Dec 21, 2018

Aadhaar and its critics

In 2016, when I met Sanjay Jain, a key member of the team that designed and built Aadhaar,  I asked him what he made of the critics of Aadhaar. It was well before the government made Aadhaar mandatory for PAN and for filing income tax returns, and one could still have sane discussions on the project. He replied.

“I could place those who have opposed Aadhaar in three buckets,” says Jain. “1) Those who don't understand, they have constant fear that the government projects are not well thought through. They change their minds once we explain. 2) Those who oppose on the grounds of privacy, they are afraid that it could get too powerful. You have to respect that view, and make the system more secure. 3) Those who have their own agenda. There's nothing you can do about it. You can't reason with them. You just have to live with them.”

In their book, Rebooting India, Nandan Nilekani and Viral Shah offered this helpful illustration to understand where opposition to Aadhaar came from.

They grouped the critics under seven categories, along with their main objections to Aadhaar.
  1. Left wing: Biometric data collection compromises privacy and security; the state will abdicate its role in social welfare
  2. Right wing: Enrolling for Aadhaar grants de facto citizenship
  3. Commercial vendors: Only smart cards can guarantee security
  4. Vested interests: Direct cash transfer for LPG subsidy is unworkable
  5. Legal opposition: Benefits will be denied to people without Aadhaar; Aadhaar data can be shared with other government agencies
  6. Parliament: Opposition from Standing Committee on Finance on legal grounds
  7. Bureaucratic: Turf wars with National Population Register; 'Iris data collection is expensive and unnecessary'

In April last year, author and journalist Manu Joseph offered a another grouping in his column in Mint newspaper.
Nandan Nilekani, the tech billionaire who launched the Unique ID programme and headed it until 2014, and who continues to champion it, told me in a phone conversation that the opponents of Aadhaar can be “divided into four gangs—‘the privacy’ gang; ‘the-rights-of-the-poor’ gang; ‘the oh-my-god-1984-has-arrived’ gang and ‘the Luddites’, who are scared of technology.”

Manu Joseph went on to speculate why some of them, especially those who care for the rights of the poor jump on Aadhaar instead of using the technology to empower the poor.

It is hard to ignore the possibility that some social activists would have seen Aadhaar as a direct threat to their turfs. One way in which rural activists tried to rebuke Nilekani was by reminding him how little time he had spent in the villages of India. “Even among them they would fight over who has spent more time in the villages. Spending time in the villages was some great marker for them,” he says.

When Charles Assisi and I were reporting on Aadhaar for our book, not only did we come up with people who had a wide range of critical views on the project, we also came across many who wanted to know why there was so much opposition. We used to tell them what we thought were the most serious objections - exclusion, fraud, bad implementation, privacy. The answer usually was, but can't these be fixed with technology, law, regulations, user education?  And so it will go.

I was still trying to see if there are other ways to put the criticisms I have heard neatly into buckets - just so that we remember them even as we reported and wrote the book.

Once, when I was talking to my colleague CS Swami, who has guided a number of technology implementations in large corporations, he shared a lot of stories on the kind of resistance he and his team have faced.

He shared a fantastic essay from Goldratt Consulting, called The Layers of Resistance.

As I read it I imagined the process as one door opening after another. Many of the criticisms we heard during our reporting also fell neatly into this framework place (we had to do a bit of tweaking).

In the book it forms a mini chapter, under the title, 'Who is Afraid of Aadhaar?' - organised a bit differently because it had to fit into the tone and flow of the rest of the book.

Here, let me present the same points in that more or less aligns to Layers of Resistance. Part of the reason why I am putting this out here is to see if I can add more to the list, or to see if I can organise this list better. Would love to add more examples too.

This has two sections.
A. What are the criticisms about?
B. Where are they coming from?

What are the criticisms about?

1. Questions on Intent
2. Questions on the problem
3. Questions on the solution
4. Questions on the Implementation
5. Questions on processes
6. Questions on the ecosystem
7. Questions on the impact

1. Questions on Intent

1.1 “Those guys are bad”
The intention of those who thought up, designed and executed Aadhaar are bad. It’s true of the government, and it's true of the private players who were involved in the project.

