Home > 2024 > India’s First Metadata case: Why Justice Sikri’s order on Aadhaar project (...)
Mainstream, VOL 62 No 15, April 13, 2024
India’s First Metadata case: Why Justice Sikri’s order on Aadhaar project and Aadhaar Act is unconstitutional – Part 4 | Gopal Krishna
Friday 12 April 2024, by
#socialtagsIf once people become inattentive to the public affairs, “you and I, Congress and Assemblies, judges and Governors shall become wolves.
— Thomas Jefferson, author of the Declaration of Independence and the third president of USA in a letter dated 16 January, 1787Â
Â
A total expenditure of ₹16336.45 crores has been incurred by by Unique Identification Authority of India (UIDAI), Union Ministry of Electronics and Information Technology (MEITY)’s Unique Identification (UID)/Aadhaar number database project during 2009-January 2024. Over 13 years have passed since the notification of Government of India dated January 28, 2009, which constituted the UIDAI to collate the data of Home Ministry’s National Population Register (NPR) project and (UID)/Aadhaar number database project being implemented. So far UIDAI has not disclosed total estimated budget of UID/Aadhaar Number Database project and the break-up of "other expenses".
Without estimated budget, all claims of savings by the Union government constitute fake news. The claims regarding savings from UID/Aadhaar Number database project have been misleading from the very outset. During Nandan Nilekani’s tenure at UIDAI, Yashwant Sinha headed the Parliamentary Standing Committee on Finance exposed it conclusively. Its 69th report on the ’Demands for Grants (2013/14)’ said: "A provision of Rs 2,620 crore has been allocated in the Budget Estimates or BE (2013/14) for the Unique Identification Authority of India (UIDAI) and a major part of the Budget provision for Rs 1,040 crore is earmarked for ’Enrolment, Authentication and Updation’, out of which an amount of Rs 1,000 crore has been earmarked under the head ’other charges’." The 7-judge Constitution Bench of Supreme Court is all set to undertake examination of the constitutionality of Aadhaar Act, 2016 in the backdrop of rampant fake news about savings from Aadhaar Number database project and non-disclosure of “other expenses†so far. Unless the total estimated budget of the project is revealed, all claims of benefits are suspect and untrustworthy. How can one know about total savings unless the total cost is disclosed? Can limited audit of continuing expenditure of UIDAI, an instrumentality of Union of India be deemed a substitute for total estimated budget of the biometric UID/Aadhaar number project of UIDAI? It has been admitted by the Comptroller and Auditor General (CAG) that its audit of functioning of the UIDAI is partial because of non-transparency.
The report of the CAG of India arising from performance audit of functioning of the UIDAI for the period from 2014-15 to 2018-19 is incomplete because it is based on statistical information “to the extent as furnished by UIDAI†up to March 2021. There is also a need to compare the audit of UIDAI’s functioning during 2009-2014 with the audit of 2014-2019. CAG is constrained to indicate that its audit of UIDAI is dependent on the limited statistical information on generation, update and authentication services of Aadhaar and financial information provided by UIDAI. It implies that the UIDAI’s audit of its functioning is not based on all the information demanded by CAG. It is noteworthy that the Ninth Audit Advisory Board of CAG comprises of Nandan Nilekani, Chairman of the Board, Infosys Technologies Ltd. Coincidentally, Rohini Nilekani, chairperson, Arghyam Foundation too has been a member of this Board in the past. It is yet to be ascertained whether the presence of Nilekani in CAG’s Board influenced the outcome of CAG’s audit given the fact that Nilekani, the co-founder of Infosys who was appointed as the first Chairman of UIDAI on July 2, 2009 by the Planning Commission of India while he was still serving Infosys as its CEO, President and Managing Director. His resignation from Infosys became effective from July 9, 2009.
It must be recalled that under Nilekani’s tenure UIDAI extended “undue favour†to Wipro Ltd. As a consequence UIDAI incurred an avoidable expenditure of Rs.4.92 crore on an annual maintenance contract, according to the report of the Comptroller and Auditor General (CAG) of India presented to the Parliament. UIDAI also incurred a loss of Rs.1.41 crore by not routing advertisements through the Directorate of Advertising and Visual Publicity. Unmindful of manifest conflict of interest UIDAI had entered into a contract with Wipro in May 2011 for supply, installation and commissioning of servers, storage systems, security systems and accessories with incidental services in the data centres of the authority in Bengaluru and Delhi/NCR at a cost of Rs.134.28 crore.
This is not the only case of irregularity and corruption by UIDAI. It awarded projects to several companies without issuing tenders. In a RTI reply UIDAI itself disclosed that total project contracts worth Rs.13,663.22 crore were awarded without any tenders of which an amount of Rs.6,563 crore has been already spent on issuing 90.3 crore Aadhaar till May 2015.
As of April 2024, UIDAI has incurred expenditure which includes undefined “other charges†pointed out by the Parliamentary Committee. Shouldn’t UIDAI provide the details of the expenses incurred under “other charges†? Notably, in 2009-10, UIDAI’s expenditure was Rs 26.21 crores, in 2010-11 it was Rs 268.41 crores, in 2011-12 it was Rs 1,187.50 crores, in 2012-13 it was Rs 1,338.72 crores, in 2013-14 it was Rs 1,544.44 crores, in 2014-15 it was Rs 1,615.34 crores, in 2015-16 it was Rs 1680.44 crores, in 2016-17 it was Rs 1132.84 crores, in 2017-18 it was Rs 1149.38 crores, in 2018-19 it was Rs 1181.86 crores, in 2019-20 it was Rs 856.13 crores, in 2020-21 it was Rs 893.27 crores, in 2021-22 it was Rs 1564.97 crores, in 2022-23, it was Rs 1634.44 crores and in 2023-January 2024 it was Rs 1119.07 crores. This expenditure included “other expenses†. It is apparent that CAG has not been furnished details by UIDAI regarding its “other charges†for audit.
The Parliamentary Committee on Finance has noted in its report as to why inflated targets were consistently being given by UIDAI. It observed, “the total budgetary allocations made for UIDAI since its inception up to BE 2013-14 is Rs 5440.30 crore, out of which Rs. 2820.30 crore has been utilized upto 31.03.2013 and the remaining amount of Rs. 2620 has been allocated in BE 2013-14. The Ministry has informed that the average cost per card is estimated to range from Rs 100 to Rs 157. Taking the average cost per card to be Rs. 130, the total expenditure for issuing 60 crore cards is estimated to be about Rs 7800 crore. Thus, the expected requirement of funds during 2013-14 is Rs. 4979.70 crores, whereas only Rs. 2620 crores have been kept for BE 2013-14, which is thus grossly inadequate.†It is apparent that there is more to it than meets the eye.
