Playing the Identity Card

Mohit Gupta

Introduction National Identity Systems UIDAI Brief History of the Indian National Identification System Identity, Identification and Mediation The Card Cartel Conclusion Appendix I: Understanding a National Identification System Endnotes

3 6 8 9 12 15 19 21 26

Introduction
The Unique Identification Authority of India (UIDAI), was created under the Planning Commission to develop and implement the necessary institutional, technical and legal infrastructure to issue unique identity numbers to Indian residents. (UIDAI) !The project, aimed at providing and managing unique IDs to more than 1.2 billion residents in India at an initial investment of close to $23 million in 2009-2010 !is !an !huge undertaking by any standards. !It is this unprecedented scale and the rapid progress of the project, that have invited the attention of the mainstream media, bloggers and academics. ! Many titles of being the first or the largest are often discussed in relation to the project. It is the first large scale biometric identification system in the world, and if successful will be one of the largest database of individuals ever collected. The scale and scope of the project has led to a flurry of activity by Indian bloggers, discussing various aspects of the project with a mix of celebration, confusion and fear. Since the project was launched in January 2009, it has been actively debated in scholarly journals in India, and some have identified it an opportunity for opening up debates around state-citizen relationship in India (Maringanti 2009; Shukla 2010). Newspapers closely follow the project, with popular dailies publishing stories !about !most of the new reports published by the UIDAI. Even though the discussions have ranged from celebrations around Indias technical prowess to the relevance of post-structuralist analysis in modern India, there seems to be gaps !when one tries to look at the purpose and history of the project. This paper is an attempt to join in these myriad discussions around the

UIDAI with a by connecting together dots from the history of the project, global discussions on national identity systems and concerns expressed by academics and bloggers. Identification and accounting of citizens is an integral part of modern states. The process of authenticating identity is essential to the functioning of not only the nationstate, but also for most interactions with private institutions. !Entering a workplace, travel, accessing a bank account, access to health services or just passing through a toll booth rely on some kind of ID. In recent years, more of these transactions are based on some kind of identification card. The cards however, are only the tangible edges of identity management systems and databases underlying such systems. These systems store identity information to authenticate (check to see if you are who you say you are), collect information about usage, and often responsible for just-in-time decisions about access. Using pre-defined rules these systems are often responsible for sorting people into categories to ensure the delivery of access to the some individuals and denying services to others. In essence, processes for authenticating users and citizens are not new, they have been essential for managing access for large groups of people. There are however, some significant differences in contemporary identification systems due to developments in technology. These systems, motivated by immigration control, anti-terrorism, electronic government, or delivery of social services are being debated in !many countries around the world (Lyon and Bennett 2008). Development of these systems !involves a complex mix of organizational structures, policies and technical infrastructure unique to each implementation. They are shaped by differences in political climate, history of using identification systems, state-citizen relationships and cultures. Even though various theoretical discussions and learnings from the experiences of setting up identification 4

systems can be extremely instructive towards the understanding and analysis globally the complex mix of social, cultural and political histories ecologies of each system can not be ignored. The UIDAI is unique amongst the many systems that are being developed globally as it focusses primarily on authentication, without making clear the direct use for identification, or the form in which the identification number will be distributed. !This has meant that there in an increased focus and discussion around the collection, storage and management of authentication data, but obscures the purpose(s) and implications. Coupled with the many changes in the way the system is presented to the media, it makes it important to look at the history of the project, and the big events (Lyon and Bennett 2008) that have pushed it forward. Unlike some discussions around the project that focus on analyzing the benefits or faults of the project, my focus is to try and map out specific aspects of the project, especially its history. The belief is that looking at the UIDAIs history in light of studies of national identification systems and case studies of other large scale digitization and identification project can provide a more complete picture of the project. It is also important to understand the various stakeholders in the project. By disconnecting itself from the actual delivery of cards and services, the UIDAI does not have to speak about the processes of identification involved, but only the technical details of authentication. Looking at the history could help trace the interests of various groups that have invested in the system. Impacts and implications of efforts at the scale of the UIDAI are extremely hard to predict. To label the effort as something that would bring harm to all minorities, or to

argue that it would result in broad surveillance and loss of privacy is more distracting than useful. It does not mean, however that the project will automatically empower the poor, alleviate issues of delivering social services and strengthen security (Maringanti 2009). It is a large administrative and technology regime of identity control and management, requiring a complicated series of social and policy issues. Identification systems are not necessarily bad, but they are also not neutral (Lyon 2009). Their scope and reach demands an exploration of their histories, and the political and social conditions that have shaped decisions. Hopefully this paper will contribute towards creating a platform for further discussion around the UIDAI project, and identification systems in developing regions.

