One of the changes that we expect to see in the coming years, is the creation of more public repositories of personal data. By personal, I mean data like Name, Date of Birth, Address, Bank Account Number, Aadhaar Number, Health records, Education records, Employment information, DNA data, credit history, biometrics, iris scans, among other things: i.e. data pertaining to the person, and including, but not limited to, sensitive personal data. If you consider Aadhaar, it performs two functions as of now: First, and the one that the state considers most important, is the deduplication of identification in a database. This is what the original intent of Aadhaar was - to return a yes or no answer - and allow someone to get an answer to a simple question: are you who you say you are. This de-duplication is meant to help multiple things: mass surveillance (with NATGRID), addressing the ghost beneficiary issue of government welfare (even though that is overstated and is failing), documenting attendance, among other things. Second, and what is more important for the industry, is the function of KYC, or "Know Your Customer", which is authentic personal identification information, and a legal requirement that the government of India has imposed on services like Banking (for the money trail) and Telecom (for surveillance). Back in December 2009, in a submission to the government of India on scaling up Mobile Payments, Nokia had estimated that the cost of KYC then was Rs 200 per customer. This would have gone up…
