Thursday, March 3, 2011

98 - Bourgeois Inspirations- UID Resources - Ruchi Gupta

Bourgeois Inspirations UID Resources - Ruchi Gupta

There is little discussion or clarity about the UID project in mainstream media. Most newspaper reports are essentially excerpts from the draft approach document with little critical analysis. However, many people in the civil society are raising important questions about the project. These concerns are around two main themes: the potential use of the database by the State for repressive and undemocratic ends; and the monetization of the database for private profit. There are multiple issues under each that should have been debated in the public domain before going full steam on the project. Following are some critiques that discuss some less publicized aspects of the UID project. If you have any other resources, please email me or add in the comments section.

Reimagining Citizenship, Ravi Shukla (EPW)
The Personal is Personal, Usha Ramanathan (Indian Express)
High cost; high risk, R. Ramakumar (Frontline)
The Politics of Identity, Ruchi Gupta (Indian Express)
The Tips of Your Fingers, Jay Griffiths (Orion)
UID Critique
A Gathering Storm – How UID Will Transform India Into A Police State
Implications of Registering, Tracking and Profiling, Usha Ramanathan (Hindu)
An evaluation of biometrical fingerprint systems, Ton van der Putte and Jeroen Keuning
UID Numbers – A Discussion
Eyeing IDs, Usha Ramanathan (Indian Express)
Prof. Kundu on the exclusionary use of the UID project
A National ID Card Won’t Make Us Safer (Bruce Schneier via Nikhil Tripathi) (Talks about ID cards but most logic holds)
UID Debate in Bangalore – Agenda, Panelists and Videos
UIDAI Documents here

An archive of all news reports, blog posts on UID here

UID related tweets here

While the very concept of the UID project should have been discussed and debated in the civil society, given the advanced stage of the project (first #s expected between August 2010 – February 2011), complete transparency around the following questions is essential to ensure democratic end-use and rationalize costs.

Update (March 6, 2010): Response from Deepika Mogilishetty (Legal Advisor, UIDAI) in italics below

What is the primary purpose of the UID number – to improve delivery of government services or improve security (which could help identify illegal immigrants, purported naxals etc)? If the purpose depends on the organization, are there any in-built constraints to limit end use?

The primary purpose of the UID is to provide the infrastructure that will enable better delivery of services and benefits. The UID System is envisioned as a means for residents to easily establish their identity, anywhere in the country. The UID can have a significant impact on service delivery. In the UID system , each new entry is de-duplicated consequently, residents can only have one UID number, which is mobile and can be used anywhere in the country. The lack of duplicates, and accuracy and mobility in identity verification, would reduce opportunities for fraud and enable agencies across the country to provide residents with targeted, effective services and benefits.

Over the last week, there have been several policy statements such as the Economic Survey, Finance Commission Report and the Budget Speech of the Finance Minister, all of which clearly reflect the intent of improving services and the vision for the UID as an enabling infrastructure for targeted delivery of services.

Further, the information collected by the UIDAI is limited and does not throw light on where a person has come from and what they do.

What are the terms of the Mou’s signed with the different states so far?
The MOU’s are being discussed with State Governments once finalised will be made available as public documents.

What are the legislative and design safeguards to ensure that state and central governments do not use UID numbers to selectively track individuals/communities, and/or withhold/withdraw essential services?

The UID system has some basic features that will safeguard individuals and will be reflected in the legislative and regulatory framework:

information on the UID database about the individual is limited and the sole purpose is to establish identity of the UID holder,
authentication services of the UIDAI will respond with a yes or no in relation to queries about a UID holder,
UID database will not hold information on religion, caste, community, etc.
UID database will not be able to confirm anything else about the person other than their identity in relation to their UID number.
there will be no data flow out of the UID database, except under due process of law (e.g. court order).
UID database will not contain any transaction data.
As regards delivery of services, this is the responsibility of the service provider, if there is unjust denial or withdrawal of service that is a matter to be resolved with the service provider.

If there is a denial of service due to authentication problems, UIDAI will have sufficient support systems in place to resolve the matter in a quick and effective manner so as to avoid any inconvenience to the individual.

The legislative and regulatory framework for the UIDAI is being developed and will be put up for discussion, comments and input from the public.

