Unpacking Aadhaar: How biometric id for a billion really works
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Subtitle |
| |
| Alternative Title |
| |
| Title of Series | ||
| Number of Parts | 254 | |
| Author | ||
| License | CC Attribution 4.0 International: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
| Identifiers | 10.5446/53141 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | ||
| Genre | ||
| Abstract |
| |
| Keywords |
36C3: Resource Exhaustion105 / 254
1
7
8
9
10
11
24
26
27
28
35
39
40
41
43
44
47
49
50
55
56
60
62
63
64
68
71
72
74
75
77
78
79
82
88
93
99
100
102
106
109
111
112
113
118
119
122
124
125
127
132
133
135
136
137
138
140
141
142
143
144
145
146
150
151
156
157
158
161
162
164
165
166
167
170
173
175
177
179
180
182
183
187
201
202
208
213
219
224
226
233
234
235
237
239
240
241
244
246
247
249
251
253
00:00
Plane (geometry)NP-hardAnalogyIdeal (ethics)Digital libraryPoint cloudPhysical systemEntire functionPlastikkarteVideo gameStatement (computer science)Identity managementIdentical particlesInterior (topology)BiostatisticsDigitizingHacker (term)Physical systemSelf-organizationComputer programmingSpacetimeMedical imagingPoint cloudMathematicsOrder (biology)Optical disc driveDifferent (Kate Ryan album)Line (geometry)FingerprintGoodness of fitProjective planeDigital photographyComputer animationJSON
04:02
State of matterInformationTask (computing)Uniqueness quantificationIdentity managementService (economics)SineNumerical digitMachine visionCyberspaceDivision (mathematics)Point (geometry)DatabaseWebsiteNumberQuicksortNeuroinformatikComputer programmingCASE <Informatik>Computer animation
04:52
Uniqueness quantificationNumerical digitIdentity managementService (economics)SineNumbering schemeExpressionAverageData storage deviceComplex (psychology)CASE <Informatik>Hacker (term)Statement (computer science)WaveSet (mathematics)WordQuicksortArithmetic meanCausalityComputer animation
06:15
GenderAddress spaceDigital photographyFingerprintPantographBiostatisticsInformationPasswordPhysical systemInformation privacyUniqueness quantificationIdentity managementValidity (statistics)DatabaseRight angleConnected spaceNumberField (computer science)PlastikkarteSource codeMaxima and minimaBasis <Mathematik>InformationSocial classFingerprintMechanism designCore dumpPhysical systemDigital photographyDatabase transactionCondition numberOrder (biology)DatabaseUtility softwareProcess (computing)System identificationUniqueness quantificationState of matterAddress spaceComputer programmingMatching (graph theory)BiostatisticsRow (database)Sign (mathematics)Physical lawProof theoryPort scannerKey (cryptography)Data structureAuthenticationPasswordDigitizingMereologyIdentity managementAuthorizationUniverse (mathematics)Computer animation
10:45
Service (economics)Mechanism designHaar measurePublic key certificateNumberPoint (geometry)Graph coloringSound effectComputer animation
11:45
AuthenticationNumberDifferent (Kate Ryan album)ImplementationTelecommunicationDatabaseCASE <Informatik>Drop (liquid)Operator (mathematics)Connected spaceMereologyRandom number generationAuthenticationNeuroinformatikSystem identificationInstance (computer science)Order (biology)Identical particlesElectronic mailing listAuthorizationRegulator genePasswordSimulationFingerprintPlastikkarteLecture/Conference
14:30
Bridging (networking)HypermediaDependent and independent variablesChemical equationDistribution (mathematics)Physical systemParsingInformation privacyService (economics)AuthenticationDatabaseMathematical analysisInformationIdeal (ethics)Mechanism designFreewareUniqueness quantificationPeer-to-peerProcess (computing)Turing testCore dumpBiostatisticsState of matterComputer-generated imageryInternetworkingNetwork topologyCompilerStatisticsExplosionSineWebsiteFAQIdentity managementWordModule (mathematics)PRINCE2Mobile WebNumberWave packetState of matterRight angleMultiplication signVotingDependent and independent variablesMechanism designMereologyFingerprintPhysical systemExpressionBitDatabaseMobile WebElectronic mailing listBackupPoint (geometry)Row (database)AuthorizationConnected spaceMathematical optimizationAuthenticationOperator (mathematics)Goodness of fitFundamental theorem of algebraCondition numberFamilyTraffic reportingCoefficient of determinationExterior algebraClosed setGroup actionDistribution (mathematics)Channel capacityTerm (mathematics)Extension (kinesiology)Video gameDifferent (Kate Ryan album)Metropolitan area networkCASE <Informatik>Beta functionCompilation albumThumbnailRational numberRemote procedure callPoint cloudTelecommunicationReal numberFormal verificationNetwork topologyInternetworkingHacker (term)MathematicsComputer animation