National Identity Systems

Though systems of identification have a long history in the modern world, new pressures have led to a marked increase in discussions about creating technological systems to support authentication and identity management. Motivations around increasing administrative efficiencies through e-governance and security imperatives coupled with the need for authentication in commercial spheres such as banking and credit have played an important part towards this. Contemporary identity systems that employ embedded microchips, biometrics and other machine readable systems (e.g. RFID) connected to centralized databases result in new possibilities for identification and tracking. Automated systems allow a much expanded and pervasive organizational access to citizen data, streamlining not only access to services, but also allowing for increased surveillance. Capabilities of these new systems also go beyond authentication and identifi-

cation to greatly reducing the cost of social sorting or the process of dividing those registered into different categories. Though these categories are required for increased efficiencies towards providing services such as health services access and employment, they can put certain groups at a disadvantage almost as much (and maybe more) as those who are not included. National systems also require large personnel and financial costs, which could not only divert attention from other efforts but also lead to financial transactions around technology development and standards. As outlined above, the impacts of national identity systems are almost always broader than the proposed requirements and needs for a national identity system. It is important to emphasize again, that even though these systems might bring about governance efficiencies, security and increased access as promised, there are larger political, social and organizational impacts that need to be considered. Given that these systems are complex, multi faceted and uniquely designed and developed for each context, they present various issues when trying to get a comprehensive picture. As part of my own process of trying to explore the Indian National Identity System, I referred to various works that have focussed both specifically on individual aspects and more general descriptions. Outlining the various aspects that allow for getting more holistic sense of ID projects provides a basis for pulling out certain aspects in discussion. Of course this is not meant to be a complete set of questions, but those that have driven the understanding of the UIDAI in this paper. Bennett and Lyon, in their publications that have looked at surveillance and identification globally, publications in the Electronic and Political Weekly on the UIDAI and publications by the Committee on

Authentication Technologies and Their Privacy Implications have informed these questions (Lyon and Bennett 2008, 2009; Maringanti 2009; Shukla 2010; Kent and Millett 2002, 2003). For details see Appendix I.

UIDAI
The centralized UIDAI effort towards addressing issues relating to identity comes after the failure of various government departments aiming to provide identity cards to citizens. Passports by the Home Ministry, PAN (permanent account number) through the Income-Tax Department and the voter identity card issued by the election commission, are all aimed at simplifying their specific interactions with citizens. It is expected that the UIDAI will aim to evolve an ecosystem (and architecture) to support creation, verification and management of identity for the entire Indian population. The UIDAI has expressed in its draft reports that they are primarily concerned with the issuing of identity numbers, verification of data and management of the technical and institutional aspects of data related to the unique identifier. It is not directly responsible for the issuing of identity cards, ..the authoritys role is limited to issuing the number. This number may be printed on the document/card that is issued by the Registrar. (UIDAI) This is done to leverage the various governmental institutions already setup in the country at the state, regional and local levels for distribution of cards. The discussions around UIDAI, due to its concern with the the numbers has been limited to technical and financial concerns. To expand the view on the UIDAI the following sections explore the history of the system, as well place possible uses in context of theoretical concerns related to other national identity systems. 8

Recent History of Identification in India and Security Concerns

This history is primarily focussed on how security threats have coincided with the development of the UID project. A more multifaceted account of the development, though useful, is beyond the scope of this paper.

The Universal Identification Authority of India was officially constituted in November, 2008 and established in January 2009 under the aegis of the Planning Commission of India. The UIDAI was made responsible for the developing policies, planning the implementation and managing the UID (Universal Identification) scheme. The universal identification scheme however, has a history that can be traced back at least to the beginning of the 21st century. A even looser conception would allow us to trace back the roots of biometric authentication and identification in India to the colonial times. There have been multiple efforts by the Government of India to establish an identity system in India to provide clear identity to residents over the last two decades since the launch of photo-identification cards by the Election Commission in 1993. In 2003, the government approved the Multipurpose National Identity Card, which can be seen as the direct predecessor to the UID project. It is an extremely instructive exercise to look at the environment that led to the approval of the MNIC project, and shifts over the years, from the original goals. The MNIC pilot project in 2003 was initiated on basis of a recommendation by a Group of Ministers (GoM) report on National Security. The report itself was formed in 2000 in accordance to a directive by the Kargil Review Committee (KRC) which has been established to look into the causes of the Kargil conflict with Pakistan. The Kargil 9

