Budget Speech supports constitutionally invalid biometric Aadhaar, a fish bait to trap poor in database for Big Data companies
Parliamentary Committee trashes storage of UIDAI’s data on cloud, violation of citizen’s right to privacy
Outrageously metadata collection by NSA deemed acceptable and tolerable by Congress led Govt
illegal, illegitimate 12 digit biometric identifier number, aadhaar is an assault on democratic rights
17 February, 2014: Finance Minister P Chidambaram presented Interim Budget 2014 expressing his support for legally and electorally questionable biometric identification scheme branded as aadhaar number. The total budgetary allocations made for Unique Identification Authority of India (UIDAI) since its inception up to 31 March 2014 is Rs5, 440.30 crore. In a context where arguments against the scheme are underway in the Supreme Court facing robust legal challenge such
support is aimed at presenting fait accompli to the court. In a significant development, petitions have been filed by individuals seeking to ‘opt out’ of the scheme in which they enrolled under some mistaken belief.
“However, let me reiterate that the Government remains fully committed to Aadhaar under which 57 crore unique numbers have been issued so far and to opening bank accounts for all Aadhaar holders in order to promote financial inclusion. Who needs Aadhaar? It is those who are at the bottom of the pyramid, the poor, the migrant workers, the homeless, and the oppressed who need Aadhaar, and we will ensure that they get Aadhaar. I have no doubt that in course of time even critics of Aadhaar will realise that Aadhaar is a tool of empowerment.”
The moment those who have been issued these biometric numbers come to know of its risk and its pernicious implications, they are likely to ‘opt out’ of the unique identity (UID) number scheme too. Notably, he seems to maintain a conspiratorial silence about issuance of aadhaar number through Home Ministry’s National Population Register (NPR) as if it is a fall back option in case the Court declares UIDAI as unconstitutional.
This claim of Chidambaram is an exercise in sophistry and is nothing but false bravado after the resounding defeat in the assembly elections of UP, MP, Delhi, Rajasthan and Chhattisgarh. The electoral verdict is against aadhaar. Democracies world over have voted against intrusive and bullying identification schemes unleashed by the ID card cartels of big data companies.
Notably, the schedule for 17 February 2014 in Rajya Sabha had eight items listed for the legislative business. This list dated, 13 February 2014 was been signed by Shumsher K Sheriff, Secretary General, Rajya Sabha. The last item mentions The National Identification Authority of India (NIDAI) Bill to be re-introduced. It is meant to legalise biometric data collector, Unique Identification Authority of India (UIDAI)’s work done since 28 January 2009. This Bill was trashed and rejected by Parliamentary Standing Committee on Finance in its report to both the Houses of Parliament. This exercise
by this lame duck minority government led by Indian National Congress is manifestly insincere. The scheme is in limbo following electoral and defeat and differences within various ministries.
The item No8 in the legislative business reads “RAJEEV SHUKLA to move that Bill to provide for the establishment of The National Identification Authority of India for the purpose of issuing identification numbers to individuals residing in India and to certain other classes of individuals and manner of authentication of such individuals to facilitate access to benefits and services to such individuals to which they are entitled and for matters connected therewith or incidental thereto, be taken into consideration.” Rajeev Shukla is the Minister of State in the Ministry of Parliamentary Affairs and Planning.
It is relevant to pay heed to the observations and recommendations, 25 member Parliamentary Standing Committee on Information Technology in its 88 page report on Cyber Crime, Cyber Security and Right to Privacy dated February, 2014 in this regard. It states, “the Committee is extremely unhappy to note that the Government is yet to institute a legal framework on privacy. When asked about the status of the above legislation, the Department has diverted the issue stating that the Department of Personnel and Training (DoPT) is still in the process of evolving legislation to address concerns of privacy, in general, and it is still at the drafting stage. The Committee seriously feels that in view of enormous data, very sensitive in nature, being consigned to cyber space each day particularly in the light of Government’s visionary UIDAI programme, the Government should not jeopardise the privacy of citizens on the plea that the Department is concerned only with Section 43(A) which it is based on self-regulation.” It refers to 43 (A) of Information Technology Act.