What are the incentives (in addition to the ~100 as registration fee) provided to private operators (insurance, telecom and banks) to share their customer database with UIDAI? Additionally how will the Authority prevent data convergence by these registrars and other private organizations?

Anyone who wishes to have a UID number can approach a Registrar and enrol as per the procedure prescribed. People who choose to enrol give their information with the full knowledge that it is for the UID number. The UIDAI is not paying Registrar’s to share their customer databases. Registrar’s who partner with the UIDAI are doing so with the intent of providing enrolling services to people.

The mechanisms to compensate Registrars are being examined and will be made available once a final decision is taken.

The data collected by the UIDAI is for establishment of identity and authentication, the UID database will be secure and there will be strict protocols in place to protect against unauthorised access and use. Convergence of existing databases will need to be addressed and governed under a larger data protection regime applicable to the whole country and therefore this is a matter beyond the mandate of the UIDAI.

The approach document estimates annual savings of Rs. 20K crore by eliminating duplicates in state welfare schemes. What are the underlying assumptions and calculations for this number?

The sum of Rs 20,000 crores is an assumption which has been arrived at based on reports of the Planning Commission and Comptroller and Auditor General which have quantified leakages in the PDS system (food and fuel subsidies), NREGS.

Various reports peg UIDAI cost at Rs. 15K-30K crore. What are the Authority’s internal calculations and what are the measures/processes in place to ensure rationalization of expenditure incurred? Where has the money allocated last year been spent, and what is the targeted expenditure for the Rs. 1900 crore allocated in this year’s budget?

The accounts for last year will be finalised by the end of March and will be published as soon as it is available. We propose to put into the public domain a detailed plan for spending RS 1900 crores allocated in this year’s budget.

The complete budget of the UID project is in the process of being formulated and will be made public when the exercise has been completed.

Update (March 3):Ravi Shukla argues that the UID will be be used “as a node point bearing citizen data and therefore capable of operating  as a  facilitator and mediator of  market  information [...] [to move the definition of a citizen] to debt legible consumer citizen as opposed to the relatively more inclusive idea of the political citizen.” (Reimagining Citizenship, EPW). The following news report in Economic Times supports his contention. UID #s will form the basis of collecting resident/citizen credit history to “score” their credit worthiness. This history is developed by information sharing by banks, telecoms, insurance etc companies thus essentially killing the individual’s right to privacy. Relevant excerpts below.A host of new credit information companies (CICs) are coming up to provide banks with a comprehensive database of borrowers’ track record. [...] Helping link the borrowers to their credit histories will be the Unique Identification Authority of India (UIDAI) with its social security-like number, which has received a government support of Rs 1,900 crore in the recent Budget. [...] Last week, the Reserve Bank of India (RBI) gave operating licence to Experian Credit Information Company [...] Experian is the first credit information company to receive operating licence after the Credit Information Companies (Regulation) Act was passed in May 2005. [...] Earlier in 2009 the central bank had given in-principle approvals to two companies — Equifax Credit Information Services and High Mark Credit Information Services. Both are expected to get full-fledged operational licences before the end of FY10. [...] CICs maintain a centralised database on borrowers and rate their creditworthiness based on the information on their existing liabilities and past repayment record. The scoring is based on the analysis of the information provided by banks, which have already extended credit facilities to the borrowers. If a borrower goes to multiple lenders, then new lenders will benefit from these scores while making a lending decision and pricing the loan appropriately. The success of the model is based on information sharing between members [emphasis added] — NBFCs and banks. While Cibil enjoys a patronage of 200 credit grantors as members and has a database of about 1.5 million credit accounts, Experian has already obtained commitments from 39 lenders, even before starting full operations. Though the CIC Act has similar provisions for telecom and insurance companies, these are yet to take off commercially.
Update (March 19)

UIDAI MoUs with MP and AP read section 9 (i), (j) and 10.

9 (i) states that the registrars can collect any additional information they may require in order to provide services. This renders the UIDAI assurance that only basic identity information will be collected (to prevent discriminatory profiling) useless.

9 (j) states that the registrar can charge the user a fee for UID enrollment. This is wrong because the beneficiary is essentially coerced into sharing the colossal costs of the UID project since service delivery will likely be made contingent on enrollment.

