back to top

6 Ways How Aadhar Is Infringing Your Privacy In India

Congratulations. You have been digitally imprinted. And the best part about it is, you do not have a choice. Wherever you go, your identity precedes you. Be it passport office or procuring a driving license, all you have to do is say those 12 magical numbers. A wise man once said, with great power comes great responsibility. And collectively, we Indians are poor at handling responsibilities. With huge amount of private information made available to the Government in the form of mandatory UIDAI scheme rolled by the Government in 2009, questions like how does the Government plan to store and disseminate such private information, what happens in case of breach of database etc. remains unanswered. Precisely for the same reason, Courts in developed countries like UK and France have held such collection and retention of private data impermissible. Below we mention certain examples of how Aadhar can infringe your privacy-

Posted on

1.Identification without consent-

With the help of your Aadhaar number, it is possible to track an individual’s activities across multiple domains of service using the mainframe database. This leads to identification without consent. Besides, there have been instances where unauthorized use of biometrics have been done to illegally identify people by matching of iris scans and fingerprints or facial photographs stored in the Aadhaar database, or using the demographic data to identify individuals without their consent outside the domain of law. The recent e-KYC data being used by several private firms is a good example of it.

2.Mass surveillance-

Imagine Orwell’s 1984, Big Brother might as well be watching you, and he knows your Aadhaar number. With the accumulation of huge sets of private data, there is no guarantee if tomorrow the same data is used to keep track of where you go, what you eat and whom you meet. This is blatant violation of Fundamental Rights of people, and no enforcement mechanism to prevent this exists.

3.Illegal Tracking of individuals-

Having a database of private information of 1.27 billion people means that individuals may be put under surveillance without appropriate authorisation or legal backing using the authentication and identification records held by the authorities, such record also contains data on the time, location and the context of the identification, authentication and services availed.

4.Insider attacks-

Insider attack is one of the most dangerous threats faced with accumulation of private information of this scale. For instance, an attacker can collude with an insider who has access to database to misappropriate various components of the Aadhar system. Such types of attacks have occurred in the past in major developed countries like USA and UK.

5.Theft of data-

Having data of more than billion people is not the problem, but when it is coupled with dismal infrastructure, complications are bound to arise. Theft of data is prevalent everywhere, with nearly 1.4 billion data records being stolen by hackers only in 2016. Such data is later used by hackers either for revenge purposes, financial gain or coercing people through blackmail. It can also be sold to underground forums and used for illegal purposes such as accessing bank account details, identity thefts and so on. The problem is more grave in India, where no proper structure to protect this data exists.

6.Sale of private information-

Did you know that the data being collected by UIDAI is not the property of the Government? When the state holds the data it collects from its residents in its transactions, it only holds the data in fiduciary capacity and does not own the data. This means that the Government is also a customer in utilisation of your private data which is held by National Information Utilities, a non-governmental body, who actually own the data. NUI’s are private companies with the sole objective of making money out of your data. What’s more, the UIDAI is also a business entity governed by Companies Act and therefore has a separate legal entity not bound by law that recognizes the fiduciary capacity of the state. Your data is being sold, without even letting you know!

It may be too cliché to say this, but the cyber age has arrived, and we have to be vigilant about it unless its too late to revert back.

This post was created by a member of BuzzFeed Community, where anyone can post awesome lists and creations. Learn more or post your buzz!