It is noteworthy that Aadhaar is the brand name of Unique Identification (UID) Number. The UID project was renamed the Aadhaar project after the UIDAI avowedly had a nationwide competition to find a logo and a brand name. Curiously, Aadhaar name echoes the name of Bangalore based Adhar Trust that Nilekani and Rohini Nilekani set up to fund their initiatives into a government function.
It is germane to recollect that the notification of January 28, 2009 that set up UIDAI, provides the terms of reference (TOR) for its work. There is no reference to the collation of the UID number database with the electoral database in the TOR. But the TOR does refer to “collation and correlation with UID and its partner databases.†If this reference to ‘partner database’ included the electoral database, the UID/ Aadhaar enrolment form never revealed it and took Indians and Indian residents for a ride. CAG would have audited these aspects had full details been furnished to it by UIDAI.
It may also recalled that one of the earliest documents that refer UIDAI is a 14-page long document titled ‘Strategic Vision: Unique Identification of Residents’ prepared by Wipro Ltd for the Planning Commission envisaged the close linkage that the UIDAI’s Aadhaar would have with the electoral database. The use of the electoral database mentioned in Wipro’s document remains on the agenda of the proponents of Aadhaar. Unmindful of conflict of interest Wipro remains a beneficiary of contracts awarded by UIDAI.
Like the CAG’s audit report of 2016, the CAG’s audit report released in April 2022 too makes a specific reference to WIPRO Ltd. There is a reference to Agreement with Data Centre Development Agency (DCDA), Bengaluru and Agreement with DCDA, Manesar with Wipro Ltd. CAG has remarked that “The file related to AMC part was only provided for scrutiny. The file related to selection process of the vendor was not made available. Since the contract involved technical issues, the same was out of the scope of the Audit for scrutiny.†Had UIDAI provided the required files related to “selection process of the vendor†, the audit report would have ensured that sunlight is indeed the best disinfectant.
Significantly, J. Satyanarayana has been the member of the Task Force for preparation of the Policy Document on Identity and Access Management under National e-Governance Programme (NeGP) submitted its report in 2006 before becoming the chairman of UIDAI. Coincidentally, the Processes Committee of the Planning Commission set up in July 2006 was assigned the task of preparing “Strategic Vision: Unique Identification of Residents†to Wipro Ltd during the same period. This report talked about “Citizen Identities†and “Owner of identities†. This April 2007 report reveals that “National UID Project: This project has been initiated, with Voter ID Numbers and BPL households in the first instance.†It emerges from the report that long before the arrival of Nilekani in July 2009 as Chairman of UIDAI, the UID/Aadhaar project was already unfolding. But this aspect has not been audited by CAG as yet. The report of the Task Force also discloses that each registered judicial court has a unique identification (UID) number at Subordinate Courts, High Court and Supreme Court. This effort seems to be part of profiling and surveillance of judicial institutions. The path being traversed by National Judicial Data Grid (NJDG), a database of orders, judgments and case details of 18,735 computerised District and Subordinate Courts that has created as an online platform under the eCourts Project has reached the stage of launch of the Interoperable Criminal Justice System (ICJS) to integrate and make data interoperable between different institutions such as police, prisons and courts involved in the criminal justice system. This seems pave the path of extinction of separation of powers envisaged in The Spirit of the Laws (1748) by Montesquieu. UIDAI’s UID/Aadhaar identifier project is not a scheme in isolation.
These UID/Aadhaar linked initiatives are part of 360° surveillance initiative to record every aspect of Indians based on convergence of every imaginable database in furtherance of World Bank’s eTranform Initiative launched in partnership with France and South Korea as well as six MNCs Gemalto, IBM, L-1 Identity Solutions, Microsoft and Pfizer. In his role as Secretary, Department of Electronics and Information Technology (DEITY), Satyanarayana informed the Parliamentary Standing Committee on Information Technology that he had no problem if intelligence agencies continue to collect the meta data of Indians in the wake of disclosures by Edward Snowden. Notably, the UID project which began in the DEITY and returned to DEITY which has been renamed as Ministry of Electronics and Information Technology (MEITY) after spending its formative years in the erstwhile Planning Commission of India. Given the fact that Criminal Procedure (Identification) Act 2022 has been enacted after the enactment of Aadhaar Act 2016 and the enactment of The DNA Technology (Use and Application) Regulation Bill, 2019 is imminent, it is apparent that UID, NPR, NJDG and ICJS are part of one and the same surveillance architecture, which is essentially a project of Ministry of Home Affairs (MHA). MHA and MEITY’s UIDAI are oblivious of the fact that metadata has the ability to redefine human existence in ways which are yet fully to be perceived. Mining of meta data results in the creation of new knowledge about individuals; something which even she/he did not possess.
The Court of Justice of European Court (CJEU) has struck down the provision allowing collection of such metadata on grounds of lack of purpose limitation, data differentiation, data protection, prior review by a court or administrative authority and consent, amongst other grounds. It observed, “Given the quantity of retained data, the sensitivity of that data and the risk of unlawful access to it, the providers of electronic communications services must, in order to ensure the full integrity and confidentiality of that data, guarantee a particularly high level of protection and security by means of appropriate technical and organisational measures. In particular, the national legislation must make provision for the data to be retained within the European Union and for the irreversible destruction of the data at the end of the data retention period†in Tele2 Sverige AB v. Post-och telestyrelsen and Secretary of State for the Home Department v. Tom Watson, Peter Brice, Geoffrey Lewis (2016).
In Maximillian Schrems v. Data Protection Commissioner (2016) the CJEU struck down the transatlantic US-EU Safe Harbor agreement that enabled companies to transfer data from Europe to the United States on the ground that there was not an adequate level of safeguard to protect the data. It held that the U.S. authorities could access the data beyond what was strictly necessary and proportionate to the protection of national security. The subject had no administrative or judicial means of accessing, rectifying or erasing their data.