22:52
NumberCoefficient of determinationPlastikkarteTraffic reportingGodConnected spaceCASE <Informatik>Exception handlingBiostatisticsPhysical systemPoint (geometry)Meeting/Interview
24:14
Computer-generated imageryOperator (mathematics)Process (computing)CloningFingerprintHacker (term)Proxy serverSoftwareSoftware developerPhysical systemBiostatisticsServer (computing)AuthenticationCellular automatonTwitterArmState of matterProcess capability indexIdentity managementSystem programmingMathematicsMetropolitan area networkPhysical lawElectronic mailing listStatement (computer science)Boss CorporationEqualiser (mathematics)NumberProjective planePosition operatorSampling (statistics)ResultantDatabaseProcess (computing)Vulnerability (computing)Multiplication signProfil (magazine)ExistencePoint (geometry)Quicksort19 (number)State of matterWorkstation <Musikinstrument>Condition numberDistanceSystem callWindows RegistryWebsiteIncidence algebraBitSingle-precision floating-point formatIntegrated development environmentWhiteboardOperator (mathematics)Source codeHypermediaDependent and independent variablesTraffic reportingIdentity managementChemical equationGroup actionCASE <Informatik>WordReading (process)Student's t-testPhysical systemRevision controlLogicIdentical particlesSoftwareLevel (video gaming)AuthenticationShift operatorPower (physics)MereologySign (mathematics)Module (mathematics)Repository (publishing)Centralizer and normalizerBiostatisticsHacker (term)Computer fileClient (computing)Term (mathematics)Lecture/ConferenceMeeting/Interview
32:08
Digital photographyNP-hardAnalogyIdeal (ethics)Digital libraryPoint cloudPhysical systemEntire functionState of matterNumberCentralizer and normalizerQuicksortVotingPublic key certificateWindows RegistryPhysical lawFraction (mathematics)Civil engineeringTerm (mathematics)PlastikkarteMachine visionState of matterDifferent (Kate Ryan album)Stack (abstract data type)Total S.A.EstimatorFlow separationDatabaseRight angleLevel (video gaming)Identity managementProcess (computing)Equivalence relationCASE <Informatik>InformationMereologyImplementationObservational studyBuffer overflowInternetworkingRoundness (object)Service (economics)Physical systemNatural numberLeakSystem identificationMultiplication sign1 (number)Event horizonPoint (geometry)Image registrationIntrusion detection systemAuthorizationTrailKeyboard shortcutOperator (mathematics)ArmOnline helpScripting languageRow (database)BitStatement (computer science)Link (knot theory)Water vaporPredictabilityBasis <Mathematik>WebsiteDecision theoryGraph coloringOcean currentMoment (mathematics)Position operatorComputer animation
38:03
Computer animation
Transcript: English(auto-generated)
00:21
that it was overwhelmingly depressing and dealt with CIA illegally spying on people and Julian Assange being under constant surveillance and you think it cannot possibly be worse, but it can because our next speaker is going to tell you about systems
00:41
for collection of biometric data and digital identities and how they can potentially make lives worse not just for dozens of people but for hundreds of millions of people or billions of people. So let's hear it for Kiran Janovagada.
01:05
Yes. Unpacking the compromises of Adar and other digital identities inspired by it. Kiran is the founder of Karana Project, an organization examining identity programs.
01:20
So he's going to tell us about the most depressing thing you're going to hear in this room today. Thank you. Thank you, Kiran. Thanks, everyone. I'm glad to be here. So let's get started. Well, as always, these things start with an origin story. So in the beginning, we did not have identity cards.
