Aadhaar Link Threatens Sanctity of Electoral Rolls

Last year ended with a startling policy change as the Election Laws (Amendment) Bill was passed in both houses of Parliament. The Aadhaar database was linked with the Election Commission database to remove duplicates and fake entries from electoral rolls. Such a move can improve the sanctity of the electoral rolls and strengthen the functioning of democracy. But for it to do that, two prominent concerns need to be addressed first.

In a note for the Data Governance Network, in January 2021, we argued that linking the two databases has more negatives than positives. A year later, our key critique stands: we need to strengthen laws that protect the rights of individuals before passing this measure. Aadhaar has shown much promise but equally, it has been dangerous. Linkage should have been done after two conditions were met. Since the amendment has been passed, the government can reduce the fallout by addressing the following concerns.

First, India needs a data protection bill regulating the use and sharing of personal data between citizens and the government, and between government agencies. We lack a framework for safeguarding individual rights, which is worrying for multiple reasons. There have been examples of targeted surveillance using Aadhaar information and

— source thewire.in | Vibhav Mariwala, Prakhar Misra | 27/Jan/2022

Nullius in verba


Supreme Court doubts correctness of Aadhaar judgement, refers it to a larger bench

A five-judge bench of the Supreme Court on Wednesday raised doubts over the correctness of the Aadhaar judgement delivered last year and has referred the validity of the law being passed as a money bill to a larger seven-judge bench, Bar and Bench reported. The top court held this while referring the passage of Finance Act 2017 as money bill to a larger bench earlier in the day.

The court on Wednesday said the Aadhaar judgement did not elucidate and explain the scope and ambit of sub-clauses (a) to (f) to clause (1) of Article 110 of the Constitution. Article 110(1) grants the Lok Sabha Speaker the authority to certify a draft law as a money bill as long as the legislation dealt only with all or any of the matters specifically listed in the provision.

Justice DY Chandrachud, who was part of the five-judge bench led by then Chief Justice Dipak Misra, had said in September 2018 it was a “subterfuge” and a “fraud on the constitution”.

— source scroll.in | Nov 13, 2019

Nullius in verba

Should electoral ID data be linked to Aadhaar?

The issue of linking India’s voters’ list with the Aadhaar database is in news again with the surreptitious passage of The Election Laws (Amendment) Bill, 2021 in Parliament recently. The fact that it was passed hurriedly with hardly any discussion is enough to raise suspicion. But there is more to it, and part of that is contained in the history of this idea.

That history began March 3, 2015: The Election Commission of India (ECI) launched “a comprehensive programme” — the National Electoral Roll Purification and Authentication Programme (NERPAP) — “with the prime objective of bringing a totally error-free and authenticated electoral roll”.

One of the stated objectives of the NERPAP was linking EPIC (Electoral Photo Identity Card) data with the Unique Identification Authority of India’s (UIDAI) Aadhaar data with the laudable objective of authenticating the EPIC data.

The ECI took up this programme with a lot of enthusiasm. By August 2015, when the Supreme Court ordered a ban on this linking, 320 million voters had already been linked to their

— source downtoearth.org.in | Jagdeep S Chhokar | 15 Jan 2022

Nullius in verba

Ration racket: 1,100 fingerprint casts found

In their investigation into stealing of food grains from the public distribution system by fair price shop owners, the cybercrime cell of Ahmedabad police has found more than 1,100 casts of beneficiary fingerprints made on some silicone-like material. The modus operandi used by the racketeers is shocking as a fingerprint cast can be used to endorse any document, open locked apps and mobile phones and bypass bio-metric barriers that depend solely on fingerprints.

In pursuit of the trail they have been following since December 2019, police have till date arrested 40 persons, with the last six arrested since Monday, January 3, said Rajdeepsinh Zala, DCP, cybercell. The mastermind behind the racket, Bharat Chaudhary of Banaskantha, had been arrested last December.

Sources said Chaudhary and his gang held soft copies and associated data of nearly 2,500 fingerprints.