Drawing on these cases, Supreme Court of India in Writ Petition (Civil) 494 of 2012 observed that data collection, usage and storage including biometric data requires adherence to the principles of consent, purpose and storage limitation, data differentiation, data exception, data minimization, substantive and procedural fairness and safeguards, transparency, data protection and security. CAG’s audit unequivocally reveals that UIDAI has failed to adhere to the principles of consent, purpose and storage limitation, data differentiation, data exception, data minimization, substantive and procedural fairness and safeguards, transparency, data protection and security. CAG’s audit ought to have factored in the fact that “metadata is not defined in the Aadhaar Act ’’ given the fact that technical, business, and process metadata remains unaddressed. As a consequence, it is not limited to only process meta data like “authentication record†referred to Section 2(d) of the Aadhaar Act which means the record of the time of authentication, identity of requesting entity and the response provided by the UIDAI.
CAG’s audit ought to have examined the all the possible uses of information contained in Central Identities Data Repository (CIDR) of 12-digit biometric Unique Identification (UID)/Aadhaar numbers and their consequences with specific reference to illegitimate access to technical metadata, business meta data and process meta data. It is possible that UIDAI’s non-cooperation acted as an impediment in auditing these aspects.
The Executive Summary of CAG’s audit report begins by talking about “Identification of the right individuals†for “welfare schemes†. Immediately after that it starts talking about how “Citizens were required to furnish multiple documents....to various Government as well as private agencies.†It refers to the inconvenience of “those who did not have any of these identity documents.†It states that in order to “overcome the challenge, the Union Government decided to introduce a unique identity (UID) for the residents of India†in 2009. Contrary to the claims of the promoters of biometric UID/Aadhaar like Nandan Nilekani that “Millions of people without any ID, now have an ID†, the fact is that of all the Aadhaar numbers issued to Indian residents till date – 99.97 per cent had pre-existing identification (ID) documents. This has been revealed in a reply to an application of Ujjainee Sharma and Trishna Senapaty under Right to Information Act by UIDAI. This proves that ‘an inability to prove identity†has not a major barrier to access benefits and subsidies.
During a meeting at the World Bank on digital identity, where more than a dozen companies were represented, it was underlined that the Bank has a central role in the promotion of internalisation of digital-biometric identification by developing countries such as India and Pakistan. UIDAI’s ex-Chairman Nilekani gave a lecture on Societal Platforms: Building beyond Aadhaar for Sustainable Development held on October 13, 2017, with Paul Romer, Chief Economist and Senior Vice President, World Bank, as one of the panellists. The event was organised by Washington-based Center for Global Development (CGD) in partnership with the World Bank Group, Bill and Melinda Gates Foundation and Omidyar Network. It is noteworthy that Microsoft is a partner in Bank’s eTransform Initiative.
In November 2009, Tariq Malik was awarded the ID Outstanding Achievement Award at the Global Summit on Automatic Identification in Milan. He received one of the highest awards in IT, Sitara-e-Imtiaz (Star of Excellence), from the President of Pakistan in 2013 for innovative, citizen-centric ICT application and services rendered for Pakistan. Nilekani was given the ID Limelight Award at the ID World International Congress, 2010, in Milan, Italy, on November 16. Malik used to head the National Database and Registration Authority (NADRA) in Pakistan. Nilekani used to be head of the UIDAI. In another apparent coincidence, both Malik and Nilekani spoke at the meetings of CGD in April 2013 and July 2014, respectively.
It is noteworthy that Safran Morpho (of the Safran Group) was a key sponsor of the ID Congress. Its subsidiary called Sagem Morpho Security was awarded a contract for the purchase of biometric authentication devices on February 2, 2011, by the UIDAI.
In his lecture titled Technology in the Service of Development: The NADRA Story, Malik said, "By 2008, we improved the data architecture to include the full set of 10 fingerprints and a digital photograph. This technology was powerful enough to enable full deduplication of the national database and greatly reduced the prevalence of dual identities and identity theft. We asked the people to register and framed this in terms of a strategic partnership with the state, which in turn would recognise them as citizens. Registration was still technically voluntary, but people could not open a bank account without an ID card or obtain a passport or enter into any transaction with the state. An ID card was also needed to obtain a gas or electricity connection and to pay utility bills. These requirements made it very difficult to function without enrolling and caused people to register.†At the same time, we developed a system to scrutinise candidates contesting the election that would connect the databases of NADRA, the Federal Bureau of Revenue (FBR), the National Accountability Bureau (NAB) and the State Bank of Pakistan." According to him, "Security versus privacy is a very hotly debated issue these days. From Pakistan’s perspective, extraordinary security circumstances demand extraordinary steps to revamp governance. The state is eroding very fast, and it has to restore its writ to avoid collapse at the hand of outlawed and terrorist groups. At the same time, it is my strong belief that privacy of citizen data must be guaranteed in a fragile state like Pakistan. It is sad that Pakistan does not yet have an official data privacy law."
It is clear from his lecture that the biometric identification project called NADRA is a convergence project. It has put all the people of Pakistan under surveillance by admittedly making registration under NADRA "technically voluntary" but structuring its implementation in a way that has coerced Pakistanis to register with NADRA to get social benefits, services and subsidies by converging pre-existing databases.
In his lecture titled Can Technology Leapfrog Development? The Aadhaar story, Nilekani said, "A lot of people ask about privacy and security and all that. Fundamentally, this is just an ID system, it gives you an ID and verifies that ID. So the UID database does not collect all kinds of data about you - (it only collects) very basic information about you (name, address, DoB, sex and biometrics) and provides verification services with a yes or a no.â€
"Similarly, from a security perspective, also a lot of work has happened to make it secure. We came to the conclusion that if we take sufficient biometric data of an individual, that person’s biometrics will be unique across a billion people. Now we have to find that out - we haven’t done it yet - so we’ll discover it as we go along. And our belief now is that accuracy across the entire billion people is 99.99 per cent in terms of not having duplicates," he added.
He observed, "The purpose of this project is twofold. One, to give millions of people IDs, which they can have to get access to entitlements and services, and second, to improve the quality of expenditure by the government on various public programmes," added Nilekani. Prophetically, he disclosed, "You can use it for train tickets or mobile connections. We expect that in the next few years, this will be used as the basic KYC (know your customer) for all kinds of services. For voting, bank accounts, mobile connections. It is using tech to reach out, and reach out to a large number of people." Besides this address, Nilekani had delivered another lecture at the World Bank headquarters on April 24, 2013, in the presence of World Bank President Jim Yong Kim and Chief Economist Kaushik Basu.
