Aadhaar Rolls Out Three New Authentication Services; It’s Getting Creepy Now

So I’ve taken various positions about the Unique Identification Authority of India depending on the evidence at hand. The idea of citizen service delivery over a technology platform has great possibilities. But right now, its starting to creep me out.

API Data Flow for e-KYC (Image: UIDAI)
API Data Flow for e-KYC (Image: UIDAI)

Today, the authority launched three Aadhaar enabled services: e-KYC, One Time Pin authentication and Iris authentication. A seemingly naive and potentially amazing use of technology.

The understanding, based on Nandan Nilekani’s statements at various press conferences and public appearances I’ve covered over the last three years, was that the UIDAI will only give a “yes or no” answer to service providers wanting to use its authentication service.

Even now, the UIDAI’s website says: “The UIDAI will answer all requests to authenticate identity only through a ‘Yes’ or ‘No’ response.” To concerned citizen, Nilekani’s repeated assurance was it will only verify if you are who you claim you are.

But with today’s launch, its all changed.

The new deal is: Agencies can get details like Name, Address, Date of Birth, Gender, Photograph & Mobile Number, using your Aadhaar number. The safeguard is that it will be shared at the request of, and/or with the consent of the Aadhaar number holder.

This is not just a simple yes or no answer the UIDAI claimed earlier. This is a lot of information about me. Even if I choose to ignore the flip flop in the UIDAI’s stance, I’m worried if there are any other safeguards? You will be more or less coerced into giving them a consent because without that, the service provider or agency will not be able to deliver the service.

Will the authorization I give, used once or for ever? Who has the responsibility to keep my information private? The privacy bill is still not a reality. What are my legal options in case someone harvests my info and sells it to a spammer? What about hack attacks? After all, we live in India where even the top security Defence Research and Development Organisation or the Navy isn’t safe from hackers.

Then there is the larger question of privatization of data. In an editorial three days ago, law researcher Usha Ramanathan pointed out that the government is setting up National Information Utilities based on the recommendations of a technology advisory group headed by Nandan Nilekani. These utilities, will be private companies, strategically controlled by the government which will buy data from them. The Goods and Services Tax Network and four other projects will be set up as National Information Utilities.

I’m not against technology or the Aadhaar project. In fact I’ve even supported the project at times. But this, is just starting to get creepy.

Leave a Reply