The real issue of unhappiness of citizens is why should UID/Aadhaar programme and National Population Register (NPR) be proposed and executed prior to the legal framework for safeguarding right to privacy? How can this Committee feign ignorance of the fact that far from UIDAI programme being “visionary”, it lacks the legal mandate to be brought into operations? Perhaps, the word has been used to underline the irony.
The report aptly states, “The Committee observes that National e-Governance Programme (NeGP) is one of the ambitious projects of the Government and the Department is planning to use ‘Cloud computing’ for e-Governance Programmes and for storing its data. The Committee also note that the Government of India has recently published GI Cloud (Meghraj) – ‘Strategic Direction Paper’ and ‘Adoption and implementation Roadmap’ as a part of this Cloud initiative, which prescribes the precautions, standards and guidelines on security addressing the various challenges and risks and gives more clear dimension to the timelines of implementation. With regard to the usage of ‘Cloud computing’, the Committee in their Twenty-seventh Report (2011-12), had expressed apprehensions about technological and legal
challenges associated with the concept of ‘shared platform’ and had recommended the Department to conduct a study/survey to find out the existing scenario nationally and internationally and be prepared with a mechanism to deal with the risks associated with the usage of Cloud computing and be vigilant about such emerging technologies. However,
the Committee is surprised to note that though NeGP has entered seventh year of its implementation, the Department has neither conducted any study/survey in this regard nor has any data on instances of cyber security breaches encountered in e-Governance projects. The Committee feel that NeGP being a visionary project of the Government, the Department should not show any laxity. The Committee, therefore, recommend the Department to conduct a study/survey to find out the instances of cyber security breaches in NeGP projects. While cautioning the Department to be extra vigilant with the usage of the new technology ‘cloud’ which is still at a nascent stage, the Committee desire that the Department would stick to their assurance of keeping security issues on priority, particularly, in the implementation of e-Governance projects and make the programme foolproof.”
The report has revealed that the Government has jeopardized the privacy of citizens through UIDAI’s biometric identification exercise. In that case how is that the Committee mentions Government’s UIDAI programme as “visionary”. Given the fact that the UIDAI’s data is admittedly stored on cloud, the fact that government ignored Committee’s apprehensions on the usage of ‘Cloud computing’, the concept of ‘shared platform’ and the risks associated with the usage
of Cloud computing in the 5th year of the implementation of Aadhaar unmindful of cyber security breaches encountered in e-Governance projects, the government merited strong criticism. Instead of censuring the Government and making it accountable, the Committee only expresses surprise. But in its own mild way, this Committee has also trashed government’s unpardonable callousness towards the security ramifications of storing UID/Aadhaar data on cloud and the failure to enact a legal framework for right to privacy. As has been done with right to privacy, although the government admitted the need of enacting a legal framework for UIDAI, its tenure is about to end without enacting it.
At page no. 46-47, the report Parliamentary Standing Committee on Information Technology that examined the work of Department of Electronics and Information Technology (DeitY), Ministry of Communications and Information Technology, asked about the surveillance by National Security Agency (NSA) of USA. It states that in the context of privacy of data, the Committee desired to know the Department’s stand on the issue of surveillance by US and interception of data sent through e-mails. To this, J Satyanarayana, Secretary, DeitY, responded during the evidence as under:-
“Sir, about the US surveillance issue, there has been a debate, as you are aware, this morning in the Rajya Sabha itself and the hon. Minister has addressed this issue. He also emphasised that as far as the Government data and Government mails are concerned, the policy, the copy of which I have given to the Committee earlier, is going to address a large part of it. Hopefully, by the end of this year, if it is implemented, the things will be absolutely safe and secure…x.x.x.x…In the reply, the Hon. Minister also said that we have expressed our serious concern about the reported leakages and in the name of surveillance, the data that has been secured from various private sources, internet resources by the US Government. We have expressed it formally to the Government of the US and also during the Secretary of State’s visit a few weeks ago in India, this has been reinforced on a person to person basis. We have been assured that whatever data has been gathered by them for surveillance relates only to the metadata. It has been reiterated and stated at the highest level of the US President that only the metadata has been accessed, which is, the origin of the message and the receiving point, thedestination and the route through which it has gone, but not the actual content itself. This has been reiterated by them, but we expressed that any incursion into the content will not be tolerated and is not tolerable from Indian stand and point of view. That has been mentioned very clearly and firmly by our Government.”
