PageImp, CC BY-SA 4.0, via Wikimedia Commons
|
Journal of Science Policy & Governance | Volume 18, Issue 01 | March 24, 2021
|
White Paper: New Principles for Governing Aadhaar: Improving Access and Inclusion, Privacy, Security, and Identity Management
Nishant Anand
Department of Science, Technology & Public Policy, University College London, London, UK |
Keywords: Aadhaar; e-identity; digital ID; biometrics; responsible governance; trust
Executive Summary: Legal identification for all by 2030 is a global strategic goal under the UN Sustainable Development Goals (SDG 16.9). Legal identification is perceived as a critical element in increasing people’s participation in society and providing them with access to services that can improve their quality of life. Aadhaar, India’s digital identity programme, is the world’s largest identity project aimed at providing foundational ID and access to state welfare across the nation. By 2019, 1.2 billion people had a registered Aadhaar card. National and state welfare services, and increasingly, a host of private sector services, are linked to Aadhaar. However, India’s eID programme has faced significant civil and judicial resistance over matters of privacy, fraud, welfare exclusion and surveillance.
This technology assessment focusses on evaluating Aadhaar using four lenses: the accessibility of Aadhaar and its impact on welfare distribution, privacy concerns and contestations, security issues associated with the Aadhaar architecture, and finally the efficacy of identity management processes. Aadhaar’s growing prominence in public and private sector services means that the risks and vulnerabilities in the technology also become embedded in the socio-economic fabric of society. This paper discusses how the current efforts to address highlighted risks are insufficient and drive distrust in the system. This paper concludes by providing recommendations that can help address existing issues. Improving civil society participation in Aadhaar’s current and future direction can help foster trust in the Aadhaar ecosystem. Digital rights training presents an avenue to educate all Aadhaar stakeholders on their data rights, digital risks, and mitigation strategies. Formalizing UIDAI as an independent authority, not tied to the central government, can also improve the transparency and governance of Aadhaar and provide a pathway for greater participation across public sector, private sector and civil society actors and can provide opportunities to develop acceptable innovations on top of the eID system.
This technology assessment focusses on evaluating Aadhaar using four lenses: the accessibility of Aadhaar and its impact on welfare distribution, privacy concerns and contestations, security issues associated with the Aadhaar architecture, and finally the efficacy of identity management processes. Aadhaar’s growing prominence in public and private sector services means that the risks and vulnerabilities in the technology also become embedded in the socio-economic fabric of society. This paper discusses how the current efforts to address highlighted risks are insufficient and drive distrust in the system. This paper concludes by providing recommendations that can help address existing issues. Improving civil society participation in Aadhaar’s current and future direction can help foster trust in the Aadhaar ecosystem. Digital rights training presents an avenue to educate all Aadhaar stakeholders on their data rights, digital risks, and mitigation strategies. Formalizing UIDAI as an independent authority, not tied to the central government, can also improve the transparency and governance of Aadhaar and provide a pathway for greater participation across public sector, private sector and civil society actors and can provide opportunities to develop acceptable innovations on top of the eID system.
-Read the full article through download.- |
References
- Abraham, Ronald, Elizabeth S. Bennett, Rajesh Bhusal, Shreya Dubey, Qian (Sindy) Li, Akash Pattanayak, and Neil Buddy Shah. 2018. ‘State of Aadhaar Report 2017-18.Pdf’. ID Insight.
- Abraham, Ronald, Elizabeth S Bennett, Noopur Sen, and Neil Buddy Shah. 2017. ‘STATE OF AADHAAR REPORT 2016-17’, May, 24.
- Agrawal, Shweta, Subhashis Banerjee, and Subodh Sharma. 2017. ‘Privacy and Security of Aadhaar: A Computer Science Perspective’. Economic and Political Weekly, 15.
- Amrute, Sareeta, Reetika Khera, and Adam Willems. 2020. ‘Aadhaar and the Creation of Barriers to Welfare’. Interactions 27 (6): 76–79. https://doi.org/10.1145/3428949.
