reportage Technology

The New Oil

Aadhaar’s mixing of public risk and private profit

By Aria Thaker | 1 May 2018

IT WAS A BLACK-AND-WHITE PHOTOGRAPH of a crowded street, centred on a man glancing backwards into the camera. His face sat in the crosshairs of a computer-generated box populated with a mobile number, a date of birth, an address and other personal information. Superimposed above this was a 12-digit number, with four digits redacted: a representation of an Aadhaar number, the biometrics-backed digital identifier that the government has looked to impose on every resident of India. A few other faces in the crowd were framed by boxes crowned with Aadhaar numbers too. Above the image were a few lines of text, one of them reading, “Welcome aboard @On_grid team.”

The text and image were part of a tweet by India Stack in February 2017, announcing that OnGrid had joined a select group of its user entities. India Stack is a set of Aadhaar-specific application programming interfaces, or APIs—code that allows and governs communication between various programmes, as, for instance, when an app on your phone interacts with an e-retailer’s database or a payment gateway. In effect, India Stack’s APIs are building blocks in the software architecture required by many third-party entities, whether public or private, to use Aadhaar. OnGrid, a private company, provides background checks on employees for companies hiring blue-collar workers. It verifies individuals’ identities using their Aadhaar data, but also collates data from numerous other sources to show their employment history, criminal background, and more.

India Stack had taken the tweeted image from OnGrid’s homepage. Many were quick to call it frightening and dystopic—an illustration of Aadhaar’s potential use for mass surveillance. India Stack took the image down from its Twitter feed within hours, but OnGrid’s practices still came in for scrutiny. “Does it mean that Aadhar, PAN, passport etc docs for a given individual will be linked and available on your server?” one person tweeted. One of the company’s founders, Piyush Peshwani, replied, “With consent, yes. The record belongs to the Aadhaar-holder and only he/she decides what stays on it and what doesn’t.” Another user responded, “You have removed the image and repeated the same thing in words.”

Aadhaar was already deeply controversial at the time the tweet appeared. The first attempt to win legislative backing for the scheme, under the previous, Congress-led government, failed spectacularly. In 2011, the parliament’s standing committee on finance—led by a member of the BJP, which was then in the opposition—found Aadhaar to be “riddled with serious lacunae and concern areas,” and declared that it had “been conceptualized with no clarity of purpose … and is being implemented in a directionless way with a lot of confusion.” A retired judge who filed the first legal challenge to Aadhaar, in 2012, told the Supreme Court that the scheme “is a clear violation of citizens’ privacy,” and complained that the government was going ahead with the scheme despite its rejection by the parliament. When Aadhaar finally became part of law, with the Aadhaar Act passed in March 2016, it was under a government headed by the same BJP that had emphatically opposed it earlier. The government chose the unusual route of passing the legislation as a money bill—a route typically reserved for bills that deal only with the use of public funds, and which bypassed the Rajya Sabha, where the government does not have a majority. Critics argued that the Aadhaar Act pertained to issues including civil liberties, national security and social policy, and could not be defined as a money bill. A Congress leader challenged the move in the Supreme Court.

The concerns and controversies over Aadhaar have only escalated ever since. A May 2017 report by the Bengaluru-based think tank Centre for Internet and Society showed that the Aadhaar numbers of over 130 million people had been published on government websites, along with their names, bank account numbers and other personal details. In January 2018, The Tribune published a story of how one of the paper’s reporters gained access to a portal with data from every Aadhaar holder after paying a middle man just R500. Other major leaks of Aadhaar-linked data have been surfacing with alarming frequency. Meanwhile, there have been multiple reports of poor people being denied access to welfare benefits, including food aid, because of failures in authenticating their identities using Aadhaar, whether due to network problems or their fingerprints being worn down from old age or manual labour. Some reports have connected such denial to starvation deaths.

A large and growing number of benefits and services both public and private are being linked to people’s Aadhaar numbers, and made contingent upon Aadhaar-based authentication—despite the outcry and the pending legal challenges to Aadhaar, as well as interim orders by the Supreme Court against making Aadhaar mandatory for many essential schemes and services. The government has made Aadhaar a requirement for food aid, cooking-gas subsidies, mobile connections, NREGA wages, government examinations, banking facilities, tax filings and much more. The threat of exclusion from essential benefits and services has spurred massive Aadhaar enrolment. The Unique Identification Authority of India, the authority in charge of the scheme, has enrolled over 1.2 billion of India’s 1.3 billion people. The UIDAI has touted this as a sign of runaway success, but critics say that India’s digital infrastructure and security systems have failed to keep pace, creating threats of data and identity theft in addition to those of the denial of benefits and services. The linking of Aadhaar to otherwise disparate services and information systems is also driving a massive consolidation of users’ data, and with it the potential for mass surveillance and profiling. Critics have pointed out how this can be exploited for such things as the malicious targeting of groups and individuals on ethnic or political grounds.

In all of this, OnGrid and other companies like it stand as crucial and interested go-betweens. As this story went to press, the Supreme Court was hearing a case that argued Aadhaar is unconstitutional. The case clubs together dozens of legal challenges to various aspects of the scheme that have been filed in courts all over the country. This January, OnGrid joined four other private parties to intervene in the Aadhaar matter. Their petition to the Supreme Court said that their businesses “have developed entirely as a result of the introduction of the Aadhaar system,” and argued for the system to continue unchanged.

These private companies are far from the only ones that stand to benefit from, and are currently batting for, Aadhaar.

(Subscribe to The Caravan to read the full story. Click here for a digital subscription or email for a print subscription.)

Some images have been modified for illustrative purposes.

Aria Thaker is a copy editor at The Caravan.


Leave a Reply

Your email address will not be published. Required fields are marked *