In effect, the Indian National Congress-led government has formally communicated to Government of US that India has no problem if they conduct surveillance for metadata in fact it is acceptable and tolerable but “incursion into the content will not be tolerated and is not tolerable.”
An Urdu couplet- hum woh hai jo khat ka mazmoon bhaap lete hai lifafa dekhkar (we are those who can assess the content of letter by merely looking at the envelop)-captures the message from USA what Congress party in particular and the political class in general have missed.
Such faith in Government of USA’s empty words is akin to Jawaharlal Nehru’s gullibility with regard to designs of Chinese government that led to the humiliating defeat of India in 1962 and Mir Jafar’s touching ‘innocence’ about the deeper designs of British East India Company that compelled him to switch sides in the battle of Plassey in 1757.
The Parliamentary Committee observes,
“While taking note of the Department’s stand on the recent instances of surveillance and interception of data (though only meta-data) by other countries, that incursion into the content of the country’s data will not be tolerated, the Committee is of the strong opinion that the Department should have exercised enough caution so that such a situation was not allowed to occur at the first instance. Further, the Committee feels that the Department should be extremely vigilant and cautious in terms of safety as well as in terms of policy with different countries so as to avoid such leakage and interception of sensitive data in the name of surveillance. The Committee, therefore, strongly recommends the Department to take remedial measures and come out with a policy which should be implemented stringently so as to obviate recurrence of such instances.”
This report was presented to both the Houses of Parliament on 12 February 2014. It reveals that Indian Computer Emergency Response Team (CERT-In) has signed memorandum of understanding (MoU) with Computer Emergency Response Team, US (US-CERT), Japanese Computer Emergency Response Team Coordination Centre (JP-CERT/CC), National Cyber Security Centre (NCSC), South Korea, Computer Emergency Response Team, Mauritius (CERT Mauritius, Computer Emergency Response Team, Kazakhstan (CERT Kazakhstan) and Government of Finland for international cyber security cooperation arrangements. Department of Electronics and Information Technology have signed a MoU with Canada in ICT and Electronics sector. The Department, with the help of Ministry of External Affairs, is having engagement dialogue with several countries such as Malaysia, Israel, Egypt, Canada and Brazil on cyber security incidents and vulnerabilities in IT products and systems.
Edward Snowden has disclosed that several of the countries like Canada, South Korea and others, with whom the MoU has been signed, are in the intelligence bartering/sharing alliance with the US, prior to India’s independence.
While presenting the Union Budget 2009-10, the then Finance Minister, Pranab Mukherjee had announced the setting up of the UIDAI by the Government to “establish an online data base with identity and biometric details of Indian residence and provide enrolment and verification services across the country.” He had allocated Rs120 crore for this project as “a major step in improving governance with regard to delivery of public services.”
The Minister did not inform the Parliament that UIDAI “was created during 2009-10 and a modest start with an expenditure of Rs30.92 crore was made.” Parliament has been kept in dark about how Unique Identification (UID) /Aadhaar Numbers to every resident in India started unfolding without sharing “the linkages of various welfare schemes steered by different Ministries/departments of Government of India”.
The Parliament remains unaware about how UIDAI selected the “Managed Service Provider” for the Central Identity Data Repository (CIDR) of biometric UID/Aadhaar numbers. For this, a budget of Rs1900 crores was allocated in the Union Budget 2010-11 by the Finance Minister. It is admitted that “CIDR will be handed over to the Managed Service Provider (MSP) on a long term contract basis.”
Economic Survey 2011-12 claimed,
“The Aadhaar project is set to become the largest biometric capture and identification project in the world.” It is admitted by UIDAI that there are “ownership risks (Ownership of the project by stakeholders), Technology risks (nowhere in the world a project of this size has been implemented) and privacy concerns (there may be groups raising privacy issues – many ID Projects in western countries have been stalled due to the opposition of privacy groups).”
