India Opening Up World's Largest Biometric Database For Commercial Applications, Despite Inadequate Privacy Protection

from the India-Stack-attack dept

Techdirt has been following India's construction of the world's largest biometric database, called Aadhaar, since July 2015. Concerns include the fact that what was billed as a voluntary system has been morphing into a compulsory one, and evidence that Aadhaar simply can't cope with real-life biometrics. Undeterred, the Indian government wants to expand the system even further by opening it up for use by companies, as the Wall Street Journal reports:

The Indian government has gathered digital-identification records, including fingerprint impressions and eye scans, of nearly all of its 1.2 billion citizens. Now a government-backed initiative known as "India Stack" aims to standardize ways to exchange the data digitally to facilitate the transfer of signatures and official documents that citizens need to get jobs, make financial transactions or access government services. By allowing developers to incorporate use of government identification records in their commercial websites and apps, the initiative envisions Indians -- with mobile phones in hand -- using iris and fingerprint scans to sign up for insurance, invest in mutual funds, receive health-care subsidies and verify their identity for school examinations.

In itself, there's nothing wrong with this approach. Indeed, it has many benefits, notably making it easier for people to deal with India's bureaucracy, and helping to fight corruption. But those advantages could be compromised if privacy is neglected. And here the Indian government is sending all the wrong signals:

Prime Minister Narendra Modi's government has delayed a new bill that would bring India's privacy laws more in line with those of major European nations. Meanwhile, the government has questioned a constitutional right to privacy in pleadings before the Indian Supreme Court.

Without adequate privacy protection, the system seems ripe for abuse, both by unscrupulous companies targeting hapless consumers, and by state organizations, which might use it as a powerful surveillance tool. If the Indian government wants to become a world leader in using biometric-based digital identity for its citizens, as the Wall Street Journal article suggests, it should make crafting effective privacy protection laws a priority.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: aadhaar, biometrics, india, privacy