10 states that if UID is unhappy with the registrars (if processes and standards for enrollment are violated), then the Authority will make some attempt to work things out, failing which UIDAI “will have the option”  de-register registrar or demand replacement. What will happen to the users who are enrolled through this “de-registered” registrar? Will they need to be enrolled again? What about the services they are using in the meanwhile? Also, registrars will likely get some financial benefit for providing enrollment services – if a registrar is de-registered, what about the penalties?

Update (March 14)

Get fingerprinted or pay Rs. 1000 fine

Census, NPR and UID Related queestion: UIDAI is using the Census as a registrar. However, information in the Census will be recorded as given, without documentary proof or other verification checks. On the basis of this information, the UIDAI will de-duplicate the NPR and issue UID numbers. How will the verification and enrollment standards of UIDAI be met?

Update (March 15)

This surprised even me – apparently biometric readers accept even photocopied fingerprints.

Update (March 18)

Census to skip Naxal controlled villages This news is significant because the Census will feed into the NPR, which will then be used to issue ID cards and also a UID #. In fact Nilekani calls the Census an “important registrar“. Another news report above talks about a Rs. 1000 fine for refusing to participate in the Census. The two combined together will essentially criminalize those individuals who are left out of the Census/NPR exercise as evidenced by the ID card/UID #. In Chhattisgarh especially, a villager without n ID card can easily be labeled by the police as a Maoist.

Update (May 4)

Significant differences between UIDAI’s PR speak and their actions. Some examples below.
Stated Position  ->       Actual

1. Constitution by Parliament Act -> Plan Comm Notification
2. UID # will be voluntary -> Conflated with mandatory Census and NPR; registrars may mandate enrollment before providing service
3. UID # to improve delivery of welfare services -> UIDAI not responsible for any improvements/leakages. Home Ministry launching a fingerprint database for criminals (Rs. 15K fingerprint reader in each police station of 22 states)

4. Data collection restricted to basic identity info -> MoU with AP/MP states that registrars can collect additional info required by them
5. Individual privacy will be protected -> We have no privileged information since the data already exists in many public databases
6. UID # will be random with no intelligence in # itself -> 12 digit number with 4 hidden digits (for pin/residence)
7. UIDAI will ensure data quality -> Registrar responsible for data quality; UIDAI and registrar not liable in case of intentional fraud by user

Update (May 5)

“The UIDAI would be proposing a UIDAI Act to provide for statutory powers and responsibilities to the authority. This Act would address the issues of privacy and data security of the UIDAI database,” Mr Nilekani said. This Act if it is to be meaningful and truly intended for regulation and not just parliamentary sanction for UIDAI must include certain safeguards to preemptively block certain types of usage, and protect the public in case of misuse or implementation glitches. Some draft UID-LegislativeSafeguards

Update (May 11)

UIDAI CSO meeting in Delhi on May 6h. Discussion was around three main areas: potential misuse (privacy, security etc); implementation ((in)efficiency of registrars; exclusion of marginalized groups like homeless, remote rural etc); and technological (feasibility; open-source software etc). Since there were around 35 people with diverse interests, the discussion wasn’t focused; however the following was agreed upon:

- UIDAI will share draft of UIDAI Act before submitting to govt (news report here)

- UIDAI will redesign website for RTI Section 4 compliance

- Future CSO meetings will be organized around specific interests – technology, economics, security concerns etc

- UIDAI will list concerns raised in previous CSO meetings and actions/decisions taken for each on their website

Update (May 12)
PM okays NATGRID despite opposition by Pranab (violation of privacy) and Antony (existing Joint Intelligence Committee satisfactory). Chidambaram, our resident human rights advocate says  “The NatGrid will provide a system of information to all the agencies about any person the moment a button is pressed,” and “country can’t pay price in name of privacy”

UK moves to cancel National Identity Cards and National Identity Register: Both Parties that now form the new Government stated in their manifestos that they will cancel Identity Cards and the National Identity Register. We will announce in due course how this will be achieved.