Corrupted fair price shop owners used to provide the fingerprints and data to Chaudhary, who used to take Rs 1,000 to prepare each fingerprint cast from scans. The fingerprint casts were then used to imprint fingerprints of poor people and siphon off their ration from the public distribution system. The food grains and other material were then sold in

— source timesofindia.indiatimes.com | Sarfaraz Shaikh | Feb 6, 2020

Nullius in verba

Aadhaar and My Brush With Digital Exclusion

Before the onset of the COVID-19 pandemic, our TV screens were swarmed by a relentless advertising spree selling the myriad benefits that came with acquiring an Aadhaar card. They showed displayed how doors would magically open as soon as the protagonists of these commercial dramas flashed their Aadhar cards, enabling them to catch flights to save dying fathers or ensuring that they never go hungry again. These commercials sold Aadhaar – essentially an identity card – as an instant panacea to life’s most difficult problems. Some went several steps further and portrayed Aadhaar as having the power to bestow upon the poor a self-respecting identity.

Aadhaar’s miraculous ability to provide succour was seriously tested during the COVID-induced economic hardships and the multitude of deprivations that got magnified in its wake: lack of food, cash, shelter, access to basic healthcare for migrant workers, daily wagers, informal workers in cities and among many other sections of the population.

Both before and during the pandemic, there is sufficient evidence to show that one’s Aadhaar number is imbued with strange properties; not having one results in an increasing number of benefits being denied as the range of services requiring mandatory Aadhaar linkage expands steadily. However, having an Aadhaar number does not guarantee access to the benefits that citizens are legitimately entitled to. For a summary of Aadhaar-based exclusions, look here, here and here.

In other words, Aadhaar is not the magic wand that it was projected to be.

It can be argued that the creators of the Aadhaar ad campaign, despite being officially vetted and approved, went overboard and made exaggerated claims about the powers of the

— source thewire.in | Ashwini Deshpande | 03/Jan/2022

Nullius in verba

From Birth to Death, Taking a Look at India’s Real-Time Governance Dreams

The Unique Identification Authority of India (UIDAI) recently announced plans to enrol newborn babies into the Aadhaar programme at the hospital itself by partnering with the Registrar of Births.

This move comes at a time when the Ministry of Home Affairs (MHA) wants to make amendments to the Registration of Birth and Death Act, 1969 to create birth and death databases. Since 2014, most birth and death registration is already carried out electronically and has been further linked to the Aadhaar of next of kin. According to a circular by the Office of the Registrar General, Ministry of Home Affairs, the inclusion of Aadhaar is to achieve linkage between the Civil Registration System of birth and death registration with the National Population Register (NPR). The primary aim of this linkage is to maintain a real-time database of the population by keeping track of births and deaths.

As registrations of birth and death are already digitised and linked with Aadhaar, some of the proposed amendments to the Registration of Birth and Death Act can be seen as a mere procedural formality.

There is, however, an important amendment that is being proposed to allow sharing of birth and death registration databases to update the National Population Register, the Aadhaar database, voter database, the motor vehicles registry, ration cards database and passport database. Put simply, the MHA’s interest in using birth and death registration

— source thewire.in | Srinivas Kodali | 23/Dec/2021

Nullius in verba

Resist linking Voter ID and Aadhaar!

The Election Commission of India has moved a proposal to the Law Ministry to link voter ID cards (and the “EPIC” database) with Aadhaar. This is a dangerous idea which can fundamentally alter the structure of our democracy.

Rethink Aadhaar joins almost 500 prominent individuals, including former civil servants, journalists, social activists, researchers and students to strongly oppose this proposal, and call on the Election Commission of India to withdraw its plans. The signatories to the statement include electoral reform group, Association for Democratic Reforms; civil rights groups from across the country such as the Peoples’ Union of Civil Liberties, MKSS, Adivasi Women’s Network, Chetna Andolan, and NAPM Jharkhand; and digital rights groups including Rethink Aadhaar, Article 21 Trust, the Internet Freedom Foundation, the Bachao Project, and the Free Software Movement of India.

Linking Voter ID and Aadhaar is an ill-thought, illogical, and unnecessary move which could undermine our electoral democracy, and impact voters’ trust in the electoral system. Indians’ right to vote cannot be imperilled by irresponsibly linking databases and using an opaque algorithm to “verify” identities. Technological solutions cannot replace responsible administration. Timely door-to-door verification of voters remains the most effective method of updating electoral rolls and ensuring accuracy of voter data.

