Aadhaar Again

Aadhar

The Government of India is testing a new Aadhaar app that combines face ID authentication with artificial intelligence (AI), enabling citizens to access digital Aadhaar services on their mobile devices. Developed by the Unique Identification Authority of India (UIDAI), the app features QR code-based instant verification and real-time facial recognition for authentication.

Aadhaar, which was launched fifteen years ago, assigns Indian residents a unique 12-digit ID number linked to biometric data, including fingerprints and retinal scans. Aadhaar was introduced by the Congress-led UPA government with the goal of streamlining the distribution of welfare benefits to those in need. Initially marketed as a voluntary programme, it has effectively turned into a forced necessity for anyone wanting to lead a normal life in India. Today, the ubiquitous Aadhaar is required for almost all activities — opening a bank account, obtaining a SIM card, checking into a hotel, travelling or even shopping. Most people are unaware that there exist alternatives so everyone takes the ‘easy path’ and falls into the trap. However, the problem with linking a diverse range of services to a single ID number is that it increases the risks associated with security breaches, a specialized threat about which most educated Indians are completely ignorant since privacy has never, historically, been an issue in our society.

Critics argue that Aadhaar is fostering a digital economy primarily designed to benefit businesses. While unsuspecting individuals are often willing to share their information in exchange for convenience, it is important to recognise that they are also sacrificing their privacy. This leads to surveillance over almost all aspects of their lives. The most vulnerable members of society are particularly affected, as they may lose access to benefits due to issues like fingerprint mismatch or their own name or even their father’s name misspelt, leaving them with little recourse for assistance.

Those affected are particularly among the uneducated, manual labourers and senior citizens struggling to confirm their fingerprints and retina scans. Add to this the loss of a mobile phone that could put the person concerned to great hardships. And God help if the mobile number linked to a citizen’s Aadhaar is somehow deactivated! Then of course there always looms the danger of internet or simply power outages which could throw the lives of millions into a downward spiral. A very recent case was observed on 26 March, 2 April and 12 April when the nation was pushed into a limbo because the UPI system of money transaction dropped dead throughout India.

Concerns over data breaches aren’t unfounded. A recent survey by LocalCircles, a leading community social media platform, found that 87 per cent of Indian citizens believe that some of their personal data is already in the public domain or has been compromised in databases. This marks a significant increase from 72 per cent in 2022. Among those who think their personal identification data has been leaked, more than 50 per cent specifically cite their Aadhaar or PAN card details, or both, as being at risk. The survey also indicated that citizens attribute responsibility for this situation to various entities, including government agencies, telecommunications companies, banks, and e-commerce platforms. Earlier, a report published in the Tribune newspaper in 2018, disclosed that an online database containing every Aadhaar number, along with the personal information of more than a billion Indians, could be bought for as little as $7. A 2022 audit of the UIDAI conducted by the CAG of India highlighted issues related to privacy and data security, as well as problems in the enrolment processes that resulted in duplicate entries and inaccurate biometrics. These are bound to happen in a country like India where everyone works in a lackadaisical manner and with complete disinterest and disdain.

The government asserts that the new app streamlines Aadhaar verification, boosts user privacy, and safeguards against misuse. However, concerns persist regarding the security of citizens’ personal data. While Face ID offers convenience, it also poses much greater security risks, including data breaches, serious privacy infringements bordering on life threats, and the possibility of being circumvented by deepfakes or other techniques. These are not fabricated ideas but instead such dangers have already been felt in other countries with much stricter privacy laws.

Unauthorised access to facial recognition data can result in identity theft and widespread surveillance. When facial data is stored on a cloud server, it may be susceptible to unauthorised third-party access. Unlike passwords or credit card details, facial data is challenging to alter, making it a particularly sensitive type of information that requires robust protection, which India is not even attempting to address.

News