By Kam Sandhu & Ranjan Balakumaran / Edited by Jude McArdle / Video by Clear Blue Films / Images by Peter William Rudd
Read more about the Trading Faces project and view all of our reports and updates
Read Part 2 of the Trading Faces report ‘All Data Is Credit Data’
Read Part 3 of the Trading Faces report ‘Mining The NHS: The American Way’
Look up the names of people behind all these ventures – UIDAI, NPCI, UPI etc – and you’ll realise that they are the same group of people. The same group of people, a while back, talked about it taking just 100 individuals to change the system. They are trying to do this now – deciding the fate of this country.
India, 2010. A small village in Tembhili, Maharashtra state, is the subject of national focus as Ranjana Sonawane – a 30 year old housewife – becomes the first Indian to receive a 12-digit Unique Identification (UID) number. Sonawane, or 782474317884, is joined in a ceremony with nine others including three children, as they are enrolled on what will become the largest biometrics database in the world.
The Nandurbar district was chosen according to President Manmohan Singh, to prove that this scheme will benefit the ‘tribals’ and the ‘needy people’ in the country. ‘Before this, no other country has made use of such technology at such a large scale’, he said, attending the inaugural event with Congress Party Head Sonia Gandhi. Villagers were told the UID scheme will mean access; to welfare, public services, subsidies and rehabilitation provisions. Representatives used buzzwords such as ‘dignity’ and ‘inclusiveness’; this was ‘empowerment of the poor’ through a smart card according to the Group of Ministers (GoM).
Despite the excitement of officials and media, there remained confusion among residents. Of the 1400 people in Tembhili village, 432 were Below the Poverty Line (BPL) and not all received cards and numbers, according to The Hindu. There was no school in the area, and work was hard to find. ‘This card cannot do anything’ said one resident. The UID came with no citizenship or domicile rights but was free, voluntary and provided citizens with documents and an identity in the eyes of the state. UID used Iris software, photograph recognition, digital memory, bank details and identity signifiers (name, address, age etc). The BBC reported that the Indian government ‘expected every Indian citizen to be enrolled within four years’, on this voluntary scheme.
‘The moment the enrolment has begun, they have already started talking about cash transfers…They tell a lie to get to where they want to be’, Usha Ramanathan is a lawyer and research fellow at the Centre for Development Societies, New Delhi. She has documented the journey of the UID. ‘I’m so angry about this project…it’s the huge marketing con job of the century and many of us are walking into it,’ she said in a lecture in 2014.
With 1.2 billion people now enrolled (including 99% of over 18s) the numbers speak of success, but this hides a shaky record in security and rising concern over the voluntary aspects of the scheme, very different from the vision sold to the public. In March, amidst a legal case against the government over its infringement of rights and privacy through UID, Ramanathan describes the effects of the scheme on the communities it was purported to help:
‘Coercion, illegality, contempt of court and exclusion have become characteristics by which people recognise the UID project…In just the last 20 days, the government has issued notifications at a frenetic pace making the UID number mandatory in a range of databases. Children are not to get their midday meal if they do not have their UID embedded in the database. Persons doing manual scavenging are not to be rehabilitated – as Bezwada Wilson has been saying all along, what they want is to bury their identity and what they are threatened with is tagging them with this identity in perpetuity. Disabled persons are not to get skill training, or aids and appliances. Women rescued from prostitution are not entitled to rehabilitation until their numbers are in the system – making anonymity the first casualty. No rehabilitation of bonded labour without UID. No anti-retroviral therapy for HIV+ persons without the UID identifying them. And the list goes on.’
There are security problems too. Building the world’s largest sensitive database creates a target for hackers and the stakes are higher with sophisticated levels of ID data converged in a manner not seen on this scale. But leaks are already happening.
