Is your Aadhaar a safe bet?

By  Kusumita Das | Mumbai | Posted  07-May-2017

Viral Shah, who worked with Nandan Nilekani in rolling out Aadhaar, addresses the nation’s concern regarding how vulnerable we are making ourselves

An Aadhaar card submission queue at Hanuman Nagar, Kandivli (East)
An Aadhaar card submission queue at Hanuman Nagar, Kandivli (East)

It was a chance meeting with UIDAI (Unique Identification Authority of India) chairman and Infosys co-founder Nandan Nileknani circa 2010, that led to Viral Shah’s brief, yet significant stint with Aadhaar. At that time, Shah, who was in the US, fresh out of his PhD. from University of California, Santa Barbara, was in India to renew his visa. His eyes were set on collaborating with MIT on a project for his post doctorate. The meeting with Nilekani, however, changed everything. Shah dropped his visa application and immersed himself in rolling out the system as we know it today. "He told me about this cool and significant system that he was working on which would change the future of the country, but he mentioned he had no salary to offer. He had an open-door policy and he was getting hundreds of applications from people who understood the kind of impact Aadhaar was going to make. I wanted to be a part of that, I must have been among the first five or 10 people in the team," says the 37-year-old, who was assigned the role of building applications for Aadhaar in financial inclusions. "I rolled out the eKYC (Know Your Customer) and the LPG, kerosene and fertiliser subsidy, of which the LPG took off in a big way." Shah worked in Aadhaar for a little over two years, till 2012, before he left to resume his original passion — scientific computing. "My job in Aadhaar was to roll out the financial inclusion part of the system, and not to run it. While economic policy is also an area of my passion, I was itching to start something of my own," says Shah, co-founder of Julia Language, a high-performance computer (programming) language.

From the time he had worked on Aadhaar, till now, the one thing that has significantly changed, he feels is the scale. "And therein lies the challenge." As the debate over how safe Aadhaar is gains steam, we ask the expert to tell us whether or not the nation’s fears are unwarranted.

Is the biometric system really safe?
The UIDAI has the least amount of data as compared to most government departments, like the Income Tax or the Election Commission. The RTO offices know more about my driving history and the public hospitals, my health records than Aadhar will ever do. Let’s not even get to the amount of data Uber and Google has about us. It is important to understand the system of federated information. It is practically impossible to put so much information on one platform. If the Income Tax department wants to link your PAN card to your Aadhaar, the data is not with Aadhar, it’s with the IT. The same applies to my driving license, where the RTO will have my data, and flight tickets, in which case, the airline will have it. It is the service provider who has the information (which they do anyway), not Aadhaar. So, if MS Dhoni’s Aadhaar is leaked, all one has is the number. For more information, one would require a court order to access individual departments, something only the police can avail of.

Why link Aadhaar to all these channels then?
That’s a wrong question to ask, in my opinion. What we should ask, instead, is why these channels are linking to Aadhaar. Because the former makes it seem like the UIDAI is collecting all the info. Yes, the benefits of linking a flight ticket to Aadhaar, needs to be made clear. Perhaps, it is to put a cap on benaami travellers. The larger question is, is my data safe with them? And that is for these channels to answer and assure. The organisations that have your data should be made accountable for their usage and safety. And, of course, the government needs to play a role in that.

Viral Shah
Viral Shah

Your take on the recent Aadhaar number leaks?
There are certain subsidy departments that are under a lot of pressure from the RTI to keep their workings transparent. They need to disclose as much as they can under the RTI act. The country is new to the conflict of revealing some information and safeguarding the rest. Yes, a leak like this should not happen, and these are the cracks that need to be fixed. It is important that people should question the government — how it’s keeping their data. But, the fear mongering needs to stop. A leak of information, in the scale people are imagining it, is impossible. Aadhaar data is collected and encrypted at source. Even the company collecting the data cannot access it once it is entered in the system. That packet is sealed forever.

Why have so many unique identification numbers?
Every number exists for a reason, be it your PAN card, passport or driver’s licence. At some level, it might seem like an overload. But, a government that is asked to create bank accounts for the poor, also gets questioned about money laundering. There is always this push and pull, and taking a step will upset the balance. But, to replace everything with Aadhaar, would be a futile and expensive exercise. What people want is a simpler interface, show the (Aadhaar) number and get their services, without having to show other ID proofs. Will that happen? I think it will. It’s a decision to be taken by government departments.