Cover Story

Freedom in peril

Print edition : April 15, 2016

At an Aadhaar enrolment centre in Bangalore, a 2013 photograph. Biometric authentication of individuals has been shown to have high error rates. Photo: V. Sreenivasa Murthy

Prime Minister Narendra Modi and Finance Minister Arun Jaitley. The positioning of the Aadhaar Bill as welfare-oriented is a ploy to mask the real intentions behind it. Photo: Vijay Kumar Joshi /PTI

The government’s passage of the Aadhaar Bill in complete disregard of even basic parliamentary procedures and in subversion of an ongoing judicial process puts at risk a number of constitutional rights and liberties of citizens. The benefits cited are just ploys to realise a neoliberal dream.

“Congressmen are dancing as if [Aadhaar] was a herb for all cures. With the Supreme Court pulling up the Centre, people are now seeking answers from the Prime Minister who should disclose how much money had been spent... and who had benefited from it.” Thus spoke the then Gujarat Chief Minister Narendra Modi on the Aadhaar project in 2013. However, as Prime Minister, it is as if Modi has suddenly realised the value of the “herb”. His National Democratic Alliance (NDA) government has passed the Aadhaar Bill in Parliament.

Three points are worth noting. First, the passage of the Bill was nothing but a travesty of democracy. Such has been Modi’s commitment to Aadhaar that even basic parliamentary procedures were disregarded completely. The passage of the Bill also constituted the subversion of an ongoing judicial process. Secondly, the Bill has a number of provisions that put to risk, and offer no protection to, a number of constitutional rights and liberties of citizens. Thirdly, the financial savings that the government has claimed from the usage of Aadhaar, based on which the idea has been sold, are based on wrong data.

The dubious money Bill route

The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Bill, 2016, was introduced in the Lok Sabha as a money Bill. The characteristic feature of a money Bill is that it is not introduced in both the Houses. It is introduced only in the Lok Sabha; from the Lok Sabha, the Bill is just transmitted to the Rajya Sabha. The Upper House cannot make amendments to the Bill; it can only recommend amendments to the Lok Sabha, which can reject the amendments. Further, if the Bill is not returned to the Lok Sabha within 14 days from the date of receipt, it may be deemed as passed by both the Houses.

Evidently, the NDA government did not want to carry the Aadhaar Bill to the Rajya Sabha, where it does not have a majority. On the contrary, the government has a clear majority in the Lok Sabha. It was in this context that the money Bill route was manufactured.

The Aadhaar Bill is not a money Bill by any stretch of imagination. According to the Parliament website, only “Bills which exclusively contain provisions for imposition and abolition of taxes, for appropriation of moneys out of the Consolidated Fund, etc., are certified as money Bills”. However, the Aadhaar Bill does much more; its clauses facilitate multifarious intrusions into the lives of citizens by public and private agencies. These include the right to privacy.

Aadhaar envisages a centralised database of Indian residents. At present, information on each resident is, at best, available only in separate “silos” and it is extremely difficult to link a person’s information in one silo to that in another. However, the arrival of Aadhaar—where a unique number is linked to personal information in each silo—marks a qualitative shift. With Aadhaar, personal information in silos can be converged. An invasive government or a profit-minded private entity or a hostile group can obtain and use such converged personal information. In other words, it becomes possible to create profiles of individuals and track them for life. This constitutes an assault on a very basic freedom—privacy.

Aadhaar has the potential to create conditions conducive to such violations of privacy. When the use of Aadhaar becomes widespread, it would not just be in the government’s Central Identities Data Repository (CIDR) that personal information would be stored. Instead, personal information would lie scattered in bits and pieces across locations and agencies accessed by citizens. Bits and pieces of personal information may, seen in isolation, appear harmless. However, each bit leaves a trail. Over a period of time, these bits—thanks to Aadhaar—could be compiled and analysed in ways that render privacy rights meaningless.

How, then, can the Aadhaar Bill be a money Bill? While the Bill does, in part, deal with appropriation of money from the Consolidated Fund of India, its primary outcome is the potential violation of constitutional rights. Such a Bill requires deeper discussions in both Houses and the Standing/Select Committees. The money Bill route effectively subverted such a possibility.