It emerges that India’s UID project is an imitation of Pakistan’s project. Biometric UID/Aadhaar is a convergence project that has put all the residents of India under surveillance using social benefits, services and subsidy as a fish bait while keeping it "technically voluntary" but has coerced Indian residents to register for the Central Identities Data Repository (CIDR) of UID/Aadhaar numbers structurally. As in Pakistan, India, too, is implementing this biometric identification project without having a right to privacy law in place. Both countries display a similar lackadaisical approach towards peoples’ privacy. India is imitating Pakistan about the erosion of authority, which is being hollowed out by transnational commercial tsars and by compromising national security by showing unpardonable callousness towards the privacy of present and future generation of legislators, soldiers and heads of governments and the State.
Coincidentally, both Malik and Nilekani were speakers at the National Identification Conference, an international conference organised by Harvard FXB Center for Health and Human Rights in collaboration with other Harvard schools from November 19 to November 21 in 2015. Ajay Bhushan Pandey, as Director General of UIDAI was also a speaker at that conference.
In an interview, Julian Assange, founder of WikiLeaks, informed Imran Khan about the grave act of omission and commission. Assange said, "we discovered a cable in 2009 from the Islamabad Embassy. Prime Minister Gilani and Interior Minister Malik went into the [US] embassy and offered to share NADRA. The system is currently connected through passport data, but the government of Pakistan is adding voice and facial recognition capability and has installed a pilot biometric system as the Chennai border crossing, where 30,000 to 35,000 people cross each day. The NADRA system is the voting record system for all voters in Pakistan. A front company was also set up in the UK called International Identity Services, which was hired as the consultants for NADRA to squirrel out the NADRA data for all of Pakistan. What do you think about that? It seems to me that that is a theft of some national treasure of Pakistan, the entire Pakistani database registry of its people." When Imran Khan became the Prime Minister of Pakistan he refused to get himself biometrically profiled. It is not clear as to what extent he made use of the insights from Wikileaks during his brief tenure in the matter of NADRA.
Whenever Nilekani or other proponents of UID/Aadhaar speak, they simply articulate whatever has been voiced by the head of Pakistan’s NADRA. Every word spoken and every step taken by the UIDAI are an exercise in imitation of Pakistan’s initiative.
Biometric unique identification (UID) initiative has its roots in Washington. At the outset, inspired by the Peruvian economist Hernando de Soto Polar’s 2000 book The Mystery of Capital: Why Capitalism Triumphs in the West and Fails Everywhere Else, Nilekani began arguing that a national ID system would be a big step for land markets to facilitate the right to property and undo the 1978 abolition of the same, which will bring down poverty! But he never explained the rationale of this unique proposition. In the post-Capitalist and the post-Socialist era, such assumptions of triumph have been found to be deeply flawed. In fact, even the title of the book sounds weird in the post-financial crisis era. Nilekani published these arguments in his book. The 76-year-old de Soto, known for his work on informal sector ’extralegal economies’, is the Honorary Chair of Washington-based World Justice Project, an initiative of the American Bar Association (ABA) that is working to advance the rule of law around the world. He has worked with the World Bank and appears to be an advocate of property rights-based democracy.
In a 2012 article, de Soto concluded, "We need increased truth-telling: increased recognition of what exists and who owns it." Such propensity creates a compelling argument against centralised databases, which will be hard to defend in the face of big data predators. He fails to acknowledge that radical changes for the betterment of humanity happen outside the realm of legal rights framed by existing institutional mechanisms, which is being captured by commercial tsars. It is evident that the World Bank is lending support to projects, which make even the right to have natural rights conditional on being biometrically profiled to secure beneficial owners of all ilk from future battles.
It may be recalled that after Nilekani took charge as the Chairman of the UIDAI on July 23, 2009. Robert B. Zoellick, the then World Bank chief, met him on December 4, 2009. What transpired at these meetings is not in the public domain. The World Bank’s e-Transform Initiative (ETI) formally launched on April 23, 2010, in Washington for converging private sector, citizen sector and public sector, and the Interpol’s e-identity database project appears to be linked to UID related initiatives of North Atlantic Treaty Organisation (NATO), a controversial military alliance whose role is at the centre of Russia-Ukraine war. The UID related initiatives and the announcement of Finance Minister Pranab Mukherjee’s for voluntarily seeking the full-fledged Financial Sector Assessment Programme by the International Monetary Fund and the World Bank in January 2011 appear to be linked. The e-identity of the Bank and UID/Aadhaar-related projects are part of the same Washington-based initiative. It is high time CAG is given the mandate of auditing the projects of World Bank Group and other international financial institutions to bring them under legislative oversight.
The World Bank’s ETI seeks to leverage ICT to build a knowledge-sharing network that helps governments of developing nations to leverage best practices and improve the delivery of social and economic services. The knowledge-sharing network will focus on areas such as electronic Identification (eID), e-procurement, e-health and e-education, areas vital to promoting the participation of citizens in democratic processes such as voting, and helping undocumented citizens get access to health and welfare programmes. The World Bank reported it was funding 14 projects related to e-government and e-ID around the world. Are citizens supposed to believe that the World Bank Group is working to ensure that India’s national interest and its citizens’ rights are protected?
"The speed and precision with which developing countries administer services are dependent upon many factors, not the least of which is the ability to verify the identities of those receiving services," said Mohsen Khalil, Director of the World Bank’s Global ICT Department, in a statement at the launch of the ETI.
A careful examination of UIDAI documents reveals that this scheme is linked to the electoral database too. A confidential document of UIDAI titled ‘Creating a unique identity number for every resident in India’, leaked by Wikileaks on November 13, 2009 reads: “One way to ensure that the unique identification (UID) number is used by all government and private agencies is by inserting it into the birth certificate of the infant. Since the birth certificate is the original identity document, it is likely that this number will then persist as the key identifier through the individual’s various life events, such as joining school, immunizations, voting etc.†CAG’s audit report should have paid attention to these aspects as well.
Under Article 151 of the Constitution of India, the CAG is supposed to submit the accounts of the Union of India to the President of India, who gets it laid before each House of Parliament. UIDAI has signed contracts in the name President of India, wherein the latter has been taken for a ride by foreign firms who have managed to take possession of all present and future Indians including present and future Presidents and his subordinates.
