Aadhaar chugs along but India can’t get its data protection act together

India’s central government, seemingly so sure-footed with its flourishing Aadhaar biometric ID, is having a hard time moving personal data protection legislation.

Little known outside the South Asian nation, the Baal Aadhaar program already has assigned 16 million uniquely numbered ID cards to children up to five years old. With it, guardians are guaranteed preschool benefits for their children.

According to the Hindustan Times, the accounts tied to Baal Aadhaar digital ID cards, which were tested in Uttar Pradesh, are updated and reverified when a child ages out.

The government does not collect biometric data on child account holder, although guardians must have an Aadhaar card, and they are required to submit to biometric scanning. Proof of relationship is accomplished with state documents including birth certificates.

India last month opened access to its Aadhaar FaceRd mobile biometric authentication app. It stores the holder’s iris pattern and fingerprint, and reportedly makes carrying physical IDs unnecessary.

Proposing either program in many nations has caused or likely would result in political turmoil as sit touches on three emotional factors: government control of personal data, privacy and the digital lives of children. And the rollout would likely be plagued with time-consuming technical problems.

More like India’s proposed Personal Data Protection Act.

The bill, first opened up for public discussion in 2019, reportedly was ready for parliamentary debate until this week when it was yanked, according to trade publication TechCrunch. Privacy advocates and technology companies including Apple, Amazon, Google and Meta jumped in to express concerns.

In fact, the Asian Internet Coalition, dominated by the biggest U.S. Internet vendors, in January sent a 23-page memo to ministerial and parliamentary officials doing just that. Among its notes: Change the bill’s name. Strict data localization will hurt their ability to do business. Do not categorize social media companies as publishers.

The Internet Freedom Foundation in India threw in with objects, too.

According to TechCrunch, the foundation feels policy provisions in the bill unduly favor Big Business. And they do not protect fundamental privacy rights.

What if anything will protect fundamental privacy rights in India remains to be seen.

Article Topics

biometrics  |  children  |  data protection  |  government services  |  identity management  |  identity verification  |  legislation  |  privacy