The Supreme Court verdict on Aadhaar has finally blown away some of the cobwebs surrounding the debate about the world’s largest database of citizen information. Indeed, what the 1,500-page verdict has accomplished is no mean feat.
The SC ruling has done away with a lot of the noise, emotions, and frenzy that was otherwise associated with Aadhaar, bringing in, instead, a long-overdue semblance of balance between strengthening governance and protecting individual data privacy.
To be sure, the debate surrounding Aadhaar has been dominated mostly on the one hand by civil liberty activists who believe Aadhaar was never about inclusivity or ensuring efficient delivery of welfare measures in the first place. Instead, they believed Aadhaar was a means for technocrats to create a digital infrastructure that private companies could exploit for commercial use.
To make their case, they cite examples of high-profile technocrats who were involved with the project early on, in a volunteering capacity, and are now building businesses that leverage this infrastructure. These claims may seem a bit far-fetched, but they were enough to sow the seeds of doubt by creating an impression that there can indeed be no smoke without fire. On the other hand, the technocrats and the pro-Aadhaar group view the implementation of Aadhaar as serving a public good, one that can be used to solve many of India’s ‘wicked’ and seemingly unsolvable problems. In fact, they see this as a one-time opportunity to clean up a lot of the dirt of post-independent India’s history.
And yet, with both sides – the civil liberty activists and the technologists – so deeply and emotionally entrenched to their differing views, it’s important to take a step back and examine these core issues more closely.
Aadhaar’s founding principles: inclusivity and better governance
India’s firm commitment to being a socialist and welfare state had been clearly written into the Constitution by the wise men who drafted this document. However, in a complex democracy like India, the gap between intent and execution was massive. Over the years, it became increasingly evident that India’s commitment to being a welfare state was being compromised by a weak public distribution system.
Benefits – both in cash and kind – were being diverted from the people they were meant for with the help of falsified documents. For example, traditionally, the bottom 50 percent of India’s households consumed only 25 percent of subsidised cooking gas (LPG). This meant that the subsidy on LPG was being cornered by the relatively well-off sections.
Similarly, more than 40 percent of the subsidised kerosene meant for the public distribution system was being diverted to adulterate automotive fuels. Creating a differential pricing for the underprivileged was creating havoc and ample room for pilferage. The government was basically trying to fill a bucket that was leaking like a sieve!
These problems meant that the old solutions had proved useless, giving rise to the need for a radical solution, backed by technology.
Sometime in 2009, Nandan Nilekani first came up with the idea of a universal identification (UID) number in his book, Reimagining India. The government too had been working on a somewhat similar project in parallel and Nandan was roped in by the then government to head the UID project. After a mammoth effort, and dealing with innumerable technology challenges as well as on the ground logistics nightmares, the project was completed with the first Aadhaar number issued in September 2010, with another 100 million cards issued over a year later by November 2011.
To ensure financial inclusion and subsidy reform, the Aadhaar-enabled Direct Benefits Transfer (DBT) plan involved transferring the subsidy amount directly to beneficiaries’ bank accounts. This meant the poor could then use the money transferred to their accounts to buy LPG/kerosene and other commodities at market prices. This, in turn, enabled competitive markets for these commodities and helped avoid the diversion of subsidies from those who deserved it.
Individual and data privacy concerns emerge
As long as Aadhaar was being used for the direct transfer of benefits to the poor, the backlash wasn’t significant. Many of the middlemen, backed by unscrupulous politicians, were suddenly out of business. They were left to lick their wounds but did not find a rallying point to argue and fight against it.
As the old saying goes, if you have a hammer everything looks like a nail!
Soon, over-enthusiastic government officials and departments suddenly saw Aadhaar as a silver bullet for all their troubles. For instance, the transport departments wanted to link driving licenses with Aadhaar to weed out the sizeable percentage of fake licenses. Similarly, the telecom department wanted telecom companies to authenticate their subscribers using Aadhaar. The Ministry of Finance too wanted to link PAN cards with Aadhaar as there were instances where one individual had five PAN cards.
Others began suggesting linking property records with Aadhaar. In addition, corporate India also began using Aadhaar to establish the identity of their employees.
That was when all hell broke loose. The possibility of having one massive database linking all information about a citizen was a cause of concern to many people. There were genuine worries over what a state, with the intention of misusing this access to data, could do to citizens in general and political opponents in particular. At the same time, there was a global debate over how digital giants like Facebook and Google, which had access to tons of data, were surreptitiously commercialising and misusing this data without full disclosure.
WhatsApp founder Brian Acton in an interview after his departure from Facebook revealed explosive details of how Facebook founder Mark Zuckerberg and Chief Operating Officer Sheryl Sandberg were arm-twisting WhatsApp founders to serve targeted advertisements to users. This proves that there indeed is no free lunch. In fact, it has become increasingly apparent that every time a service is provided for free, the users themselves become the product. This realisation has caused widespread anger against these companies for enabling innocent, unsuspecting citizens to become hooked on to addictive services, in turn, for subtly getting them to sign away their right to privacy.
