The basic difference between being forced to sign up for Aadhaar and signing up for Facebook – I have often been told by many friends, especially those who value privacy and agency – is a matter of consent. If the government has its way, residents of India will not be able to use their bank accounts, their phones, get pension, access provident fund, buy an airplane ticket, a flat or diamonds if they do not register with the world’s largest biometric database, which had enrolled 1.2 billion Indians by this week.
This is a good time to disclose that not only was I an early adopter of Aadhaar, I also linked my bank account and phone number much before the threatening emails and texts arrived. I admit that data leaks from third parties, such as gas and phone companies, that use the Aadhaar database sound quite frightening, even to me, the Aadhaar enthusiast (I’ll explain why later), and it is hard to trust a government that plays fast and loose with civil liberties and laws and boasts that my data is secure behind walls 13 feet high and 5 feet thick. Oh alright, it also uses 2048-bit encryption, but that is pretty standard worldwide, and data experts say that it sounds like so much jargon because it is not clear how much data is so encrypted and how.
In any case, the Supreme Court will soon decide the extent of Aadhaar’s empire, but who exactly is going to resolve the growing dispute over the power wielded by Facebook?
The age of privacy leaks
Every day, we learn that Facebook’s power and influence over our lives is greater than we ever imagined. Of course, it was our decision to sign up for Facebook, to share cuddly photos, feelings and opinions with friends, family and acquaintances. But we did not know, did we, that in doing so we have also laid bare not just the patterns of our lives – patterns that we ourselves may not have realised – but feelings that we may or may not have expressed?
We just found out that a rogue operation by a British company with access to the profiles of just 2,50,000 Facebook users was enough to let it gain insight into millions more. More than anything, the shock delivered by Cambridge Analytica reveals just how easy it is to filch personal data, how much of it is out there, and how vulnerable the world’s social networks are to abuse in an age of mass manipulation of mind and behaviour. People on any of these networks are either susceptible to exploitation – emotional or criminal – or have already been exploited in some way or the other.
I am on Facebook – and Twitter, Tumblr and WhatsApp. And wait, didn’t I sign up and once share articles on LinkedIn and Google something-or-the-other? There are a few of us still without a digital signature, for example, Sunil Gavaskar, India’s cricketing legend. He is not on any social network and shrugs off anything anyone might say about him there, but Gavaskar does use an old-fashioned mobile phone that is not smart, so he has a digital vulnerability, however diminished.
People do not even have to be on Facebook to have bits of their lives revealed. Someone may have posted a photo of them or shared something they may have written. That is enough for someone to know who that person’s friends are, what they think and where they have been.
It is not my case that the digital tsunami washing over our personal lives justifies the government’s determined efforts to make Aadhaar ubiquitous. It is not enough for the government to say, trust us – I would not. It is not enough for the CEO of Aadhaar’s implementing agency, the Unique Identification Authority of India, to say the database has suffered no leaks in eight years and refuse to acknowledge leaks from client networks – and harass or ignore those who reveal these chinks. Rhetoric is no substitute for robustness and trust. That trust currently does not exist in adequate measure, and without it, justifying the spread of Aadhaar is difficult.
Yet, there are two reasons I support Aadhaar. One, because I witnessed its founding idealism and knew many of the idealists who built India’s new digital foundation, and two, a robust, secure national database can help provide an identity and carry many benefits to millions of poor Indians who do not have one and have been left stranded by the rising tide of development.
Indeed, Aadhaar has been the prime enabler of the government’s success in getting bank accounts to more than 60% of Indians, up from 35% in 2011, with so-called zero-balance or unused accounts steadily falling. The enabling factor has been an army of banking correspondents, fanning out into the hinterland enrolling people and verifying identities, in large part through Aadhaar. Could it have been done through scores of bank databases? Possibly, but the logistical difficulties, apart from being considerable, may not have been overcome by the general Indian inability to work cooperatively.
The rush to now shove Aadhaar down everyone’s throats without ensuring that a host of institutions are seamlessly networked and safeguards are in place is unconscionable and dangerous. It is the poorest and weakest who are most affected by the leaks and chinks in the Aadhar ecosystem – denied rations, pensions and salaries because their fingerprints are worn out from a lifetime of manual labour, accidents or other misfortunes. They run from bureaucratic pillar to post, trying to regain their lost identities. They are exceptions, stray cases, the government argues, an argument that betrays its obsession with compliance, a refusal to see Aadhaar’s considerable problems and disregard for the caring society it claims to strive for. The folks at Aadhaar point out that the lack of biometric authentication is no reason to deny benefits due – the laws on this are clear – but that does not wash in a country riven by red tape and graft, where many officials will grab at any straw to make people’s life more difficult. And Aadhar is considerably more than a straw.
But it is also hard to justify stopping Aadhaar in its tracks because it has weaknesses. Every social network that we use has loopholes. There is no such thing as a perfect Facebook – answerable to national governments, laws and social concerns – and there never will be. Its founder Mark Zuckerberg says sorry and insists his social network will do better. He may find these promises difficult to honour.
Let us admit it, we are beguiled by the possibilities, and we are willing to take the accompanying risks. We may finally figure out those Facebook controls, and we may hope that the Supreme Court allows us to keep our Aadhaar numbers from those banks and phone companies. But the fact is, as our private lives surrender ever more to the rising digital tide, our vulnerabilities will grow. Privacy will be the first casualty; it already is. India is only just facing this incoming tide. Is it irreversible? Indeed, should it be reversed? These are questions as applicable to Facebook as to Aadhar – and the next big thing.