has been
kept for BE 2013-14, which is thus grossly inadequate.” It is apparent that
there is more to it than meets the eye.


When Nilekani was asked about “concerns that the Aadhaar could be used in
surveys such as the Socio-economic Caste Census (SECC) for racial
profiling, or be linked to EVMs to determine voting patterns”, he gave an
evasive reply saying, “The SECC or EVM machines have nothing to do with
Aadhaar.” Notably Aadhaar is a brand name of Unique Identification (UID)
Number. The UID project was renamed the Aadhaar project after the UIDAI
avowedly had a nationwide competition to find a logo and a brand name.
Curiously, Aadhaar name echoes the name of Bangalore based Adhar Trust
<http://archives.digitaltoday.in/businesstoday/20030817/cover1.html> that
Nilekani and Rohini Nilekani set up to fund their initiatives into a
government function.


Election Commission of India on its website has provided answer
<http://eci.nic.in/eci_main1/evm.aspx> to a question about the “system of
numbering EVMs”, it states “Each Control Unit has a unique ID Number (UID),
which is painted on each unit with a permanent marker. This ID Number will
be allowed to be noted by the Polling Agents and will also be recorded in a
Register maintained for the purpose by the Returning Officer. The address
tag attached to the Control Unit also will indicate this ID Number.” A
careful perusal of UIDAI documents reveals that it is linked to the
electoral database too. A confidential document of UIDAI titled ‘Creating a
unique identity number for every resident in India’, leaked by Wikileaks on
13 Nov 2009 reads: “One way to ensure that the unique identification (UID)
number is used by all government and private agencies is by inserting it
into the birth certificate of the infant. Since the birth certificate is
the original identity document, it is likely that this number will then
persist as the key identifier through the individual’s various life events,
such as joining school, immunizations, voting etc.”


The proponents of world's biggest citizen identification scheme aims to
converge electoral photo identity card (EPIC) numbers of electoral
database, the UID/Aadhaar number database called Central Identities Data
Repository (CIDR). In their myopia, political parties in particular and
citizens in general have failed to fathom its ramifications for voting by
electors in a democracy.


In a letter dated 7 June 2011, the Director General and Mission Director of
Unique Identification Authority of India (UIDAI) wrote to Chief Election
Commissioner saying, “The Election Commission of India (ECI) may also like
to leverage Aadhaar infrastructure in cleaning/ updating their existing
electoral data base. Aadhaar numbers issued by the UIDAI can also be
included in the list of valid proof of identity (POI) and proof of address
(POA) documents of the Election Commission during the polls for identity
verification.”


The file notings by ECI on the UIDAI’s letter reads: “How can Aadhaar
number used as proof of address”. The reply from ECI dated 17 June 2011 on
the letter from UIDAI. It further wrote, Aadhaar numbers can be seeded into
EPIC and electoral roll databases to clean those databases and also to
bring standardisation and uniformity in the Election Commission’s databases
across the country. UIDAI does provide necessary technical and financial
support under its information and communications technology (ICT)
infrastructure scheme for integration of Aadhaar number with database of
concerned Ministries/ Departments to make them UID compliant. However, the
process and schemes to use Aadhaar numbers for their applications are to be
defined by the concerned Departments themselves.”


The notification of 28 January 2009 that set up UIDAI, provides the terms
of reference (TOR) for its work. There is no reference to the collation of
UID number database with electoral database in the TOR. But the TOR does
refer to “collation and correlation with UID and its partner databases.” If
this reference to ‘partner database’ included electoral database, the UID/
Aadhaar enrolment form never revealed it and took Indian residents for a
ride.



Notably, UIDAI was constituted in pursuance of the fourth meeting of the
Empowered Group of Ministers (EGoM) headed by the then External Affairs
Minister, Pranab Mukherji held on 4 November 2008. Shivraj Patil, the then
union home minister and A Raja, the then minister for IT and
Communications, HR Bhardwaj, the then law minister and Mani Shankar Aiyar,
the then panchayati raj minister, were members of the EGoM wherein Montek
Singh Ahluwalia, deputy chairman of Planning Commission was an invitee.