01:41
Everybody knew you by your name or your face. And then things got a little complicated and we got ID papers and before long, this was a meme. Where are we? Okay, come on. Technology doesn't like working and it doesn't want work.
02:05
Yes. So we are hackers. We like to think all problems can be solved by hacking. And a decade ago in 2009 in India, some of our kind looked at this ID paper problem
02:22
and thought there has got to be a better way. And why do papers have a life of their own? What happens if you lose your papers? Do you not have identity anymore? What happens if your papers are confiscated? Does that change who you are as a person? And how do we think of this in a better way?
02:43
And so for inspiration, you can go back to the Voyager spacecraft. When the Voyager spacecraft left Earth for outer space, it carried this image on it. Now this is the aliens edition of showing ID papers. You know, who are you? We're humans.
03:01
This is good for outer space. Then why can't we do something like this on Earth? And so these people started asking, why do you need to see my ID? You can see me. My body is my ID. So this is nice, but bodies can't go online. And so you need to now somehow extract the soul of a body
03:21
and take it online. And this is not an ideal reference. This is in fact how they think about it. And this is the statement that they make explaining how they think about this, that your soul, your atma, can be uploaded into the cloud and then exist online. And how do you do this?
03:42
Well, the approach that they took up was to say, collect all your biometrics. They take your photograph, they take your fingerprints, all 10 fingers, they take two iris scans, and they give you an adhar, which means foundation, which is supposed to be the foundation of the rest of your life.
04:02
This is quite literally now how you enter cyberspace in their vision. Now if they want so much data from you, what more could they possibly want? And this is something that worried the judge of the Supreme Court of India who went on to ask, say, well, are you going to do this next?
04:25
At this point you'd wonder, is this satire or is this science fiction? Well, nope. The database that they built has 1.25 billion entries in it and this is how they announce that number with a Christmas greeting.
04:43
So where do they keep this data? As computer programmers, we often struggle to explain technical concepts to a non-technical kind of audience and this is sort of what happened in the Supreme Court of India when a case against Adha was being heard last year. The Attorney General, Mr. K.K. Vinogopal,
05:01
who was 87 years old at the time, explained data storage to the justices of the Supreme Court explaining that it is stored behind in a complex that has walls that are 13 feet high and five feet thick. Therefore it is safe.
05:22
So as you can expect, the public phone is very funny and since then 13-foot wall is a meme in India. What are you doing? Well, it's behind the 13-foot wall, so nothing to worry about. But this isn't your word, jokes. So we can go back to Arthur Clark who made the statement that any sufficiently advanced technology
05:43
is indistinguishable from magic. Your average person does not understand how technology works. So to them, technology is magic. And this essentially then means that we hackers who understand technology are society's magicians.
06:04
You've got a magic wand, you wave it, and problems are solved. And this is how people think this is supposed to work, but we know better. We actually know how technology works and we know when technology does not work and it is imperative on us to call it out.
06:20
And that's what I'm here for today, to explain to you why this technology does not work and what we need to be doing about it. So let's start off with the basics. What does other actually collect? This is their rough database structure. They collect biometrics and they collect demographics.
06:40
In the biometrics, they classify them into two components. The core biometrics, which are your fingerprints and your iris scans are considered extremely confidential data and will never be shared. That's the mandate that they offer. But your photograph, which is also biometric, can be shared because it is, after all, what goes into an identity card. The other part is the demographics.
07:00
They collect your name, your date of birth, if it is known. A lot of people in India do not know when they were born. Your gender, you can't declare yourself as a transaction that's accepted in the other system. And then they collect a postal address. And this information is what you submit when you enroll. Your biometrics are then sent for deduplication
07:21
against the entire database. So there are billion plus records in there. If you try to enroll today, they will compare your biometrics with every single record already in the database to confirm that it's not already enrolled. Now this is a process that takes roughly about 45 days. So that's how long it takes for them to confirm that you are a new enrollee and you now have another number that's guaranteed unique.
07:42
And anybody can apply. The only requirement is that you're physically present in India. The law says you have to be there for 180 days, but nobody checks. So you can just walk into any other enrollment center, sign up, and you will have an ID. The number when it is assigned to you is sent to you by post. You do not get notified online.
