9 Questions to the Election Commission on Aadhaar-Voter ID Linking

How did the EC get 31+ crore voter IDs linked to Aadhaar? Was this really voluntary? And how safe is that data? Vakasha Sachdev The Election Commission has a lot of questions to answer. | (Photo: Harsh Sahani/The Quint) Opinion How did the EC get 31+ crore voter IDs linked to Aadhaar? Was this really voluntary? And how safe is that data?

Cameraperson: Shivkumar Maurya Video Editor: Mohd Irshad Alam

31 crores. 38 crores. 32 crores. These are the number of people who have ‘voluntarily’ linked their voter ID with Aadhaar, depending on whether you believe the UIDAI or Chief Election Commissioner OP Rawat (on 23 January 2018) or CEC OP Rawat (this time on 10 March 2018) respectively. 54.5 crores. This is the total number of linkings that CEC OP Rawat says “will be done as soon as we get a nod from the Supreme Court.”

Why is This Concerning?

Because the Election Commission claims to have got those 31/38/32 crore voter IDs linked to Aadhaar numbers in the space of a mere 3 months in 2015. Which not only raises questions about how voluntary this process was, but also the way in which this was done. After all, Aadhaar-related work was being carried out back then without any proper regulatory framework, and to a large extent by an army of private agencies and operators, 50,000 of whom have since been blacklisted.

Is the EC Still Linking Voter ID Cards to Aadhaar?

Thankfully, the process, part of an initiative called the National Electoral Roll Purification and Authentication Programme (NERPAP), was suspended because of the Supreme Court’s interim orders on Aadhaar in August 2015. However, from the CEC’s statement about 54.5 crore further linkings, it is clear that the EC hasn’t given up on the idea. Ever since the Aadhaar Act 2016 came into force, the EC has been trying to get the Supreme Court to allow them to resume the seeding of Aadhaar and voter ID cards on a voluntary basis.

However, in late 2017, the EC filed a revised application in the Supreme Court, asking for permission to make seeding mandatory (this only became public in March 2018).

The Questions That Need to be Asked

The apex court has thankfully not granted permission to do this just yet, but now that arguments in the main Aadhaar case are almost finished, the judges will soon need to consider this request. Whether the Court holds Aadhaar to be constitutional or not, the judges must ask serious questions to the Election Commission on the exercise thus far, from the standpoints of privacy and data protection. If the answers are unsatisfactory, not only will all the data previously collected need to be deleted, but stringent safeguards will need to be put in place to govern any such exercise in the future. On the basis of the information we have now, these nine questions would be a good place to start:

(1) What is the exact number of people whose voter IDs have been linked with their Aadhaar number? The fact that the UIDAI’s figure from 2017 is lower than those quoted by the CEC in 2018 is concerning, especially since the original figure provided by the CEC is much higher. In fact, reports from 2015 indicate that 34 crore linkings took place. This will be important to know in the event the Supreme Court’s final decision requires the EC to get rid of the data it has, to verify whether they actually carry out the instruction.

(2) On the basis of what authority did the EC start linking Aadhaar with voter IDs in 2015? Which rule or legislation gave them the authority to do so? Was it directed by the Union Government?

Since there was no Aadhaar Act at the time the exercise was carried out, it is important to know what allowed the EC to conduct the NERPAP with Aadhaar linkage.

Even if the process was truly voluntary, it is difficult to see how the EC decided the official elector’s photo identity cards (EPICs) issued by the EC could be linked with a scheme which didn’t have proper legislative sanction at the time.

(3) Did the EC utilise the services of any private companies/entities when conducting the linking? What were the exact functions of such private companies/entities and what measures were put in place to ensure such private companies/entities did not retain any data? The entire Aadhaar ecosystem prior to 2016 was dependent on the involvement of private players, whether for enrolment or special projects like this – Maharashtra for instance used the services of private company SAS to seed Aadhaar and voter information. There have been multiple instances of these private players retaining data and software relating to Aadhaar, who can sell this information to anyone regardless of legal restrictions.

From the EC’s August 2015 circular which suspended the NERPAP, it appears that Aadhaar data was being collected from agencies.

