Right to privacy or the right to do business with UID database?   

December 3, 2010

Industrialist Ratan Tata has the capacity to challenge a breach of his privacy in the Supreme Court. But what about the nearly 60 crore Indian residents who don’t know what will become of the biometric data being collected by UIDAI?

The leak of the Niira Radia tapes in India and thousands of US classified documents on WikiLeaks, has stirred up again the debate on privacy. Earlier this week, Tata group chairman Ratan Tata petitioned the Supreme Court to order the government to restrict the use of conversations contained in the tapes, on the grounds that making them public was a breach of his privacy. The WikiLeaks disclosures have exposed many decisions and processes in the US government that have become a serious embarrassment for its leaders. Some of these leaders are talking about punishing those responsible for the leaks.

It’s all well for such influential business and political figures to argue in defence of their privacy. But do these standards apply to the common citizen anywhere, and more specifically in India? Many of such common people may not even be aware of this thing called ‘privacy’, leave the ‘right to privacy’. Take the unique identification programme being conducted in India today.

In fact, according to some of the diplomatic files published by WikiLeaks, it is now known that some US officials had been trying to collect biometric and such other sensitive identification information about politicians and bureaucrats from the United Nations and some countries like South Korea, China, Egypt, Indonesia, Malaysia, Syria and even India.

In Mumbai last month, the US Consulate had asked for proof of identity and other details even from the Maharashtra chief minister and state deputy chief minister to be allowed to attend a programme with the US president during his visit to India. Of course, when the state government protested and threatened that the leaders would not attend the programme, the US authorities buckled down.

But that’s a story about the powerful and famous. Besides, it’s highly unlikely that the more than 60 crore Indians being targeted by the identification programme would refuse to be part of it, particularly if they were told that they stood to ‘gain’ from it. This is the tragedy of the unique identification (UID) number of the Unique Identification Authority of India (UIDAI), headed by Infosys boss Nandan Nilekani.

This ambitious and expensive project uses biometric information like fingerprints, IRIS scans and face photos to create a UID number. The authority is roping in fat-profit organisations as its partners, which will very likely result in the database being used for targeted marketing. (Read: Fat profit institutions continue to board UID bandwagon http://www.moneylife.in/article/78/11136.html) In addition, many registrars have been roped in by UIDAI to undertake this enrolment. These agents are believed to be adding their own parameters while creating their own databases for business use. (Read: Is the UIDAI database vulnerable? http://www.moneylife.in/article/78/9594.html)

Normally this should have rung an alarm bell. But it seems there has been not reaction, let alone any action from UIDAI or the government. So, what is the control over these databases and what is there to prevent any unauthorised use of this data? There is a lighter side to this. An IT expert, who requested anonymity, suggested that it may not be long before the information collected in these databases comes out into the public domain, like in the case of the Radia tapes. “The interesting part is that once the fingerprints, pictures of irises and the DNA record of people become widely available, they will automatically lose their value for purposes of evidence or as a means of uniquely identifying anybody,” he explained.

Another expert said, “Governments cannot be trusted with personal information. I think India will be better off with no ID cards as the whole world is becoming one seamless entity with just local governments focusing on local services. IDs are an intrusion into one’s privacy. India should remain as it has been.”

In an essay published at Forbes.com, security technologist and author Bruce Schneier, says, “As long as privacy isn’t salient, and as long as companies are allowed to forcibly change social norms by limiting options, people will increasingly get used to less and less privacy. There is no malice on anyone’s part here; it is just market forces in action. If we believe privacy is a social good, something necessary for democracy, liberty and human dignity, then we cannot rely on market forces to maintain it. Broad legislation protecting personal privacy by giving people control over their personal data is the only solution.”

This means that unless the biometric data of the nearly 60 crore residents being collected by UIDAI is kept safe and the privacy of individuals’ records is protected, the Aadhaar project could turn into a tool for Big Brother, the government.

The Supreme Court has issued notices to the union government as well as the two magazines on the Radia tapes asking for a reply in ten days. While matter of the tapes is not connected in any way to the UID issue, the outcome on the subject of privacy will be relevant. Repeated questions to UIDAI by email have remained unanswered. — Moneylife Digital Team