The Executive Summary of CAG’s audit report begins by talking about “Identification of the right individuals†for “welfare schemes†. Immediately after that it starts talking about how “Citizens were required to furnish multiple documents....to various Government as well as private agencies.†It refers to the inconvenience of “those who did not have any of these identity documents.†It states that in order to “overcome the challenge, the Union Government decided to introduce a unique identity (UID) for the residents of India†in 2009. In the very first paragraph, the audit report commits the error of words like “individuals†, “citizens†and “residents†interchageably as if they are synonyms of each other. In the second paragraph it informs that “Aadhaar is now established as an important identity document for residents†and UIDAI has generated more than 129 Crore Aadhaars till March 2021. It states that Aadhaar is the brand name of a 12-digit unique number which is issued to “residents†of India.
The report states that “Various Ministries/Departments of the Government as well as other entities such as banks, mobile operators, rely upon Aadhaar for identity of the applicant.†This observation is deeply problematic because Aadhaar Act does not refer to “other entities such as banks, mobile operators†in the aftermath of the enactment of Aadhaar and Other Laws (Amendment) Act, 2019 that replaced the Aadhaar and Other Laws (Amendment) Ordinance, 2019 which was promulgated in March 2019 to delete Section 57 of the Aadhaar Act relating to use of Aadhaar by private entities. This was done as per the directions of the 5-Judge Constitution Bench of the Supreme Court and recommendations of Justice B.N.Srikrishna(Retd) Committee. On 26 September 2018, the Court ruled that Section 57 of the Aadhaar Act is unconstitutional. CAG’s audit report fails to pay attention to it while stating that the Supreme Court upheld the constitutional validity of the Aadhaar (Targeted delivery of Financial and Other Subsidies and Benefits) Act 2016.
It specifies that Aadhaar number is meant only for those “residents†who have resided at least 182 days in India immediately preceding the date of application for enrolment for Aadhaar number as Section 2 (v) of the Aadhaar Act, 2016. The report records that “In September 2019, this condition was relaxed for non-resident Indians holding valid Indian Passport. However, UIDAI has not prescribed any specific proof/ document or process for confirming whether an applicant has resided in India for the specified period and takes confirmation of the residential status through a casual self-declaration from the applicant. There was no system in place to check the affirmations of the applicant. As such, there is no assurance that all the Aadhaar holders in the country are ‘Residents’ as defined in the Aadhaar Act.†It has detected that “There were instances of issue of Aadhaars with the same biometric data to different residents indicating flaws in the de-duplication process and issue of Aadhaars on faulty biometrics and documents.â€
The report asserts that “Issue of Aadhaar numbers to minor children below the age of five, based on the biometrics of their parents, without confirming uniqueness of biometric identity goes against the basic tenet of the Aadhaar Act†unmindful of the fact that “Supreme Court has stated that no benefit will be denied to any child for want of Aadhaar.†It brings to light the fact that UIDAI continues to incur avoidable expenditure on the issue of Bal Aadhaars.
Unmindful of legal complications or inconvenience to holders of Aadhaar issued prior to 2016, UIDAI has failed to identify and fill the missing documents in their database.
The report points out that “the quality of data captured to issue initial Aadhaar was not good enough to establish uniqueness of identity.†It reveals that UIDAI is “not in a position to identify reasons for biometric failures and residents were not at fault for capture of poor quality of biometrics.†It also reveals that UIDAI does “not have a system to analyze the factors leading to authentication errors.â€
UIDAI has failed to “carry out verification of the infrastructure and technical support of Requesting Entities and Authentication Service Agencies before their appointment in the Authentication Ecosystem.â€
UIDAI has failed to adopt a “data archiving policy, which is considered to be a vital storage management best practice†while maintaining one of the largest biometric databases in the world.
In violation of the Supreme Court’s verdict and in violation of Aadhaar Act 2016 (as amended in 2019), UIDAI is providing “Authentication services to banks, mobile operators and other agencies†. In the aftermath of the deletion of Section 57 which provided for “the use of Aadhaar number for establishing the identity of an individual for any purpose, whether by the State or any body corporate or person, to any law, for the time being in force, or any contract to this effect†.
The deletion of this provision is in compliance with the Court’s judgment. In the majority judgment, it is stated that apart from authorising the State, even ‘any body corporate or person’ is authorised to avail authentication services. This can be on the basis of purported agreement between an individual and such a body corporate or person. Even if we presume that the legislature did not intend so, the impact of the aforesaid features would be to enable commercial exploitation of individual biometric and demographic information by the private entities.
The part of Section 57 that allowed for people to voluntarily provide their Aadhaar number to body corporates and individuals, especially on the basis of a contract between the person providing the Aadhaar number and the person acquiring/ authenticating the Aadhaar number, has been held to be unconstitutional by the Supreme Court. But the amendment to Section 4 of the Aadhaar Act that deals with ‘Properties of Aadhaar number†re-introduces clauses that have already been ruled to be unconstitutional.
UIDAI has failed to levy penalties on Biometric Service Providers for deficiencies in their performance in respect of biometric de-duplication and biometric authentication. CAG recommends that “Agreements in this regard should be modified, if required†. This also creates a logical compulsion for States to unsign their MoUs with UIDAI.
The audit of the functioning of UIDAI reveals that UID/Aadhaar has put the privacy of present and future residents, Prime Ministers, Chief Ministers, judges, legislators, soldiers, civil servants and intelligence officials and their families at risk. It shows how contracts awarded by UIDAI favour private entities.
It is noteworthy that a case pertaining to such questionable contracts has been pending in Delhi High Court since 2014. It seems the beneficiaries of the contract have overwhelmed the public institutions through electoral bonds.
The audit report concludes that "There were flaws in the management of various contracts entered into by UIDAI. The decision to waive off penalties for biometric solution providers was not in the interest of the Authority giving undue advantage to the solution providers, sending out an incorrect message of acceptance of poor quality of biometrics captured by them."
The report reveals that "UIDAI had not ensured that the client applications used by its authentication ecosystem partners were not capable of storing the personal information of the residents, which put the privacy of residents at risk. The Authority had not ensured security and safety of data in Aadhaar vaults. They had not independently conducted any verification of compliance to the process involved."
CAG has detected that although the "Aadhaar Act stipulates that an individual should reside in India for a period of 182 days or more in the twelve months immediately preceding the date of application for being eligible to obtain an Aadhaar. In September 2019, this condition was relaxed for non-resident Indians, holding valid Indian Passport. However, UIDAI has not prescribed any specific proof/ document or process for confirming whether an applicant has resided in India for the specified period and takes confirmation of the residential status through a casual self-declaration from the applicant. There was no system in place to check the affirmations of the applicant. As such, there is no assurance that all the Aadhaar holders in the country are ‘Residents’ as defined in the Aadhaar Act."
