Aadhaar is a 12-digit identity number that is issued to Indian residents. This is based on their demographic and biometric data. The data is collected by the UIDAI or the Unique Identification Authority of India. It is a statutory authority that is established in January 2009 by the Indian government. This is also under the jurisdiction of the Ministry of Electronics and Information Technology. It follows the provisions that have been set by the Aadhaar Act of 2016. This is the Targeted Delivery of Financial and other Subsidies.
Aadhaar is the world’s largest biometric ID system. It has over 1.19 billion individuals enrolled and represents 99% of Indians. It has been described as the most sophisticated ID program in the whole world. Aadhaar is not proof of residence or citizenship. In fact, it does not even grant the rights to domicile in the country. It has been clarified by the Home Ministry in June 2017 that the Aadhaar is not a legal identification document for Indians to use when traveling to Bhutan and Nepal.
Overview of the Aadhaar
The UIDAI or the Unique Identification Authority of India is required to assign the UID number to all the residents of India. Implementing this UID scheme requires the generation of the assigned UIDs so that they can define the mechanisms and processes for linking UIDs with partner databases. This makes operation and management of any stage of the life cycle of the UID easier. Policies and procedures are also framed to update the mechanism and then define the applicability and usage of UIDs for delivering various services, among others. The number that is linked to the basic demographics and biometric information like fingerprints, photographs, and two iris scans. This is then stored in the central database.
The UIDAI was initially set up by the Indian Government under the aegis of the Planning Commission. Therefore, they have been given the responsibility to come up with the policies and plans that will be implemented in the UID scheme. It also owns and operates the UID database and is made responsible for updating and maintaining this on an ongoing basis.
The data center of the UIDAI is located at the IMT or the Industrial Model Township in Manesar. It started issuing UIDs in September 2012. Its aim was to issue Aadhaar numbers to every resident so that it can eliminate fake and duplicate identities. This number can also be used to verify and authenticate information in a cost-effective and easy way that can be done online or anywhere at any time. The Government of India also indicated that it recognizes a letter from the UIDAI containing information such as name, address and Aadhaar number and regard this a valid and official document. It is important to note that Aadhaar is not there to replace identity cards. It also does not constitute proof for citizenship or residency. Aadhaar does not confer guaranteed rights, entitlements or benefits. It is simply a number that is random and does not start with a 0 or 1. It is also not loaded for intelligence or profiling because this would make it prone to theft or fraud. Therefore, there is a measure of privacy with this information. The unique ID qualifies as valid ID when citizens are making use of government services such as a subsidized ration, benefits under NSAP, e-sign, a digital locker, pension schemes, kerosene from the PDS or LPG connection.
UAN or Universal Account Number under EPFO and other services such as opening a bank account or acquiring a SIM card can be done with the Aadhaar number as well.
According to the official website of the UIDAI, any individual who has an Aadhaar can verify how unique his or her number is through the Aadhaar Verification Service or AVS that is quite user-friendly and is already on the website. A resident that is enrolled under the National Population Register does not need to be enrolled again.
Direct Benefit Transfer
The Aadhaar project is linked to public subsidy and unemployment benefit schemes like MGNREGA and LPG scheme. These Direct Benefit Transfer schemes have the subsidy money directly transferred and carried out by the NEFT or the National Electronics Fund Transfer system. This does not depend on the Aadhaar.
Aadhaar-enabled biometric system
In July 2014, Aadhaar enabled the biometric attendance system by introducing this in the office. It was then checked by government employees. The public could see the attendance of the employees from the website. However, three months later, in October 2014, the website was closed to the public. It was then made active again and opened to public access in March 2016. Employees use the last four digits of the Aadhaar number as well as their fingerprints for authentication. There are technological glitches on the system so it was still a work in progress.
Aadhaar as a Digital Identity
A number of features that the Aadhaar card allows it to serve as a digital identity and one that facilitates digital identity. This is because the document of the card is electronic when setting in PDF format. There is a QR code that provides the digital XML representation of the core details of the card. The number and some of the limited details that are validated online along with the notable exclusion of the name allows the details to be updated online. It can also be done via the user’s mobile because the phone number and/or email serves as the second factor of authentication. The system can also collect a photo, eye scan, and 10 finger scans.
Impediments and other concerns
Feasibility concerns
The Aadhaar project was being implemented without any cost-benefit or feasibility studies so that it can ensure whether the project can still meet the goals that it has stipulated. It has also been pointed out that the government was somehow obscuring the security aspects of Aadhaar and it focuses on the social benefit schemes.
The debate on its feasibility and ability to sustain the project of this size is settled one 1.19 billion Indians have been enrolled in the program. This pretty much represents 99% of the total population. The quality of the data that has been collected is the most advanced in the world. This complements the other initiatives that have been taken by the government which benefits people and gives them easy access to public services.