08:02
And the letter that they give you, it looks like this, is essentially the way they confirm finally that your address is actually real. Because if this was your address, you're supposed to receive the card and therefore your proof of address is confirmed. This, as you can expect, is a serious problem for migrant workers who cannot guarantee where they're going to be when the letter arrives.
08:21
But we'll get to that later. So the APIs that are available, there are three basic APIs. There is a demographic identification API, which unfortunately mistakenly called an authentication API, even though it's not. And what you do in this API is, if you're calling the API,
08:41
you submit an Aadhaar number and you submit a piece of demographic information. Like you say, this Aadhaar number and this name, do they match? And you get a yes or no answer. You do not get any information back. Or you can do this with a fingerprint authentication. You actually upload a scanned fingerprint and an Aadhaar number and say, do these things match? And you get a yes or no.
09:01
Or if you cannot take a fingerprint for whatever reason, you can ask for a password to be sent to the phone number that's been registered. And you get a six digit number, give the number and the Aadhaar number and say, do they match? And then you verify that somebody gave you the right one-time password and therefore you're authenticated into their account. All three of these APIs
09:21
do not give you any information from the database. Except there's another one called the electronic know your customer database, which is used for ID checks for institutions like banks where you do get the information back. But we'll get into that again later. Now, if you take just this minimalist API,
09:41
see very little data collection apart from biometrics, very little demographic collection and nothing is ever written back outside of the KYC API. So on the basis of this minimalism, the unique identification authority of India claims that it cannot be used for surveillance because it does not know anything.
10:02
This is a public claim that they repeatedly make except for one little detail. The Aadhaar number itself is now a universal foreign key because that's what you use to authenticate with Aadhaar into some other database. And who runs those databases?
10:23
As it turns out, it's the government again, most of them are run by the government. So if you have a government that is really interested in surveillance and a department of the government runs an ID program, which it claims cannot be used for surveillance, what should the government do when it really wants to use it for surveillance?
10:42
They make it mandatory for everything. And that gets you a situation where Aadhaar is officially voluntary, but in practice mandatory, which leads to the next meme in India, Aadhaar is voluntarily mandatory. So let's look at what it's mandatory for.
11:02
It is mandatory to collect any welfare benefit. It is mandatory if you want to pay tax or rather file your tax returns. I mean, nobody will ever dare say, we will not take your tax money. To file your tax return, you need Aadhaar. If you do not earn enough to file taxes
11:21
and you collect welfare, you need Aadhaar. So that's like everybody's covered. To get a birth certificate for a newborn baby, you need an Aadhaar for the baby. To get a death certificate for someone who's died, you need an Aadhaar number for the person who died. If you want to get married, well, both parties have to provide an Aadhaar number.
11:42
At this point, it's like, what's left? Who is it optional for? Now, the death certificate part is interesting. How do you verify the Aadhaar number of a dead person? You can't take their fingerprints. I mean, the dead can't consent.
12:01
Apart from the fact that your technology will stop working once the body gets cold. You can't send a one-time password to a dead person's mobile phone because that's indistinguishable from theft. My phone has been stolen and somebody declared me dead. I mean, is it acceptable? So they, in fact, do not have
12:20
any authentication for dead people. Someone's dead. You can't get a death certificate without providing an Aadhaar number. And well, they didn't sign up for Aadhaar in their lifetime, so what are you gonna do now? You just submit any random number. Sometimes you submit your own number. Sometimes the coroner submits their number.
12:41
And so now what you get here is your first instance of a database that is supposed to be bimetrically secure and authenticated, completely failing to do its purpose because this is a use case that was completely not considered. And this is not unusual. The APIs I just described require a license.
13:03
That license is almost impossible to get. So what do most people do? Well, they just take an Aadhaar number and put it in the database. They don't bother to check anything about it. So part of what happens here is in the implementation of Aadhaar, there is this recurring confusion
13:21
between three very different concepts, identification, authentication, and authorization. The fact that you can accept my ID and confirm it's legitimate is not the same thing as confirming that I'm the holder of the identification, and it's not the same thing as me saying I'm okay with you doing something in my name.