The Election Commission has claimed that this will help clean up voter rolls, and that any linkage will be “voluntary”. As we noted in our earlier representation, and as the Constitutional Conduct Group has recently noted, we are deeply concerned that this will almost certainly lead to mass disenfranchisement, could increase voter fraud, given the mass discrepancies in the Aadhaar database, and could violate people’s right to privacy by enabling voter profiling through the linkage of data sets. This proposal would violate the judgment of the Supreme Court of India in Justice K.S. Puttaswamy (retd.) & Anr. v. Union Of India (Aadhaar judgment) which limited the use of Aadhaar authentication solely to welfare programmes and to link with PAN numbers for the purposes of income tax. Any proposal to link the UID with Voter IDs must be rejected.

We are concerned about the following harms from such a proposal

First, Aadhaar is not proof of the right to vote. Aadhaar is not, and was never meant to serve as proof of citizenship, which is why Aadhaar numbers were issued to all residents and not citizens. Under the Representation of Peoples’ Act, only citizens who are resident in India have the right to vote. Linking the two is senseless, and would be without any basis – in addition to being a colossal waste of public funds. Deletion of voters based on whether their records in the EPIC database corresponds to Aadhaar records has no legal basis.

Second, such a proposal will almost certainly cause mass disenfranchisement. This is not the first time that the government has tried to link Voter ID and Aadhaar to “purify” the electoral rolls. In 2015, the Central government introduced the National Election Roll Purification and Authentication Programme (NERPAP), and during the Aadhaar challenge, the Supreme Court passed an interim order on August 11th 2015, asking the ECI to suspend Aadhaar voter linkage. As this was never permitted by the Supreme Court in its final judgement and order, proceeding with this would be in violation of the Supreme Court’s judgement. Despite this, there was rampant misuse of Aadhaar data. In 2018, the chief electoral officer of Telangana and Andhra Pradesh linked Aadhaar data with voter identity cards. In 2018, during the Telangana Assembly Election, people found out that at least 55 lakh voters had been arbitrarily disenfranchised. It was only after public outrage around these arbitrarily deletions, that the government rolled this back.

Previous attempts to use Aadhaar to “clean-up” databases of other government registries, like MGNREGA and PDS, have resulted in mass disenfranchisement, and thousands of citizens have been arbitrarily deleted from systems without any notice. For example, a study from Jharkhand found that 90% of ration cards cancelled as “bogus” during Aadhaar linking were real. []–In 2018, even the CEO of UIDAI admitted that authentication failure for government services was as high as 12% – this translates into millions of affected persons. A recent J-PAL study in Jharkhand also found that Aadhaar based verification “either did not reduce errors of inclusion or leakage or did so at the cost of increased exclusion error”, with a high error rate of between 22% and 34% of reduced disbursals. Once lost, Aadhaar has been found to be almost impossible to retrieve; whereas for voter IDs there are simpler and more well defined ways to replace a misplaced voter ID card.

Third, such a proposal is more likely to increase voter fraud. Linking Aadhaar would dilute the sanctity of the Voter ID database. As we pointed out in 2019, self-reported errors in Aadhaar data are reportedly one-and-one-half times higher than errors in the electoral database. []–The assumption behind the proposal to link the two databases is that the authenticity of people’s records in the Aadhaar database will be used to determine the authenticity of a record in the Voter ID/ EPIC database. However, given widespread data quality issues in the Aadhaar database, this exercise would diminish the sanctity of records in the Voter ID database. Data quality issues in the Aadhaar database – a result of inadequate enrolment practices and lack of effective correction mechanisms – have been extensively documented – including fake entries and incorrect details. The UIDAI has itself admitted this, before various courts, and multiple Courts have refused to accept Aadhaar as proof of birth, or of identification. More recent research has also shown that Aadhaar-PAN linking has introduced fraudulent entries into the system.

Fourth, Biometric authentication for voting must not become a requirement. There are numerous reports of starvation deaths across states due to a lack of Aadhaar linkage, biometric failures, absence of adequate infrastructure and lack of adequate grievance redressal mechanisms in UIDAI’s implementation which has been painstakingly exposed by the Right to Food campaign. Fingerprints don’t work for many people, especially those who work with their hands and older persons, and facial authentication is inaccurate and error-prone. The UIDAI has sought to circumvent the inaccuracy and issues in biometric authentication through an ill-conceived “nominee system”, and OTPs in the case of welfare programs. How will this work in the case of voting? Will we have to send family members to vote instead, if our fingerprints don’t work? It’s also pertinent to mention that election booths are sometimes set up in remote locations, where voting has to be processed manually. Even EVMs are not connected to an internet connection, to prevent any kind of tampering. In such locations, how will biometric verification work in absence of the internet?