Pre-empting the Supreme Court

The Supreme Court had, in August 2015, delivered a landmark order. First, it referred the question of whether privacy is a fundamental right to a larger constitutional bench. Secondly, it ruled that Aadhaar is not mandatory. The Aadhaar Bill interferes with both these directions.

First, in 2015, the government had told the Supreme Court that privacy was not a fundamental right and hence Aadhaar did not violate any fundamental right. The court noted that if privacy was not considered a fundamental right, Article 21 of the Constitution would stand “denuded of vigour and vitality”. Yet, as many judgments that affirmed privacy as a fundamental right were delivered by smaller benches, the court thought it fit for “institutional integrity and judicial discipline” that a larger constitutional bench resolved the matter. Ideally, the government should have waited for the judgment of the constitutional bench. In this context, the government’s haste in pushing the Bill becomes deeply suspect.

Secondly, from 2012 onwards, Aadhaar was a major source of harassment for citizens, particularly the poor. For providing many services, the government was insisting on an Aadhaar number. In gross violation of earlier Supreme Court orders, Aadhaar was made compulsory for releasing scholarships for Dalit/Adivasi students, disbursing salaries and pensions, marking attendance for teachers, registering marriages, buying or selling property, issuing driving licences, obtaining gas connections, purchasing goods from ration shops and making transactions in Provident Fund savings. Fearing denial of services, many citizens were forced to enrol for Aadhaar.

In its order, the court put an end to such harassment. It said that Aadhaar should not be made mandatory until the ruling of the constitutional bench. However, the current Bill has made Aadhaar mandatory even before the constitutional bench even considered the question. Indeed, the government was arrogantly trying to derail the judicial process.

Dangerous clauses

Finance Minister Arun Jaitley’s argument that Chapter VI of the Bill addresses privacy concerns is fallacious. Chapter VI has clauses that protect the biometric and personal data stored with the CIDR. However, as mentioned, Aadhaar-induced exposure of personal information is not limited to the CIDR; rather, it is a systemic concern. When public and private agencies collect and transmit personal information, including biometrics, it would always be possible for them to also retain a copy. Experience shows that such personal data quickly turn into a commodity freely available for purchase.

The Aadhaar Bill has no concern for such systemic issues except as passing references. Only broad-ranging privacy and data protection laws can address these systemic concerns. A weak chapter in one Bill is hardly a solution.

Many claims by the proponents of Aadhaar revolve around the uniqueness and security of biometric authentication. To begin with, biometric authentication of individuals has been shown to have high error rates (see “Tale of Errors”, Frontline, June 30, 2012). Further, biometrics is also poorly secured as an authentication token. Normally, when a password or PIN number is stolen or lost, the user can change the password; only the user remembers his/her password. In contrast, biometric passwords like fingerprints cannot be changed; we also leave them back wherever we go and on whatever we touch. Once stolen or lost, the security of a user’s account is permanently compromised. Hackers have ably demonstrated this possibility with Apple’s Touch ID sensors.

In 2013, when Apple’s iPhone 5S was released with fingerprint-based Touch ID security, it was claimed as totally secure. In just 24 hours, hackers such as Mark Rogers and Jan Krissler were able to break into and unlock the phone’s biometric security. For this, they used a decade-old technique of creating artificial fingerprints with wood glue and sprayable graphene. When Apple released its iPhone 6 in 2014 with promises of better biometric security, it again took Rogers and Krissler just two days to unlock it again.

In 2014, at the Chaos Communication Congress—an annual conclave of German hackers—Krissler demonstrated how he reverse-engineered the fingerprint of German Defence Minister Ursula von der Leyen. He required just a few high-resolution photographs of von der Leyen’s fingers from close quarters. In 2015, Krissler also demonstrated how he could extract the iris data of Angela Merkel, the German Chancellor. Here, he required just a high-resolution photograph of Angela Merkel’s eyes from a press conference. According to Krissler, “everything is spoofable”.

In other words, when Aadhaar-based biometric authentication becomes pervasive, identity thefts also are likely to rise. These glaring threats do not appear to have been adequately appreciated before pushing the Aadhaar project.