The UIDAI claims that it is “putting into place the risk mitigation strategies to minimize some of these risks” but this has never been shared with the Parliament and the citizens.
Union Budget speech 2012-13 under the heading Growth, Fiscal Consolidation and Subsidies reads:
“23. The recommendations of the task force headed by Shri Nandan Nilekani on IT strategy for direct transfer of subsidy have been accepted…This step will benefit 12 crore farmer families, while reducing expenditure on subsidies by curtailing misuse of fertilizers.” Such claims of benefits from direct transfer of subsidy has been debunked in the past, but government remains
adamant to pursue this path under the influence of vested interests. The Ministry of Planning, in their Action Taken Reply has been quoted as having stated that “UIDAI has been authorized to enroll 60 crore residents by March 2014 through the multiple registrar approach. As against this, UIDAI has enrolled 36.58 crore residents and a further 10.94 crore residents have been enrolled by RGI. Total enrolments by the end of June 2013 is 47.52 crore. The total Aadhaar generation up to the end of June 2013 is 37.37 crore……The average cost per card is estimated to range between Rs100 to Rs157” in October 2013 report of PSC to the Parliament. The total budgetary allocations made for UIDAI since its inception up to 31 March 2014 is Rs5, 440.30 crore, as per details given below:
S.No Financial Year Amount (Rs. crore)
1. 2009-10 25.65*
2. 2010-11 268.41*
3. 2011-12 1187.52*
4. 2012-13 1338.72*
5. 2013-14 2620.00^
*Actual Expenditure, ^ Budget Estimates
The budget of this project comes under the ministry of planning. The budgetary support to Aadhaar was increased by 47% to Rs1,758 crore in 2012-13 from Rs1,200 crore in 2011-12 for UIDAI to enroll Indian
residents for their unique IDs/Aadhaar to 60 crore from 20 crore. A provision of Rs2,620 crore has been allocated in Budget Estimate (2013-14) for UIDAI and a major part of the budget provision for Rs1,040 crore is earmarked for ‘Enrolment Authentication and Updation’, out of which Rs1,000 crore has been earmarked under the head ‘other charges’. What is this “other charges”? Besides this what is the justification of Planning Commission undertaking enrolment of 60 crore Indian residents under UID and
Ministry of Home Affairs enrolling 61 crores under NPR. Is the Congress-led government running two similar projects with public money to merely satisfy the anonymous donors of the party? The 31-member Parliamentary Standing Committee on Finance examined and censured on numerous occasions. In its April 2013 report on UIDAI (Sixty-Ninth Report) observes, “The Committee is concerned to note that during the last three financial years (up to January, 2013), a huge sum of Rs2,342 crore has been spent on the Scheme and Rs2,620 crore has been allocated in BE 2013-14, out of which Rs1,040 crore is earmarked for ‘Enrolment Authentication and Updation’ pending legislative sanction of the Scheme. The Committee strongly feels that in the absence of legislation, Unique Identification Authority of India (UIDAI) is discharging its functions without any legal basis.”
As of 1 February 2014, the members of the Cabinet Committee on Unique Identification Authority of India (CCUIDAI) related issues that oversee the project include Dr Manmohan Singh, Sharad Pawar, P Chidambaram, Sushilkumar Shinde, Kapil Sibal, Girija Vyas and Jairam Ramesh. After it came to light in a cabinet meeting that these ministers themselves were not clear as to whether biometric identifier number branded as Aadhaar refers to a card or a number, the Group of
Ministers (GoM) regarding ‘Issue of Resident Identity Cards’ to all usual residents of the country of age 18 years and above under the scheme of National Population Register (NPR) was constituted to look for an answer, it seems. The Terms of Reference of this GoM is to “examine all aspects relating to the proposal for issuing Resident Identity Cards to the usual residents of the country, keeping in view all relevant issues and finalize its recommendations at an early date.” This GoM on Resident Identity Cards has an ulterior motive of outwitting opposition parties because during Bharatiya Janata Party (BJP)-led National Democratic Alliance (NDA) regime, the same was proposed. It is an exercise to create an illusion of bipartisan support.
