With The Tribune recently reporting on how random people can buy access to Aadhaar database of nearly 1.2 billion people with a meagre Rs 500, Aadhaar’s privacy concerns have once again become a matter of contention. While many have questioned the UIDAI’s ability to secure vital personal information of individuals – including military personnel whose demographic information can be used to trace their whereabouts and threaten their family members or extort crucial information thus, posing a threat on national security – others have argued that demanding privacy while having accounts on social media platforms is hypocritical.
Here’s why sharing information on social media is not the same as sharing information with UIDAI for an Aadhaar card:
Making accounts on social media is not mandatory
One can survive without a Facebook profile, the lack of which will not stop you from getting ration, welfare benefits (especially for BPL citizens, minority sections, differently-abled individuals and senior citizens), health care, bank accounts, PAN cards, academic mark sheets, death certificates, etc.
Your absence on social media won’t kill you
In September-October last year, there were three alleged deaths due to starvation after food was denied to an 11-year-old minor, a 43-year-old rickshaw puller and a 62-year-old senior citizen for not linking Aadhaar to ration card. Recently, the widow of a Kargil soldier died after allegedly being refused treatment in a hospital as she did not have her Aadhaar card with her.
The only downside of your absence on social media is the slight hiccup in keeping in touch with your friends.
You choose what you share on Facebook
While Facebook asks for demographic information, you can choose to not share some of the details. In fact, you can share nothing on Facebook if you don’t want to – the reason so many fake accounts exist on the platform. But if you want a legit account to stay connected with the 500 plus people on your friend list, you can still do so by not providing your residential address, your phone number, the names of both your parents, your bank account details and your biometrics.
Making an account on Facebook does not put your money at risk
We don’t share our bank account details or even our debit/credit card details on Facebook. Whereas, it is mandatory to link your Aadhaar number with your PAN card. Any leak in the Aadhaar database puts our entire savings at risk. Last year, bank account details of 13 crore people were leaked from four government databases. In October 2017, Rs 40 lakh pension money was stolen by three men by using Aadhaar details.
Facebook does not ask for your bodily information
Can you avail the same benefits with the existing identity proofs without applying for the 12-digit identity number that uses your biometrics?
Will the government permit you to do so?
But Aadhaar has had past cases of breaches from government websites itself. What if your bodily information is used to track your every move or worse, it is used to make a fake profile and a crime you did not commit is pinned on you? Is compromising your privacy a cost you need to bear?
“To be or not to be that is the question.”
[Read an earlier case of misuse of Aadhaar biometrics.]
A Facebook breach will at most expose your personal chats, pictures and who you are friends with
Aadhaar is a mandatory government service where you have to part with all your personal information. Despite numerous cases of Aadhaar data breach, exposing us to a host of threats, the public response to the revelations has been scanty.
What can happen if your personal details, including your biometrics, are leaked? If it falls into the wrong hands, they can do practically anything in your name. And it is easier than you think.
UIDAI only takes responsibility for the security of data stored within its Central Identities Data Repository (CIDR). But it shares Aadhaar data across multiple government databases and duplicating biometric data is not impossible. “At the end of the day, the way the biometric authentication works is by comparing two images. There is a copy of an image which is collected at the time of enrolment which is stored by the UIDAI, and every time you authenticate yourself you give a fresh image. As far as the CIDR is concerned, it has nothing to do with how that image is being created at that stage,” says Amber Sinha, who co-authored the CIS report that revealed in May the leak of Aadhaar numbers on government websites, reported The News Minute. This leads to a “replay attack” – where stored biometric images are used to complete transactions without the presence of the actual owner of the biometric data. This has already happened in February.
You can delete your social media account at will
If you are not happy with Instagram’s services and think that the application is violating your privacy, you can deactivate your account whenever you want. The case with Aadhaar is obviously not the same.
To sum it all, sharing personal information on Aadhaar is not the same as sharing details on social media websites. To compare the two is a flawed understanding of the nature of Aadhaar and what it is capable of when it comes to violating our privacy and obstructing our rights.