1.2 The government basically wants to empower itself, have more control over the people, and Aadhaar is primarily a mass surveillance system.
Even if the intention might be good today, it might turn bad tomorrow. As Sunil Abraham, a long time critic of Aadhaar puts it, “the original noble intentions of the Aadhaar project initiators will not constrain those in the future that want to take full advantage of technological possibilities.”

1.3 The private players, starting from Nandan Nilekani onwards were in it to make make money or to gain power or at least for getting access to people in power.
An Indian Express article asserted, “executives who have worked or are working with the Unique Identification Authority of India (UIDAI) — the parent agency for Aadhaar — are launching companies or funding start-ups that offer Aadhaar-based services and products for a fee.”

2. Questions on the problem

2.4 “There is no need for a national id programme in first place”

2.5 "Problems that Aadhaar promises to solve don't exist in first place."
Aadhaar supporters assert that Aadhaar is a detergent, that can clean up databases. But, is it really a problem? Take PAN cards for example. Government says that by linking PAN to Aadhaar, fake cards can be weeded out. However, according to an article in The Wire, “out of 25 crore PAN cards, only 0.46% or 11.57 lakh are actually duplicate. These have already been cleared from the system. Furthermore, the total number of fake PAN cards the government has found, is 645.”

2.5 “Well, the problems may exist, but they have nothing to do with lack of identity." 
“The rationale behind Aadhaar is that the lack of identity is the root cause of many problems with public goods and targeted subsidies.  While problems exist, often they have nothing to do with identity. For example, analysing mid day meal scheme in the country, an Huffington Post piece found that  "What the scheme does not suffer from is beneficiary fraud, of the sort that even the Public Distribution Scheme (PDS) suffers to an extent." Or as Reetika Khera pointed out, “the key question with respect to identity fraud (and the Aadhaar project) is what Senior Advocate Arvind Datar asked the government in court (during the PAN-Aadhaar linkage case), “Did you do any study?” The fact is there is no reliable evidence on the scale of identity fraud in welfare programmes.”

2.6 “Indians any way have enough identities. So there is no need for a new identity”
Aadhaar was sold to the government and then to us by asserting that many Indians do not even have an identity. One way to find out if this is true is to see how many got their Aadhaar number by producing other existing identification documents versus those who did not have any identity and had to rely on “introducer system”. It turns out, according to a report, “The government said that till 2016, when over 105.1 crore residents had enrolled, only 8,47,366 – or 0.08% – got Aadhaar through “introducer system.””

2.7 “Some countries are doing well without a national id. Why not India?”
We have to fundamentally question the need for a national identification like Aadhaar, when we know that advanced countries such as Canada and Australia are doing well without national id programmes.

3. Questions on the solution

3.8 “Problem exists, yeah. But this is not the solution”

Direction of the solution
3.9 “Technology won't solve the problem”
“Aadhaar is a product of techno-utopianists, solutionists. But, that’s not a good approach, like Evgeny Morozov argued in his book, “To solve everything click here”. A lot of problems that India faces cannot be solved by technology. They need social, political and economic solutions. Bringing in a technology to solve such a problem is like bringing an axe when what we need is a screwdriver. Aadhaar however assumes that technology is a solution.”

3.10 “Aadhaar leads to centralisation, which is a huge problem”
“A centralised database is more prone to getting hacked; there is a single point of failure; and it incentivises bad actors to attempt to attack. The impact will be huge. There is a second order impact too. It centralises power - UIDAI comes under central government after all - and to that extent tilts the balance of power between the centre and the states.”

3.11 “Aadhaar flouts open source principles”
“Supporters of Aadhaar often use the term open source, hoping that some of the values that open source movement stands for will stick on to it. However, Aadhaar violates principles, and was developed in a closed way. It has made it hard for others to scrutinise its code.”

3.12 “Aadhaar’s platform approach essentially shifts the burden on others”
“Aadhaar was built as a platform, upon which other solutions can be built. However, UIDAI takes no responsible for the mess that happens on the ground. It’s power without responsibility.”

