We Don’t Trust UID with Our Data: India Inc


16th Jan 2012
Shweta Rao

The government is likely to sort out differences between the home ministry and Planning Commission over data collection for UID cards this week.

The Nandan Nilekani-led UID project has been touted as the world’s largest, most advanced, biometric database of personal identities. And many believe, according to reports, that the UID is meant to be more secure than the US’ Social Security Number (SSN).

In the absence of a coherent privacy law, Indian CISOs aren’t buying that. “Even SSNs have been misused by criminals for years. The flaw of any personal identification project is that when you input data into a database, there must be an assured mechanism in place. Fingerprints have inherent inaccuracies as a proof of identification and retina scans make data storage requirements much higher,” says security and privacy expert Deepak Rout. “If you don’t provide enough security, then chaos is inevitable.”

Though reports suggest that Nilekani has said that use of UID cards will be voluntary, it becoming mandatory cannot be ruled out. When all transactions will get linked to a single number, the same may be used by various state agencies to monitor citizens’ activities. This may interfere with an individual’s right to privacy. “Even if owning an Aadhaar card is made compulsory, I’ll stay out of it as long as I can,” says Rout.

Pawan Kumar Singh, CISO at Tulip Telecom agrees. “I am still insecure with the idea of entrusting my data to the government. Would I go for a UID card? No, thanks. The government may lay down stringent rules but where is the enforcement mechanism? UIDAI’s security policy will remain like our constitution–on paper–if citizen awareness is not brought up.” Singh believes that India isn’t ready to consolidate its entire citizens’ personal data on a single card.

Both Singh and Rout have reason to worry. In October last year, the UID project saw its first victim of privacy breach. A citizen from Maharashtra lodged a complaint stating that his address proof was compromised. The incident raised concerns on the vulnerability of personal data being collected by UIDAI. And that’s just one of the many instances of security breaches.

Even those close to the UID project are raising questions on the loopholes that may exist in the project. Sanjay Deshpande, CEO and CIO at Uniken Technologies–a security firm that was involved in initial talks with the UID project team–says that UID could be vulnerable to insider attacks. “How are they (the government) going to ensure that the systems aren’t vulnerable to insider threat? How trustworthy are the people handling a citizen’s personal identity? Also, are the biometric devices used by the government foolproof? You might have heard of losing your e-mail ids and passwords at an Internet café owing to malicious software in public computers. How is the government ensuring that the data capture device by itself is not malicious?” asks Deshpande.

Application level security is another major concern. “My problem as an Indian citizen–once the UID project starts collecting biometric data everywhere—is how would we prove our disassociation with a wrong UID and a crime we have not committed?” asks Deshpande.

While the cabinet decides the fate of the government’s ambitious UID project, it seems like Indian CISOs have already written its destiny. The question now remains – Do you trust the government with your data?

For any queries, you can contact the author at: shweta_rao@idgindia.com

8 Comments (+add yours?)

  1. Trackback: IIT Seminar on Privacy « kracktivist
  2. Trackback: Enrolment saga – Usha Ramanathan « kracktivist
  3. Trackback: Truth vs Hype: Who is afraid of Unique ID? « kracktivist
  4. Trackback: Major loopholes in UID system mean unverified documents could slip through net « kracktivist
  5. Trackback: India’s ID plan: An end to its inept bureaucracy or an Orwellian nightmare? « kracktivist
  6. Trackback: UID, NPR and all that Jazz « kracktivist
  7. Trackback: Unreliable Aadhar data to be used for Food Bill « kracktivist
  8. Trackback: The UIDAI project: why some of the optimism might be Nir-aadhar « kracktivist

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Archives

Kractivism-Gonaimate Videos

Protest to Arrest

Faking Democracy- Free Irom Sharmila Now

Faking Democracy- Repression Anti- Nuke activists

JAPA- MUSICAL ACTIVISM

Kamayaninumerouno – Youtube Channel

UID-UNIQUE ?

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 6,236 other followers

Top Rated

Blog Stats

  • 1,748,093 hits

Archives

January 2012
M T W T F S S
    Feb »
 1
2345678
9101112131415
16171819202122
23242526272829
3031  
%d bloggers like this: