Slashdot Mirror
Story Of a Country Which Has Built a Centralized Biometrics Database Of 1.1B People But Appears To Be Mishandling It Now (mashable.com)
In a bid to get more Indians to have a birth certificate or any sort of ID card, India announced Aadhaar project in 2009. At the time, there were more Indians without these ID cards than those with. As a result of this, much of the government funding for the citizens were disappearing before they could see them. But according to several security experts, lawyers, politicians and journalists, the government is using poor security practices, and this is exposing the biometrics data -- photo, name, address, fingerprint, iris info -- of people at risk. More than 1.1 billion people -- and 99 percent of all adults -- in India have enrolled themselves to the system. From a report: "There are two fundamental flaws in Aadhaar: it is poorly designed, and it is being poorly verified," Member of Parliament and privacy advocate, Rajeev Chandrasekhar told Mashable India. Another issue with Aadhaar is, Chandrasekhar explains, there is no firm legislation to safeguard the privacy and rights of the billion people who have enrolled into the system. There's little a person whose Aadhaar data has been compromised could do. [...] "Aadhaar is remote, covert, and non-consensual," he told Mashable India, adding the existence of a central database of any kind, but especially in the context of the Aadhaar, and at the scale it is working is appalling. Abraham said fingerprint and iris data of a person can be stolen with little effort -- a "gummy bear" which sells for a few cents, can store one's fingerprint, while a high-resolution camera can capture one's iris data. The report goes on to say that the Indian government is also not telling how the data is being shared with private companies. Experts cited in the story have expressed concerns that those companies (some of which are run by people who were previously members of the team which designed the framework of Aadhaar) can store and create a parallel database of their own. On top of that, the government is making Aadhaar mandatory for availing several things including registration for nation-wide examinations, but in the beginning it promised Aadhaar will be used only to help poor get grocery at subsidized prices.
$gov mishandles personal data?? Damn, if we only wound have seen this coming...
Offshore outsourcing the project?
At least we know they're not malicious, just incompetent.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Indians know how to handle politicians that fuck them over.
They can take care of this quickly and easily.
"Appears to be" mishandling it? The entire purpose of tracking innocent citizens is to mishandle it.
Not a single incidence of data being stolen, just the FUD lawyers trying to make a buck off paranoia?!
They're storing fingerprints on gummy bears. Next we'll find out Homer Simpson manages the "database". "Abraham said fingerprint and iris data of a person can be stolen with little effort -- a "gummy bear" which sells for a few cents"
Before anyone gets too high and mighty, let's look at a few other instances of mishandled databases.
IRS ...
Veterans Administration
Social Security Administration
That will magically solve all these problems, won't it. As soon as they step foot on the LAND MASS of the white country, they'll magically become just like white people! Less corruption, more intelligent, etc.etc.
Before aadhaar (meaning proof in Hindi, cognates with similar word in most of indian languages) it was an incredible mess. For most people "the ration card" issued to families to avail services of subsidized food served as a form of identity. Originally it had no photos, and it was one per family, not individual. But the state governments made some basic efforts to curtail fraudulent cards, so it served as an identity card. Voter registration lists were inflated. Migrant people did not have one. Credit worthiness could not be verified. So unsecured loans are never available from organized sector. All unsecured loans were made by local loan sharks who knew people personally. Almost all the commerce was done by cash. Allowed untaxed black money to mix freely with white money. So much so that the government had demonetized 500 Rs, and 1000 rs currency notes. Unless you can prove you had that note legally, you can't exchange it for the new legal tender. It did it back in 1976 too. The country was formed only in 1947.
The mess is far larger than any one can imagine or fix in short term. Finding fault with any new system is easy. Unless you offer viable solutions and work to address your concerns, one would think, it is just a troll or astro turf or feigned outrage.
Funny story: I was a lucky person with a propane gas cylinder account with a government owned gas supplier when I graduated from college. Propane gas stoves are the way most cooking is done in India for about half the population. It was a hot thing to have a gas cylinder account! All due to the foresight of my mom who "registered" my name using the ration card when I was in sixth or seventh grade. When I left for America, that account became very valuable. I gave the cylinder I had to my friend. So every time the cylinder would run out, he would use my name and get a replacement. Not sure if I gave my ration card to him too. When I ran into him some 15 years later he said, "I never forgot you. How could I ? Every 20 days, I had to call the Indane Gas company, and identify myself as 140mandak262jamuna!"
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
India can take 1.1B billion people, most of which are dirt poor, and collect all this biometric info and keep it. But the old USA, the richest country in the world, can't get plastic ID cards to everyone because its poor people ain't got time or the ability for that...and IDs are inherently racist anyway, as we've learned in the voter ID acts.
This!!! In the US, one needs a Social Security number to do anything - open accounts to do any tracking, but it's a stupid piece of paper that legally is not supposed to be laminated. In the meantime, you have controversies over cities issuing driving licenses to illegals, and thereby making the appearance of legalizing them. As well as the proposal by the TSA to require everybody to carry their passports w/ them in some jurisdictions.
Better idea: why not make SS cards like DL cards, which would include photos, personal details (eye color, hair color, et al, like in DLs, but not addresses), and then a chip that includes details like a person's legal status (citizen/GC/visa type, state in which one can vote, et al) and make that the ID that they are required to show anywhere? That way, DL would no longer be proof of anything aside from the authorization to drive, and the SS card can be used for things like Voter ID, travelling on planes, e-Verify, et al. Then cities that issue DLs to illegals would no longer be changing anything about their legal status to be here, only whether they can legally drive or not. Which shouldn't be an issue - one could legally go from Juarez to El Paso, get a TX DL and then drive anywhere in TX on a tourist visa, but not be mistaken for a legal resident of the US.