UIDAI argued, “Aadhaar database is restricted to the name, date of birth,
gender, address, facial image, ten fingerprints and iris of the resident.
The data fields are based on the recommendation of the Demographic and Data
field Verification Committee headed by N Vittal, former chief vigilance
commissioner (CVC). *Since Aadhaar database contains absolute minimum
information of a resident necessary to establish identity, it is not
possible to include EPIC numbers in the Aadhaar database. However, the ECI
should seed Aadhaar numbers in the electoral database as clarified above.*
*”*


Prior to this KM Chandrasekhar, cabinet secretary, Government of India
(GoI) wrote a letter dated 25 April, 2011 addressed to VK Bhasin,
secretary, legislative department stating, “Aadhaar can be treated as a
valid Proof of Identity (PoI) and Proof of Address (PoA).”


The Election Commission in its letter dated 4 March 2013 to UIDAI on the
subject of “Seeding of Aadhaar number in Electoral Database” wrote that
“Commission feels that it would be better that EPIC no. is collected at the
time of enrollment for Aadhaar  and put in the Aadhaar database…ECI has
already issued instructions that Aadhaar cards can be used as alternative
identity documents at polling station…It may be mentioned here that
Ministry of Home Affairs has also agreed to print EPIC no. on smart card as
issued by Registrar General of India…Under the circumstances, it is once
again requested that EPIC no. may be made mandatory for enrollment in
Aadhaar.”  In its letter dated 29 October 2012, the ECI had argued that
“including EPIC no. as mandatory field in UIDAI database would enable
better integration between UIDAI database and electoral database, which
will make Aadhaar numbers more useful.” *This enthusiastic endorsement of
illegal UIDAI’s database and its inexplicable eagerness to merge EPIC no.
and electoral database with a database that faces robust legal challenge
merits rigorous scrutiny.      *


In a letter dated 16 April 2012, RK Singh, the then secretary, ministry of
home affairs (MHA), currently MP from BJP wrote to Dr SY Quraishi, the then
Chief Election Commissioner (CEC), with reference to latter’s letter dated
4 April 2012 “regarding inclusion of Electoral Photo Identity Card -EPIC
number in the Aadhaar database.”


The secretary, MHA wrote, “The Office of the Registrar General and Census
Commissioner, India is in the process of creating the National Population
Register (NPR) in the country. The NPR, when completed will be a register
of all usual residents of the country, which would have the Aadhaar number
besides the demographic and biometric data. The Government is also
considering a proposal to issue Resident Identity (smart) Cards to all
usual residents above the age of 18 years. The scheme is already making
good progress and is likely to be completed in the next two years.”


The combination of the office of Census Commissioner and RGI creates a
legal conflict of interest that is required to be examined because Census
Act requires that data of residents of India has to be kept confidential.
But RGI created under Citizenship Act admittedly puts the data in public
domain.


Besides this MHA has also feigned ignorance about the illegality of
biometric data collection under NPR, a fact pointed out by the then BJP’s
Prime Ministerial candidate.


At that time, the secretary, MHA also wrote, “As a part of the process of
creating the NPR, the EPIC number is also being collected. This would
enable mapping of the Aadhaar number to the EPIC number right from the
beginning…Once the mapping is completed, there could be a lot of synergy
between the EPIC and NPR databases.” He pointed out that “while the
registration under the NPR is mandatory under the provisions of the
Citizenship Act 1955, the production of EPIC Card during the NPR enrolment
and capturing the EPIC number is being done on a voluntary basis from the
residents. There are, therefore, gaps in the collection of the numbers. The
gap can easily be bridged as the Authorities notified for the creation of
the NPR are the same as those notified under the Electoral Law and if
necessary instructions are issued by the Election Commission, they could
easily ensure a complete coverage.”


It is intriguing as to how Election Commission has failed to comprehend the
adverse consequences of such convergence. There is nothing in public domain
to suggest that implications of such merger have been examined.