13:42
These are three different things. I'll give you an example of where this can go massively wrong. In 2017, the telecom regulator issued an order asking telecom companies to authenticate all of their customers to make sure that there were no SIM cards issued to people that they do not know
14:00
who they were issued to. So they forced an exercise across the country asking telecom operators to go find their customers and get them to authenticate with Aadhaar. Telecom companies have become so big in India that they're turning into banks. And so this happened with one of them. And after this exercise,
14:21
a lot of people started complaining that they were not receiving welfare benefits anymore. I mean, you authenticated your phone connection and your welfare stopped. What happened? So this turned into a bit of a scandal. And eventually we discovered what had happened. All of them had opened new bank accounts
14:41
that they did not know existed, and the welfare money was going to the new bank account. Okay? Here is how much the external fraud was, and this is just one telecom operator. The telecom operator had obtained a banking license and they were desperate for customers. So when you went to authenticate your phone connection,
15:00
they used that authentication as authorization to open a bank account and reroute your subsidy money. And you would not even have been aware of that. And so this scam essentially stole 1.9 billion rupees from 310,000 individuals for one telecom operator alone.
15:23
I think the number's wrong. It's not 310,000, it's 3.1 million, I'm sorry. I'm off by one zero. So how do you make a mistake, this fundamental in your design? And for this, you have to go back
15:41
to what the Attorney General said. You know, the same day that he said that it's protected by a 13-foot wall, he also went on to explain what the whole point of Aadhaar was. And as you can see, the assumption made in Aadhaar is that the individual is fraudulent unless they prove that they are not.
16:03
That is the fundamental design assumption of Aadhaar. So what it has essentially done is that it's very carefully replaced your rights as a citizen with privileges granted by the state for good behavior. And that should have been a violation of the constitution.
16:22
It takes people a while to realize that this is a very subtle change that they made, that you were entitled to welfare under the constitution of India. And it was the state's responsibility to give it to you if you deserved it. But what they did was flip it around and say, you have to be the person who proves your legitimacy
16:40
to receive what is actually due to be you. And then we have a term for this. They call it the self-cleaning database. This is a reference I found in a book the first time I found an explanation of how they thought about this. So essentially, for the state to hold up your rights
17:01
requires considerable resources on the part of the state. And if the state's running a budget deficit, well, they're not going to deliver on your rights as they're supposed to. And this is the fundamental problem of most developing economies, that you may have rights, but the state doesn't know how to give it to you because they're lacking the capacity. So what Aadhaar does to solve the problem is to say,
17:21
well, if the state can't do its thing, you must do it as a citizen. This is your duty as a citizen now to behave like a good citizen and show to the state that you are keeping your data clean. This is not a wayward reference. While this is an author in a book pointing this out,
17:41
in fact, this is how the state explains this in the Parliament of India. The Aadhaar system has a mechanism of self-cleaning the data during course of time. So what happens when you arm twist people like this? If you insist that to collect your subsidies,
18:02
to collect your rations, which is food, that your ration food, if you want to collect it, you must authenticate biometrically, and the technology does not work for whatever reason. Your fingerprints don't scan. There is no cell phone connection. Something else has gone wrong. What do you do? Well, it goes to bizarre extents.
18:20
This is a new story where a remote village in India did not have a good mobile connection, but somebody discovered that the top of the tree there was an internet connection. And so they put a fingerprint scanner on the tree, and now you climb up and put your finger there, and only then you're given food.
18:44
This is one example, but obviously there are lots of these. So what happens if we can't do this? This is a die. This is a compilation of reports of how many people have died because the technology failed.
19:09
These numbers have been growing. Fortunately, last year, the Supreme Court insisted that if the technology doesn't work, it is not the citizen's fault, and you must provide an alternative.
19:21
And I don't know what the current numbers are. I don't expect they're much better than this. It's probably as dismal as it is because the state really has no interest in upholding rights. So ironically enough, the database design has no feature for reporting a death.
19:40
The official FAQ says, somebody you're related to has died. How do you report it? And I say, well, we don't know how to record a death, so just ignore it. So what happens to dead people? We start off with this talk of how your soul, your atma is uploaded into the cloud. As it turns out, now you become a ghost in the system.