A "pathetic world joke" compared to which other countries? Nigeria? Egypt? Brazil? Indonesia? Pakistan?
If you're scared of your govt then you need to further restrict its powers
Vote 3rd Party in 2016 and beyond
So maybe we've been misled all along...that there really aren't one beeellion people, but only 250 meeellion people, with four different IDs, and being the mathematician here, we conclude hey, thatsa billion right there, easy when it would have been far, far easier to count the number of legs and divide by two, while the drone buzzes quietly overhead...
Sure, smart people can easily solve the universal ID problem, but those same people mostly know that we are better of not solving that problem. I would personally like to thank all the other smart people for continuing to keep this problem complicated, messy, and unresolved.
existence of a central database of any kind, but especially in the context of the Aadhaar, and at the scale it is working is appalling.
So population registries are bad. IDs are bad. Working government and reliable statistics are bad. Fraud prevention bad. I get it. Did Chandrasekhar make a attack tree to support his arguments, or is he parroting anglo-saxon privacy activists to gain the warm feeling of acceptance? The moment a citizen tries to abuse someone else's biometric marker, he or she is bound to collide with another marker such as a picture. The only issue would be matching database fingerprints in criminal investigations, but that's a process issue since criminal databases should be separate anyway.
I thought of Facebook.
Sure, smart people can easily solve the universal ID problem, but those same people mostly know that we are better of not solving that problem. I would personally like to thank all the other smart people for continuing to keep this problem complicated, messy, and unresolved.
I agree mostly. We should upgrade SSNs to a more secure system, but not add a national ID card in the process, which is a hideous idea.
Ideous ? Why ? Most (all?) countries have an ID card system. It's necessary for interactions between you and the state and I don't see what the big deal is. I guess replublicrats find it easier to cheat on elections without ID cards.
Non-Linux Penguins ?
What exactly is your idea of a 'National ID card'? My idea 2 posts above was to make the SSN card more secure - include a chip w/ a smart card interface, and in it, embed all the information about you that's necessary for any background check. Name, photo, fingerprint/retina scan, legal status (citizen/GC/type of visa held), marital status, married name (if applicable), state in which you are registered to vote, just about everything. All that is embedded in the card chip. You're ever asked for ID, that's what you give. Not DLs. You're taking a flight? It's needed, not your DL. Your DL would only be needed to let you drive, and nothing else.
It's getting to the point you had better not be tending your garden outside your own house without being prepared to show your papers to any authority that demands it.
Compared to the only thing that matters...white countries.
You just described how ID cards work in most european countries.
First you need to get on the metric system, then you need to get stupid people out of power positions.
For 3 years, the US government has been trying to make (state-issued) DL cards like passports; only a few states have complied.
According to whom? If a US DMV is issuing such identity to non-citizens, then it obviously isn't a representation of immigration status. To be fair, this is the government's fault. They should give people a kick up the arse for using a DL as a green card, or an SS card as an identity card.
Voter ID? What are you? A racist fascist cunt? People should vote how they vote without government fucking them in the ass for it.
First we need to get rid of Europe. Let's see how much Putin will charge us for that.
One more cretin who can't tell the difference b/w race and nationality. Yeah, I only want citizens, regardless of their race, to vote. I do not want a citizen of UK, France, Saudi Arabia, Iran, China, Russia, India, Israel, Laos or Brunei voting in our elections
What does the Metric system have to do w/ this? In fact, I can make a good case for building a new system based on powers of 2, which would enable microprocessor based instrumentation w/ little software programming involved, since it would mainly involve registers, counters, muxes, et al rather than complete computer systems
For 3 years, the US government has been trying to make (state-issued) DL cards like passports; only a few states have complied.
Uh, that's what I was arguing against. Leave DL cards only for driving, rather than as a photo ID, so that DMVs in sanctuary states like CA are free to issue them to illegals, w/o making them recognized ID for anything else. Instead, overhaul what the SS card is and let that be the universal ID that people use whenever they are travelling within the borders.
Passports will be needed, since there are a lot of countries that are not geared to use something like this as a substitute.
According to whom? If a US DMV is issuing such identity to non-citizens, then it obviously isn't a representation of immigration status. To be fair, this is the government's fault. They should give people a kick up the arse for using a DL as a green card, or an SS card as an identity card.
The latter - SS number for ID - has been there for the last 30 years, so it's probably there to stay. Which is why I suggested overhauling the SS card. Once it's there and loaded w/ all the information, any establishment that wants proof of ID will require to see that, instead of a DL or a college ID card.
Aadhaar is not just for identity but also automated fingerprint verification.
It has fingerprint and iris scan of each citizen.
So, u need not carry cards or proofs, u can verify urself by a finger-print scan.
The poor in India get food at reduced prices, cooking gas at reduced prices, get government sponsored employment, etc
similar to unemployment benefits in US.
There was massive corruption in these schemes to the tune of billions.
With fingerprint verification of each beneficiary slowly getting used to directly transfer money to beneficiary accounts corruption is reducing.
Automated verification also speeds up several processes including opening bank accounts, getting mobile number, etc
It also improves security of the country.
So, Antarctica then?