Introduction Security Aadhaar has now been increasingly
IntroductionAadhaar was conceived as an idea after Kargil war by KargilReview Committee as an identity card to be issued particularly to villagersabiding in the border areas and terrorism inflicted zones. But it has nowevolved into an all inclusive Indian Identity Card that bears sensitive bio-metricinformation’s of its citizens.Aadhaar and SecurityAadhaar has now been increasingly used for social securityschemes like linking Direct Benefit Transfer (DBT), opening bank accounts, buyingmobile SIM cards etc. This has greater security implications like 1.
Possibilityof Mass surveillance: This may put individual libertyin peril questioning the fundamental rights guaranteed by the constitution. Ina democracy like India where vote bank politics plays a major role indetermining election results, Aadhaar may be misused for political purposes.2. Financialsecurity: As all financial data like PAN Card information, Tax returns,Bank Details are stored in a single UID database any breach would have apotential to cause a financial breakdown.3. Cybersecurity: India still in want of robust Cyber security infrastructure.
There are legal lacunae dealing with data’s taken out of the country. TheNational Cyber security policy, 2013, which envisages for National CriticalInformation Infrastructure Protection Centre (NCIIPC) is yet to be implemented.4.
Safetyfeatures: With only Bar Code and QR code the physical Aadhaar card do nothave any secured featres like Digital signature or Halogram. This makes it easyand vulnerable for duplicating. Need for new security updatesWith so manysecurity implications at its hand Aadhaar’s claimed security was questioned andput into scanner following certain incidents.1. Alleged breach by Tribune Report: A sting operation conducted by ‘The Tribune’ claimed to haveaccess to Aadhaar details by bribing an agent.2. Hacking: Thealleged hacking of website of the Government of Rajasthan, “aadhaar.rajasthan.
gov.in”,through which one could access and print Aadhaar cards of any Indian citizen.3. Suspension of License for Airtel Payment Bank: The Unique Identification Authorityof India (UIDAI) temporarily suspended the eKYC (electronic know yourcustomer) licence of Airtel Payments Bank for allegedly opening bankaccounts and force-seeding them with Aadhaar numbers without obtaining theinformed consent of the customers in question. PTI report also notes thatAirtel routed the LPG subsidies of 31 lakh users (payments worth Rs 190 crore)to their Airtel payment bank accounts instead of the beneficiaries’ originalbank accounts.Aadhaar updates.
Takinginto cognizance the potential threat, the UIDAI has responded with increasingthe security features of Aadhaar such as introducing,1. Two tier shieldfor Aadhaar Data: To eliminate the need to share and store Aadhaar numbers,the UIDAI has introduced virtual ID.A virtual ID can be used by the Aadhaar card holders in placeof the actual biometric ID. It is a temporary 16-digit random number mappedwith the aadhaar umber.2. Introduction ofUID Token: It isa 72 character alphanumeric provided by UIDAI. This allows an agency to ensureuniqueness of its beneficiaries, customers etc.
.. without having to storeAadhaar number to their databases.3. Introduction ofFace recognition: This feature can be used in fusion with existingfingerprint, Iris scanner and OTP. Aadhaar and Right to PrivacySupreme Court in Justice puttaswamy vs Union of India case,ruled that right to privacy is intrinsic part of life and liberty under Article21.
The judgment also concludes that privacy is a necessarycondition for the meaningful excuse of other guaranteed freedoms. It alsoclarified that privacy is a fundamental, inalienable right intrinsic to humandignity and liberty.ImplicationsAfterSupreme Court’s verdict Aadhaar has assumed greater significance as it directlyaffects the fundamental right. Its implications are now far beyond just datasecurity.
They are,1. InternationalSignificance:Privacy enjoys a robust legal framework internationally and India has alsosigned and ratified International Covenant on Civil and Political Rights (ICCPR).2.Drafting Data (privacy & Protection) bill, 2017: Introducing a rights based approachwhere consent of individuals is mandatory for collecting, processing storingand deletion of personal data with very limited exception on case by case. The bill will be drafted taking key inputs from the former SupremeCourt Judge, BN Srikrishna.3. Preventingdigital colonizationby digital e-commerce business such as ensuring checks on accessibility of dataharvested and taken to servers outside the country.4.
Affectother initiativeslike DNA Profiling Bill as it violates the right to privacy Way forward1. Aninstitutional mechanism such as Privacy Commissioner should be constituted toprevent unauthorized disclosure of or access to such data.2. National cyber cell should be made well capableof dealing with any cyber-attack in the shortest time.
Implementing NationalCyber Security Policy, 2013 andaddressing the issue of Data and identity theft.3. We need toeducate people on the risks involved and highlight examples of Digital fraudand Safe cyber usage policies.4. The governmentshould recognise all dimensions of the right to privacy and addressconcerns about data safety, protection from unauthorised interception,surveillance, use of personal identifiers and bodily privacy.5.
Laws need to beupdated to fix accountability for Multi National Companies that stores Data’soutside national borders by enacting concrete Privacy Laws. Conclusion.As more and more Bank accounts and Direct Benefit Transfer(DBT) are linked with Aadhaar it becomes imperative to build a robust security infrastructure.With that, the new security measures are a welcome step in ensuring datasecurity and in tune with upholding individuals fundamental right to privacy.