This article was originally published here on Eurasia Review.
As the world’s largest democracy, India is known as an emerging economic powerhouse, a new member of the UN Human Rights Council vying for a seat on the Security Council, but also a country whose rampant poverty, corruption and bureaucracy weighs down its every upward stride. Now, imagine if instead of cultivating a culture of openness, transparency and discourse, it gallops towards one of fear, mistrust and closed doors. Imagine if the 1.2 billion people who live here became part of a new era electronic police state.
Could India create an electronic police state (characterised by government surveillance of telephonic traffic, email, internet surfing, video surveillance and other electronic tracking)? It’s certainly trying. Through the Unique Identification Project, the Government is building a database – the largest of its kind – documenting every citizen to create a unique biometric-based identity: the Aadhaar number. The scheme has been lauded for its eventual ability to ensure that benefits and services promised by the government actually reach those to whom they are due. In a country where claiming entitlements under a government scheme is often difficult, and where benefits are given, they are often below par or scarce, an identity number could provide people with an empowering tool. However, cases of fraud, misinformation and unnecessary bureaucracy, exemplified by the fortunate coriander plant in Andhra Pradesh which (or should I say who?) received its own Aadhaar number, have already marred progress. Perhaps what is most concerning is the unreliability of biometric data: fingerprints which are not taken to a particular standard are not accurate, and can change with heavy labour and age. Iris scans can be fooled by something as simple as a contact lens. Neither of these methods then are fool-proof identifiers, especially when the initial data is itself recorded incorrectly. The fact that this technology is already failing calls into question whether a database of such massive scale can be securely maintained.
The Finance Ministry has recently suggested that 16 states link the Aadhaar number to social development programmes – covering everything from Public Distribution System (PDS) to National Rural Employment Guarantee Act (NREGA). The National Identification Authority of India Bill 2010 was rejected by Parliament because of the provision to make the Aadhaar number compulsory. This new measure suggests an attempt to supplant this by giving people no choice if they want to receive their benefits. With the Finance Minister’s sanction of over Rs. 14000 crore to enroll 40 crore more citizens, perhaps the government has recognised the benefits of the UID, not to the country’s poor, but to its own welfare.
With all this, the question of privacy is being ignored. A growing number of media exposés highlight the many ways in which the government is watching its citizens, suggesting an implicit lack of respect for this right: to be free from unsanctioned intrusion. The right to privacy is fundamental, enshrined in both the Universal Declaration of Human Rights and the Indian constitution. Without a law in place, personal security too is sidelined; there is no way to control the government’s use of private data or its access to it.
With the Right to Privacy Bill 2011 to be on the monsoon parliamentary agenda, public awareness of these issues is crucial. Privacy rights are fundamental to put safeguards in place to prevent overzealous government authorities from monitoring innocent citizens. In a country with a long history of corruption, there is no guarantee that this data will not be shared by greedy powers-that-be or handed over to National Intelligence Grid (NATGRID), already accesses 21 databases of personal information, under the often alarmist argument of national security and counter terrorism.
To make matters worse, the mounting tension between the Registrar General of Census’s National Population Register (NPR) and Nilekan’s UID, was diffused only by the decision to link the UID database to the Home Ministry’s Crime and Criminal Tracking System (CCTNS) – a complete reversal from the initial assurances that information collected under the UID would not be linked to any other databases. CCTNS is legally bound by the Information Technology Act 2008, amended by the Information Technology Rules 2011. Under these Rules, the Government has unprecedented powers of surveillance, intrusive monitoring and interception of encrypted information. The Rules maintain that “information shall be shared, without obtaining prior consent… with Government agencies… to obtain information including sensitive personal data or information for the purpose of verification of identity, or for prevention, detection, investigation including cyber incidents, prosecution, and punishment of offences.“ If the UID database falls under this mandate, it means that provided the government claims national security or even merely criminal investigation, they can access any information, and privacy be damned.
In a country like India, where there is little discourse between government and ordinary citizens, where government entities are not known for prioritising and safeguarding citizens’ rights, or of being overly conscious of legal practices, access to huge amounts of information can only increase this chasm of power. After the 26/11 Mumbai attacks, the excuse of “national security” to fight against the all-encompassing threat of “terrorism” has allowed the Government free reign to spy on and collect information on its own citizens. The ability to then profile each citizen will give them the ability to decide off-hand who is or isn’t a danger to their personal ideal of a safe Indian nation. When a citizen does something which opposes a traditionalist Government, what is to stop the government from threatening, accusing, or arresting them on mere suspicion?
The ensuing worry that private data may end up in malicious hands stopped a biometric identity from being created in the UK in 2004; the right to privacy is so significant that the Data Protection law superseded even the Freedom of Information Act.
The notion then of a well-understood and utilised right to privacy law is crucial, but over 200 million people have already been registered and the likelihood of the UID’s denunciation is now slim. In countries where ‘big brother’ laws are leading to electronic police states, this culture of monitoring can only be exacerbated by a database of personal information this large and could lead to other violations of human rights. Monitoring, through intelligence equipment, and profiling, through stores of personal data, can become pervasive, invasive and all-encompassing. And particularly in a country with a poor and uneducated populace, governments are able to run unchecked, monitoring their citizens while proclaiming gleefully, “it’s for your own good.” Worst of all, India could lose its crown as the world’s largest democracy and instead become the far less glamorous world’s second largest police state.
