Nandan Nilekani, the founding chairman of the Unique Identity Development Authority of India
(UIDAI), has once again raised concerns about the security of the data collected in the Aadhaar
database. While underlining that the Aadhaar system had not yet been hacked, Mr Nilekani said security would be a big concern in the future
. The Infosys co-founder was speaking against the backdrop of the UIDAI
lodging a complaint against an IIT-Kharagpur
engineer and his start-up for developing an app and illegally accessing the Aadhaar
database. One of the key reasons why many academics and civil liberties activists have been resisting the enrolment of Aadhaar is the lack of data security and privacy protection. With each episode of Aadhaar data being leaked, such concerns are heightened.
The government, however, has been aggressively pushing for Aadhaar as the identity establisher.
Apart from making it mandatory for a whole host of welfare schemes where the government spends the bulk of its subsidy allocations, it has also argued for Aadhaar
to be used for a wide variety of other public services and regulations, from driving licences to mobile phones to death certificates. What gives this push legitimacy is the saturation coverage of Aadhaar: 99 per cent of Indians above the age of 18 have been enrolled and as of June end, over 1.15 billion Indians had an Aadhaar.
These concerns about the security of Aadhaar
data are growing by the day as India does not have any law to protect such data
. In fact, the government is fighting a massive judicial battle with the civil society to ascertain whether or not Indians have a “fundamental” right to privacy. A nine-judge Bench of the Supreme Court is likely to decide on the matter soon. However, regardless of whether it is a “fundamental” right or not, India will, in any case, need a law to protect data
. Currently, there is nothing that users know regarding what is happening to their data and this information needs to be given back to the people
, a point the telecom regulator also raised about Apple earlier this week.
There are at least two reasons why policymakers should heed Mr Nilekani’s warning and take a strategic position on data colonisation and privacy. One,
in the absence of a legal framework, it might be unclear how the aggrieved will be compensated, or the guilty punished, in case data theft does take place. Two
, while it might be true that the Aadhaar
system has not been hacked, technology
is forever evolving and there are no guarantees — as the IIT engineer showed
— that things will not change quickly in the future.
via Mr Nilekani’s warning | Business Standard Editorials