The then secretary, MHA informed the CEC that there is mutual agreement
between the MHA’s RGI and ECI that “there is a considerable potential to
synchronise the two databases and set up a unified platform for future
updating of the same and sought CEC’s advice to take it forward. *Does the
Election Commission realize that synchronization of the two databases is
happening as per the design of Wipro’s document and is beyond the mandate
given to UIDAI and RGI?*


But in the meanwhile as a consequence of Supreme Court’s order, Election
Commission of India has revised its order dated 27 February 2015 on 13
August 2015 stopping merger of UID/Aadhaar with Voter ID. Its revised order
reads: “All further activities relating to collection/feeding/seeding of
Aadhaar Number being undertaken currently under NERPAP shall be suspended
with immediate effect till further directions from the Commission. In other
words, henceforth no more collection of Aadhaar Numbers from electors or
feeding/seeding of collected Aadhaar data shall be done by any election
authority or officials connected with the NERPAP.” (National Electoral
Rolls Purification & Authentication Programme). While this revised order of
the Election Commission is a model order as it demonstrates how to comply
with the Court’s order for all the organisations and other public and
private agencies which are implementing UID/Aadhaar related schemes and
systems. The fact remains the seeding of UID/Aadhaar and Voter ID did
happen while the previous order of Commission regarding National Electoral
Rolls Purification & Authentication Programme was in operation given the
fact that it was widely advertised.


It may recalled that one of the earliest documents that refer UIDAI is a
14-page long document titled ‘Strategic Vision: Unique Identification of
Residents’ prepared by Wipro Ltd for the Planning Commission envisaged the
close linkage that the UIDAI’s Aadhaar would have with the electoral
database. The use of electoral database mentioned in Wipro’s document
remains on the agenda of the proponents of Aadhaar.


The reply of the Prime Minister’s Office (PMO) dated 1 April 2014
transferring the right to information (RTI) application to Election
Commission seems to indicate that linkage of UIDAI with the Commission has
already been established.


In such a backdrop, PMO’s reluctance to share all the file documents and
correspondence relating to Nilekani and right up to his resignation appears
quite sensitive and deserves scrutiny.


Nilekani referred to the current “three-member UIDAI Committee under J
Satyanarayana, the former IT secretary”. Satyanarayana is currently a part
time Chairman of UIDAI since September 6, 2016. He has been on Board of
NISG. Notably, Satyanarayana has been the member of the Task Force for
preparation of *Policy Document on Identity and Access Management under
National e-Governance Programme (NeGP)*. This Task Force was constituted by
Office Memorandum dated 31 October, 2006, which was supposed to submit its
report by 25 December 2006.  Coincidentally, the Processes Committee of the
Planning Commission which was set up in July 2006 commissioned the task of
preparing “Strategic Vision: Unique Identification of Residents” to Wipro
Ltd during the same period. The other members of the Task Force included 34
members besides the Chairman, Dr S.I. Ahson, Professor & Head, Department
of Computer Science, Jamila Milia Islamia and the Member Secretary, Ms
Pratibha Lokhande, Scientist, National Informatics Centre. The members
included 11 Technology Solutions Providers namely, IBM, Microsoft, Oracle,
Computer Associates, Novell, Honeywell, HP, Red Hat, ILANTUS Technologies,
MPhasis and PricewaterhouseCoopers (PwC). The Task Force submitted version
7 of its 65 page long report in April 2007.


This report talked about “Citizen Identities” and “Owner of identities”.
This report states, “The Identity Information is stored by multiple
agencies in multiple documents like Ration card, Driving License, Passport,
Voter’s card, Birth Certificate etc. The purpose of the Project unique ID
(UID) initiated by the Planning Commission is to create a central database
of resident information and assign a Unique Identification number to each
such resident (Citizens and Persons of Indian Origin) in the country….The
appropriate Identity Aggregations and Synchronization should be used to
integrate systems to share their identity information.” This April 2007
report reveals that “National UID Project: This project has been initiated,
with Voter ID Numbers and BPL households in the first instance.” It is
evident that long before the arrival of Nilekani in July 2009 as Chairman
of UIDAI, the UID/Aadhaar project was already unfolding. He just came and
dishonestly claimed credit for it. This report also discloses that each
registered judicial court has a unique identification (UID) number at Sub
ordinate Courts, High Court and Supreme Court. This effort seems to be part
of profiling and surveillance of judicial institutions.