Election Commission’s Letter on NERPAP dated 13 August 2015

(4) What were the channels used to receive the Aadhaar data from electors? How exactly was the seeding process carried out? The NERPAP supposedly received Aadhaar numbers from electors, but we need to know how exactly this was done – email, text, paper documents, orally, etc. Even if private contractors were not used for receiving Aadhaar numbers from electors or seeding, the system may still not have been secure, especially if the Common Service Centre (CSC) infrastructure was used. Understanding how the information was collected is essential to understanding whether the data of those 31+ crore individuals was compromised during the linking process. According to the August 2015 circular, it was not just the EC, but also other officials connected with NERPAP, who were carrying out the seeding, hence the need to understand how this was carried out to assess any vulnerabilities.

Election Commission’s Letter on NERPAP dated 13 August 2015

(5) What are the security measures in place to protect the data collected by the EC?

Even if the data was collected in a safe manner, the database has been with the EC for almost three years now. As the recent hacking of Provident Fund data shows, there is a constant risk of hacking and this information needs to be properly protected. Since the Aadhaar Act 2016 wasn’t in force at the time, it is unclear what security was put in place to protect the data. Hopefully it wasn’t just a 13-foot high wall.

(6) Has the EC shared the data collected by them through the linking exercise with anyone, including individuals, corporate entities, or government departments? Do they envisage allowing anyone to access their data and under what circumstances would this be possible? As pointed out in more detail below, there are serious risks with sharing this kind of information.

Again, since the EC collected this information before the Aadhaar Act, there weren’t any effective restrictions (ie, with consequences) on sharing it (arguably there are none even after the passage of the Act), which means that all the information they have could have been accessed by other parties even without being hacked. The August 2015 circular mentions this letter from May 2015 as containing instructions on maintaining confidentiality, but there are no measures detailed in this.

(7) How was the Election Commission able to receive and link so many numbers within such a short period of time? Since the process was supposed to be voluntary, what documentary records of consent does the Election Commission have from the individuals whose records were linked? There is a significant risk that linking of Aadhaar to other information can be done without a person’s consent. A Hindustan Times investigation by Aman Sethi found that State Residential Data Hub (SRDH) internal documents showed that they had the capability to link Aadhaar with any personal document of a resident,without the individual’s consent.

The August 2015 circular indicates that data was being received from “state hubs”, which gives rise to concerns that the linking of voter IDs could also have been done in such a manner, which means the data and voting rights of crores of people could have been compromised without their knowledge.

(8) What steps were taken to ensure the Election Commission obtained informed consent to link Aadhaar and voter IDs? How many complaints about misinformation and coercion were received? A crucial aspect of the arguments before the Supreme Court on Aadhaar has been the fact that informed consent wasn’t taken from people with regard to linking Aadhaar to various things.

If people were not made aware of the exact consequences of linking (and not linking) their voter IDs to their Aadhaar numbers, including what happens at the polling booth if there is a mismatch, or what happens if their Aadhaar number is deactivated, getting their consent would not be enough given the possible consequences. In fact, the EC’s May 2015 letter itself notes they received complaints about confusion as to whether names would be struck off the electoral rolls for non-furnishing of Aadhaar, even though this was supposed to be a voluntary process.

Election Commission’s Letter on NERPAP dated 22 May 2015

(9) Since the Election Commission now wants to make Aadhaar seeding mandatory, do they intend to only allow people to vote after a successful authentication (biometric, OTP or virtual ID)? See the next section for dangers of making Aadhaar authentication mandatory for voting.

The Dangers of Linking Aadhaar to Voter IDs

Even if there were satisfactory answers to these questions, there are serious risks that can arise from this kind of linking. The experiences with SRDHs across the country shows how dangerous linking Aadhaar to multiple services can be, since it leads to collation of sensitive personal information that would otherwise have been kept separate.

The Andhra Pradesh government, for instance, used this data to compile a database which included the exact geographic location, caste, religion and more of millions of residents. This database was publicly available online till recently.

The potential for profiling voters using such an Aadhaar-seeded database is tremendous, even more so than normal thanks to what can be gleaned from Aadhaar authentication logs, which then allows for gerrymandering, intimidation and harassment. Seeding voter IDs with Aadhaar also opens up more possibilities of exclusion of legitimate voters. This could happen because: their Aadhaar is deactivated (for which there is very little effective relief – all you can do is apply to a UIDAI grievance redressal centre);

their Aadhaar details aren’t accessible because of a glitch in the system or a connection failure;

they fail to authenticate their Aadhaar (if biometric authentication is carried out) – after all, the UIDAI admitted in court that the failure rate for linking Aadhaar with government services is 12%.