Details of the solution
3.13 “Biometrics is a wrong choice”
Aadhaar should not have gone for biometrics because, unlike password, you can't change it; once lost, it's gone. (If your biometric is compromised - if someone 3D prints your finger - you are compromised permanently, because you cant reset biometrics)

Biometrics are also probabilistic - which means there will be false positives and false  negatives (Unlike a password, which is an yes or no). It is always prone to both exclusion and fraud.

Large scale biometrics might not work. We don't know how good it is. UIDAI does not giving the data

We should learn from other countries and ask why UK abandoned its biometric id project.

In fact, democratic countries don't have biometric ids, according to an analysis by two researchers. They asked, if  “countries with a poor democratic record more likely to mandate an Aadhaar-like ID?” and found out that was indeed the case.

3.14 “Online only is bad a idea”
Making Aadhaar online only is a bad idea, because it leaves too much chances to external factors such as internet connection, third party devices, websites and so on. Smart cards would have been a better alternative, because it is a more established technology. It can also sidestep some of the problems related to centralised storage of biometrics.

3.15 “Aadhaar doesn’t establish citizenship”
“Aadhaar doesn’t establish citizenship. Pakistanis and Bangladeshis are getting Aadhaar. And therefore it poses a security risk.”

3.16 “Aadhaar was said to be voluntary, but it is now mandatory”
“When Aadhaar was being rolled out, it was promoted as a voluntary programme. However, by making its linkage to PAN and other essential services it has now become mandatory.”

4. Questions on the Implementation

Implementation of the platform
4.17 “Can't implement Aadhaar enrolment”
“Too large, too ambitious, too untested to pull off. Therefore waste of government money.”
(Used to be a criticism earlier)

4.18 “Enrolment should not have been implemented this way”
UIDAI wanted to scale up fast. However, it has sacrificed quality at the altar of speed. It used private players for enrolment, which is wrong in first place. The selection of enrollment agencies was rigorous. As a result, too many rotten apples had entered the system, and they had to be suspended. The applications developed for enrolment were not secure enough, and it emerged that they could be hacked.

The defective enrollment process has meant we have with us a large unverified database. And an unverified database is essentially useless.

Design and implementation of applications on the top of Aadhaar platform

4.19 “Applications of Aadhaar badly designed and implemented”
Applications designed by various state and district administrations are faulty. For example, in PDS, telangana govt designed it in such a way that only the head of the family can buy from ration shops.

4.20 “Roll out has been too fast”
The government has been pushing Aadhaar adoption too fast.

4.21 “Scope is too wide”
The government has been pushing Aadhaar even in places that have no compelling reason. For example, for death certificates, for mobile phones, for drivers license, for bank accounts. It was supposed to be mandatory only to avail government services.

5. Questions on processes

5.22 “India did not have an Aadhaar Act for a long time”
For a programme that is as disruptive as Aadhaar, it came into being without debate in parliament. In fact, Aadhaar Act was passed only during NDA regime

5.23 “Aadhaar Act passed as money bill”
Even in NDA regime, Aadhaar was passed as a money bill, which meant it need not be passed in Rajya Sabha

5.24 “Aadhaar flouts supreme court orders”
Government constantly flouts Supreme Court orders, by pushing Aadhaar in various schemes, even though it had passed orders limiting the mandatory use of Aadhaar.

5.25 "Aadhaar did not follow best practices"
UIDAI didn’t do enough public consultations (esp technical). It’s not open to outside expertise. It doesn’t organise bug bounties to ensure that its security measures are good.

6. Questions on the ecosystem

6.26 “Aadhaar is thrust on a country that is not ready technologically, legally or knowledge-wise”

6.27 “Many in the ecosystem are not technologically capable - especially in data protection, security and privacy”
Many government agencies have a cavalier attitude towards handling user data. Even where they want to treat it carefully, they do not have the capacity to do it. Sometimes, just a Google search is enough to access the data. In some cases, basic hacks are enough to access the entire database (as it happened in the case of Telangana state government). The case highlighted by Tribune in Rajasthan shows that the credentials to access data can be bought for as low as Rs 500. In effect, while the biometric data might be secure in the central data depositary, the ecosystem is so leaky that sharing Aadhaar numbers anywhere is not safe.

