Guest post by USHA RAMANATHAN
The air is thick with schemes that will enable the state, and its agencies, to identify every resident, and to track what they are doing. A Home Ministry project for creating a National Population Register which will be prepared along with the 2011 Census has been propelled through its pilot stage. Now, an ambitious programme has been launched to load all the residents of the country on to a data base, providing each of us with a unique identity number. What distinguishes this exercise from any other undertaken so far?
First of all, the intention is provide a Unique Identity Number to the whole population, including the just born. The state is to have data on each individual literally from birth to death; and beyond, for a person’s UID is not destroyed at death, merely dis-abled. The numbers are to be so generated that it will not have to be repeated for between a hundred and two hundred years.
The UIDAI, in its working paper, says that enrolment will not be mandatory, but acknowledges that in practice it is expected not to be voluntary. The `Registrars’, who will enrol people on to the data base, will be both private operators and government agencies, and they will be encouraged to insist that they will entertain only those who are willing to enrol. Over a short time, only those with UID numbers may find themselves able to access services. That is the effort.
The UID has nothing to do with citizenship. The information on the UID data base is expected to be basic, and to cover all residents: name, date of birth, place of birth, gender, the name and UID numbers of both parents, address, date of death and photograph and fingerprints. This is because the UID is only to identify the individual to the agency that is looking for authentication.
Just on its own, it could even seem benign.
There are two phenomena that take the innocence out of the exercise. The first is `convergence’. `Convergence’ is about combining information. There are presently various pieces of information available separately, and held in discrete `silos’. We give information to a range of agencies; as much as is necessary for them to do their job. The passport agencies do not need to know how many bank accounts you have, or whether you drive a car. The telephone company need not know how you have insured your house. The police do not need to know how often you travel, not unless you are a suspect anyway. It is this that makes some privacy possible in a world where there are so many reasons why, and locations where, we give information about ourselves. The ease with which technology has whittled down the notion of the private has to be contained, not expanded. The UID, in contrast, will act as a bridge between these silos of information, and it will take the control away from the individual about what information we want to share, and with whom.
This is poised to completely change norms of privacy, confidentiality and security of personal information. There are already indications about how convergence will work. Consider the reports that the Apollo Hospitals group has offered to manage health records through the UIDAI. It has already invested in a company called Health Highway that reportedly connects doctors, hospitals and pharmacies who would be able to communicate with each other and access health records. In August 2009, Business Standard reported that Apollo Hospitals had written to the UIDAI and to the Knowledge Commission to link the UID number with health profiles of those provided the ID number, and offered to manage the health records. The terms `security’ and `privacy’ seem to be under threat, where technological possibility is dislocating many traditional concerns.
The second phenomenon is `tracking’. Once the UID is in place, and convergence becomes commonplace, the movement of people, their monies, their activities can be brought together, especially since transactions from buying rice in a PDS shop to receiving wages to bank withdrawals to travel could begin to require the number. There is a difference between people tracking a state, and the state, and the `market’, tracking people. The UID is clearly not what it is presented as being: it is not benign, nor a mere number which will give an identity to those who the state had missed so far.
Interestingly, the working paper of the UIDAI starts with a claim that the UID will bring down barriers that prevents the poor from accessing services and subsidies by providing an identity, but soon goes on to clarify that the “UID number will only guarantee identity, not rights, benefits or entitlements”. Given that it is the powerlessness of the poor, inefficiency, the perception of the poor as not deserving of support, sympathy or rights, and the status of illegality foisted on them that stops them from getting what is due to them, and given that corruption and leakages in the system mutate and persist, this quick stepping back is wise indeed.
In the excitement about technology being deployed to do something that has not been done anywhere in the world, the importance of privacy and protection from misuse of personal information is getting eclipsed.
It is significant that the UIDAI working paper makes no mention of national security concerns, and the surveillance, and profiling, possibilities it will create. Yet, the UID is not a project in isolation. The NATGRID, which the UID will facilitate, places the whole population under surveillance; and the Home Minister is talking about a DNA bank.
Fallibility, the difficulties inherent in reaching those in extreme poverty, the choiceless existence on a data base and the possibility of undesirable others getting hold of information only add to the scariness of the scenario that we seem to have accepted without discussion, challenge or debate. And, once accomplished, we would have reached a point of no return.
Usha Ramanathan is an independent law researcher
Published in the Indian Express, 6 January, 2010