← Home

A Question of Identity: Overview

(Please see the main whitepaper for a full discussion.)

Soumen Chakrabarti*         Siddhartha Chaudhuri*         Om Damani*
Manoj Prabhakaran*         Krithi Ramamritham*         Bhaskaran Raman*
S Sudarshan*

Dept. of Computer Science and Engineering
IIT Bombay

A national identity scheme has long-term and large-scale implications to efficiency of governance, distribution of benefits, law enforcement and national security, welfare and data security of the people, and their privacy and other fundamental rights. Given the extensive criticism of the Aadhaar scheme, we propose that there should be an ab initio redesign of significant parts of the Aadhaar infrastructure.

We start with the following basic expectations on a national ID scheme:

Having reviewed several reports from the field, we conclude that the current Aadhaar design and implementation have extensive conflicts with the above expectations. For instance, a disturbingly large number of reports of denial of essential services, often due to reliance on biometrics for authentication in the field, have surfaced. While making certain forms of identity fraud harder, the widespread and loosely regulated use of the Aadhaar ecosystem (e.g., for authorizing financial and other transactions), has created room for several other forms of identity fraud. Also, privacy concerns, enhanced by the involvement of several private entities and weak data protection laws, have emerged. Some of these issues can be traced to fundamental design choices in the current Aadhaar implementation, like the use of biometric authentication, and the use of a centralized server accessed via "user agencies".

Based on the lessons from this exercise, we formulate a set of technical design and policy guidelines for a national identity scheme that could avoid much of this conflict.

Guidelines

We present a non-exhaustive list of guidelines which we believe are important for a national identity scheme.

These guidelines provide us with a means to evaluating current and future proposals for Aadhaar. As the current design is seen to have serious shortcomings with respect to these guidelines, we recommend that it be considered experimental and used accordingly. Any parts of the existing system retained in a subsequent design (for minimizing implementation costs) should not be at the expense of the above design goals. Designing and deploying a robust identity scheme for the largest democracy in the world will require much more thought, wider expert consultation, and a few more years.


* Sorted alphabetically. Email: {soumen, sidch, damani, mp, krithi, br, sudarsha}@cse.iitb.ac.in