20:02
And you continue to exist as a fictional entity in a database because they do not know how to record that you have died. This URL has a list of possibilities and problems that arise out of the fact that they don't know how to record a death.
20:22
So why are they doing all these things? And the logical purpose, what is it supposed to do? It's supposed to fix a corruption problem in welfare distribution by ensuring subsidies are not mis-routed and delivered to someone who did not deserve a subsidy. So the way they do this, and this is a employee manual from 2014,
20:44
this is an extract. And the basic idea that is part of the training for government employees is that you must record an Aadhaar number for every person in your database. So if you've got like 100 million welfare recipients, you are required to collect 100 million Aadhaar numbers.
21:01
How do you do this? Well, one, you can go door to door and collect everybody's numbers. Or you can do what's called an inorganic seeding. And they use the term seeding to describe the act of collecting Aadhaar numbers. So they have what's called an organic seeding where the beneficiary comes to you and says, here's my Aadhaar number.
21:21
And then they have the inorganic seeding where you take it without their consent. It's in the manual. So they also claim this is foolproof because beneficiaries were claiming benefits in the names of others. Such persons will not be able to authenticate themselves.
21:43
After all, you're supposed to do a biometric authentication before you take their name in the database. But when you're doing it inorganically, you're not doing a biometric authentication. And so what happens there is they also point out that it is possible for the government employee to get it wrong. And they're just possibility of life.
22:05
So essentially, thumbs up to the state, thumbs down to the citizen, that's a design. And of course, bullying a person to comply is not the same thing as technology that actually works. And fraud exists as a violation of technology itself.
22:23
Here's a case where an Aadhaar number was issued to a god. And the letter was printed, it was dispatched, and the postman had to return it saying, I do not know where to deliver this.
22:41
So how does this happen? As it turns out, the hackers who built this who are so proud of their biometric deduplication completely forgot about document verification. And you can put a real person's fingerprints and upload a picture of a god or a dog or whatever else. There have been Aadhaar numbers issued to cows, to trees, to gods,
23:02
and nobody checks those documents. You can be anybody you feel like. You can also get around it by not submitting a biometrics because there are people who don't have fingers or who don't have eyes or whose eyes won't scan. And what do you do about them? So in your technical design, you offer a biometric exception.
23:23
All it requires is an enrollment agent who's willing to accept that you have an exception and must feed it in the system. How many cases of fraud have happened using the exception route? Nobody knows. Out of the 1.25 billion enrollments that they claim,
23:40
how many of these are fraudulent? Nobody knows because nobody checks these documents. You can get a document in the name of a god if you like. Now it gets even more bizarre. So this is from a news report. And this news report very conveniently published the Aadhaar number itself, which is a 12-digit number up on top. Aadhaar numbers are supposed to be confidential,
24:00
like they're like credit card numbers. If you have the number, you can claim to have given welfare to someone. So you do not publish your number in public. So this went out in the press and someone else built on this and got himself a gas connection with subsidies. So Lord Hanuman, the god, has an Aadhaar number
24:21
and also buys cooking gas from the state. So I could just go on and on with these stories, like any manner of fraud you want, it's in the system, it's been exploited. And the ultimate price obviously is if you can steal biometrics itself.
24:41
And that too has happened. So this is a case in the state of Uttar Pradesh where the police found a gang trading in stolen biometrics. There's a little bit of side story over there, where at the top they refer to them as a gang
25:02
and then below they become hackers. And this shift in usage is not innocent. They use gang to refer to low-intelligence thugs who are operating on the street and then they use the word hackers to refer to people doing a higher level act. In this case, this part became an extremely interesting story for us to investigate
25:22
because we discovered how bad the enrollment software itself was. When you enroll, the enrollment agent is required to first authenticate themselves and then accept an authentication on behalf of the individual who's trying to get enrolled. And the enrollment agent's ID is used to ensure there is a quality check.
25:40
So you know if there's fraud, you know who was the source of the fraud. It turns out that the enrollment client is built in Java and it's a bunch of JAR files. And the authentication module is a JAR file. If you do not want to authenticate, you replace the JAR file with something else that offers the same API but does not authenticate. And that's it, you enroll.
