Is Aadhar the only source to leak personal demographic data? As an ordinary consumer, I don’t think so.
Last year my car was insured with one car insurance company. How did the three other insurance companies call me this year for the renewal of my car insurance policy? It means that these other three insurance companies have my mobile number, know which car I drive, when my insurance expires, and they even know my car registration number. I don’t know what else they have on me but I can be pretty sure that they have my postal address as well, since they mailed me insurance policy without once asking for my address? Is that a leak of information or it is not? It is a threat to privacy or it not? When I complained bitterly to my original insurance company, all they could tell me was that they don’t give away the personal data of their customers. When asked how my personal data had become available to three other insurance companies that I had never dealt with ever before, they had no answer for me. I can’t help feeling that all insurance companies, share a common database of all insurers. But no one is speaking about it.
And what about the hundreds of spam SMS’s I get including offers to get me a second mobile number that is very close to my current mobile numbers but a difference of one or two digits from my current number? These SMS’s don’t even seem to go away in spite of activating DND. Frankly, I have given up on the wholesale invasion of my privacy in more ways than one.
This leads you to conclude that demographic data is available on a number of databases :insurance, financial services sector, telecom companies and other government databases for income tax etc. The biggest threat the Aadhar database faces is the third party operators that were given access.
The UIDAI says it has blacklisted *49,000* Aadhaar operators for malpractice.
But it won’t tell you who they are.
Or who they worked for.
Or what they did. https://t.co/LFRF82ndnq
— india subsidy data (@databaazi) December 27, 2017
What about the recurring calls from Ghaziabad in UP that spam me with calls on how I have not redeemed my credit card points, one of the ploys for credit card fraud? If not for Truecaller I might have fallen prey to these calls as well. They seem to know my name, my mobile number and even the last 4 digits of my credit card. I have no idea what else they know. Not to mention hundreds of SMSs from the real estate sector.
So when the recent sting operation by the Tribune journalist revealed that Aadhar data was available through agents at Rs 500 for the actual data, and Rs 300 to print it, the AIDAI response that demographic data is not useful without the biometric data, I thought was a very weak response. Does it mean that demographic data is leaking out of Aadhar, and the only safe piece of data is the biometric data? And a leak of demographic data is not considered serious enough?
Edward Snowden, the whistleblower in exile had a comment on this when he tweeted:
It is the natural tendency of government to desire perfect records of private lives. History shows that no matter the laws, the result is abuse. https://t.co/7HSQSZ4T3f
— Edward Snowden (@Snowden) January 4, 2018
Snowden has captured the feeling of how citizens feel when their privacy has been violated when he says ;
‘We’re becoming less citizens and more subjects.’
While the Aadhar database is perhaps not yet being used for surveillance, which is something Snowden was rebelling against many years ago about the situation in the US, the current situation does reveal that the data could well be used for surveillance of any kind; private or governmental were it to fall into the wrong hands at the wrong time.
Before implementing Aadhar with such vigour across the system, we might have considered looking at our privacy laws. Currently, our privacy is protected by other laws like the Constitution and the Information Technology Amended Act, 2008 (ITAA). But unlike the EU we don’t have a separate privacy law which is critical now, with the huge proliferation of personal data available in several databases from cellular companies, financial institutions to government sources.
‘There would be no place to hide if this government ever became a tyranny’
The Personal Data Collection Bill has been unfortunately languishing with the government since 2006. While the original draft is perhaps hopelessly out of date and needs a lot of revision before it can be implemented, it needs to be put on the top priority list.
Digital privacy is going to become a moot point as India moves rapidly into the Digital Age and the future of Big Data!