Notably, this report appears to be making one of the earliest references to
“Biometric authentication” in India as “any process that validates the
identity of a user who wishes to sign into a system by measuring some
intrinsic characteristic of that user. Biometric samples include
fingerprints, retina scans, face recognition, voiceprints, and even typing
patterns. Biometric authentication depends on measurement of some unique
attribute of the user. They presume that these user characteristics are
unique, that they may not be recorded and reproductions provided later, and
that the sampling device is tamper-proof.”


It defines biometrics as “A measure of an Attribute of a Natural Person’s
physical self, or of their physical behavior. In principle at least, a
Biometric can be used: to validate an entity (where the entity is a Natural
Person); as an Authenticator for an Assertion involving an Entity; and as a
means of restricting the use of a personalised Token to the appropriate
Natural Person. Examples include: fingerprint, voiceprint, and iris-scan.
Biometrics is generally, “the study of measurable biological
characteristics. In computer security, biometrics refers to authentication
techniques that rely on measurable physical characteristics that can be
automatically checked. There are several types of biometric identification
schemes: Face: the analysis of facial characteristics; Fingerprint: the
analysis of an individual's unique fingerprints; Hand geometry: the
analysis of the shape of the hand and the length of the fingers; Retina:
the analysis of the capillary vessels located at the back of the eye; Iris:
the analysis of the colored ring that surrounds the eye's pupil; Signature:
the analysis of the way a person signs his name; Vein: the analysis of
pattern of veins in the back if the hand and the wrist; Voice: the analysis
of the tone, pitch, cadence, and frequency of a person's voice.”


This report defines “Identification” as “The process whereby data is
associated with a particular Identity. It is performed through the
acquisition of data that constitutes an Identifier for that identity.” It
also defines “Identifier” as “One or more data-items concerning an Identity
that are sufficient to distinguish it from other Identities, and that are
used to signify that Identity. Identifiers include names. A natural person
may use more than one name, and variants of each name. Identifiers also
include ‘id numbers’ or ‘id codes’ issued by other Entities that the Entity
interacts with. An Entity may be assigned many such numbers and codes. A
legal person may have many names (e.g. associated with business units,
divisions, branches, trading names, trademarks and brand names), and
multiple ‘id numbers’ and ‘id codes’ assigned by other Entities that the
Entity interacts with. Identifier Unique pointer, within a certain context
(namespace) to an identity.” These definitions are significant because they
underline that UID/Aadhaar is an identifier and not a conventional identity
proof.


Satyanarayana who was the member of the Task Force that authored the above
mentioned report finds mention at page no. 46-47 of the report
Parliamentary Standing Committee on Information Technology that examined
the work of Department of Electronics and Information Technology (DeitY),
Ministry of Communications and Information Technology, asked about the
surveillance by National Security Agency (NSA) of the US. It states that in
the context of privacy of data, the Committee desired to know the
Department’s stand on the issue of surveillance by US and interception of
data sent through e-mails. To this, Satyanarayana, as Secretary, DeitY,
responded during the evidence as under:-“Sir, about the US surveillance
issue, there has been a debate, as you are aware, this morning in the Rajya
Sabha itself and the hon. Minister has addressed this issue. He also
emphasised that as far as the Government data and Government mails are
concerned, the policy, the copy of which I have given to the Committee
earlier, is going to address a large part of it. Hopefully, by the end of
this year, if it is implemented, the things will be absolutely safe and
secure…x.x.x.x…In the reply, the Hon. Minister also said that we have
expressed our serious concern about the reported leakages and in the name
of surveillance, the data that has been secured from various private
sources, internet resources by the US Government. We have expressed it
formally to the Government of the US and also during the Secretary of
State’s visit a few weeks ago in India, this has been reinforced on a
person to person basis.”


He added, “We have been assured that whatever data has been gathered by
them for surveillance relates only to the metadata. It has been reiterated
and stated at the highest level of the US President that that only the
metadata has been accessed, which is, the origin of the message and the
receiving point, the destination and the route through which it has gone,
but not the actual content itself. This has been reiterated by them, but we
expressed that any incursion into the content will not be tolerated and is
not tolerable from Indian stand and point of view. That has been mentioned
very clearly and firmly by our Government.”


