Aadhaar(Target Delivery of Financial and other subsidies, Benefits and Services) Bill, 2016

on

What?
  • Statutory backing for transferring government subsidies and benefits and also lay down a regulatory framework to protect core biometric information of AADHAAR card holder from any unauthorised  disclosure or sharing
  • Individual privacy
  • Public service delivery
  • Subsidy rationalisation
  • Data Security
Aadhaar
  • A unique identification by 12 digit number and based on demographic and biometric information
Features
  • Entitlements
    1. Every resident is entitled to obtain Aadhaar (person resided for more than 182 days in one year)
  • Institutional
    1. Establishing UIDAI (Unified Identification Authority of India)
    2. Establishment, operation and maintenance of Central Identity Data Repository
  • It will not confer right of or proof of citizenship of domicile
  • Data Security
    1. Data will be collected and protected at very high level
    2. Biometric will be used only for enrolment and authentication
Earlier efforts
National Identification Authority of India bill 2010
Pros
  • Subsidy rationalisation
    • Control the leakages
    • Better targeting
  • Privacy protection regime in the country will be initiated
  • To bypass SC order to make it mandatory for the schemes like DBT
  • Efficient, targeted and transparent delivery of subsidies, benefits and services
Cons 
  • Right to Privacy
    • Should it not be overseen by an Independent Judicial Authority
  • Section 5 and 57 enable to impose Aadhaar identification in virtually any context
    • Infringement of democracy and civil liberties
      • Mass surveillance per se is an
      • Freedom of Speech and expression : Even mere existence of a mass surveillance , stifle the dissent
      • Building an infrastructure of social control
  • Money bill
    • Pre-empting any serious discussion of these issue
    • Against the spirit of cooperative federalism
  • Section(33)
    • Data can used for the purpose of national security authorised by JS or Court
      • Depended on the benevolence of government
      • Inefficiencies of district judges
    • limited safeguard: internal procedural safeguards   without independent external monitoring are inadequate for the protection of rights
    • Solution
      • Replace national security with public safety and public emergency
      • Inclusion or CVC or CAG in the committee
      • Making Aadhaar optional
Challenges
 Misuses
  • AADHAR card by migrants
  • Data can used by corporates to harness unethical gain
Security
  • Data protection
  • Weak Cyber security structure
Operational
  • Authentication failures
  • Interoperability if other platforms are used
  • Delays
  • Not all can have biometric
Infrastructural
  • Reliable Connectivity problem
  • Literacy
  • Example : PDS in Rajasthan and Ranchi
Amendment proposed


Alternative solution
 From UID to UID+
Rather than single UID use of  different unique numbers linked to AADHAAR number
Example in MGNERGA instead of using 12 digit number, each authorised user of the system like Bank would get a modified number that is cryptographically generated.
Benefits
  • Corporate or other users could not create a linked database for profiling
  • Privacy concern also solved as cryptographic process could be restricted to authorised user
Way ahead
 Given the risk the core principle should be 'minimum use ' and 'maximum safeguards'
Justice A P Shah Committee : Privacy law
Independent Judicial Control
Grievance redressal mechanism
National Security
  • Replace national security with public safety and public emergency
  • CVG and Cag could be included in the review committee
Conclusion
  • We must ensure that UID database is not used in a manner that can hurt the citizen either accidently or by mission creep with unintended consequences
  • Biometric determination of identity will not be panacea as eligibility will still be governed by the criteria like income, etc.


Aadhar
  • Biometric information
    • Only core biometric information is not shared
  • Identity information includes biometric information
    • CIDR is the repsonsible for storage and protection of the data
    • Sharing of information is allowed now
    • National security ground can be expolited
  • Personal Information includes identity information also
    • Here the problem start by making it manadatory for varous servics like travel, bank, 
    • Government knows everything about an individual
    • Big Data is becoming the toll for vilation of R to Privacy
  • Way forward
    • Need to reconsider the fundamentals of the Aadhaar

UIDAI

Composition
  • A Chairperson
  • Two part time member
  • One CEO
Function
  • Collection of biometric and demographic
  • Assigning Aadhaar
  • Authentication Aadhaar
  • Specifying Uses of Aadhaar
Stand
  • Encrypted Data
  • Some data need to be protected
    • IT Act
    • Aadhaar Act
    • Any unauthorised use is criminal offecnce
  • If some violation
    • Police
    • Court
    • First information and then sanction of UIADI
  • Currently one can easily open the account
  • Cannot be tempered with (Privacy, mass surveillance)
  • WB if Aadhaar is used
    • 11 bn US dollar every year



Aadhar
  • Technological security
  • Legislative security
  • Process security


  • Aadhar Could be made basis of all other ID

  • Full proof ID so no misuse
  • Empowerment
  • Service delivery
  • Good governance

  • Privacy
  • Mass surveillance
  •  corporate Profiling



Supreme Court
  • Cannot be made mandatory for welfare schemes


Government decision
  • PAN card has to be verified by Aadhaar
  • All mobile has to be verified by Aadhaar



Don’t blame only Aadhaar for violation of Privacy
Need of comprehensive Privacy law

Privacy


For 
Against
Balanced
  • Mass surveillance
Misuse 
  • Use smart card
  • Biometrics essential for unique identification
  • Random number of Aadhaar
  • No search and no download
  • Individual required for authentication and transaction
  • No information can be published
  • One can lock the Aadhaar also
  • But more stringent norms on data privacy
  • A comprehensive privacy laws is necessary as economy moving towards digitally
  • Corruption, Fraud , transaction cost
  • We already giving various data online
  •  




Smart Card requires Pin for use and verification 
  • Requires active participation
  • Data can be deleted
  • Finger prints of dead person can be taken
  • Can be easily destroyed

  • KYC norms should not be there
    • Token issued by UIADAI
    • One time password will be generated to authenticates
  • Aadhaar poorly designed



Timeline

2015
  • Constitutional Bench : to decide the right to privacy and making Mandatory Aadhaar
2016
  • Adhaar Act
2017
Centre started using various scheme

  • Non welfare scheme can be made mandatory
  • 2 year down the line , no decision taken yet
  • It will be fait accompali till the time decision is made
  • Delay is going towards the centre
  • K M Munsi : decision of FRs should be decided earliest

  • Priortised the Aadhaar card issue

Comments

Post a Comment