Exaggerated claims of “savings”

An important claim by the proponents of Aadhaar has been that duplication of beneficiaries in government schemes can be eliminated using Aadhaar, which would save tens of thousands of crores to the public exchequer. Within the social sector, the claims regarding liquefied petroleum gas (LPG) subsidies have occupied a prominent place. In Parliament, Jaitley claimed that “targeted subsidy through Aadhaar cards of LPG consumers had resulted in savings of over Rs.15,000 crore”. Such claims were used by the government to persuade the Supreme Court on the need to allow mandatory use of Aadhaar. However, Jaitley’s claim has been shown to be totally wrong by some brilliant work at the International Institute of Sustainable Development (IISD).

Let us discuss Jaitley’s claim and the IISD’s rebuttal step by step. According to the Ministry of Petroleum and Natural Gas, as on April 1, 2015, there were 18.19 crore “registered” LPG consumers but only 14.85 crore “active” consumers. The difference between registered and active consumers—i.e., 3.34 crore “inactive” consumers—was considered as the number of duplicate consumers eliminated by Aadhaar. The Ministry further assumed that each of the 3.34 crore consumers bought 12 cylinders a year; also, each obtained an average LPG subsidy of Rs.336 a cylinder in 2014-15. Thus, the estimated savings in LPG subsidy for 3.34 crore consumers would be Rs.14,672 crore in 2014-15. Jaitley’s estimate of Aadhaar-led savings—Rs.15,000 crore—is by using this method.

The IISD’s rebuttal is as following. Jaitley’s claim rests on the premise that the elimination of 3.34 crore consumers was made possible by Aadhaar. However, official figures show that a very large majority of the 3.34 crore customers were eliminated before the Direct Benefit Transfer for LPG scheme (DBTL) was introduced and through methods “ entirely unrelated to DBTL or Aadhaar”. Oil marketing companies have been attempting to identify and block irregular connections even before Aadhaar or DBTL was introduced. As part of a connection regularisation drive from May 2010, the oil companies had identified at least 2.66 crore duplicate connections by November 2012 itself. The total number of connections reported as “inactive” in November 2014 was 2.3 crore. Thus, Aadhaar-based deduplication was not responsible for a very large number of duplicate connections identified and blocked. A list-based deduplication was 15 to 20 times more effective than Aadhaar-based deduplication. The IISD’s conclusion here is striking: “The maximum number of potential duplicates identified in LPG databases through Aadhaar-based deduplication is approximately 1 per cent (or less)...”. They also argue that the maximum gross savings in LPG subsidy expenditure from Aadhaar-based deduplication was approximately Rs.12 to 14 crore only. The savings of Rs.15,000 crore claimed by Jaitley for 2014-15 can be arrived at only if we include all the duplicate consumers identified without using Aadhaar also as identified because of Aadhaar.

The IISD has also released a set of alternative savings estimates for 2015-16. In its method of estimation, it used (a) number of actual deduplications achieved through Aadhaar; (b) the actual average number of cylinders bought per active consumer in 2014-15, or 7.4 cylinders (not 12 cylinders); and (c) the monthly subsidy rate per cylinder. According to the IISD, the total avoided expenditure owing to the integration of Aadhaar in LPG in 2015-16 was only Rs.120 crore, which was less than 1 per cent of what Jaitley claimed.

Many other claims in favour of Aadhaar are also based on such erroneous methods. For instance, in the public distribution system (PDS), a claim has been that seeding Aadhaar into ration cards can effectively eliminate “bogus” ration cards. However, what has gone unnoticed is that even without Aadhaar, State governments have been effectively eliminating “bogus” ration cards using an end-to-end computerisation plan. By December 2010, about 2.09 crore “bogus” ration cards were eliminated across 26 States (see “PDS in peril”, Frontline, November 19, 2011). By June 2014, about 4.94 crore “bogus” ration cards had been eliminated across 30 States/Union Territories. Yet, it is claimed that Aadhaar-based deduplication offers the only effective way to eliminate “bogus” ration cards.