- Asia Blockchain Review. 2019. ‘South Korea EID’. Asia Blockchain Review - Gateway to Blockchain in Asia (blog). 9 July 2019. https://www.asiablockchainreview.com/south-korea-approves-blockchain-based-id-authentication-service-for-sandbox/.
- Baxi, Parul. 2019. ‘Technologies of Disintermediation in a Mediated State: Civil Society Organisations and India’s Aadhaar Project’. South Asia: Journal of South Asian Studies 42 (3): 554–71. https://doi.org/10.1080/00856401.2019.1602808.
- CGAP. 2015. ‘From Cash to Digital Transfers in India: The Story So Far’. CGAP. 2015. http://web.archive.org/web/20170613055012/https://www.cgap.org/sites/default/files/Brief-From-Cash-to-Digital-Transfers-in-India-Feb-2015_0.pdf.
- CGD. 2017. ‘Impact of Bhamashah on Digital Governance Reforms in Rajasthan’. 2017. https://www.microsave.net/files/pdf/171212_Household_Perception_Impact_of_Bhamashah_Digital_Governance_Reforms_in_Rajasthan.pdf.
- Chakravarty, Ipsita. 2017. ‘Aadhaar Has Run into Pockets of Resistance in Three States of the North East’. Text. Scroll.In. https://scroll.in. November 2017. https://scroll.in/article/857074/aadhaar-has-opened-up-pockets-of-resistance-in-three-states-of-the-north-east.
- Christopher, Deepa. 2019. ‘India – Full Analysis of the Proposed New Privacy Law| DigiLinks | Linklaters’. Linklaters. 2019. https://www.linklaters.com/en-us/insights/blogs/digilinks/india-full-analysis-of-the-proposed-new-privacy-law
- Dixon, Pam. 2017. ‘A Failure to “Do No Harm” -- India’s Aadhaar Biometric ID Program and Its Inability to Protect Privacy in Relation to Measures in Europe and the U.S.’ Health and Technology 7 (4): 539–67. https://doi.org/10.1007/s12553-017-0202-6.
- Drèze, Jean, Nazar Khalid, Reetika Khera, and Anmol Somanchi. 2017. ‘Aadhaar and Food Security in Jharkhand’. Economic and Political Weekly, no. 50 (December): 12.
- eEstonia. 2019. ‘Estonia EID’. E-Estonia. 2019. https://e-estonia.com/solutions/e-identity/id-card/.
- ENS Economic Bureau. 2015. ‘Happy That NDA Has given Aadhaar a Big Push: Nilekani’. The Indian Express (blog). 7 December 2015. https://indianexpress.com/article/india/india-news-india/happy-that-nda-has-given-aadhaar-a-big-push-nilekani/.
- Gelb, Alan, and Anna Diofasi Metz. 2018. Identification Revolution: Can Digital ID Be Harnessed for Development?
- Gemalto. 2019. ‘Belgium EID’. 2019. https://www.gemalto.com/brochures-site/download-site/Documents/gov_belgium_id.pdf.
- Government of India. 2019. ‘Programme Pillars | Digital India Programme’. 2019. https://digitalindia.gov.in/content/programme-pillars.
- GovTech Singapore. 2021. ‘GovTech Singapore - Organisational Overview’. 2021. https://www.tech.gov.sg/who-we-are/our-role/.
- GSMA. 2016. ‘The Mobile Economy - India 2016’. https://www.gsmaintelligence.com/research/?file=134a1688cdaf49cfc73432e2f52b2dbe&download.
- GSMA. 2017. ‘Aadhaar: Inclusive by Design’. GSMA. March 2017. https://www.gsma.com/mobilefordevelopment/wp-content/uploads/2017/03/gsma-aadhaar-report-270317.pdf.
- Gupta, Komal. 2019. ‘Aadhaar a Game Changer, Helped Govt Save ₹90,000 Cr till Mar 2018: Arun Jaitley’. Mint. 6 January 2019. https://www.livemint.com/Politics/JufOIND7IUPjnyZCE4BrfL/Aadhaar-is-a-game-changer-Arun-Jaitley.html.