As the world’s largest democracy, India is known as an emerging economic powerhouse,a new member of the UN Human Rights Council vying for a seat on the Security Council, but alsoa country whose rampant poverty, corruption and bureaucracy weighs down itsevery upward stride. Now, imagine if instead of cultivating a culture of openness, transparency and discourse, it gallops towards one of fear, mistrust and closed doors. Imagine if the 1.2 billion people who live here became part of a new era electronic police state.
Could India create an electronic police state (characterised by government surveillance of telephonic traffic, email, internet surfing, video surveillance and other electronic tracking)? It’s certainly trying. Through the Unique Identification Project, the Government is building a database–the largest of its kind – documenting every citizen to create a unique biometric-based identity: the Aadhaar number. The scheme has been lauded for its eventual ability to ensure that benefits and services promised by the government actually reach those to whom they are due. In a country where claiming entitlements under a government scheme is often difficult, and where benefits are given, they are often below par or scarce, an identity number could provide people with an empowering tool. However, cases of fraud, misinformation and unnecessary bureaucracy, exemplified by the fortunate coriander plant in Andhra Pradesh which (or should I say who?) received its own Aadhaar number, have already marred progress. Perhaps what is most concerning is the unreliability of biometric data: fingerprints which are not taken to a particular standard are not accurate, and can change with heavy labour and age. Iris scans can be fooled by something as simple as a contact lens. Neither of these methods then are fool-proof identifiers, especially when the initial data is itself recorded incorrectly. The fact that this technology is already failing calls into question whether a database of such massive scale can be securely maintained.
The Finance Ministry has recently suggested that 16 states link the Aadhaar number to social development programmes – covering everything from Public Distribution System (PDS) to National Rural Employment Guarantee Act (NREGA). The National Identification Authority of India Bill 2010 was rejected by Parliament because of the provision to make the Aadhaar number compulsory. This new measure suggests an attempt to supplant this by giving people no choice if they want to receive their benefits. With the Finance Minister’s sanction of over Rs. 14000 crore to enroll 40 crore more citizens, perhaps the government has recognised the benefits of the UID, not to the country’s poor, but to its own welfare.
With all this, the question of privacy is being ignored. A growing number of media exposés highlight the many ways in which the government is watching its citizens, suggesting an implicit lack of respect for this right: to be free from unsanctioned intrusion. The right to privacy is fundamental, enshrined in both the Universal Declaration of Human Rights and the Indian constitution. Without a law in place, personal security too is sidelined; there is no way to control the government’s use of private data or its access to it.
With the Right to Privacy Bill 2011 to be on the monsoon parliamentary agenda, public awareness of these issues is crucial. Privacy rights are fundamental to put safeguards in place to prevent overzealous government authorities from monitoring innocent citizens. In a country with a long history of corruption, there is no guarantee that this data will not be shared by greedy powers-that-be or handed over to National Intelligence Grid (NATGRID), already accesses 21 databases of personal information, under the often alarmist argument of national security and counter terrorism.
To make matters worse, the mounting tension between the Registrar General of Census’s National Population Register (NPR) and Nilekan’s UID, was diffused only by the decision to link the UID database to the Home Ministry’s Crime and Criminal Tracking System (CCTNS)– a complete reversal from the initial assurances that information collected under the UID would not be linked to any other databases. CCTNS is legally bound by the Information Technology Act 2008, amended by the Information Technology Rules 2011. Under these Rules, the Government has unprecedented powers of surveillance, intrusive monitoring and interception of encrypted information. The Rules maintain that “information shall be shared, without obtaining prior consent… with Government agencies… to obtain information including sensitive personal data or information for the purpose of verification of identity, or for prevention, detection, investigation including cyber incidents, prosecution, and punishment of offences.“ If the UID database falls under this mandate, it means that provided the government claims national security or even merely criminal investigation, they can access any information, and privacy be damned.
In a country like India, where there is little discourse between government and ordinary citizens, where government entities are not known for prioritising and safeguarding citizens’ rights, or of being overly conscious of legal practices, access to huge amounts of information can only increase this chasm of power. After the 26/11 Mumbai attacks, the excuse of “national security” to fight against the all-encompassing threat of “terrorism” has allowed the Government free reign to spy on and collect information on its own citizens. The ability to then profile each citizen will give them the ability to decide off-hand who is or isn’t a danger to their personal ideal of a safe Indian nation. When a citizen does something which opposes a traditionalist Government, what is to stop the government from threatening, accusing, or arresting them on mere suspicion?
The ensuing worry that private data may end up in malicious hands stopped a biometric identity from being created in the UK in 2004; the right to privacy is so significant that the Data Protection law superseded even the Freedom of Information Act.
The notion then of a well-understood and utilised right to privacy law is crucial, but over 200 million people have already been registered and the likelihood of the UID’s denunciation is now slim. In countries where ‘big brother’ laws are leading to electronic police states, this culture of monitoring can only be exacerbated by a database of personal information this large and could lead to other violations of human rights. Monitoring, through intelligence equipment, and profiling, through stores of personal data, can become pervasive, invasive and all-encompassing. And particularly in a country with a poor and uneducated populace, governments are able to run unchecked, monitoring their citizens while proclaiming gleefully, “it’s for your own good.” Worst of all, India could lose its crown as the world’s largest democracy and instead become the far less glamorous world’s second largest police state.
