Summary of UID Public Meeting, August 25 2010
The Meeting and Project
On August 25, 2010 in Delhi, a public meeting was organized by civil society groups from Mumbai, Bangalore, and Delhi to discuss and answer questions surrounding the UID, and to present the concerns of the public to members of parliament. The meeting was successful, with many important concerns raised by both the speakers and the audience. An action plan was developed, and MPs were able to come, listen, and share their opinions.
The Project
The UID is a project that is supported by the government of India, and is led by Nandan Nilekani, the former CEO of Infosys. The project is being presented as a cure to the PDS system, as a mechanism to bring benefits to the poor, and as a project that will make India an inclusive society by providing every citizen with a verifiable identity. The draft National Identification Authority of India Bill will be placed before the Lok Sabha in the current session. If the Bill is approved by parliament, the official implementation of the Bill will take place in Winter 2010 -2011.
Technological Flaws
Speaking first, Jude D'Souza, a free software professional, presented the entire technical aspect of the UID scheme. He became involved with the UID project through his work on biometrics, and he expressed shock that the UID scheme would rely on a deeply flawed system such as biometrics. Flaws in such a system include -- but are not limited to -- duplication, verification problems, and the lack of infrastructure needed to collect biometrics properly. Explaining in detail how fingerprint and iris scanners work, he showed how both are actually very simple technologies. An iris scanner is essentially a camera coupled with auto-focusing. The camera focuses on one’s eye, takes a snapshot, and then divides the eye into concentric segments, conducts a type of numbering scheme for each segment, and then generates a number that represents the pattern. A fingerprint scanner works in a similar manner. First a picture is taken of your finger-print, the system then generates an inverted image of the finger, with darker areas representing more reflected light and lighter areas representing less reflected light. The image is then compared against the stored fingerprint. Both technologies are easily spoofed. Iris scanners cannot detect contact lenses, and a scientist in Japan found that fingerprint scanners can be “tricked” easily with materials costing under 10 dollars. D'Souza explained how all identification systems go through an enrollment and authentication process which includes: the capturing of the image, the processing of the image, extraction of features, the creation of a template, encryption, duplication and storage of the information. If a step in either the enrollment or authentication process goes wrong, the whole process is brought back to square one – manual recording of information. For instance, if a fingerprint is swiped, and the machine cannot read it because it has changed with age, or the machine is malfunctioning, or the fingerprint is logged with water (something that is not uncommon in India) – the person would either have to re-enroll, and then re-verify who they are manually. If this scenario applies to, say, someone coming into a hospital, the consequences of his/her fingerprints not being read are grave.
Another concern is the compromising of the system. Bogus templates can easily be created and switched with the real template, key duplication is possible, or the system could be hacked and a virus introduced. In general, it is dangerous when any database containing personal information is compromised; a database that contains biometrics is twice as dangerous. D'Souza closed his presentation by making the point that biometrics cannot be withdrawn – if your password (biometrics) is compromised, you are still stuck with it for life. Once you leave your footprint through biometrics, it is irrevocable.
Civil Rights
The second speaker of the day was Usha Ramanathan, an internationally recognized expert on law and poverty, who spoke on human rights and the UID. From the beginning of her presentation she challenged the audience to think deeply about the question “Why would the government want to put this project in place?” She brought to the table many points about how the project violates human rights, including the fact that no type of feasibility study has been done on the technology or the financial cost of the project; a white paper was never issued at the genesis of the project; and Nandan Nilekani and other members of the authority refused directly to answer the concerns brought forth to them when they were approached. To her, the corporatization of the project is also very clear. From the marketing of the scheme, to the implementation of the scheme, to the fact that the convergence of databases will allow business and corporate powers to network using individual’s data that they obtain from the database – the issuance of a Unique Identification Number provides opportunities for huge profits to be made by corporations and the government. What makes the consequences of a UID number even more powerful is the fact that even though the Authority says that the number is voluntary, businesses, shop owners, banks and hospitals have the ability to deny access if one does not have number. In this way, the number is at least de-facto compulsory. This number also threatens violations to an individual’s privacy.
Benefits to the Poor
When analyzing the benefits to the poor that the number promises, the picture begins to look less and less beneficial. The Authority has been stressing the benefit of the portability of a Unique Identification Number. The positive aspects of having a portable ID stem from the idea that a person living in one village could be traveling and would still be able to collect his or her rations from the Free Trade Shop in the location he or she is visiting. No longer would people have to return home to collect their rations. Though this seems to be a useful benefit indeed, problems begin to arise if the Free Trade Shop in that village does not have enough grain in stock to provide for the unexpected visitor or if the biometric data malfunction. Other complications that the poor might have with a unique ID number is that to enroll you must know your address and name, and be able to spell them correctly. When looking at if the UID will plug the leakages of the PDS system, it will perhaps make the delivery of grain more efficient – theoretically it could stop the use of fake ration cards etc, but it does not stop the waste of grain, and at the end of the day – it still only a number, it does not regulate the person authenticating the individual and distributing the grain. Other difficulties the rural populations face are power outages: what if the power goes out – no one can be authenticated, what if the notice that benefits are available are electronically transmitted and do not arrive? What if data are lost during power outages?
Response of the Audience
After lunch the floor was opened up to discussion about steps that need to be taken in the future. It was determined that academics need to be consulted, the NO UID campaign needs to be presented in a language that everyone can understand and relate to, more political leaders need to be contacted, volunteers from Universities need to be recruited, petitions need to be written, and emails and contact information shared for open communication amongst each other. Another response from the audience was that privacy is an issue for the elite – the poor are concerned with surviving day to day. What is interesting, though, is how untrue that is. The issuance of a UID number brings privacy of the poor into the limelight. Privacy is a question of a person’s ability to control individual information, to know how it is being used, and by whom. A Unique Identification Number given to the poor suddenly places all of his or her personal data on the grid. It places it into networks, business databases, and governmental data banks. The current lack of data protection and lack of control an individual has over these data under the scheme creates a privacy crisis for anyone who has a number. And, given the ability to deny services to someone who does not have a number, it creates a crisis for those who opt out as well.
The Opinion of the MPs
Many of the MPs were unable to come, but the two who did were in opposition to the UID. MP Syed Azeez Pasha (CPI) commented on the need for a campaign to have started earlier, while Senior Member of Parliament from the Revolutionary Socialist Party of India (RSP) Abani Roy called for the launching of a massive campaign to resist this expensive and dangerous project through which several companies will gain massive contracts from the public exchequer.
Conclusion
As the UID project continues to unroll, it seems that that Nandan Nilekani has imagined a new India – one that looks to technology as its solution to its political and social problems. If this is the case, a UID number that will work to shift the entire population onto a digital database could just be the beginning of many other changes to come. Indian citizens should carefully consider if this is the India that they have imagined.