- Henne, Kathryn. 2019. ‘Surveillance in the Name of Governance: Aadhaar as a Fix for Leaking Systems in India’. In Information, Technology and Control in a Changing World: Understanding Power Structures in the 21st Century, edited by Blayne Haggart, Kathryn Henne, and Natasha Tusikov, 223–45. Cham: Springer International Publishing. https://doi.org/10.1007/978-3-030-14540-8_11.
- Hughes, Thomas Parke. 1987. ‘The Evolution of Large Technological Systems’. In The Social Construction of Technological Systems. MIT Press.
- Khera, Reetika. 2019. Dissent on Aadhaar: Big Data Meets Big Brother. Orient BlackSwan Private Limited.
- Mali, Nidhi Vij, and Martha A. Avila-Maravilla. 2018. ‘Convergence or Conflict?: Digital Identities vs. Citizenship Rights: Case Study of Unique Identification Number, Aadhaar, in India’. In Proceedings of the 11th International Conference on Theory and Practice of Electronic Governance, 443–48. Galway Ireland: ACM. https://doi.org/10.1145/3209415.3209487.
- Mander, Harsh. 2015. ‘Replacing Food with Cash’. Mint. 20 October 2015. https://www.livemint.com/Opinion/hnytasM4zVTEWmQnt1fc1N/Replacing-food-with-cash.html.
- Mansfield-Devine, Steve. 2015. ‘Biometrics in Developing Countries’. Biometric Technology Today 2015 (4): 5–8. https://doi.org/10.1016/S0969-4765(15)30060-6.
- Martens, Tarvi. 2010. ‘Electronic Identity Management in Estonia between Market and State Governance’. Identity in the Information Society 3 (1): 213–33. https://doi.org/10.1007/s12394-010-0044-0.
- Mathur, Nandita. 2019. ‘India’s Internet Base Crosses 500 Million Mark, Driven by Rural India’. Livemint. 11 March 2019. https://www.livemint.com/industry/telecom/internet-users-exceed-500-million-rural-india-driving-growth-report-1552300847307.html.
- Medianama. 2018. ‘#AadhaarLeaks - A Continuously Updated List of All Aadhaar Data Leaks’. MediaNama (blog). 4 May 2018. https://www.medianama.com/2018/05/223-aadhaar-leaks-list/.
- Misra, Prakhar. 2019. ‘Lessons from Aadhaar: Analog Aspects of Digital Governance Shouldn’t Be Overlooked’. Pathways for Prosperity Commission Background Paper Series; no. 19: 34.
- Nelson, Jake, and Tim Gorichanaz. 2019. ‘Trust as an Ethical Value in Emerging Technology Governance: The Case of Drone Regulation’. Technology in Society 59 (November): 101131. https://doi.org/10.1016/j.techsoc.2019.04.007.
- Nilekani, Nandan. 2016. ‘Basis of a Revolution’. The Indian Express (blog). 9 March 2016. https://indianexpress.com/article/opinion/columns/aadhaar-bill-lpg-subsidy-mgnrega-paperless-govt-basis-of-a-revolution/.
- Parkin, Benjamin. 2019a. ‘India Defends Plans for Facial Recognition System’. Financial Times. 9 November 2019. https://www.ft.com/content/d50dcf96-0223-11ea-b7bc-f3fa4e77dd47.
- Parkin, Benjamin. 2019b. ‘India Proposes First Major Data Protection Law’. Financial Times. 11 December 2019. https://www.ft.com/content/df6fd8d4-1bf1-11ea-9186-7348c2f183af.
- Planning Commission of India, ed. 2009. A Hundred Small Steps: Report of the Committee on Financial Sector Reforms. New Delhi : Thousand Oaks, Calif: Planning Commission, Government of India ; SAGE Publications.