It is quite astounding that none of the members of CCUIDAI or the GoM members, be it AK Antony, P Chidambaram, Ghulam Nabi Azad, Sushilkumar Shinde, Ajit Singh, Kapil Sibal, Praful Patel, V Kishore Chandra Deo or Jairam Ramesh have got themselves enrolled for either UID/Aadhaar or NPR. Notably, Sonia Gandhi and Rahul Gandhi, the political patrons of the project have chosen not to enroll and baptize themselves with so-called right to identity to them. Pranab Mukheree, who fathered the project and declares how he set it rolling in his bio-data is also conspicuous by refraining from enrolment like LK Advani, Mayawati, Mamata Banerjee, Mulayam Singh Yadav, Prakash Karat, Nitish Kumar or
Arvind Kejriwal. None of the known editors of print and electronic media have enrolled themselves for it. No known social worker, be it Medha Patkar, Aruna Roy or Sandeep Pandey have endorsed it. No known judges, lawyers, jurists or academicians of the country have got themselves biometrically profiled under the project. In fact acclaimed scholars like Ashis Nandy have referred to UID number as prison number. Likes of whistleblowers such as AK Jain and Press Council of India member, Arun Kumar have debunked it. This demonstrates that the project does not enjoy the confidence of the senior most politicians, judges, scholars, activists and the legal fraternity of the country.
From among the political class only those who appear innocent of deeper politics like Raj Thackeray, Arjun Munda and Narendra Modi have been conned into it.
The Supreme Court is hearing the case challenging the constitutionality of UIDAI for collection of biometric data and
demographic data of residents of Indian in order to create a Central Identities Data Repository (CIDR) of 12 digit biometric unique identification (UID)/aadhaar number on a regular basis.
Be it Delhi, Maharashtra, Assam, Tamil Nadu or Gujarat, State’s failure to tame violence based on parochial regionalism, casteism and communalism does not inspire confidence. The plight of migrant students and workers across the country is a chilling reminder. In such a context, State cannot be trusted with the centralized database
of personal sensitive information of residents and citizens of India. This entails end of privacy and security of sovereign citizens in the way Nazi party of Germany had envisaged. State has failed to stop violence against compatriots from North-Eastern states in Delhi and north Indians in Assam. Chidambaram’s crocodile tears for “poor, migrant workers, the homeless, and the oppressed” is one of the least convincing statement he ever made in his political career.
The Contempt Petition (Civil) No. 144/2014 besides Writ Petition (Civil) No. 494 of 2012, W.P(C) No. 829 of 2013, W.P. (C) No. 932/2013, T.C. (C) No. 152/2013, T.C. (C) No. 151/2013 and W.P. (C) No. 833/2013 is being heard in the Supreme Court. Ministry of Petroleum, its oil companies and Congress ruled States have committed contempt by making aadhaar mandatory despite Court’s order of September 23, 2013 and November 26, 2013.
In such a scenario, any further allocation for UIDAI in the interim budget, 2014-15 which “is discharging its functions without any legal basis” will be yet another act of contempt towards Parliament and citizens’ democratic rights. The proposal to re-introduce the NIDAI Bill is a disingenuous exercise mocking parliamentary process at the fag end of the 5-year term after the execution of the project, which seems aimed at creating a charade of trying to create a legal basis
for indefensible UIDAI.
Attempts are underway to make this ‘online” demographic and biometric database cloud irreversible and ubiquitous so that it can be the cow, which can be milked until the sun sets on national and transnational patrons of Congressmen, their acolytes and outsourcing companies. Citizens Forum for Civil Liberties (CFCL) has been campaigning against surveillance technologies since 2010 and has petitioned and given testimonies and written submission to parliamentary committees and National Human Rights Commission (NHRC) in this regard.
For Details: Gopal Krishna, Citizens Forum for Civil Liberties (CFCL), Mb: 08227816731, 09818089660, Email:[email protected]