But CAG is yet to audit contracts by UIDAI that enabled transfer of Central Identities Data Repository (CIDR) containing all Aadhaar numbers along with corresponding demographic information and biometric information of Indian residents to foreign and domestic firms, recommend deletion and fix accountability for such a grave act that compromises national security.
Notably, Banks and Telecom operators are not mentioned in the Aadhaar Act. All advertisements, SMSs and demands for Aadhaar number are illegitimate and illegal. Supreme Court has declared Section 57 of Aadhaar Act as "Unconstitutional", outlawing Aadhaar "use for other purposes".
The Public Accounts Committee ought to seek a complete report on UIDAI by CAG. It must ensure that the audit is not constrained by miserly sharing of details by UIDAI. CAG’s audit has vindicated the position which Citizens Forum for Civil Liberties (CFCL) has been articulating since 2010. CFCL has been demanding UIDAI’s audit for a long time. The audit report records that "statistical information on generation, update and authentication services of Aadhaar and financial information referred to in the Report have been updated upto March 2021, to the extent as furnished by UIDAI." It indicates that UIDAI has not furnished all the statistical information on generation, update and authentication services of Aadhaar and financial information in its entirety. Parliamentary Standing Committee on Finance and Public Account Committee ought to seek all the information that has been withheld from CAG by UIDAI.
CAG’s audit report on the functioning of UIDAI is akin to the report of London School of Economics on UK’s National ID project, which was endorsed by the Parliamentary Standing Committee on Finance in its 42nd Report because biometric ID technology is unreliable and unsafe technology and poses risk to the safety and security of citizens. The LSE report created a logical compulsion for abandonment of their ID project, the former creates a compulsion for the dismantling of UIDAI and scrapping of the UID/Aadhaar project.
Current Status of UID/Aadhaar Number
In the light of the verdict of 9-Judge Constitution Bench ofSupreme Court dated 24 August 2017 in Justice K.S.Puttaswamy (retd) v. Union Of India, the verdict on Aadhaar Act by 5-Judge Constitution Bench of Court dated 26 September 2018 in Justice K.S.Puttaswamy (retd.) v., Union Of India, Section 25 of Aadhaar and Other Laws (Amendment) Act, 2019 and the verdict of 5-Judge Constitution Bench of Court dated 13 November, 2019 in Roger Mathew v. South India Bank Ltd, there is a compelling constitutional and legal logic for the State and its instrumentalities contest any demand for UID/Aadhaar number. States have the option to unsign the MoUs they signed with UIDAI citing these new developments and the audit report of the CAG.
While verdict of the 5-Judge Constitution Bench of Supreme Court on Union Ministry of Electronics and Information Technology (MEITY)’s Unique Identification (UID)/Aadhaar number database project being implemented by Unique Identification Authority of India (UIDAI), Aadhaar Act 2016 and indiscriminate metadata collection of Indian residents is 1448 pages long, the portion which is authored by Justice Arjan Kumar Singh is only 567 pages long. This part of the order has been written by him but it has been signed by 45th Chief Justice of India Dipak Misra and Justice Ajay Manikrao Khanwilkar. In a separate order, Justice Ashok Bhushan too has expressed agreement with it. The dissenting order of Justice Dr. D.Y. Chandrachud of this 5-Judge Constitution Bench assumes greater significance because it is he who authored the leading order of the 9-Judge Constitution Bench on right to privacy in this very case which had the concurrence of all the judges including Justice J Chelameswar, Justice R F Nariman, Justice Sanjay Kishan Kaul and Justice S.A. Bobde. A harmonious construction of the verdict of Justice Chandrachud as part of 9-Judge Bench and his dissenting order as part of 5-Judge Bench shows a crystal clear picture of Justice Sikri’s order. It is evident that latter’s order is inconsistent with the order of 9-Judge Constitution Bench. Justice Sikri’s order itself is inconsistent with his own observations. It has evaded even those facts, sequence of events and scientific evidence which are on record.
Referring to UID/Aadhaar number database project, Justice Sikri observes: “Its use is spreading like wildfire, which is the result of robust and aggressive campaigning done by the Government, governmental agencies and other such bodies….The Government boasts of multiple benefits of Aadhaar.†It may be recalled that first Chairman of UIDAI used to refer to “robust and aggressive campaigning†as marketing saying success or failure of UID/Aadhaar depends on its marketing or campaigning. The judge in question recognizes that this project is a result of marketing. He carefully uses the word “boasts†with regard to government’s claims about its “multiple benefits†.
The opening statement of the Justice Sikri authored order reads: “It is better to be unique than the best. Because, being the best makes you the number one, but being unique makes you the only one. Unique makes you the only one’ is the central message of Aadhaar, which is on the altar facing constitutional challenge in these petitions.†This opening statement of the order is questionable from scientific point of view. A report “Biometric Recognition: Challenges and Opportunities†of the National Research Council, USA published on 24 September 2010 concluded that the current state of biometrics is ‘inherently fallible’. That is also one of the findings of a five-year study. This study was jointly commissioned by the CIA, the US Department of Homeland Security and the Defence Advanced Research Projects Agency. Another study titled “Experimental Evidence of a Template Aging Effect in Iris Biometrics†supported by the Central Intelligence Agency (CIA), the Biometrics Task Force and the Technical Support Working Group through Army contract has demolished the widely accepted fact that iris biometric systems are not subject to a template aging effect. The study provides evidence of a template aging effect. The study infers, “We find that a template aging effect does exist. We also consider controlling for factors such as difference in pupil dilation between compared images and the presence of contact lenses, and how these affect template aging, and we use two different algorithms to test our data.†A “template aging effect†is defined as an increase in the false reject rate with increased elapsed time between the enrollment image and the verification image. This study demonstrates that assumptions which form the basis of Justice Sikri’s order are conclusively and unambiguously unscientific.