- PRS Legislative Research. 2011. ‘The National Identification Authority of India Bill’. PRS Legislative Research, 6.
- Rajasthan Administrative Services. 2019. ‘Bhamashah Yojana’. RajRAS - Rajasthan RAS (blog). 15 July 2019. https://www.rajras.in/index.php/bhamashah-yojana/.
- Rajput, Ajinkya, and K. Gopinath. 2017. ‘Towards a More Secure Aadhaar’. In Information Systems Security, edited by Rudrapatna K. Shyamasundar, Virendra Singh, and Jaideep Vaidya, 10717:283–300. Cham: Springer International Publishing. https://doi.org/10.1007/978-3-319-72598-7_17.
- Ramanathan, Usha. 2017. ‘A Shaky Aadhaar’. The Indian Express, March 2017. https://indianexpress.com/article/opinion/columns/aadhar-card-uid-supreme-court-a-shaky-aadhaar-4591671/.
- Ramnath, N. S., and Charles Assisi. 2018. The Aadhaar Effect: Why the World’s Largest Identity Project Matters. Oxford University Press.
- Rao, Ursula. 2013. ‘Biometric Marginality: UID and the Shaping of Homeless Identities in the City’. Economic and Political Weekly 48 (13): 71–77.
- Rao, Ursula. 2019. ‘Population Meets Database: Aligning Personal, Documentary and Digital Identity in Aadhaar-Enabled India’. South Asia: Journal of South Asian Studies 42 (3): 537–53. https://doi.org/10.1080/00856401.2019.1594065.
- Rao, Ursula, and Vijayanka Nair. 2019. ‘Aadhaar: Governing with Biometrics’. South Asia: Journal of South Asian Studies 42 (3): 469–81. https://doi.org/10.1080/00856401.2019.1595343.
- Saldanha, Alison. 2018. ‘From Cheating Banks to Faking Identity, Aadhaar Frauds Peak in 2018: Report’. Business Standard India, 3 June 2018. https://www.business-standard.com/article/economy-policy/from-cheating-banks-to-faking-identity-aadhaar-frauds-peak-in-2018-report-118052300151_1.html.
- Sarkar, Swagato. 2014. ‘The Unique Identity (UID) Project, Biometrics and Re-Imagining Governance in India’. Oxford Development Studies 42 (4): 516–33. https://doi.org/10.1080/13600818.2014.924493.
- Satpathy, Tathagata. 2017. ‘The Aadhaar: “Evil” Embodied as Law’. Health and Technology 7 (4): 469–87. https://doi.org/10.1007/s12553-017-0203-5.
- Sen, Srijoni. 2019. ‘A Decade of Aadhaar: Lessons in Implementing a Foundational ID System’, no. 292: 12.
- Siegrist, Michael, George Cvetkovich, and Claudia Roth. 2000. ‘Salient Value Similarity, Social Trust, and Risk/Benefit Perception’. Risk Analysis 20 (3): 353–62. https://doi.org/10.1111/0272-4332.203034.
- Sinha, Amber, and Srinivas Kodali. 2017. ‘Information Security Practices of Aadhaar (or Lack Thereof): A Documentation of Public Availability of Aadhaar Numbers with Sensitive Personal Financial Information’, May, 31.
- Sobti, Shalini, Bhavna Sahni, and Kiran Bala. 2020. ‘Surgical Coverage of Cataract in a Rural Area of North India: A Cross-Sectional Study’. Journal of Family Medicine and Primary Care 9 (8): 4112. https://doi.org/10.4103/jfmpc.jfmpc_520_20.
- Somanchi, Anmol, and Vipul Paikra. 2018. ‘Database of Aadhar-Related Forgeries, Fraud’. Google Docs. 2018. https://docs.google.com/spreadsheets/d/1NhVZuQ-wgy-I77iGiFVimL5eWOOPnjH4gA_r0NOM62c/edit?usp=sharing&usp=embed_facebook.
- St_Hill. 2019. ‘Death of an Aadhaar Holder’. Medium. 17 July 2019. https://medium.com/karana/death-of-an-aadhaar-64fb38be07c8.
