Vicram Crishna, one of the two Indians to help develop software to enable Stephen Hawkins to ‘talk’through his wheelchair, J.T. D’Souza, biometrics expert, Troy Hunt, a web security professional and regional director for Microsoft in Australia, French cyber security researcher Baptiste Robert who tweets as Elliot Alderson and Anupam Saraph, a respected inventor and advisor on governance, informatics and strategic planning are also among those who have publicly expressed their concern about Aadhaar.

Alderson in fact has compared unfavourably Aadhaar’s approach to security as a ‘school level project’. Mozilla, the organisation behind the Firefox browser, has come out publicly in criticism of Aadhaar. And in case more critics are to be named, one can cite the names of legal scholar Shamnad Basheer, Linux consultant Anivar Arvind and Samir Kelekar, who has a PhD in computer networking and holds three patents related to mobile security.

It is an irony that while critics of Aadhaar seem to have impeccable technological credentials while the UIDAI chief, who has the gumption to call these critics Luddites, himself doesn’t seem to understand the difference between private information and secret keys despite repeated explanations.

For his benefit, let me repeat the explanation. When you use a key to control access or authorisation, that key must be secret and not merely private. Just like guessing where you were on Saturday night or knowing the name of the street your home is on should not allow people to create a bank account in your name, lifting fingerprints off your glass of water shouldn't allow them to create a bank account and launder money in your name either.

A secret key must be one that is known only to the person who is the rightful owner of that access. In the event of a breach, it must be readily revoked and replaced. It must be unique. Just like you don't use the same password for your Twitter and netbanking, you should not use the same fingerprints for your PDS and money transfers either.

This is not very difficult to understand. If Dr. Pandey is not able to understand it with so many explanations provided repeatedly over years, perhaps he should undertake correcting the deficiencies first before holding a technology related job.

Till date there hasn't been a shred of factual explanation for why the criticism of Aadhaar is incorrect, while there have been various face saving measures because the UIDAI has no answers for valid criticism. Like the farce of "Virtual ID" to protect privacy after Aadhaar data has already been proliferated with little caution. If he has any factual explanation to show how Aadhaar does not violate privacy, he should not have kept it a secret from the Supreme Court.

While he is at it, Dr. Pandey should also name one private corporation that would pay the kind of money Aadhaar has cost the country for the quality of work on display. One corporation that deals with sensitive identity information or access to financial transactions that would be willing to risk access being protected by something as flimsy, as unrevokable, easily leaked, private information.

When public funds are used to subvert public interest, criticism is inevitable. Calling critics names cannot stop it.

Sorry, sir. "Fikar not, all is well" does not quite answer the mounting criticism.