With A Jharkhand government website putting out details of bank accounts and Aadhaar numbers of more than a million beneficiaries of the state’s old age pension scheme, critics have used this to, once again, question the security of the Aadhaar—even if the actual biometrics database, they argue, is secure, the information gathered while using Aadhaar is not. With Aadhaar being made mandatory for several things—the case for mandating its usage in PAN cards is before the Supreme Court—some have made out a case of an Orwellian nightmare, with the state tracking your expenditure, your travel, your bank accounts, taxes and so on. While there is little doubt the government and UIDAI need to be more vigilant to ensure data such as on pension payments using Aadhaar are not made public, surely Aadhaar cannot be held responsible in the same way that banks are not responsible for the breach either.
As for the Orwellian nightmare of being tracked, keep in mind people put out more information about themselves, including where they are every moment of the day, on various social media including Facebook and, unless it is turned off, most map software are tracking you all the time. All manner of apps are blithely given permission to read phone address books and emails are automatically machine-read by providers so as to create pre-designed template replies based on the content of the email. Indeed, various government websites, starting from the Election Commission, have data on the names of people along with their addresses as well as those of children/spouses/parents if they are also voters. Since many municipal records are very often open to the public, the address from the Election Commission website can be used to collect data on the value of flats/properties owned by the person and, in effect, create a wealth profile. At one time, LPG records were available on the websites of each oil company, though it took some searching since the data on consumption was listed under the names of various marketing agencies. Databases from various mobile phone companies are, illegally though, also available for a price. All of which calls for a privacy law which has strict guidelines for protecting data, including imposing costs for breaches and with features like the right-to-be-forgotten, but this cannot apply only to Aadhaar ‘data’ of the sort collected by Jharkhand.
As for the Supreme Court’s observations, last week, on why Aadhaar should be made mandatory for PAN cards despite the SC, in 2015, saying it had to be optional, it has to be kept in mind that, with Parliament passing the Aadhaar Act last year in March, there is a legislative backing that was not present when SC first made its observations. Also, as in the case of PDS and kerosene where SC allowed the use of Aadhaar to check the proliferation of fake ration cards, even PAN cards have a large proportion of fakes and this is what helps avoid detection by the tax authorities. So, if Aadhaar numbers cannot be used for weeding out fake PAN cards, the question that needs to be answered is what other options are available for doing so. Indeed, even in the case of ration cards—where the SC allows the use of Aadhaar—critics have been unable to come up with an alternative way to check the 40-50% theft levels in most ration schemes.