26:00
That's the quality of the software. So when you bring these issues up with the UIDA, this is what they do. They are the Ministry of denial. Every single time you report a story like this and say we have discovered a data breach, we have discovered a vulnerability, we have discovered something going on,
26:21
well, they say, well, the data that we have in our database is safe. It's your copy that's stolen. It's effectively this. The CIDR is the Central Identities Repository. And the CIDR remains safe and secure. Nobody has managed to break in. Nobody can use your ALAR number without authentication. Official response every single time
26:41
you report a problem like this. It's gotten so bad that the former boss of UIDA, there is a man named Ram Sivak Sharma, who's currently the chairman of the Telecom Regulatory Authority, issued a public challenge saying hack me. I guarantee you, you cannot.
27:01
Now this is incitement to a criminal act. It is also a violation of the law to publish your own ALAR number. But he's the boss. He does it. Nobody says anything to him. And it's a statement of his privilege more than anything else. So he went on to promise that he will not take action against anyone who hacks him.
27:22
But how the hell does a private citizen offer you immunity against a criminal act? So obviously nobody took him on. And he went on to declare victory and all we could do was make cartoons. Yes, we did. This literally was the only way
27:41
to respond to a provocation like that. So once again, you have to stop and ask, how is it possible for such utter incompetence to come out of a democracy? Democracy is supposed to have checks and balances that prevent this kind of thing from happening. How did this happen?
28:01
And one way to understand it is maybe ALAR was never about welfare at all. Maybe it was never about giving people identity. Maybe it was always about the state wanting to make it convenient to identify people. And once you look at the timeline of ALAR, where did this project come from? How did you create a project that goes on to enroll a billion people? I mean, it can't happen
28:20
just because people voluntarily came and said, I love it, I'm signing up. It had to be forced on them. What forced them to do it? So the larger timeline is just completely apart from where this came from. And it goes back to 1999. That was a year when India went to war with Pakistan over a conflict in a region called Kargil in the state of Jammu and Kashmir.
28:43
And what the government of India figured is some people from Pakistan came into India, passed off as Indian citizens and caused this to happen. And so you can't let this happen. You can't have non-Indians wandering around the streets of India. How are we going to stop them?
29:00
Well, so the government's solution was, well, we're just going to interrogate every single resident of this country and find out if they're Indian or not. So they called this project the National Population Register. It was meant to be a database of every single citizen of India. This is after the 1999 incident, not recently. And then they had a second project
29:20
called the National Registry of Citizens, where you take the NPR data and go back and interrogate everyone and say, are you Indian or not? With all 1.2 or 1.3 billion people. And then they lost elections. So 2004, they lose elections. The project basically doesn't move forward. And the new government appoints a technocrat
29:43
who gives it a new marketing spin saying, look, this is not about surveillance at all. This is about welfare. And we're going to make people's lives better. And he goes on to create a fairly fantastic media profile to the point where the economist does PR for him. You saw what goes wrong with Azhar,
30:01
everything that goes wrong. And this is the economist last week, essentially saying Africa should import this from India. It's economist. You can look it up. So you have one PR campaign running like this, how it's all for welfare.
30:21
And you have the government that sponsored this PR campaign who went on to lose elections again. And the party that originally created a surveillance database in 1999 is back in power now, since 2014. And they're back on the original agenda. And so this month, they passed what's called
30:40
the Citizenship Amendment Act, which provides a path to citizenship of India if you are from Pakistan, Bangladesh or Afghanistan and you're not a Muslim. That's the condition. The bill explicitly excludes Muslims from citizenship of India.
31:03
Now this is very clearly a violation of the Constitution of India. In fact, Article 14, which is the shirt I'm wearing here, this is my protest shirt, essentially says that the state shall not deny equality before the law or equal access to the law to anybody in the jurisdiction of India. It is not restricted to citizens.
31:21
It is applicable to all persons. And the act that has just been passed is a violation of the Constitution. Now, we have a majoritarian government. They can do what they please because there is literally no opposition to stop them, which leaves it up to the people. And as a result of this, there have been protests all over India
31:41
for the last month, sample of news reports. There have been millions of people on the streets of India walking around asking for protests. Most people have not figured out that this is actually based on Aadhaar, because Aadhaar is the marketing term for the project that is meant to surveil
32:00
and separate the people of India into citizens and non-citizens based on their religion. So this is where it ends. This is from a protest yesterday morning.