conflicts were an extended military engagement between India and Pakistan over the border areas in the state of Jammu and Kashmir. The conflicts involved heavy human causalities largely attributed to insurgents supported by the Pakistani military. The KRC report dealing with issues of Indian defense and internal security policies argued for the issuing of identification cards to people in the border villagers. These cards, aimed to provide identification to citizens would, according to the KRC report, allow for better tracking of insurgents. The KRC urged that the cards be issued on a priority basis, to the border villages and eventually be extended to areas that constantly deal with security issues. Other areas mentioned in the report were north-east Sikkim and parts of West Bengal, that border with China and Bangladesh respectively (Mehmood 2008, 114). There was an attack on the Red Fort (considered a strong symbol of Indias sovereignty) in December 2000. This led to the launch of the first ever compilation of tenants living in Delhi, by the Delhi Police. A couple of months later the GoM on National Security submitted their report which appealed for a national registry for all Indian citizens. They mentioned that non-citizens should be given visually different cards so that nation wide identification of citizens would be facilitated. Identification cards in the scope of this report were concerned primarily with Border Management, wherein all but five out of the 28 states and 7 union territories were treated as a Border (Mehmood 2008, 121). MNIC, therefore was proposed as a citizen card, a feature that has been dropped from the plans of the UIDAI because of the complexity of identifying citizenship status1 (Planning Commision 2007).

10

The GoM report on National Security based the need for citizen cards on illegal immigration. Illegal immigration has assumed serious proportions. There should be compulsory registration of citizens and non-citizens living in India. This will facilitate preparation of a national register of citizens. Controversies around the MNIC was focussed primarily on the ambiguous and transient nature of citizenship in India as an important issue towards the development of the MNIC (Chatterjee 2006, Mehmood 2006).2 It is interesting to note that even though citizenship status is no longer a part of the UIDAIs mission, there was a change made in 2003 to the 1955 Citizenship Act mentioning that the the Central Government may compulsorily register every citizen of India and issue national identity card to him as well as maintain a National Register of Indian Citizens and for that purpose establish a National Registration Authority. The National Population Register also mentioned in related discussions, will be enumerated through the 2011 census in India (Chidambaram 2009). The 2011 census itself has attracted significant attention reintroduction of caste as one of the parameters collected, the first time after 1931. The census, which is a huge nationwide exercise is expected to provide data for the UID project. Processes for collection have been modified so as to collect personal information and even biometric data (in some cases) for the census. These changes align with the urgency of collecting identification data across the country after the November 2008 attacks in India (Chidambaram 2009). In 2001, another prominent attack on the parliament in New Delhi, had led to discussions about creating a registry of citizens. The attacks also motivated the passing of

11

the infamous Prevention of Terrorist Activities Act (POTA) in 2002. POTA was repealed by the current government due to pressure from human rights and civil liberty groups, as well as publicly discussed cases of misuse. It is interesting to note though, that after the attacks on Mumbai in November 2008 the parliament enacted the Unlawful Activities Act, which is similar to POTA. The attacks also resulted in the appointment of P. Chidambaram as the Union Minister of Home Affairs (responsible for internal administration of the country) who was earlier the Finance Minister of India. Chidambram after appointment has spoken about increasing security preparedness, and cites the National Population Registry and the UIDAI as important parts of the process. Identity, Identification and Mediation Though systems like the UIDAI are often called identity systems, they are concerned more with identification and authentication, than with peoples identity. Since the French revolution, nation states have depended on various kinds of identification systems to recognize the civil identity of individuals. Much research, in humanities and social sciences has focussed on the relationships between information, documentation and governance (Caplan and Torpey 2001). Foucaults analysis has popularly explored the processes of using technologies of enumeration and calculation towards governance where the problem of governance is ultimately one of how to conduct the conduct of populations in the most economic manner. (Maringanti 2009) How these systems of governance, affect the identities of populations has been explored in depth by various scholars (Foucault 3; Torpey 2001; Lyon 2009). These discussions highlight the relevance of reducing the multiple identities of people (as parents, friend, employee etc)

