A month after the Lok Sabha hurriedly passed the Aadhaar Bill, the debate over privacy and surveillance related to the gathering of biometric data by the Unique Identification Authority continues. The Bill, notified as a law on March 28, allows the government to collect and centralise biometric data of its citizens, and assign each individual with a unique 12-digit identification number.

Though Aadhar numbers are ostensibly to be used to transfer government subsidies and benefits to those eligible for a variety of welfare schemes, the law also gives the Unique Identification Authority the discretion to let any “requesting entity”, including private businesses, access the Aadhaar database. Even before the Aadhaar bill was notified, some private companies began to advertise apps and services that would use Aadhaar numbers to perform background checks on potential employees. This is worrying in a country without a privacy law in place.

For now, citizens can only imagine the extent to which their biometric data could be misused. But why just imagine? To get a clearer picture of what unwanted mass surveillance could look like, we need to look only as far as the small Dawoodi Bohra sect of Shia Islam, and the electronic identity cards it has made mandatory for its followers.

From E-jamaat to ITS

Dawoodi Bohras, who predominantly hail from Gujarat, are estimated to number 1.5 million worldwide. Around half of them live in India. A close-knit business community, the Bohras are known to be wealthy, well-educated and also tightly-controlled by the dawat – the religious and administrative headquarters of the sect. The head of the dawat is the community’s leader, known as the Syedna.

A decade ago, the leadership issued mandatory E-jamaat cards for all Bohras. These were identity cards linked to an electronic database that contains personal and professional details of individual community members. The plastic E-jamaat card was meant to serve as a Bohra’s passport to the community – to be scanned while entering mosques or pilgrimage spots.

Around three years ago, all Bohras were asked to upgrade their E-jamaat cards to new smart cards called ITS cards (short for Idaratut Ta’reef al Shakhsi). These are radio frequency-enabled, bar-coded identity cards that connect to an international database managed by the Bohra dawat.

To upgrade to the ITS card, Bohras were expected to report at their local mosque and get photographed with very precise specifications, much like a passport photo. While their biometric data, such as fingerprints or iris scans, were not taken, the ITS registration form asked for personal and professional details of an individual’s entire family, which some Bohras found intrusive. “I remember asking them how secure they would keep such sensitive information,” said Fatema (identity concealed on request), a Bohra from the UK. “But of course I got no answer.”

Big Brother watching?

Like the E-jamaat card, Bohras are told to scan their ITS cards every time they enter a mosque, community hall or musafir khana (pilgrim guest house) anywhere in the world. Access to the dawat’s main website is also restricted to those who have an ITS number. Thus, only card-holders can access online application forms to go for pilgrimages or attend major religious events.

For many pious Bohras, this is a welcome convenience. But for many others, it is a form of policing. “The card records everything,” said Jameela (identity concealed on request), a Mumbai resident. “[From] the number of times you go to the masjid, how often you attend Moharram sermons, what time you enter the mosque for sermons and more.”

Faiyaz (identity concealed), a Bohra businessman from Pune, said he resented the fact that the ITS card was considered mandatory for anyone who wished to remain within the community fold. “Our privacy is completely lost,” said Faiyaz. “Last Moharram, I actually got a call from my local mosque asking me why I had not been attending sermons, because they saw that my card had not been swiped. I know people who send their cards with their wives to be swiped by proxy at the mosque.”

Even donations are not anonymous anymore, said Faiyaz, because religious authorities insist on recording the donated amount on the ITS database.

Community members are afraid to openly criticise the Syedna or the dawat because it could entail getting excommunicated. But the resentment against the surveillance enabled by the smart card is evident on online forums. One thread on Dawoodi-Bohras.com is called “Shredded my E-jamaat card”.

“The card is really creepy because the moment you scan it, they can see your entire history of records instantly,” said Fatema. “They say it is for organisational purposes, but it’s really like Big Brother is watching you.”

ITS and Aadhaar

This sentiment is familiar to activists protesting the use of the Aadhaar card. An electronic database of citizens’ demographic and biometric information could easily be used for similar surveillance of anyone the state may deem suspicious. Handing over such data to private, commercial parties poses even greater threats to privacy.

While the government has claimed that the biometric information will not be handed out to any “requesting entity”, the Aadhaar Act allows for this data to be disclosed to any government joint secretary “in the interest of national security” – a phrase that remains undefined.

“Aadhaar is a platform that will be used to converge all existing databases, and it is already happening,” said Gopal Krishna, a member of the Citizens Forum for Civil Liberties. “The fear is that it could be used to classify and profile all kinds of citizens.”

Krishna said the Bohra ITS card can easily be compared to the Aadhaar. “The community’s members need to realise that electronic databases are never really secure, and may not remain in control of the community authorities,” he said. “Bohras are endangering themselves because their information can be used not only for surveillance by their own clergy but also can be used by any hostile body to get personal information about them.”