32:25
Thank you, Kiran. We have some time for questions, so please line up behind the microphones. And we also have signal angels who will pass on the questions from the internet, and we're going to take one right now.
32:41
Were there any data leaks when the guy posted his number on Twitter? Well, there have been multiple data leaks. I'll point you to a fairly interesting one. The chairman of the UIDA, Mr. Nandan Lekker, thought so little about data leaks that he published his alert number online many years ago. And after subsequently being told
33:01
that maybe this is not the best idea for you as a chairman of the entity to leak your own number, he finally deleted it. But the internet never forgets, and you can find this on Stack Overflow today. So you just go to Stack Overflow, search for Nandan Lekker, and he will find his Aadhaar number. Consequences of leaks, yes. In fact, the estimate of the total number of Aadhaar numbers that have leaked in public
33:21
is well past 200 million. Thank you. Microphone number two, please. Yeah, first of all, thanks for the talk. I think that civil registry and public databases or public service databases of citizens are definitely a topic that we should discuss here more.
33:44
The problem with this one is very, very obvious, but I'd like just to mention that many of the privileges that we as a community being grown up in a Western, let's say, stable democracy,
34:03
we derive from having a birth certificate and being able to get an identity even if it's just one in paper. And there is a question coming, right? Yeah, so I would just like to ask one thing. Why don't they use the paper that is being sent out
34:23
as sort of an identification thing like we have with our ID cards? For the simple reason that they really believe in this vision and they do not want people using paper cards. But also in terms of was this the first ID
34:42
because India doesn't have comprehensive birth registration. The UADA answered this question under the Right to Information Act, which is like the equivalent of the U.S. Freedom of Information Access. And in 2015, they explained how many times, how many enrollments happened against other documents
35:01
versus the person not having any documents at all. And the percentage level was 99.5% had at least two documents proving their ID. So this idea that it gave ID to people who do not have one is completely false as per their own admission.
35:21
Thank you. Microphone number one. Do you generally oppose the idea of a central identification number or just the implementation by a flailing state like India? That's a slightly loaded question, yes. So the state always makes a huge difference.
35:40
The quality of the institutions of a state make a huge difference. I was in fact having a discussion with someone here yesterday who pointed out that distrust in centralized ID seems to be a commonwealth phenomenon. The UK doesn't have one, the U.S. doesn't have one, but Germany seems to have one. And most civil law jurisdictions seem to be okay with the idea of centralized ID as long as it's well regulated.
36:02
So yes, so the nature of government makes a huge difference. And I would say I can't speak of the technology of whether it's been good or bad separate from whether the governance of it is good or bad. Thank you. Microphone number two. Hi, Kieran, thanks a lot for the talk.
36:22
If I'm not wrong, a few months ago, maybe a year ago, I read about this big democracy event going on in India. Now, there is a few countries that are considering using IDs for elections to avoid fraud and all those sort of things. And I come from a country that has been trying really hard to implement an ID system that is reliable
36:44
and helps combat fraud in elections. Do you think this ID system can be somehow reformed to make the whole democracy process easier in India? We have a case study of this, fortunately,
37:01
so I don't speak from theory. So in India, we had a state called Andhra Pradesh, which split into two separate states. So now they're called Andhra Pradesh and Telangana. And part of what happens when you split a state is that now we have separate elections for each state. And so you need to know who the voters of your state will now be in the new state. Previously, you had one voter database
37:20
for your entire state, now you have two separate voter databases, and you need to know which person is in which state. So for the process of separating the database, they went ahead and collected other numbers and ended up deleting a significant fraction of the voter database, because they couldn't prove that they were residents of the state. Asam.
37:40
Asam is a different story. So the Andhra Pradesh and Telangana story is particularly illustrative of how, if you think you can bring in a technological solution, you probably are going to make it worse. In fact, you're guaranteed going to make it worse. Thank you. Kiran Jonawagada. A round of applause to a great talk.