Update (June 02)

Committee comprising officials from the Prime Minister’s office (PMO), home ministry, planning commission and the UIDAI to review UID.
“Even if iris leads to de-duplication with 99 per cent accuracy, given the fact that close to 60 crore people to be given the UID number, will this level of accuracy be acceptable especially in matters related to security?” said the source.
“Therefore, the planning commission has to keep in mind that over the next five years, the cost of the UIDAI to be borne by the public exchequer would be in the range of Rs 35,000-40,000 crore (this cost is estimated for enrollment of 60 crore people -> total cost of project at least Rs. 70-80K crores). Before deciding on enhancing the scope of the UIDAI and prescribing the most stringent standards, the government’s ability to finance such an exercise also needs to be considered,” an official in the planning commission said.
Update (June 02)

UIDAI CSO Meeting on May 6th – Minutes
Update (June 21)
Responses received from Raju Rajagopal and Srikanth Nadamuni
Raja Rajagopal
1. All the CSO meeting notes are now up on the UIDAI website. As for action taken, I am not sure that the earlier meeting action items were specific enough to track point by point, but I do plan to write a consolidated action taken report soon. We will, however, start with the May 6th meeting notes for a point by point update as action is taken.
2. We have been striving to get the UID draft law into shape for public comment and expect it to be available very soon. FAQs will be updated once the UID Law is out for comments.
3. Srikanth Nadhamuni heads up the technology group (he was at the May 6th meeting, as you may recall). You may reach him at By copy of this e-mail, I am forwarding to him the technology/biometrics related questions you have asked.
4. Re:NPR and UIDAI, as our DG mentioned on May 6th, there is a joint institutional mechanism set up to go into the details and we will update our FAQs as we get better clarity on the interfaces.
5. I understand that a third party vendor is about to commence work on redesigning the UIDAI website soon. If you have a specific list of criteria to make the website RTI compliant, please do share them with us so we can discuss them with the vendor. At some point in the next few weeks, I do plan to come and meet Nikhil, Shekar and other MKSS folks for a follow up discussion of the May 6th dialogue.
6. As for your questions related to budgets and other matters, responses to which will involve several disciplines with UIDAI, I plan to internally discuss practical mechanisms to respond to questions from CSOs and citizens, and I will get back to you. That aside, UIDAI has not been routinely responding to news reports such as the one you have referred to.
Srikanth Nadamuni
UIDAI is using the Census as a registrar. However, information in the Census will be recorded as given, without documentary proof or other verification checks. On the basis of this information, the UIDAI will de-duplicate the NPR and issue UID numbers. How will this verification and enrollment standards of the UIDAI be met?
The FARs and FRRs have to be tuned as the system is operationalized for best results.
A very good question, The NPR exercise does incorporate a verification check, although it is not based on documentary proof. The process of verifying enrolments in the NPR is based on public display of the name and other fields with photograph at the village, any corrections that gets reported will get incorporated and only the verified list is sent to UID for enrolment.
As per the Iris Paper, 10 fingerprints would yield de-duplication accuracy of 95%; the addition of iris scan will improve accuracy up to 99% (though the committee declines to make an accuracy prediction). Even assuming a 1% error rate, on a population size of 1.2B, this is still 12M errors (the incidence of error will be likely highest in poor rural areas given the quality of data collection and bad fingerprints). The UIDAI position seems to be that corrections/updation will be initiated by the user – are there any supplementary mechanisms?
There are 2 kinds of errors that can exist in such a biometric system:
1) FAR – False Acceptance Rate – The system falsely accepting person A for person B since their biometrics are very similar.

2) FRR – False Reject Rate – The system falsely rejects the biometrics from the same person as not matching.

The FAR and FRR of a biometric system are inversely proportional to each other (if you try to get better FAR, the FRR increases and the vice versa). In order to maintain a high level of accuracy as well as to reduce vendor lock-in we are designing 2 different sub-systems for ‘enrolment’(needs better FRR) and ‘authentication’(needs better FAR).
As you will see from the “UID Biometric Design Standards” report page 44( biometric accuracy) that with 10 fingerprints the FAR error is close to zero, this is relevant during ‘authentication’ another important consideration is UID authentication takes the UID number and the biometrics, which means we pull up the resident’s record and simply match the captured fingerprint against the 10 for that person only – a lot simpler problem, WE ARE NOT COMPARING THE FINGERPRINTS AGAINST 1.2BILLION PEOPLE during authentication.
During enrolment when we de-duplicate the enrolment records to maintain uniqueness, here the FRR become more important(don’t want to accept 2 duplicate biometric records as different and hence not catch a duplicate enrolment), but since the enrolment sub-system is quite separate from authentication we can try and improve FRR without any need to keep FAR low.