Aadhaar in social sector schemes

Jaitley’s positioning of the Bill as pro-poor and welfare-oriented is nothing but a clever ploy to mask the real intentions behind it. The real intention behind the Aadhaar project is not to improve welfare or reduce poverty but to effect a neoliberal transformation of the state’s role in the social sector (see “Identity Concerns”, Frontline, November 19, 2011). Such an objective has two elements. The first is a shift from universalism to targeting. Aadhaar is not intended to expand or universalise social services. Its aim is to keep benefits restricted to “targeted” sections, ensure targeting with technological precision, and limit the government’s fiscal commitments. The second is a shift from direct provision to indirect provision of social services. Here, existing institutions of direct intervention are dismantled and replaced by new institutions of indirect provision intermediated by the market. The proposed objective of converting all in-kind provisions to in-cash transfers is a prime example. Citizens are provided with cash and are told to purchase the once state-provided services from the “market”. Here, Aadhaar is not a tool of empowerment; it is actually an alibi for the state to leave the citizen unmarked in the market for social services.

Given this larger design, Aadhaar has been forcibly incorporated into the implementation of social sector schemes, such as old-age pension disbursements, wage payments of the Mahatma Gandhi National Rural Employment Guarantee Scheme (MGNREGS), and PDS grain sales. From the pilot projects on these schemes, journalists and researchers have documented large error rates in the centralised biometric authentication of beneficiaries and the presence of disruptive factors like lack of electricity and poor Internet connectivity. According to a study by the United Nations Development Programme (UNDP) on Aadhaar linkage in MGNREGS in Jharkhand, only 4 per cent of the surveyed beneficiaries reported successful fingerprint authentication at the first attempt. About 54 per cent reported two to three attempts, 23 per cent reported four to five attempts and 18 per cent reported more than five attempts before authentication was completed. There have been, also, a large number of reports where beneficiaries are denied benefits because of the poor quality of their fingerprints. For the elderly beneficiaries of old-age pensions, fingerprint authentication has been a nightmare; their fingerprint authentications have had the highest error rates.

Regardless of such a poor record of Aadhaar in government schemes, Modi has pinned much of his hopes around the JAM (Jan Dhan-Aadhaar-Mobile) initiative. The JAM initiative is an extension of the earlier government’s Direct Benefit Transfer (DBT) scheme. It seeks to monetise all the transfers made from the state to citizens, and load that money onto the Aadhaar-linked Jan Dhan accounts of beneficiaries. However, opening Jan Dhan accounts is not sufficient for JAM. Account holders also need to withdraw the cash. As the spread of brick-and-mortar branches of banks is poor, banks have been relying on the Banking Correspondent (B.C.; also Bank Mitra; or private agents of banks who facilitate banking operations in unbanked areas) model to facilitate cash withdrawals. The revenue model here is based on a commission that B.Cs receive upon every transaction.

However, the B.C. model has been a failure. First, in many States, B.Cs were mainly village headmen, moneylenders and fertilizer dealers. This mirrored and reaffirmed power relations and hegemonies in villages. Secondly, corruption has been an important feature of the B.C. model. Finally, the B.C. model has been expensive. Banks and the government are not ready to pay higher commission rates to the B.Cs; as a result, B.C. salaries are low and rural youths are not interested in becoming B.Cs. According to a recent countrywide study of B.Cs by MicroSave, the average monthly salary of a B.C. was just Rs.4,692.

The poor financial viability of the B.C. model has forced the government to try alternatives. Leaving commission rates constant, can transaction volumes be increased so that B.C. earnings would rise? For this purpose, the government has been trying to pack the old DBT scheme with as many transfers as possible. As disbursements of pensions and MGNREGS payments are seen as insufficient to substantially raise transaction volumes, the target is the PDS. The subsidy implied in the in-kind grain transfer in PDS is sought to be converted into an equivalent cash transfer. Needless to say, such a step would effectively dismantle the PDS in India. Other new plans have included the conversion of free schooling into education vouchers and free health care into health vouchers. And that would indeed be a neoliberal’s dream come true.

So, why has Modi jumped onto the Aadhaar bandwagon after claiming that it was no “herb for all cures”? Why has his government suddenly lost respect for the Supreme Court’s “pulling up”? The answer appears to be simple. After coming to power, Modi has realised the utility of Aadhaar as an instrument to further entrench a neoliberal social policy.

R. Ramakumar is Professor at the Tata Institute of Social Sciences, Mumbai.