6.28 “We don’t have the infrastructure to enforce laws, provide redressal and give justice”
Besides problems with Aadhaar law - only UIDAI can raise complaints - we don’t have the infrastructure to provide justice for the potential victims.

6.29 “A majority of people are new to digital world, are not aware of the risks, and might get conned”
Aadhaar is being thrust on people without giving them enough time to learn the risks and responsible use of their own data. It’s not just about the users - who give away their Aadhaar numbers and other sensitive information - it’s also about the data handlers, who often insist on the photocopies of Aadhaar. This often defeats the very purpose of online authentication.

7. Questions on the impact

7.30 “Aadhaar has resulted in fraud”

7.31 "A large scale enrolment fraud happened, and what we have is a junk database"
That Aadhaar enrolment system can be manipulated to give fake ids became evident even in the early days, when a man got his dog, Tommy Singh, enrolled for Aadhaar. Another person got an Aadhaar for Lord Hanuman. Frauds got more sophisticated over time. In UP, for example, police caught a gang that was using an hacked client application to enroll users.

7.31 "You can bypass Aadhaar biometric authentication."
The strength of Aadhaar authentication is supposed to be its biometrics. A researcher showed that the system is prone to replay attacks (your biometric can be stored in a device and be used to authenticate). UIDAI came up with a solution that makes such attacks difficult, but it also filed a case against Sameer Kochar, the researcher. The system is still prone to other kinds of manipulations including fake fingerprints. With the prevalence of high definition cameras, and the progress of 3D printing, it wouldn’t be too long before making fingerprints a trivial task.

7.31 "Aadhaar has resulted in exclusion of people from government entitlements"

7.32 "Ghosts aren't ghosts. People haven't been linked"
One of the earliest fears of the social activists was that by linking Aadhaar to subsidy scheme, those who don’t have the identity will get excluded, and that the government would simply count them as ‘ghosts’ - or fake accounts leeching the system. One would have thought that with more than 1.2 billion people enrolled for Aadhaar this problem would go away.
However, surveys show that to this day not all not all “ghosts” are ghosts. Genuine beneficiaries also get excluded, because for various reasons the linkage with the schemes don’t happen.

7.33 "Some Aadhaar enabled systems were designed to exclude people"
In some cases, the solutions are designed so badly, that it excludes people at the last mile. For example, in one case, the system allowed only the head of the family to take rations from the PDS shops, in departure from the earlier system where anyone with the document could buy the rations, for any number of reasons. The head of the family might be out travelling, or at work, or may be unwell. Bad design of solutions can exclude people.

7.34 "Aadhaar has led to exclusion because of authentication problems"
Beneficiaries are excluded because they are unable to authenticate because of bad devices, networks etc. As Reetika Khera puts it: “.. each month, people are being forced to cross five meaningless hurdles in the form of electricity, functional PoS, connectivity, servers and fingerprint authentication in order to have access to their ration. Failing any one hurdle even once causes anxiety in subsequent months. Think of the ATM running out of cash, post-demonetisation, just when it was your turn.”

7.35 "Aadhaar has aided bureaucratic (manual) exclusion"
Aadhaar doesn’t solve all the problems. Often, it becomes another excuse for the system not to give the entitlement to the beneficiary.

7.36 "Aadhaar database can be breached"
That the core database of Aadhaar has not been breached so far is no guarantee that it will not happen tomorrow. Right now, UIDAI expects people to take its word that its safe and secure. However, going by how they have reacted to the breaches in the ecosystem, and by the lack of visible best practices, it’s doubtful that UIDAI has the capacity to keep the database safe. Especially at a time when the battleground is shifting from the real world to the cyberworld. Countries such as US have been investing significant resources on cybersecurity. There is no evidence that India is doing enough to protect the data.

7.37 "Aadhaar ecosystem has been leaking data"
Even if core biometric database is safe, the ecosystem might not be safe.