12

which are defined through changing contexts and histories to a singular number. Control over identity is further eroded through the process of defining it through the body, using biometrics. Introduction of the UIDAI as a singular system for identifying residents in India, ! could greatly affect the relationships between the citizen and the state. Furthermore, since the uses for the UID are disconnected !from its initial implementation there are various scenarios where residents would loose control over their identities. In particular, a similar unintentional loss of control can be seen through the case study of Bhoomi. The project involved digitization of land records that have led to a reduction of subjectivity and the argumentative nature of previous processes. A report looking at the societal context of the project mentions that most small farmers and marginal groups find themselves in situations where there land records have not been updated and consolidated for years. Before digitization supposed inefficiencies in the system allowed marginalized groups to interact with local officials to update their records. However, with the introduction of Bhoomi, such processes are handled centrally where excessive bribery and complicated processes make it harder for certain groups to operate on their records (International Institute of Information Technology 2005). Universal identification connects various aspects of a person over time into one immutable history. The UIDAI currently structures its operations are read only, where requests made to the server for authentication would only respond with a Yes or No. Thus by restricting the amount of information that can be accessed when an authentication request is made, and having no provisions for recording such information does not

13

impede on an individuals control over their history. This does not explain the many systems described in news and reports that would not function without tracing an individuals data. The UIDAI claims that access loans !would become easier for the poor, by ensuring identity. In practice, for financial institutions to ensure that loans are returned, it would require aggregated financial histories of people. This is not to say, that prevention of financial fraud is not an important part of extending credit access in India, but points to some issues surrounding the disconnect between UIDAI and its uses. Furthermore, the UIDAI strategy overview discusses a micro-payment architecture where the UID-linked to a bank account would enable access for the poor. !One of the actors mediating the connections between banks and the poor are business correspondents (e.g. self-help groups, post offices, small shops). As seen in the case of the Bhoomi project, increased distancing of the person and their identity can create scenarios where intermediaries can exert additional leverage over end users. The LSE report on the UK National Identity Cards bill !explore the issue of mediation and loss of discretion extensively in around policing and IDs. The improvements in policing given conditions of mandatory possession of cards at all times, and limited tracking are primarily related to increase in efficiencies around stop and search. These benefits however are seen in tension with increase in mediation between the police personnel and the community. They mention that administration of order is an act of peacekeeping that depends chiefly on discretion and common sense; these attributes open up a range of possibilities for the administration of order. Maintenance of order, except with some notable exceptions depends on the voluntary compliance of most citizens. Increase in identification systems could lower necessary discretion that is part of peacekeeping 14

efforts as increased surveillance of police personnel could lead to mechanistically using available biometric identification technologies (LSE 2005). In summary, they argue that though identification and biometric systems may increase efficiencies, it would also change the relationship between the police and the public. Such relationships between the community and systems of governance are extremely fluid, and broad (nationwide) policies and rules around authentication technologies would disrupt social systems in unpredictable ways. The Card Cartel
"A concern with iris [scans] has been on cost. However, the current high prices for iris technology are a result of low volume and its use in cost insensitive security applications. Considering the large demand that will come from India for iris devices and software, the UIDAI expects the prices for iris devices and software will fall rapidly." Nandan Nilekani (The Economic Times 2010)

The confident statement by Nandan Nilekani, head of the UIDAI shows the huge financial transactions that underlie the development of a national identification system. The 2010-2011 budget has allocated $400 million for the project, and the UIDAI is actively setting standards for biometric devices and software systems. The organization has already asked for various private entities to submit applications for developing the software and biometric systems that are required for implementation. Recently, the UIDAI awarded a $6.6 million contract to MindTree, a medium-sized Hyderabad based software company. This contract is small in comparison to the total amount of $1 billion, expected to be outsourced.

