wordpress blog stats
Connect with us

Hi, what are you looking for?

Not required: NTA on whether legal opinion was sought for facial recognition in exam centres

Previously, the National Testing Agency had floated two tenders for installing facial recognition tech and CCTV cameras.

The National Testing Agency (NTA) which is introducing facial recognition for verification of candidates sitting for entrance examinations like Joint Entrance Examination (JEE), National Eligibility cum Entrance Test (NEET), and so on, did not seek a legal opinion before introducing the technology, the autonomous agency told MediaNama in response to a Right to Information request. It also did not provide a direct answer to whether it conducted a privacy impact assessment for the project.

Question: Please state whether any legal opinion was sought by the National Testing Agency prior to procurement of the said facial recognition system

NTA: No, there was no such requirement

The introduction of facial recognition technology at exam centres is going to affect millions of students since India does not have robust laws in place to regulate the use of such technologies which deal with sensitive data. The Personal Data Protection Bill, which would address such concerns, is yet to be introduced in the Lok Sabha.

We also asked the NTA whether it had undertaken a privacy impact assessment of the facial recognition project that potentially involves data of millions of students including minors.

MediaNama: Please provide information regarding any privacy impact assessment done before the proposed use of facial recognition system
NTA: Please refer to Tender Document (Clause 11.9) Appointment of Successful Bidders.

Read: Major entrance examinations such as JEE, NEET, UGC-NET to come under facial recognition surveillance

Advertisement. Scroll to continue reading.

NTA’s response on privacy assessment does not hold ground

Before going any further, it is important to note that the NTA floated two tenders recently for the installation of facial recognition technology at the exam centres. While one of the tenders looked into verification of exam candidates, the other was for candidates who will give the exams offline. Apart from the technical specifications, many provisions including the  “Appointment of Successful Bidders” section are the same in the two tenders.

Contrary to NTA’s response that Clause 11.9 is the section that talked about ‘Appointment of Successful Bidders’, the tender actually showed that it was Clause 10.9. Now let’s see what it exactly says (or whether it says anything) regarding conducting a privacy impact assessment.

The selected bidder will be responsible for providing secure systems. The selected bidder is expected to adhere to Information Security Management procedures as per acceptable standards with best practices. The selected bidder shall be responsible for guarding the Systems against virus, malware, spyware and spam infections using the latest Antivirus corporate/Enterprise edition suites which include anti-malware, anti spyware and anti-spam solution for the entire system. The vendor shall have to maintain strict privacy and confidentiality of all the data it gets access to – National Testing Agency in both tenders (emphasis supplied)

This essentially shifts the entire responsibility of protection of data to the vendor and does not talk about conducting a privacy impact assessment.

What does the draft PDP Bill say about privacy assessment?

According to the draft Personal Data Protection Bill, a data protection impact assessment should contain—

  • Description of the proposed processing operation; the purpose of processing and nature of personal data being processed
  • Assessment of potential harm that may cause the subjects
  • Measures of removing, minimising, managing risk of harm

When the NTA’s clause and the PDP Bill provision on privacy assessment are juxtaposed, it implies that the NTA failed to take up a privacy/data protection assessment.

‘Confidential information, cannot be disclosed’

MediaNama also asked NTA to provide details of persons or organisations authorised to operate and use facial recognition technology; to which it replied, “The details of the persons or organizations authorized to operate and use facial recognition technology cannot be made public by the National Testing Agency.” The tender does not specify how the data is going to be stored, whether it is going to be used by third parties, and if so, how the data is going to be used.

Advertisement. Scroll to continue reading.

The NTA also declined to provide information regarding databases that the NTA is using for matching the photographs/videos obtained through the facial recognition system. “Information sought is confidential in nature, cannot be provided,” the agency said.

Facial recognition being brought in for fighting impersonation: NTA

In the two tenders that were floated, the NTA claimed that facial recognition systems and other biometric verification processes were being introduced to thwart impersonation problems. Impersonation in entrance tests such as JEE is not something new and continues to this day.

In 2020, the Assam topper of JEE Main 2020 was arrested for allegedly using an impersonator to sit for the exam. Additionally, the NTA had recently deployed an AI algorithm to detect impersonation and had identified 56 such candidates from the February cycle of JEE Main 2021. Their images matched with some of the 20,000 top-ranked candidates for the exams in 2019 and 2020, a report by the Times of India said.

This proposal coupled with the recent tender floated by the Ministry of Health and Family Welfare (MoHFW) for the introduction of FRT for online examinations conducted by the All India Institute of Medical Sciences (AIIMS), brings a majority of Indian entrance examinations under the ambit of facial recognition.

Also read

Have something to add? Post your comment and gift someone a MediaNama subscription.

Advertisement. Scroll to continue reading.
Written By

Among other subjects, I cover the increasing usage of emerging technologies, especially for surveillance in India

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



While the market reality of popular crypto-assets like Bitcoin may undergo little change, the same can't be said for stablecoins.


Bringing transactions related to crypto-assets within the tax net could make matters less fuzzy.


Loopholes in FEMA and the decentralised nature of crypto-assets point to a need for effective regulations.


The need of the hour is for lawmakers to understand the systems that are amplifying harmful content.


For drone delivery to become a reality, a permissive regulatory regime is a prerequisite.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