In effect, the Government of India has formally communicated to Government
US that India has no problem if they conduct surveillance for metadata in
fact it is acceptable and tolerable but “incursion into the content will
not be tolerated and is not tolerable.”


The Parliamentary Committee observes, “While taking note of the
Department’s stand on the recent instances of surveillance and interception
of data (though only meta-data) by other countries, that incursion into the
content of the country’s data will not be tolerated, the Committee is of
the strong opinion that the Department should have exercised enough caution
so that such a situation was not allowed to occur at the first instance.
Further, the Committee feels that the Department should be extremely
vigilant and cautious in terms of safety as well as in terms of policy with
different countries so as to avoid such leakage and interception of
sensitive data in the name of surveillance. The Committee, therefore,
strongly recommends the Department to take remedial measures and come out
with a policy which should be implemented stringently so as to obviate
recurrence of such instances.” MeitY which has been formed by giving the
status of ministry to the Department of Electronics and Information
Technology (DeitY) has been misleading the State Governments, media and the
citizens. It must be remembered that the idea of UID was incubated in this
very Department. It is evident that Satyanarayana and this Department has
no problem in sharing meta data of Indians to foreign agencies.

Nilekani refers to Vijay Madan who was the UIDAI CEO. Notably, Madan made
false claims in a presentation titled “Digital ID for Benefit and Service
Delivery to Billion Plus People” in the ‘Special Session on National ID
Programs’ at the International Joint Conference on Biometrics held during
29th September – 2nd October 2014 at Clearwater, Florida, USA. He claimed
that “Security and Privacy of personal information ensured” by UIDAI in its
implementation of UID/Adhaar project. This claim is an exercise in
misrepresentation. Given the fact that some 91,000 of USA’s classified
pages reached the website of Wikileaks in August 2010 reveals that such
claims of security and privacy are mere empty claims with no privacy law in
the country. The Ministry of Planning, the nodal ministry for UID/aadhaar
informed the Parliamentary Standing Committee that concerns sharing of
data, surveillance and profiling is being addressed by a proposed
legislation on privacy. The committee observed that the enactment of such
data protection law is a “pre-requisite for any law that deals with
large-scale collection of information from individuals and its linkages
across separate databases.” This promised law has not been enacted till
date. Notably, till date there is no data protection and privacy protection
law in the country. Thus, the claim of UIDAI and Nilekani remains a bogus
claim.


Nilekani forgot mention the name of his first Mission Director. It is
relevant to observe that the letterhead of the UIDAI’s Director General
under Nilekani, Ram Sewak Sharma revealed his personal email ID as
*rsshar...@gmail.com
<rsshar...@gmail.com>*. The question is who authorized the UIDAI’s Director
General to use Google’s email account? Is it the case that UIDAI does have
its own email account? After relinquishing his post at UIDAI to join as
Chief Secretary, Government of Jharkhand, did Sharma surrender his email ID
to UIDAI? Currently, Sharma is the Chairman, Telecom Regulatory Authority
of India (TRAI). Prior to this assignment, he worked as the Secretary,
Department of Electronics and Information Technology after his tenure as
Chief Secretary, Government of Jharkhand where is promoted UID/Aadhaar
project enthusiastically using the same Google’s email account. UIDAI
officials, Nilekani and Sharma were/are privy to massive trove of
communications about the inner workings of the world’s biggest biometric
database project aimed at creating a Centralized Identities Data Repository
(CIDR) of all the UID/Aadhaar Numbers and related aspects of nation’s
diplomacy, national security and personal sensitive information of present
and future Indians. The email accounts of Nilekani and Sharma must be
investigated to ascertain all the locations around the world from which it
has been accessed especially in the light of disclosures about the
controversy surrounding use of private email account by Hillary Clinton who
began using it as “a matter of a convenience" disregarding the advice of
tech experts who didn’t allow personal email accounts to be installed on
government-issued devices. Her official communications included thousands
of emails that would retroactively be marked classified by the US State
Department. This issue was raised vociferously by Donald Trump, the
President of USA because it compromised USA’s national security.