15

In light of the financial incentives !tied to national identity projects and the huge increase in demand for biometric technologies, embedded microchips and other systems, it is expected that there are many interests tied to the implementation of such systems. Lyon has identified such economic and systemic motivations for identity systems as the card cartel. He argues that the identity systems are no no longer be understood as interactions just between the state and the citizen. We have to recognize that todays identity cards are the product, not merely of formally constituted bodies, but of corporate entities competing for contracts to use their solutions, and also of technical standards which shape the very architecture and the peculiar characteristics of the scheme i question (Lyon and Bennett 2008, 11). Also as seen in the history of the UIDAI, pre-histories of identity systems result in various expectations and pressures on design of the system. Identity and identification are inherently social processes, that interact with the technological media they depend on. Similarly decisions around the implementation and design of an identity system is go through a political process, with unique power relations for each case. Through the structures of organizations that support them, and the people that make choices they are continuously shadowed by various narratives and histories. Toropys work on identity systems makes the case that the state, through the passport creates a monopoly on mobility. !Tracing the history of authentication in relation to mobility, he argues that the state, through control of mobility also manages identity (and vice versa). By requiring identification for mobility, states make people depend on them for identity. !Furthermore, being able to identify with a state, is a often a long process with many controls. Thus, by securing mobilities, states create a division between the self and the other, which in various senses is essential to the very concept of a nation 16

state. Lyons conception of the card cartel further expands on Toropys arguments to recognize that the state and the citizens operate in relation to each other. In line with Foucaults notion of governmentality, Lyon describes the state as it is constructed through the process of interacting with the populations and organizations it seeks to govern. In case of the UIDAI, there are various standards and investments made by government bodies that have experimented with the identity systems. The MNIC project, which is still active, and sometimes in contention with the UIDAI plan had led to a huge explosion in companies developing smart cards and related technologies in India. Many of these companies, supported through contracts and partnerships with the government are now looking for markets beyond the MNIC. Other corporations, in software and technology support are offering their support to the UIDAI. Technology decisions made by the UIDAI will lead to not only large revenues, but also large scale adoption in various new and traditional areas that could shape standards. After 9/11, in the US Larry Ellison of Oracle offered free software to the government for building a national identity system, and similarly ex-Microsoft chief Bill Gates has mentioned publicly that Microsoft would support the UIDAI to build their infrastructure. The point here is not to say that corporations are making decisions towards the development of these systems. The examples show that there are various power relationships and invested costs that affect the design of identity systems. Another example to explore the various influences towards the adoption of large scale technology systems is !described by Ravi Shukla in his article about UIDAI. Shukla

17

describes Winners work around decisions to build technology systems as one motivation for the UIDAI. Winner argues that technology is often used as a marker for progress, and combined with the celebration of technical systems creates a scenario where socio-political issues are also interpreted as technical problems (Shukla 2010). There are various sectors that have seen marked transformations brought about by information and communication technologies. The rapid progress in these technologies, economic growth, and !increased attention to the technology sector as !the rising star of the Indian economy leads people to turn to technologies as a solution for any problems. Organizations such as the Department of Information Technology and commercial enterprises are also looking to offer solutions towards fulfilling the promise of e-governance. Lastly, pressures from !security agencies and media to act decisively in response to threats further !motivate towards the development of centralized systems that promise dissolution of issues. The UIDAIs chairperson has cautioned against people interpreting the UIDAI as a panacea for all problems while arguing that the UID scheme will enable improvements. In the mix of technological pressures, it is hard to predict the benefits of a system that is still seen by many as an impossibility. Additionally, the UIDAI has initiated projects around the standardization of biometrics. The Committee on Biometric Standards, constituted in September, 2009 recommended the use of iris scans in addition to fingerprint scans and photographs to be used by the UIDAI. Due to apprehensions around the cost and need for iris scans, the committee released a report in May 2010 arguing that devices for iris scans can be cheaply produced at scale. The UIDAI has been declared as the Apex body for setting standards around biometrics and demographic data. It has released various reports describing the 18

minimum requirements for biometrics. Organizations involved in the design and development of biometrics technologies have a strong incentive to follow the standards released by the UIDAI. It is important to note, that the installed capacity at the scale required for the UIDAI is anticipated by the industry, and it would be increasingly difficult to roll back on plans for biometrics. The UIDAI with its investment in biometrics will create an environment where not only jobs and expertise in biometrics will grow, but they will also find their way into other systems. The case for the second generation identity card for China allowed it to become the largest manufacturer of biometric devices in the world. These installed capacities, and technology infrastructures further impose pressures on the kinds of options that are evaluated in the future.

Conclusion
In this paper the attempt has been to look at the history of UIDAI and evaluate it in relation to theories and concerns around other national identity systems. This paper however, provides just a framework to start looking at the possible implications of the UIDAI. The influential LSE report in UK and publications by the Committee on Authentication Technologies and Their Privacy Implications have shown that studies around the efficacies of national identity systems can influence both debate and popular opinion. Given the scale and scope of the UIDAI effort, it is important that studies focus on the micro and macro implications of such a system. The project is a reality, and is moving fast towards implementation, but a close look at the stakeholders and policies around the system can influence lawmaking and controls that are built to support the technical infrastructure.