The day after Ramanathan’s article in March the Narendra Modi government ‘officially acknowledged’ the identity details of individuals held by the UID/Aadhar system had been leaked. Around 130 million user details were compromised from four government websites; bank details, fingerprints, photographs, names, ages, retina scans and more. Modi’s government ignored previous warnings about security, and earlier that month the Ministry of Electronics and IT issued a statement to say the UID system was safe and secure, in a bid to clarify ‘misinformation in the news.’ However, in a letter seen by the Indian Express dated 25 March 2017, the same Ministry confirmed ‘instances’ where information had been made accessible or had entered the public domain, adding that leaks were a serious and punishable offence.
And the system is not always right. Scores of problems with incorrect data mean further exclusion. Some have found their identity already registered, others with only a fraction of their personal data correct. An introducer scheme which allows a person to verify an undocumented citizen’s details has also lead to misinformation, with the onus and cost laid on the undocumented citizen the system was meant to help.
Then there’s the problems with biometric data itself. Ostensibly the ultimate form of authentication, but details have to be updated. Iris and facial recognition identifiers can go out of range as we age and need to be re-set, contradicting the policy that this was a ‘one-off’ exercise. In rural areas, such as the state of Telengana in Southern India, where UID was used for the Mahatma Gandhi Rural Jobs Guarantee Scheme, the fingerprint technology had a failure rate of 36% as labourers in physical jobs experienced changes due to ‘wear and tear’ (this rate has reached 46% in other areas). Iris scanners were not used in Telengana however due to their expense, and this meant workers were denied payments. Associate professor at Jawarharlal Nehru University, Dr Himanshu commented that failure rates of cash machines stand at 0.5%, demonstrating the technology used in biometrics was flawed. Himanshu added that none of the developed countries were using this technology; ‘UK had similar technology like that of Aadhar, but they too have abandoned that completely.’
Still, the government has moved ahead with increasing the scope of the scheme.
Aadher Pay will allow ‘consumers’ to send and receive money to each other using their UID numbers and will also store tax filing records, under the banner of anti-corruption according to the government. Except the justification for UID has already moved many times since its introduction from giving the poor an identity, to de-duplication, to removing ghosts from the welfare system, to now a precondition for the marginalised to access state help. For those same people, now comes a payment ‘revolution’ that keeps tabs on human behaviour more than ever before.
Usha Ramanathan ‘Surveillance, Profiling and Exclusion Lecture’ 2014
‘It’s not an Indian project’
Biometric ID Card proposals surfaced in the UK in 2005 under Tony Blair, but were repealed by the Conservative government upon gaining power in 2010. The US was also trialling retina scans and fingerprint ID technology at this time, but abandoned it when tests found the method was still too flawed and ‘unreliable.’ While technology has evolved since then, the introduction of biometric ID is happening most in developing countries like Bangladesh, Kenya and, of course, India at an alarming pace. Ramanathan says this suggests ‘someone is making policies that are being pushed in the developing world.’
Political capture overseas comes into focus too, as Trump rhetoric – against the undocumented, and other marginalised groups – looks set to fill the pockets of surveillance and security companies. The Intercept reported in January that the background of Trump’s team in Homeland Security ‘suggest he will aggressively pursue surveillance using the latest technological advancements,’ including ‘threat detection algorithms, facial-recognition technology, and an expansion of ‘verifiable’ identity solutions both in real life and online.’ Trump’s travel ban for example, was a boon for the technology industry and Silicon Valley is already jumping into the ‘biometric gold rush’ in a little known push to increase use of biometrics at the borders.
L1Identity Solutions, a US company now acquired by France’s Safran Group, has a contract with UIDAI (Unique Identification Authority of India responsible for administering UID) for data capture. On its website, the company advertises its work with the Central Intelligence Agency (CIA). ‘How many of us are aware of L1 Identity Solution’s relationship with Homeland Security in the US on a smart borders project, identifying migrants?’ Ramanathan asks one interviewer, ‘All our information is going to be handed to them.’
It was left to the Supreme Court to tell the Indian government to limit the use of the UID/Aadhar database in 2016, but before the case was over, the 2016 Bill already allowed an almost carte blanche on access to the UID database for private companies.