The fact that one of the senior most official of UIDAI chose to receive
such sensitive information on the server of Google, a private company, is a
threat to national security and privacy of Indians. This company is
regulated by US laws and has been working in collusion with foreign
intelligence agencies. The authorities in the US, where Gmail is
headquartered, can legally access the information on the server of Google
without a court warrant and without any civil and criminal liability. The
Indian government will remain in dark about it. In fact US’ Cyber
Intelligence Sharing and Protection Act (CISPA) make the exchange of
electronic information between Internet Service Providers and the
government of US possible. *The use of Gmail account demonstrates the lack
of professionalism of UIDAI, which has been given the task of handling the
database of the personal sensitive information of Indians. This act of
omission and commission merits attention. Such gullibility of ministers,
Secretaries and Chief Secretaries besides other IAS and IPS officers in
particular and officials in general is inexcusable. This merits high level
probe.  *


Nilekani also refers to Ajay Bhushan Pandey, the current CEO of UIDAI.
Pandey claimed that “At least from the UIDAI side, we have not said it
shall be mandatory.” If it indeed true that UID/Aadhaar is not being made
mandatory by UIDAI then MeitY should have withdrawn the letter to Secretary
Department of Defence Production and other departments, agencies and State
Governments. Given the fact that he has not done so demonstrates that
articulations of UIDAI are equivocal and questionable. It has compromised
national security and the personal sensitive information of present and
future Presidents, Prime Ministers, judges, legislators and officials
handling sensitive assignments besides all the Indians.


Contrary to the claims of the promoters of biometric Unique Identification
(UID)/Aadhaar like Nandan Nilekani that “Millions of people without any ID,
now have an ID”, the fact is that of all the Aadhaar numbers issued to
Indian residents till date – 99.97 per cent had pre-existing identification
(ID) documents. This has been revealed in a reply to an application under
Right to Information (RTI) Act by Unique Identification Authority of India
(UIDAI), Union Ministry of Electronics and Information Technology (MeitY).
The enclosed reply reveals that out of the 83.5 crore UID/Aadhaar numbers
issued till then, only 2.19 lakh residents (0.03 per cent) have been given
numbers based on the introduction by the introducer system because they did
not have a  pre-existing ID. This proves that that ‘an inability to prove
identity” has not a major barrier to access benefits and subsidies.


Contrary to claims of the promoters of UID/Aadhaar about there being a
cumulative
saving of 50,000 crores that was being diverted from genuine beneficiaries,
as per the minutes of the meeting of Committee of Secretaries (CoS) held
under the Chairmanship of Cabinet Secretary on 23 November, 2015 on the
subject of “Implementation of DBT in Government Schemes”, there was an
annual subsidy saving of Rs 91 crore. DBT stands for Direct Benefits
Transfer. The minutes of the meeting is dated November 30, 2015.


A bizarre situation is emerging where citizens chose a government that was
supposed to represent them but their government is undertaking the task of
coercively biometrically authenticating whether or not those it represents
are indeed those who they claim to be. It ends up breaking the sacrosanct
social contract between the citizen and the State in an unprecedented act
of breach of trust. *The attempt to undertake convergence of all the
sensitive databases of Indians and the confidence of promoters of
UID/Aadhaar in the irreversibility of their efforts has thrown as yet an
unmet open political challenge to the opposition parties and informed
citizens.*


*For Details: Dr Gopal Krishna, Member, Citizens Forum for Civil Liberties
(CFCL), who has been working on the subject of Big Data and
biometric-digital surveillance technologies. He had appeared before the
Parliamentary Standing on Finance that examined and trashed Aadhaar Bill,
2010. He is editor of www.toxicswatch.org <http://www.toxicswatch.org/> *


*Mb: 9818089660, 08227816731, E-mail: 1715kris...@gmail.com
<1715kris...@gmail.com> *

-- 
You received this message because you are subscribed to the Google Groups 
"Green Youth Movement" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to greenyouth+unsubscr...@googlegroups.com.
To post to this group, send an email to greenyouth@googlegroups.com.
Visit this group at https://groups.google.com/group/greenyouth.
For more options, visit https://groups.google.com/d/optout.