19

The history of the National ID system in India reveals the overlap of various interests that have pushed the system towards implementation. Media coverage and public discussions around the project are focussed on some very specific aspects of the project. Furthermore, the separation of the project from service delivery has meant that most discussions around the impact of the effort are fluid, and deal primarily with the costs and the scale of the project. A comparative look at the project in relation to similar systems in other countries reveals the various complications and issues around national identity systems. The UIDAI project like any other project would fundamentally change the way residents interact with the government and even with the private sector. Discussions that focus primarily on the efficacy or validity of the project, though important should also be supported by debates about the legal and policy framework within which the project functions. These debates are essential to monitoring the progress of the project. It is important to outline the landscape of changes brought about by the system, and to explore how the socio-political relationships and power structures evolve.

20

Appendix I: Understanding a National Identification System

The most important question, which is many times only loosely identified in identification and authentication systems is the proposed purpose of the system. Though the reasons vary widely, studies frequently point out that the purpose of identity efforts is only loosely defined and is often shifts constantly. Systems also differ in how they are used by different organizations. Some are proposed towards a specific goal such as the Social Security system in US, and others are multi-purpose like the proposed system in UK or the UIDAI. Decisions about policy and design of the system (for e.g. the kinds of data required, inclusiveness, and voluntariness) largely depend on the uses of the system. In various cases, uses of identification systems grow beyond the original indented uses - such as the use of driving licenses as proof-of-age. Such change in use can new avenues for tracking by co-relation between different data sets, and the design of policies of the original system may no longer be secure. The addition of functions is not always organic. New systems are often built using data from existing systems, or by aggregating data in different systems. Processes or laws that control the use of the system (or card or number) in new contexts should be noted, as they greatly affect trajectories of development. Also, the name of the project is often not indicative of its purposes. Studies around global identification schemes have shown that many such examples such as the proposed federal Real ID programme in the US, which would build on state driving license records. Critiques around the UIDAI argue that the database would support stricter security and immigration controls, but is being presented primarily as a measure for improved social services and extending the reach of financing options.

21

Many identity systems that are not labeled as national, are used as proxies for identification. Often cited as the purpose for introducing universal identification, such cases point towards the scope of populations that are covered. Questions about requirements for requesting or being required to have register with the system, and the amount of data collected for differing populations are important. In many scenarios the issue is considered one of inclusiveness - will the minorities be able to get an identity, the disabled, children and in case of citizens those who living outside of the country. Sometimes, however registration might focus only on the unemployed, refugees or those seeking healthcare. These concerns are further complicated by the introduction of biometrics, where many systems gather more and more data to deal with disabilities and working conditions as in the case of inclusion of iris scans in UK and India respectively. What legal and policy frameworks exist for limited the use of the data, to ensure adequate control of information and protect against discrimination. How is the ID system marketed to the population? How is the ID assigned and how can it be obtained by an individual? People usually interact with identity systems by showing their card, or by presenting information (from memory, through documents, or biometric) to some agent that could be a person or a machine. How !is the agents control over the information monitored. Authenticating is often considered by many to be invasive, and the agent also acts as a gatekeeper to !services that can be accessed through authentication. Which choices in the technical development, policy design and law protect the user from abuse by the agent. This also includes issues relating to the protection of private information from agents, and to prevent leaks of the same. Similar concerns arise around the forgery and fraudulent use of the system. Is it possible for certain people to control the identity of others? 22

How are duplicates resolved? These questions that may are shaped by the socio-political environment, are often !only dealt with at the technical level. Many systems describe the use of biometric information as a prevention against fraud and forgery, but there are other issues relating to the abuse of the identities of those who do not understand the system. For instance, an analysis of the Bhoomi project in India, which is often seen as an technical and managerial success resulting in efficiencies has pointed out such issues. The project which involved the digitization of land records in Karnataka has in cases, made it harder for the local poor to access land records, while making it more easily accessible to those with access to technical and financial resources. Small and medium sized farmers, as well as marginalized groups have to increasingly depend on middlemen to access the system. Also centralization of records has resulted in creating more distancing from the poor, while providing more control to lobbies who can access the state government. (International Institute of Information Technology 2005) Along with policies and laws for protection from agents there are also issues of sharing and access of data stored and collected. Is the data only accessible for verification, or can the details of a person be accessed. Which organizations have access to the data, and what are the costs of using the database. Is the database accessible remotely? If so, what kinds of policies govern conditions in which a person can be authenticated. If commercial and private sector can access services offered by the system, what controls are in place to regulate their behaviors. Can organizations collect additional data from users and co-relate the same with the unique identifiers? What kinds of queries that are allowed on the data. Is analysis and mining of data allowed? These questions about users