A report “Biometrics: The Difference Engine: Dubious security†published by The Economist in its 1 October 2010 issue observed “Biometric identification can even invite violence. A motorist in Germany had a finger chopped off by thieves seeking to steal his exotic car, which used a fingerprint reader instead of a conventional door lock.†Notwithstanding similar unforeseen consequences Justice Sikri’s faith in biometric remains unshaken. It seems that considerations other than truth have given birth to this faith. Is there a biological material in the human body that constitutes biometric data which is immortal, ageless and permanent? Besides working conditions, humidity, temperature and lighting conditions also impact the quality of biological material used for generating biometric data. The claim of uniqueness of UID/Aadhaar which Justice Sikri has accepted is based on the questionable assumption that there are parts of human body likes fingerprint, iris, voice etc that does not age, wither and decay with the passage of time.
The Forty-Second Report of Yashwant Sinha headed Parliamentary Standing Committee on Finance submitted to the Lok Sabha and Rajya Sabha on 13 December, 2011 revealed that “Bharatiya - Automated Finger Print Identification System (AFSI), was launched in January 2009, being funded by the Department of Information Technology, Ministry of Communications and Information Technology, for collection of biometric information of the people of the country.†But admittedly the same is not being used by UIDAI because according to the Government, “The quality, nature and manner of collection of biometric data by other biometric projects may not be of the nature that can be used for the purpose of the Aadhaar scheme and hence it may not be possible to use the fingerprints captured under the Bhartiya-AFSI project.â€
Justice Sikri‘s order refers to the Fifty Third Report of this very Standing Committee on Finance that presented to the Lok Sabha and Rajya Sabha on April 24, 2012 which summarised the objectives and financial implications of the UID scheme but it does not factor in the recommendations of this very Parliamentary Standing Committee in its Forty-Second Report which shows the existence of Bharatiya - Automated Finger Print Identification System (AFSI) whose quality, nature and manner of collection of biometric data was apparently found to be not of such required nature which can impart uniqueness. Government reached the conclusion that biometric technology of foreign firms is better than the existing Indian one from the point of uniqueness without any comparative study.
This parliamentary report observed that “Continuance of various existing forms of identity and the requirement of furnishing “other documents†for proof of address, even after issue of aadhaar number, would render the claim made by the Ministry that aadhaar number is to be used as a general proof of identity and proof of address meaningless†. It underlined that “The full or near full coverage of marginalized sections for issuing aadhaar numbers could not be achieved mainly owing to two reasons viz. (i) the UIDAI doesn’t have the statistical data relating to them; and (ii) estimated failure of biometrics is expected to be as high as 15% due to a large chunk of population being dependent on manual labour.†The report records that “The Ministry of Home Affairs are stated to have raised serious security concern over the efficacy of introducer system, involvement of private agencies in a large scale in the scheme which may become a threat to national security; uncertainties in the UIDAI’s revenue model.â€
The parliamentary report has apprehended that “Although the scheme claims that obtaining aadhaar number is voluntary, an apprehension is found to have developed in the minds of people that in future, services / benefits including food entitlements would be denied in case they do not have aadhaar number.†Its apprehension has been found to be correct.
Parliamentary Standing Committee’s Forty-Second Report relied on the Report of the London School of Economics (LSE) “Report on UK’s Identity Project inter-alia states that “…..identity systems may create a range of new and unforeseen problems……the risk of failure in the current proposals is therefore magnified to the point where the scheme should be regarded as a potential danger to the public interest and to the legal rights of individuals†. It records that “the United Kingdom shelved its Identity Cards Project for a number of reasons, which included:- (a) huge cost involved and possible cost overruns; (b) too complex; (c) untested, unreliable and unsafe technology; (d) possibility of risk to the safety and security of citizens; and (e) requirement of high standard security measures, which would result in escalating the estimated operational costs.†It states that “As these findings are very much relevant and applicable to the UID scheme, they should have been seriously considered.â€
These aspects of the report have been ignored by Justice Sikri. Although he refers to the introduction of National Identification Authority of India Bill, 2010’in the Rajya Sabha on December 3, 2010, he chose to gloss over the fact that this Bill was referred to Parliamentary Standing Committee on Finance on 10 December 2010 and the findings of this on this Bill and the UID/Aadhaar project in its Forty-Second Report. This Committee comprised of 21 members from the Lok Sabha and 10 members from the Rajya Sabha. The Bill of 2010 was not a Money Bill. It was never passed by the Rajya Sabha. As a consequence of the recommendations contained in this report this Bill was withdrawn from the Rajya Sabha on 3 March, 2016 and a new Bill, Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Bill, 2016 was introduced on that very day as a Money Bill to outwit the Rajya Sabha and to make the recommendations of Lok Sabha’s Parliamentary Standing Committee on Finance irrelevant. Thus, what could not been done directly through Rajya Sabha and Lok Sabha’s Parliamentary Committee was done through Lok Sabha. It conclusively established itself as a questionable colourable legislation.
By choosing not to engage with these facts on record, Justice Sikri has avoided the question of enactment of Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 as a colourable legislation.
On 13 November, 2019, the 5-Judge Constitution Bench of Court observed, “Given the various challenges made to the scope of judicial review and interpretative principles (or lack thereof) as adumbrated by the majority in K.S. Puttaswamy (Aadhaar-5) and the substantial precedential impact of its analysis of the Aadhaar Act, 2016, it becomes essential to determine its correctness. Being a Bench of equal strength as that in K.S. Puttaswamy (Aadhaar-5), we accordingly direct that this batch of matters be placed before Hon’ble the Chief Justice of India, on the administrative side, for consideration by a larger Bench.†It asserted unequivocally that “It is clear to us that the majority dictum in K.S. Puttaswamy (Aadhaar-5) did not substantially discuss the effect of the word ‘only’ in Article 110(1) and offers little guidance on the repercussions of a finding when some of the provisions of an enactment passed as a “Money Bill†do not conform to Article 110(1) (a) to (g).â€
A joint reading of Article 110 (1) of the Constitution of India, Aadhaar Act, 2016, verdict of Supreme Court dated 24 August 2017 in Justice K.S.Puttaswamy (retd) v. Union of India on fundamental right to privacy, the verdict on Aadhaar Act by 5-Judge Constitution Bench of Court dated 26 September 2018 that declared Section 57 of Aadhaar Act, 20016 to be unconstitutional in Justice K.S.Puttaswamy (retd) v., Union of India, Section 25 of Aadhaar and Other Laws (Amendment) Act, 2019 that omitted Section 57 of Aadhaar Act 2016 and the verdict of 5-Judge Constitution Bench of Court dated 13 November, 2019 in Roger Mathew v. South India Bank Ltd, makes it crystal clear that “the Money Bill must deal with the declaration of any expenditure to be charged on the Consolidated Fund of India (or increasing the amount of expenditure) and, therefore, Section 7 of the Aadhaar Act did not have the effect of making the bill a Money Bill as it did not declare the expenditure incurred on services, benefits or subsidies to be a charge on the Consolidated Fund of India.†The Aadhaar Act does not do so. Besides this when the Speaker of Lok Sabha certified Aadhaar Bill as “Money Bill†, she did so with respect to a Bill which contained Section 57 which has now been declared unconstitutional by the Constitution Bench of the Court. The constitutionally indefensible provision under Section 57 of Aadhaar Act could not have been part of the Bill which was deemed Money Bill. This makes the Money Bill certification of Aadhaar Bill constitutionally questionable. The insertion of a provision Section 24 to provide for what has been rejected in Section 57 too is impermissible. When the illegitimacy, illegality, impropriety and immorality of this provision of a “Money Bill†has been conclusively established through Aadhaar Amendment Act 2019, Aadhaar Act enacted as “Money Bill†has been deemed questionable it is established as illegitimate. CAG’s audit report on the functioning of UIDAI must be read with the observations of the Court in Roger Mathew v. South India Bank Ltd.
