I gave a number to you (with consent), random number, which law have I violated? — Even if I gifted that number to you without your permission, it’s up to you to use that number. If I give the number to everybody in this hall, and if you don’t use that number, what crime have I committed — RS Sharma, CEO, National Health Authority
Sharma was reacting to the criticism levied on him and the Indian government for attaching the enrollment of unique Health IDs through Aadhaar-enabled vaccine registrations. It has been reported that individuals falsely believed that Aadhaar is mandatory for authentication through CoWIN and thus, unknowingly signed up for Health IDs.
Sharma’s comments were not standalone but in line with his criticism of the privacy and data security narrative surrounding Aadhaar during Day 2 of the Workshop on Aadhaar 2.0: “Expanding Use of Aadhaar to Boost Digital Economy”.
Regardless of how these unique IDs are being issued, the lack of a data protection law poses serious privacy concerns as to how the proposed digital ecosystems will evolve because there are no clear guidelines on what and how data can be collected, used, shared, and stored.
UIDAI is shying away from the digital nature of Aadhaar: Sharma
Sharma criticised officials of the Unique Identification Authority of India (UIDAI) and other government officials for “misinterpreting the Supreme Court judgement” and also for treating Aadhaar akin to other physical identity cards.
- UIDAI should not have started issuing physical Aadhaar cards: “The basic principles of digital can not be applied to a physical artifact. We had said (during formulation of Aadhaar) that a number is not a card…UIDAI started issuing those cards directly. I don’t see the logic of that honestly. Now we have also introduced something called offline verification, and that became a part of the Aadhaar Act, I don’t know why.”
UIDAI, from an agency which should promote digital identity, has become a regulator of digital identity — RS Sharma
Sharma argued against physical artifacts (identification cards and so on) saying that such “artifacts” can be “cloned, forged, duplicated”. “But for digital, since it’s online, everything is verifiable,” Sharma claimed.
While Sharma might not have said it in so many words, his implication that “digital” cards such as Aadhaar are clone-, forge- and duplicate-proof is incorrect. There are many instances where such cases have been reported. You can read about them here, here, here, and here.
- Government officials are misreading Supreme Court judgement: Sharma, while talking about the Aadhaar case, said that the first question that the court had to decide was whether privacy was a fundamental right; next, it had to decide whether Aadhaar violated privacy.The Supreme Court in the Puttaswamy judgement upheld the overall validity of Aadhaar but disallowed the use of individual Aadhaar numbers by any private entities for establishing the identity of the individual concerned for any purpose.
There were certain observations (made by Supreme Court), but more observations have been made by our own colleagues (sic). The SC order has become an alibi for many of us in the government and people have started newer and newer identities and avoiding Aadhaar. — Sharma.
- Concept of Aadhaar Vault fallacious: Sharma criticised the concept of Aadhaar data vault which is a centralised storage for all Aadhaar numbers collected by authorised agencies.
Aadhaar Act says Aadhaar information should be safely kept. Aadhaar number is not an identity. It (data vault) is like putting all the numbers on the currency notes into some safe vault saying that these numbers will not be disclosed. This is a fallacious way. Once you start with a fallacious foundation then everything else becomes fallacious. — RS Sharma
- Privacy should not compromise functionality: Sharma criticised arguments around privacy saying that “some people were opposing for the sake of opposition without understanding”. He said, “There is a principle called privacy by design. We have incorporated that in the design of Aadhaar. There is another principle called non-zero-sum game — which means privacy should not compromise the functionality. We have unfortunately made it out that way (sic).”
Sharma while criticising privacy proponents also argued that Aadhaar number should not be perceived as something private and gave an example from 2018 wherein he had tweeted out his own Aadhaar number as a challenge.
Following the tweet, users on Twitter were able to dig up the TRAI Chairman’s mobile number(s), gmail and yahoo addresses, physical address, date of birth, and even the frequent flyer number which is believed to be a response to the security question for changing Sharma’s gmail password. Apparently, someone had ordered a OnePlus 6 for the Chairman, via Amazon, cash on delivery. However, you can read here, why that challenge was a problem in itself.
Government officials all for citizens sharing Aadhaar data
Ex-member of Postal Services and one of the brains behind Aadhaar, AP Singh claimed that the “full potential” of Aadhaar has not been achieved yet because it “got appropriated by the government”.
The magic of Aadhaar has not worked because it got appropriated by the government. The SC nowhere in its judgement said that the private sector cannot use Aadhaar. It may have put some limitations — AP Singh
Singh said that in the founding years of Aadhaar, officials had not intended it to be just used for the government. His point was also agreed by Sujoy Bose, MD & CEO, National Investment and Infrastructure Fund (NIIF), another panelist. National e-Governance Division President and CEO Abhishek Sharma agreed to RS Sharma’s point that there should be no restriction imposed on sharing Aadhaar number.
Aadhaar for detecting financial frauds
National Payments Corporation of India (NPCI) MD and CEO Dilip Asbe proposed the usage of Aadhaar for detecting financial frauds at the workshop.
Tax avoidance is a big issue in our country. Today with PAN and Aadhaar linkages, when a customer has an account with multiple banks, the Aadhaar is linked there. Why can’t we look at data a little bit more for suspicious cases to see if there are tax avoidance in the country? — Dilip Asbe, NPCI CEO
“I am sure that it will be used three-four years down the line but can we afford to wait that much time?” Asbe asked. ”Nobody is able to stop. With the uniqueness of Aadhaar, is it not possible to create a fraud repository? To ensure that once the person does a fraud, he will not get the SIM card, he will not get a bank account, he will not get wallet, he will not get anything,” Asbe said. Systems can be built up and ensure that fraudsters are blocked at the door itself, he added.
Asbe also proposed the usage of Aadhaar in rural areas by expanding the scope of micro ATMs. “We should try and leverage many more services on the micro ATM using Aadhaar, so that it becomes really convenient for customers. (A rural customer)…can take use of assistant mode (on Micro ATMs) to look at more services, payments, purchase, investments insurances, etc.”
Also read:
- Why did RS Sharma bring up UPI and Account Aggregators in an event on digital health?
- 96% Of Nearly 14 Crore Unique Health IDs Linked With Aadhaar, Reveals ABDM Mission Director
- Govt Proposes Linking Birth And Death Data To Aadhaar, But Critics Fear An NRC Revival
- Government Allows Aadhaar E-KYC For Telecoms Despite Supreme Court Judgement Striking Down Section 57 Of Aadhaar Act 2016
Have something to add? Post your comment and gift someone a MediaNama subscription.