Achievements and fears
While the debate surrounding Aadhaar’s use raged into a firestorm, the fact was that the new digital infrastructure had begun doing its job. Leakages in the public distribution system came down significantly. Financial daily Mint reported in May 2017 that over 23 million fake ration cards had been scrapped, potentially saving the government Rs 14,000 crore in food subsidy every year. According to another Mint report in August, three states had discovered about 272,000 fake student names who were availing the mid-day meal (MDM) scheme.
Similarly, millions of fake bank accounts had been opened with falsified documents, with many account holders unaware that their data was being misused by unscrupulous individuals. The verification of all accounts by Aadhaar was an effective way for banks to solve this problem of fake accounts. The case of MGNREGA wages is another example where DBT effectively addressed the twin issues of leakage and mis-targeting. It was widely acknowledged across the country that middlemen were misappropriating MGNREGA wages, until the launch of the DBT scheme in MGNREGA, which eliminated the need for middlemen. The savings that have subsequently been accrued from plugging these leakages are now available for welfare measures.
The government also detected fake PAN cards that were allotted to non-existing individuals or to people who had submitted falsified information about themselves. By the middle of 2017, more than a million such fake PAN cards had been deactivated.
Now the fears: Data privacy proponents argued that once all your data is linked to Aadhaar, it could be easily compromised and misused. To the pro-Aadhaar group, this did not serve as a strong argument as any database (bank account, driving license or PAN) seeking to verify the identity of an individual merely pings the Aadhaar server with the biometric details and name.
In turn, the Aadhaar database responds to show whether the identity is a match or not. It neither gives out any detail nor does it take in and store any additional data. For this reason, pro-Aadhaar groups deemed these concerns unfounded; however, these worries caught the imagination of the people at large and fuelled their fears about data and individual privacy.
To demonstrate the frivolity of these fears, TRAI chief R.S. Sharma shared his Aadhaar number on Twitter, challenging anyone to compromise his data. His aim was to show the deliberate portrayal of partial facts to colour the opinions of the public. However, some mocked this approach by a senior policymaker to settle a complex policy matter on social media, and the essence of the challenge was drowned by its audacity and quirkiness.
Privacy does not begin and end with Aadhaar
Having said this, privacy means different things to different people. The contours of the privacy theme are still emerging. At one level privacy is almost a philosophical concept. At another, it is absolutely real, even though there have not been any notable cases of data leaks directly attributable to Aadhaar.
To be sure, the early years of the outsourcing industry in India too raised many questions about the ability of Indian service providers to guarantee data security. This outcry, especially in the US, arose as a result of several instances where call centre agents working in Indian outsourcing firms accessed credit card data of customers to pilfer money from their accounts. However, those concerns eventually died down after firms quickly put together processes to address the issue.
More recently, however, the social media revolution has enabled us to consciously share data about ourselves, including our preferences, our network of family and friends, our food habits, and our spending patterns, among others. In addition, the rapid penetration of mobile phones and the widespread adoption of mobile apps bring with them a host of additional data privacy concerns.
For that matter, governments all over the world have also fought tooth and nail to protect classified government data. In the two separate cases of Edward Snowden and Julian Assange, where private citizens made secret government data publicly available, national security trumped privacy concerns in both instances.
In short, civil rights advocates opine that government and private companies that have extensive access to individual data are armed with the power to misuse it. They believe privacy is a fundamental right, a belief that was vindicated by an earlier Supreme Court judgment related to Aadhaar that ruled that privacy is indeed a fundamental right. However, the ruling did not address or define some matters of implementation as well as other nuances related to the Aadhaar digital infrastructure.
This judgment was used by the protagonists of privacy to argue that Aadhaar was indeed unconstitutional. As such, the latest verdict by the Supreme Court is landmark indeed, for it highlights that Aadhaar is not unconstitutional. This, in turn, completely redefines the debate. Today, the debate is no longer about Aadhaar, per se, nor about fundamental rights. With this verdict, the debate is about how to prevent the rampant and mindless use of Aadhaar by anyone and everyone as an answer to every problem, real or imaginary.
In addition, the verdict has endorsed the founding principles of Aadhaar and upheld its validity. It recognises the inclusivity of Aadhaar and its ability to empower and deliver public services like subsidies. The verdict also found merit in linking PAN to Aadhaar and recognises the bigger purpose the linkage serves. It also upholds the view that India needs a comprehensive data protection and empowerment regime.
I am personally very delighted that this verdict has changed the narrative and redefined the debate in such a fundamental way. It has given hope that we can balance the two basic issues of governance and privacy without compromising either. I feel confident that we will now find the middle ground.
(Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the views of YourStory.)