The implications of Section 59 of Aadhaar Act, 2016 also merits scrutiny. It reads: “Anything done or any action taken by the Central Government under the Resolution of the Government of India, Planning Commission bearing notification number A-43011/02/2009-Admin. I, dated the 28th January, 2009, or by the Department of Electronics and Information Technology under the Cabinet Secretariat Notification bearing notification number S.O. 2492(E), dated the 12th September, 2015, as the case may be, shall be deemed to have been validly done or taken under this Act.†The latter part of the provision refers to Cabinet Secretariat Notification which was issued in exercise of the powers conferred by clause (3) of article 77 of the Constitution. Pursuant to this provision, the President of India made rules to amend the Government of India (Allocation of Business) Rules, 1961, to frame the Government of India (Allocation of Business) Three Hundred and Eighteenth Amendment Rules, 2015 to insert “14. Unique Identification Authority of India (UIDAI)†after after entry 13 in the Second Schedule of the Government of India (Allocation of Business) Rules, 1961. Notably, UID project was part of Department of Electronics and Information Technology between 2006-2009 and prior to that it was part of Ministry of Home Affairs. It has been admitted in the notification dated January 28, 2009 that the division of one single biometric ID project into two projects -UID/Aadhaar Number and NPR- was done “as per approved strategy†to avoid detection of breach of constitutional provisions and fundamental rights by the Supreme Court, legislature, journalists and citizens. It gets revealed by the January 2009 notification and the contracts signed by UIDAI with foreign entities like Accenture, Ernst & Young and L 1 Identities Solution of Safran Group.
Notably, in his judgement dated September 6, 2023, Justice Subramonium Prasad of Delhi High Court set aside the order of the Registry of Central Information Commission (CIC) which had denied the complete text of the foreign contracts with Accenture and L1 Identities Solution of Safran Group to Col. Mathew Thomas, an octogenarian retired defence scientist. The judgement reads: “It is the contention of learned Counsel for the Petitioner that the Registry of the CIC cannot go behind the order passed by the CIC to come to the conclusion that the information which had already been permitted to be given to the Petitioner cannot be supplied to the Petitioner. There is substance in the contention of learned Counsel for the Petitioner. The communication dated 14.10.2014 which is under challenge in the instant writ petition is set aside. Resultantly, this Court deems it appropriate to remand the matter back to the CIC to consider whether the decision of the CIC dated 21.10.2013 has been properly complied with or not.†Dr. S. Prasanna represented the petitioner in the High Court and the author represented Col. Mathew Thomas in the CIC. CIC’s Registry has not complied with High Court’s judgement and CIC’s order so far.
When the 7-Judge Bench pronounces its verdict it will have an occasion to draw from the CAG’s audit report of April 2022, Delhi High Court’s verdict of September 2023 and the observations of the 5-Judge Bench in November 2019 and the report of the Parliamentary Committee. The Court cannot lose sight of the fact that Rajeev Chandrasekhar, the Minister of State in the MEITY, the parent ministry of UIDAI misled the Parliament and the citizens of India, when he was asked about “the status of Action Taken on the recommendations of CAG‟s Audit Report No. 24 of 2021-(Meity) on “Performance Audit on Functioning of UIDAI†along with the details of recommendations which have been implemented and those which are pending for implementation†. The Minister replied, “Recommendations of the CAG‟s Audit Report No. 24 of 2021-(MeitY) on “Performance Audit on Functioning of UIDAI†have been accepted for implementation. Action taken report has been uploaded on Audit Para Monitoring System (APMS) (https://apms.nic.in/) .†The fact is that till April 2024, the Action the taken report on CAG’s audit report is not traceable on https://apms.nic.in.
It emerges that there is intriguing opaqueness in UIDAI’s total estimated budget of the UID/Aadhaar Number database project, complete details regarding contracts to foreign firms, supply of files to CAG for CAG’s audit and disclosure of action taken report on CAG’s audit, undue favours to certain firms, unreliable biometric technology and conflict of interest ridden awards won by UIDAI officials as consequence of Justice Sikri’s order which has been found questionable by a subsequent Constitution Bench.
If Justice Sikri’s order is not reversed soon by a larger Constitution Bench pursuant to the decision dated November 13, 2019 by a 5-judge Constitution Bench in Rojer Mathew v South Indian Bank Ltd., present and future generation of Indian citizens will be compelled to become subjects of an unlimited despotic government, beyond the limits of Constitution of India and the principles of constitutionalism.
(Author: Dr. Gopal Krishna, is a lawyer and a researcher of philosophy and law. His current work is focused on philosophy of digital totalitarianism. He has appeared before Supreme Court’s Committees, Parliamentary Committees of Europe, Germany and India and UN agencies on the subject of national and international legisaltions. He is the co-founder of East India Research Council (EIRC). He is convener of Citizens Forum for Civil Liberties (CFCL) which has been campaigning for freedom from UID/Aadhaar/NPR and DNA profiling through Criminal Identification Procedure since 2010. He had appeared before the Parliamentary Standing Committee on Finance that questioned and trashed the biometric identification of Indians through UID/Aadhaar. He is also the editor of www.toxicswatch.org)