Aadhaar [Day 21 Session 2] All You Need To Know About UIDAI CEO’s PowerPoint Presentation Before SC [See PDF Of PPT]
To Convince The PowerPoint presentation delivered by UIDAI CEO Ajay Bhushan Pandey before the Supreme five-judge bench on Thursday commenced with him submitting that prior to the introduction of Aadhaar, there was ID proof admissible at the national level in India.
“Each proof of ID had its own limitation. Like, a voter’s card cannot be issued to children, while a ration card is acceptable only in a specific territory,” he continued.
He indicated the various features of Aadhaar:
- Only numbers- no smart card
- Random 12 digit number- no intelligence or profiling
- Number once issued is never reissued
- The uniqueness of the identity ensured by biometric information
- Covers all residents, including transgenders and children; serves as proof of identity, address and relationship
- Strict data collection, quality verification and deduplication
- Enrolment and update possible from any part of India
- No conferment of citizenship or any right or entitlement
- No sharing of sensitive biometric and demographic information without the consent of the resident
- Online authentication
In the course of the hearing, it was also claimed that the cost of one Aadhaar card is less than $1.
Pandey submitted that as compared to the American Social Security Number, The Aadhaar gathers only minimal demographic information under the heads of ‘name’, ‘date of birth’, ‘address’ and ‘gender’, and biometric information of fingerprints, iris scan and facial photographs. Mobile number and email address are optional.
Data pertaining to religion, caste, tribe, language, income, profession, entitlement records or medical history is not sought.
Further, he asserted that none shall be refused to be enrolled for Aadhaar on account of any biometric exception. “How would individuals with biometric exceptions (for instance, persons suffering from leprosy), who cannot possibly give their biometrics, authenticate...,” inquired Justice DY Chandrachud. “By way of OTPs or their demographic information,” responded the UIDAI CEO.
Thereupon, the characteristics of the Aadhaar enrolment ecosystem were discussed:
- Decentralised enrolment
- Centralised Aadhaar generation
- Scalable architecture
- Standard software and processes
- Certified devices and manpower
- Traceability of all actors through audit trail
- 2048 bit data encryption (higher and better than the more common 256-bit data encryption)
“The strength of the whole universe will be needed to break such an encryption,” remarked Pandey.
“Why were 49,000 enrolment agencies blacklisted then,” asked Justice AK Sikri.
“The blacklisting was for charging money for enrolment or on account of poor data quality...some of them had even abused the measures meant for ‘biometric exception’...otherwise, the software used under the Aadhaar project is provided by the UIDAI and the hardware is also certified...,” responded Dr. Pandey, adding that some agencies had even enrolled inanimate objects or prima facie fictitious entities. He assured that the UIDAI now has in place stricter standards for enrolment agencies.
When Justice Chandrachud asked about the enrolment of children, he responded that Aadhaar is issued even to infants, without the necessity to comply with the requirement of being a resident for 182 days under section 2(v) of the Aadhaar Act. He also submitted that the biometrics of the infants are taken only upon their attaining the age of 5 years and subsequently updated at the age of 15 years and that the Aadhaar is initially issued on the basis of photographs.
In response to a query regarding the update of biometrics, Pandey submitted that in case of children, Anganwadi workers are sometimes authorised for this purpose, while others may visit the enrolment agencies.
“In a country where several individuals are illiterate or not technologically adept, how would one find out that their biometrics need updation,” inquired Justice Sikri.
“If the biometrics do not match, we receive an error code...The QR code in the Aadhaar card aids in securing access to any rightful entitlements until the biometrics are updated...,” responded Pandey, assuring that in view of Section 7 of the Act, none would be denied any entitlements for the want of update of biometrics.
“How will the UIDAI know if there has been a refusal of entitlement or failure of authentication,” asked Justice Chandrachud. “That is why we advice officials to not rely exclusively on the biometric authentication and refrain from denying access to entitlements in view of the exceptions in the law,” replied Pandey.
When he stated that there is no formal data on such denial of ‘Subsidies, Benefits and Services’, Justice Sikri mentioned an instance where a ration shopkeeper was misappropriating grains citing failure of biometric authentication. “But the said offender could ultimately be caught...this may not have been possible earlier...there is never a 100% chance of a successful authentication. There may be extraneous factors like break down of the machine or lack of internet or electricity...”, responded Dr. Pandey.
As the discussion veered towards the enrolment process, Justice AM Khanwilkar inquired about the risks associated with the utilisation of foreign software and machines, another oft-repeated contention of the petitioners. “Only the biometric software is of foreign origin and it is of the highest quality; besides, the software is finally operated on our own servers...like banks make use of ‘Oracle’, but that does not mean that they would leak data to ‘Oracle’”, explained Pandey.
Justice Chandrachud reiterated the petitioners’ concern regarding the aggregation of metadata. Pandey assured that the accumulation of the data in different silos is forbidden. He also advanced that over 4 crore authentications take place in one day and the authentication records are not transferred to the CIDR. Besides, in the PowerPoint presentation, it was claimed that the UIDAI does not gather location, purpose and details of the transaction, which are not known even to the ‘requesting entity’.
On Thursday, Pandey also submitted that the biometric data in the CIDR cannot be shared, except for the purpose of national security under Section 33(2) of the Aadhaar Act. He further contended that till date, no requests in this behalf have been advanced by any state agency.Read the PowerPoint Presentation Here