Fifth, linking these two databases would be an attack on the right to privacy, and scope for misuse. We have serious concerns that such a proposal would violate our constitutional and fundamental right to privacy, and the secrecy of the vote. India currently has no data protection law, and the current personal data protection bill has wide exceptions for the government. Any attempts to link Aadhaar to the voter IDs, would lead to demographic information which has been linked to Aadhaar, being linked to the voter database. This creates the possibilities for disenfranchisement based on identity, of increased surveillance, and targeted advertisements and commercial exploitation of private sensitive data. In 2019, the Cambridge Analytica scandal demonstrated the disastrous impact that deep and invasive voter profiling had on individuals and on democracies. We have seen this in India: most recently, the Madras HC has asked the Election Commission to look into allegations against the Bharatiya Janata Party that it was illegally using Aadhaar data of voters in Puducherry for making political gains in the Assembly elections. In 2019, an investigation revealed that data could have been taken from the UID database in order to delete voter names in Andhra Pradesh – names were taken from the voter lists. This could be particularly harmful against minorities – a 2018 report found that 20% of Muslim adults were missing from electoral lists in Karnataka. We have learnt from other countries how a single form of identification for voting, leads to greater disenfranchisement. In some cases, onerous identity requirements are used to block disenfranchised persons from voting.

Finally, we cannot trust the ECI’s promise of “voluntariness”. The ECI’s claim that this would be based on “voluntariness”. This is a grossly inadequate safeguard. We have seen how throughout the Aadhaar project “voluntary” on paper translates to a coercive mechanism in practice; and how this changes with time and in practice.

Any proposal to link the UID with Voter IDs must be rejected.

— source rethinkaadhaar.in | Sep 26, 2021

Nullius in verba

Man in Jind, fingerprint used in Delhi, Bihar to withdraw money

On November 14, 2018, 40-year-old Vikram got a message that Rs 1,000 had been withdrawn from his Punjab National Bank account from an SBI micro ATM in Delhi using biometric (fingerprint) verification. At that time he was in Jind taking care of his younger daughter who had been admitted to a private hospital.

The message baffled him even more as he earned his livelihood generating Aadhaar IDs for people in his village and thus knew the improbability of such a transaction.

On November 20, someone again withdrew Rs 7,500 from his HDFC account using his fingerprints at a micro ATM in Madhubani, Bihar. He wondered if someone had somehow managed to obtain his fingerprints and make a silicon copy of it as he had heard of some students doing so to send imposters in their place to take entrance tests where biometrics were used.

— source timesofindia.indiatimes.com | Jan 29, 2019

After this, Vikram complained to the officials and got his biometrics locked.

UIDAI Asks 127 to Prove Citizenship, Lawyer Calls it ‘Soft NRC’

The Unique Identity Authority of India (UIDAI) has served notices to 127 individuals alleging that they may not be Indian nationals and has directed them to prove their citizenship by furnishing relevant documents.

The UIDAI, in its letter dated 3 February, has stated that it has received “complaint/allegation” that the accused have “obtained Aadhaar through false pretenses, making false claims and submitting false documents.”

Following outrage on social media, with political leaders and activists challenging the UIDAI’s authority to question individuals on citizenship and calling it an attempt to introduce a “soft NRC”, UIDAI scrambled to issue a clarification.

In a press statement, issued on Tuesday, 18 February, UIDAI clarified “these notices have nothing to do with citizenship and cancellation of Aadhaar number is in no way related to the nationality of any resident.”

Father of Accused Worked For Govt Co: Lawyer

— source thequint.com | Sushovan Sircar | Feb 19, 2020

Nullius in verba

UIDAI CEO Pandey’s personal life from meta data

So everyone is citing Authentication failures on @ceo_uidai’s authentication history, but I can understand quite a bit about his life with just that. Let us begin.

He has a Vodafone phone and did not link it until last week for the court demo (OR) He just bought a new one. Given his position and status, this is most likely a Post Paid connection.

He used “UIDAI Services”. That is not an internal AUA and not a public one. So we can conclude that he was browsing the web then from the confines of his office during this time among other things.

Another “internal” AUA. With the transaction name of the AUA, it is easy to conclude that he was using a Demo Application. Hence most likely he was giving a Presentation to someone on the greatness of Aadhaar.

— source twitter.com/iam_anandv | Mar 29, 2018

Nullius in verba