Clause 57: ‘Any public or private person may use the Aadhar number for establishing the identity of any individual for any purpose’
Private entities such as insurance, real estate, telecom companies, airlines and more may now use UID as proof of identity for any purpose, contradicting the original objectives which confined UID to ‘government expenditure’ and efficiency purposes.
Further, Section 28 (5) disallows an individual access to the core biometric information held about them, despite the problems found with the flawed nature of biometric technology and the numerous mistakes in the system.
Despite complaints, responses and objections, the Bill was passed with no amendments. Before long companies were advertising new apps using UID data.
Function Creep and Demonetisation – Is India Fintech’s big experiment?
What is function creep? It’s when a technology that is introduced for a certain purpose is expanded beyond its original intent.
‘Now you have used government benefits to jumpstart this thing but, once you create the link between the ID and the bank account, you can then start using it for commercial payments..that would then be a business to person thing. The next step would be person to person.’
Nandan Nilekani, entrepreneur and Chairman of the UIDAI, 2013
On November 8th 2016, an immediate ban on two currency notes by the Indian government removed 86% of cash in the country. Panic ensued as cash machine queues ran into the hours, until they ran dry. Limits were put on withdrawals and the government asked for 50 days before the release of new notes. Over 90% of all transactions in India are made in cash, and this sudden announcement took its toll in various ways on the poor and middle classes, sudden expenses for example (medicines, illness) and rising food prices forced rationing and a depletion of resources.
‘My family slept without food for days’ Monika tells Al Jazeera ‘I will never forget…Demonetisation brought us to the brink of begging for food.’ Monika’s husband worked as a security guard for a private school in Ludhiana City, but the note ban meant the school ran out of money, which left him to work for two months without pay. The family – Monika (who goes by just one name) and their two children aged 21 and 14 – relied on the salary of Monika’s husband for their modest existence in a one bedroom house. Even if they were forced to beg, their neighbours would unlikely be unable to help, being as poor and stuck in the same situation. Though ATM queues were not an issue, because Monika’s family were one of millions who held no bank account. By February of this year, the family say things have not yet returned to normal with Monika’s husband receiving pay in instalments.
Demonetisation was sold and accepted widely as a bid to tackle India’s black money problem where corruption, tax evasion and the financing of terrorism trade. The two notes removed from tender were the two largest and many defended that Demonetisation would be a good thing in the long run.
This black money market is said to make up one fifth of India’s GDP according to the World Bank (2010). McKinsey and Co, a private consulting and private healthcare lobbying firm, estimated in their 2013 report ‘Forging a path to payments digitisation’ that this figure was actually over a quarter. Still, the method of demonetisation was widely criticised. Did it really have to be done this way? In an interview with Catch in November 2016 Ramanathan explained the secrecy surrounding the method:
‘We still don’t have any explanation by the government about why this was done. Why 86% of the cash flow couldn’t have been phased out strategically. Something as big as this should have gone through Parliament. There is no indication of who advised the Prime Minister about this. On the political front, we only have opposition and justification.’
Ramanathan explained her concerns about the real reasons for the two note ban:
‘To understand what demonetisation is about, you have to first understand what the big technological fight in the world right now is about. It is about data. New Fintech (Financial Technology) firms are fighting to acquire specific data of individuals, to use it to market their products among other things. Fintechs are willing to give you their services without charges, if only you give them information about yourself. Once you do that, you can build a platform [or an API] for people to create apps, giving them a share of your data.
‘Banks, as we understand them become redundant. You wouldn’t need to visit any bank. Everything becomes virtual.’
On answering the problems with a virtual system, Ramanathan points to the methods of transition:
‘First Aadhar was a voluntary exercise, then it was made compulsory. Aadhar was not mandatory to avail government offered services, now it is…Fears of your personal data being compromised was quite real in the case of Aadhar, in this case there will be additional fears of your financial data being sold and monetised by others…the state is using all its power and coercive forces to lead us in this specific direction.’