Monday, May 24, 2010
81 - India's Unique ID project: All but safe
CLICK ON TITLE TO SEE ORIGINAL ARTICLE - Posted by Ram Krishna Swamy
India's Unique ID project: All but safe
Ever since India's Unique ID project was proposed and Nandan Nilekani was appointed to head it, there has been a lot of hype about it. Many companies wanted a piece of it. Everybody jumped into the discussion to have a say on what this new project should be. Some suggested that mobile numbers could serve as the unique ID. Then a few more details of the project came out: that it would be a 16-digit number, that the ID would not be proof of citizenship and such like.
Everything has been discussed except security. But why is it important to discuss security?
The latest example, found via Michael Scott is the news that a police chief in Iowa has been suspended after he supposedly revealed data that he never should have had in the first place, supposedly handing out information on someone's driving record and criminal history, despite having no legal reason to even have that info, let alone distribute it to anyone. So why do we keep assuming that governments won't abuse such data collections? (TechDirt)
And the example above from TechDirt is not the first. If you follow the link, there are 6 occurrences of government abusing data. Would India and the Unique ID project be any different?
I don't think so. For starters we in India are in the middle of the biggest media leak. The Liberhan Commission report which took 16 and a half years and 8 crore rupees to complete has been leaked to the media. The Indian media has got hold of this 900-page report by some divine intervention. The irony is that the media is debating the media leak. The report, as Bala Murali Krishna has pointed out, doesn't reveal any details that we don't already know.
We might think that the Unique ID project will be different. Wrong. Unique ID project details were leaked too. A report titled Creating a Unique Identity Number for Every Resident in India was leaked to the Internet.
Coming back to the question at hand, we are looking at a massive data gathering of 500 million people in the next 5 years and close to a billion after that. What happens to the data after that? What would be the interface to retrieve the data from different corners of the country? Most importantly who will have access to this data? And, how will the people who have access to the data use it?