Aadhaar is an evolving endeavour
Along with introducing new features, the system can also manage their transition at scale
You can’t have your cake and eat it too. Economists call this maxim a ‘trade-off’. You are always balancing between opposing forces, having it all is not an option. In the late 1800s, you could either take a carriage and ride slowly but comfortably or ride faster, but solo (and uncomfortably ), on horse back. That was the case, until it changed in 1912, thanks to Henry Ford. You could now travel both comfortably and fast. This is why new technology has always been lauded in society, because it changes the nature of these trade-offs entirely.
As the usage of Aadhaar grows, there has been concern from some about the‘ linking’ of A ad ha ar to various services. The concern was that a unique identifier such as A ad ha ar being seeded in multiple databases opens up the possibility of deep profiling and tracking. Images of ‘1984’ and the birth of a ‘panopticon’ have been conjured up. These fears are over-hyped and baseless.
For a moment, consider another unique identifier, your mobile number. A typical urban, young Airtel user, has probably ‘linked’ her mobile number to Ola for booking cabs, Z om a to for ordering food and Whats A pp for messaging. Yet, one cannot say that by doing so, Airtel knows where she goes, what she eats or whom she talks to. This is because ‘linking’ is a one-way process. Ola knows your Airtel number, but Airtel doesn’t get data from Ola. The same is the case with A ad ha ar. UIDAI doesn’t know where you’ve linked your Aadhaar, and why.
Even then, in the rare case, if Ola, Zomato and Whats A pp were to collude and share your data, they could ‘link’ the data using your mobile number. With current technology, you could get multiple sim cards and hand sets for summoning ac ab, ordering food or sending a message but that is impractical.
The answer to this trade-off is token is at ion technology.
Basically, tokenisation in our example would mean a different mobile number is automatically assigned for every Z om a to, Ola and Whats A pp you link to. Moreover, you can create your own virtual mobile number if you want. U ID AI had originally considered tokenisation in the early days of A ad ha arin 2010, but it was an idea then ahead of its time.
Now that tokenisation has been announced, it has changed the nature of the trade-off itself, increasing privacy and security, without compromising usability. There are three new features which have been launched.
First, the new limited eKYC will not give away your Aadhaar number, unless the law requires it. Second, every organisation using A ad ha ar will necessarily get a token, i.e. an ID number, that no one else in the world will have. This token can not be used to reveal your A ad ha ar number, nor can two colluding organisations‘ link’ your records. This is a guaranteed token is at ion on the back end, with no action required from the user. Your privacy is protected as a default.
Third, if you’re still not satisfied with the U IDA I’ s token is at ion, you can option ally generate your own 16- digit Virtual ID. This Virtual ID is a pseudo-A ad ha ar number and will be usable everywhere an A ad ha ar number is. More importantly, U ID AI re cog ni se st hat this service should be available to all, so you do not need a laptop or a smartphone toge tor replace a Virtual ID.
In fact, this sort of inclusion by design has been a feature of A ad ha ar from the very beginning. Even the homeless could get an A adhaar, without a valid proof of address, by the introducer system. The UIDAI team knew that the introducer system has challenges, but the trade-off was to exclude people from get- tingan Aadhaar because of a lack of documentation. I’m glad the UIDAI chose inclusivity. The recent move to enable facial recognition as another way of Aadhaar authentication is one more step in the interest of inclusivity.
I’ m glad that news headlines are dedicated to important technological challenges such as protecting user privacy, but unfortunately, the quality of the debate leaves a lot to be desired. While Aadhaar took centre stage in the debate, it was a distraction from all the other real issues that are detrimental to an Indian’ s privacy. From my example above on linking, you may have realised that your mobile number creates the same privacy issues as Aadhaar did before tokenisation. In fact, a recent article in The New York Times quoted an FBI agent saying that a mobile number is more dangerous than a social security number because it is in 10x more databases, it is the exact same for every service, it is connected to a device that is always on you, and can even track your location.
What delights me the most though is that the Aadhaar architecture is flexible, fast, constantly innovating. It is not just able to introduce new features, but also manage their transition at scale. Systems are not born through Immaculate Conception, they get there through constant improvements. We should applaud the U ID AI for being responsive to the concerns of the public. We need to recognise that providing a unique, secure identification, with instant authentication anywhere, to 1.3 billion Indians is an evolving endeavour. What India has accomplished in less than nine years is nothing short of a revolution!