- Stilgoe, Jack, Richard Owen, and Phil Macnaghten. 2013. ‘Developing a Framework for Responsible Innovation’. Research Policy 42 (9): 1568–80. https://doi.org/10.1016/j.respol.2013.05.008.
- Tomlinson, Hugh. 2017. ‘Case Law, India: Puttaswamy v Union of India, Supreme Court Recognises a Constitutional Right to Privacy in a Landmark Judgment – Hugh Tomlinson QC’. Inforrm’s Blog. 4 September 2017. https://inforrm.org/2017/09/04/case-law-india-puttaswamy-v-union-of-india-supreme-court-recognises-a-constitutional-right-to-privacy-in-a-landmark-judgment-hugh-tomlinson-qc/.
- Totapally, Swetha, Petra Sonderegger, Priti Rao, Jasper Gosselt, and Gaurav Gupta. 2019. ‘State of Aadhaar Report 2019. Dalberg, 2019.’ 2019. https://stateofaadhaar.in/assets/download/SoA_2019_Report_web.pdf.
- Tribune News Service. 2018. ‘Challan in Cheating, Forgery Case Points to Aadhaar Data Breach’. Tribuneindia News Service. 2018. https://www.tribuneindia.com/news/archive/challan-in-cheating-forgery-case-points-to-aadhaar-data-breach-575238.
- UIDAI, Government of India. 2009. ‘Unique Identification Authority of India’. 2009. https://uidai.gov.in/about-uidai/unique-identification-authority-of-india.html.
- UIDAI, Government of India. 2019a. ‘Authentication Ecosystem - Unique Identification Authority of India’. 2019. https://uidai.gov.in/ecosystem/authentication-ecosystem.html.
- UIDAI, Government of India. 2019b. ‘Security in UIDAI System’. Unique Identification Authority of India | Government of India. 2019. https://uidai.gov.in/my-aadhaar/about-your-aadhaar/security-in-uidai-system.html.
- UIDAI, Government of India. 2019c. ‘Simplified Aadhaar Authentication Ecosystem’. Unique Identification Authority of India | Government of India. 2019. https://uidai.gov.in/ecosystem/authentication-ecosystem/operation-model.html.
- UIDAI, Government of India. 2019d. ‘About Your Aadhaar’. Unique Identification Authority of India | Government of India. 24 January 2019. https://uidai.gov.in/my-aadhaar/about-your-aadhaar.html.
- United Nations. 1948. ‘Universal Declaration of Human Rights’. 1948. https://www.un.org/en/universal-declaration-human-rights/.
- United Nations. 1966. ‘OHCHR | International Covenant on Civil and Political Rights’. 1966. https://www.ohchr.org/en/professionalinterest/pages/ccpr.aspx.
- United Nations. 2019. ‘SDG Indicators’. UN Stats. 2019. https://unstats.un.org/sdgs/metadata/?Text=&Goal=16&Target=16.9.
- Winner, Langdon. 1980. ‘Do Artifacts Have Politics?’ Daedalus 109 (1): 121–36.
- World Bank. 2018. ‘Identification for Development’. 2018. https://id4d.worldbank.org/global-dataset/visualization.
Nishant Anand is a PhD student in the department of Science, Technology, Engineering & Public Policy (STEaPP) at University College London. His research investigates the application of responsible governance practices for digital identity systems. He is passionate about understanding the intricate interplay between technology, society, and policy.
Acknowledgements: No external funding was provided in preparation for this research.
Disclaimer: No potential conflict of interest was reported by the author.
Acknowledgements: No external funding was provided in preparation for this research.
Disclaimer: No potential conflict of interest was reported by the author.
DISCLAIMER: The findings and conclusions published herein are solely attributed to the author and not necessarily endorsed or adopted by the Journal of Science Policy and Governance. Articles are distributed in compliance with copyright and trademark agreements.
ISSN 2372-2193
ISSN 2372-2193