Lack of Legislation and Concerns on Privacy
On February 2, 2015, the Supreme Court asked the new government to clarify to the public where they stand on the project. This was in relation to the criticism that it has been ignoring the previous orders and pushes ahead with the project as well as the project that they find unconstitutional because it allows the profiling of the citizens. On July 16, 2015, the Indian government requested that the Supreme Court revoke the order. They suggested that the Aadhaar be just used for various services. In fact, some states insisted that the Aadhaar be used for benefits.
On August 11, 2015, the Supreme Court directed the government to actually publicized this in electronic and print media that Aadhaar was not required for any welfare scheme. The Court also referred that the petitions that are claiming for Aadhaar be unconstitutional.
On July 19, 2017, the Supreme Court started hearing the arguments that have been presented and figured out whether this was, in fact, fundamental to provide privacy. The nine judges unanimously upheld the right for privacy and regarded this as the fundamental right under the Constitution.
This constitutional bench of the Supreme Court is also hearing various cases that are related to how valid the Aadhaar is on the various grounds that include surveillance, exclusion, and privacy solely for the benefit of welfare.
The Legality of Sharing Aadhaar Data with Those Who Enforce the Law
In 2013, there was the case of the CBI attempting to solve the rape of a schoolgirl. They managed to acquire fingerprints from the crime scene that was a match with the UIDAI database. The court then asked the UIDAI to hand the data to the people in GOA and submit this to the CBI.
The UIDAI appealed in the Bombay High Court and accepted that the request could actually set the needed precedent for future requests. However, the High Court rejected the argument by placing an interim order that was directed to the CFSL or the Central Forensic Science Laboratory. This was the study of the technological capability of the database to also see if it was possible to solve the crime. The UIDAI eventually appealed to the Supreme Court. It argued that the chance for 600 million people recorded on the database would eventually result in hundreds of thousands of false results because of the high false-positive rate of 0.057%.
On March 24, 2014, the Supreme Court has restrained the central government from sharing UIDAI data with the third party or agency, whether these be private or government, without the Aadhaar-holder’s content in writing. Therefore, there was another interim order that was dated on March 16, 2015. The Supreme Court of India directed that the States and Union of India, as well as all their functionaries, adhere to the said order. It pretty much observed some of the government agencies that were also still treating Aadhaar as a requirement. They asked every agency to issue the notifications to clarify that it was not.
Security Concerns
Aadhaar was originally intended to flush out the illegal immigrants but these social security benefits were eventually added so that privacy concerns can be avoided. It also expressed objections for Aadhaar numbers to be issued to illegal immigrants. The Committee said that these projects were implemented in a manner that is so unplanned that it bypassed the Parliament.
In May 2013, there have been some errors that were admitted to the registration process. There were people who received their Aadhaar cards but complained because these had wrong fingerprints or photographs. According to some officials that work at the Intelligence Bureau, the UIDAI project is criticized because the Aadhaar number was not considered as a proof of residence that is credible enough. As for how it was stated in the liberal pilot phase, a person could claim to live and accept the address.
Overlaps with the National Population Register
The Aadhaar along with projects from the National Population Register has been reported to be conflicting, it was also reported that the UIDAI share data with the NPR. NPR eventually collected its own data. However, the government insisted that the Aadhaar was not some kind of identity card, but a number and the NPR was not really a requirement for national security purposes. The order of the Supreme Court in 2013 did not affect the project that was spearheaded by the NPR because it was not actually linked to the subsidy.
In July 2014, a meeting that was held in relation to discussing the possibility of merging both projects, NPR and Aadhaar, concluded that these were complementary. The meeting was attended by people in Law and Justice and Telecom industries. Later in that month, there was no more plan to merge the two projects.
Fraud
In order for Aadhaar to be accessible and undocumented poor citizens, setting an Aadhaar card does not really require specific documentation. There are multiple options that are made available. This is when the use of biometric facilities is reduced so that it can eliminate duplication. In theory, it is also possible to obtain the card under a fake name. It is less likely that the individual could maintain another Aadhaar card under another name.
The Aadhaar card is not a secured document according to the agency that has not been treated as some kind of identity card because it was often treated as such. However, because there was no practical way to validate the card, there were lots of questions to utilize this as an ID card. There were also five main components in the Aadhaar app transaction – the vendor, the back-end validation software, the customer, the app and the Aadhaar system itself. There were also two main external concerns. This was to secure the data that was often at rest on the phone and the kind of data in transit that is secure. At every seven points, the data of the customer is vulnerable to any kind of attack. This is because the validation software and the app are quires insecure. The Aadhaar system can be found insecure as well as the network infrastructure. The laws are inadequate and therefore does not work in that sense.