Exaggerated claims
7.38 Government continues to claim that Aadhaar has helped it save billions of dollars, despite the absence of any evidence. In fact, publicly available data suggests that the cost savings from Aadhaar has been minimal.

Privacy, surveillance and harassment

7.39 Aadhaar is likely to lead to intrusion of government (and even businesses) into our private lives, violating our fundamental right to privacy.

7.40 Aadhaar makes it easy for the government to do surveillance on people

Over dependence
7.41 All the nudging and enforcement to use Aadhaar is likely to increase government dependence of technology, before the infrastructure is ready for it.

Where are they coming from?

Thiruvalluvar says,

எப்பொருள் யார்யார்வாய்க் கேட்பினும் அப்பொருள்
மெய்ப்பொருள் காண்ப தறிவு.

It means, intelligence is in seeing the truth irrespective of who says it.

But having heard these arguments over and over again, it was interesting to see people taking on specific identities as they made their arguments. There were broadly six types - perfectionist, ideologue, egotist, conformist, outraged, lobbyist. And this website helped me to see that the first letters formed a word: POLICE. But let me give it in pairs - because while any type can become any other type, the most transitions happen between those who are paired.

The Perfectionist: The perfectionist simply wants things to be perfect. There should be no error. She doesn't believe in things like, "hey, give it time the system will improve". After all, it's an important project. Small mistakes can have a big impact on people. When something is worth doing, it's worth doing perfectly.
The Ideologue: The ideologue doesn't like big governments, or she doesn't like private sector, or she doesn't like Manmohan Singh, or she doesn't like Narendra Modi, or she doesn't like technology - and therefore she doesn't like Aadhaar. She can quote examples after examples, give evidence after evidence to prove her position.

The Conformist: The conformist simply goes by whatever her group says. If every other journalist in your newsroom says the project needs to be criticised, that it needs to be looked at with a certain slant, better go by that. Ambitious conformist not only go by that, they also make it a point to express those views louder than others.
The Egotist: The egotist just can't understand how someone else can claim to solve issues that she couldn't; how someone else could claim to have built a system that works. Egotists come in all shapes and sizes - aggressive, passive aggressive, arrogant, humble, loud mouthed, silent, silent, sarcastic. But mostly sarcastic.

The Outraged: The outraged is angry about everything - and project has given her enough reasons to be angry about. The strength of her stand comes from her feelings, her emotions. A few minutes with her, you are wondering why you are not as outraged.
The Lobbyist: The lobbyist is good at arguing why smart card is better, or why Aadhaar should not be linked to PAN - always speaking for some special interest group - while making it seem as if she is talking on behalf of the poor.

By the tone, you might have guessed that this hasn't found a place in the book. The chapter on critics is actually told as a story - on how two diverse groups of people came together to fight their case against Aadhaar in Supreme Court.

Whether they are happy with the outcome - whether anyone is happy with the outcome - is a big question. I will give my own perspective in one of the future posts.

Yet, there were three sets of critics who were extremely helpful both in process of writing the book, and, I suppose, for the Aadhaar project itself.

The Ethical Hacker: I am not using this in the traditional sense, but generally for someone who understands technology, makes some efforts to find out small and big vulnerabilities in the system, with the purpose of making it better.

The Systems Thinker: Systems thinkers spend a lot of time thinking about unintended consequences and the risks of emerging qualities, they offer some of the most insightful criticisms.

The Chronicler of Maladies: They provide the essential feedback to the system to make it stronger. The difference between The Chronicler and the lobbyists (who also chronicle some of those maladies) is the intent. The Lobbyists want a specific outcome which is often bad for the people they are claiming to be speaking for but good for the group they are working for. As a journalist myself (please keep this disclosure in mind as you read this) I would like to think that journalists belong to this group. They look for stuff that's not working and form the essential feedback loop in the system. Unlike the feedback that goes from the lobbyists, this works because the system knows there is no hidden agenda.  

If you think I have left out any important category of criticism or if I can strengthen the criticisms here with good references or if I can add to the categories of critics -  please do leave a comment, or DM me on twitter at @rmnth.

No comments:

Post a Comment