23

of the system (as opposed to those recorded by the system) affect the kinds of aggregation, sorting and surveillance that are enabled by a national identity system. Another salient dimension is whether it is mandatory for targeted populations. Certain systems such as those in France are mandated, where as others are voluntary. There are however, many cases where essential services are tied to the system and registration becomes mandatory not by policy but by use. In other cases, parts of the population that have opted out are often treated by suspicion or have to go through alternative processes that drastically increase cost of access. It is important to question the implications of not having an entry in the system. The UIDAI plans to use demand for access to service as a methodology for increasing adoption. By tying in the UID with a broad spectrum of government services such as the voting, food distribution and even the census, the UIDAI hopes to be able to create a catalog of all residents in India. Voluntary registrations also create inequities of access for those who do not posses information about registration, the ill and the old, and the poor. These might be exactly the people who would need access to the system (Lyon 2008). Many efforts such as the UIDAI and Chinas secondgeneration identity card have developed special processes for targeting rural populations that might not be able to register through other methods. Most systems store data for authentication, but the details of the storage and security greatly varies. Storage can be centralized, and in control of a specific agency or aggregated from different participating organizations. The storage of identifiers could also be distributed geographically or across organizations. These decisions also affect the kinds of access and the response times of authentication requests, which in turn change the

24

kinds of services that can benefit from the system. Similarly, there are issues of physical and technical security of the data. Kent and Millet, in their report around nationwide identity systems raise various questions relating to the kinds of data collected. What is the scope of the data that would be gathered about individuals participating in the system and correlated with their national identity? While colloquially it is referred to as an identification system, implying that all the system would do is identify individuals, many proposals talk about the ID as a key to a much larger collection of data. Would these data be identity data only (and what is meant by identity data)? Or would other data be collected, stored, and/or analyzed as well? With what confidence would the accuracy and quality of this data be established and subsequently determined? (Kent and Millet, 2002)

25

Endnotes
1. The creation of a data base of residents and assignment of a unique ID to each resident is much easier than the creation of a data base of citizens, because of the difficulty of authentication of citizenship and the legal implications that it may have. We are therefore focusing in the first stage on the creation of a residents data base. (Planning Commision 2007, 5) 2. at Murshidabad, which[MNIC] failed to verify some 90 per cent of the population. Among them are some Iranian families living in Murshidabad for 70 years. The Indian authorities think they are Iranians and they should go back to Iran and the Iranian government believes them to be Indian. Foucault is mentioned frequently in discussions around the relationships between technology, governance and ethics. My understandings of governmentality however, are based only on secondary sources and through online non-academic resources. (Gary Sauer-Thompson 2004; Ali Rizvi)

26

Bibliography
Anthropolgy at Berkeley. Globalization and Governmentality. Anthropolgy at Berkeley. http://anthropology.berkeley.edu/gandg.html#ggoverview. Bennett, C. J, and D. Lyon. Playing the identity card: surveillance, security and identification in global perspective. Routledge, 2008. Caplan, J., and J. C Torpey. Documenting individual identity: The development of state practices in the modern world. Princeton Univ Pr, 2001. Chatterjee, Manini. I-Day pledges: war on poverty, war on terror. The Indian Express, August 15, 2006. http://www.indianexpress.com/printerFriendly/10639.html. Chidambaram, P. We should have a good National Population Register by 2011-12, data of every citizen, January 12, 2009. http://www.indianexpress.com/news/we-should-have-a-good-national-population-register-by-20111 2-data-of-every-citizen/409666/0. Department of Information Systems, LSE, L. S. E. An assessment of the UK Identity Cards Bill and its implications : ID Cards - UK's high tech scheme is high risk (June 27, 2005). http://eprints.lse.ac.uk/741/. Planning Commission. Entitlement Reform For Empowering The Poor: The Integrated Smart Card (ISC) System. Planning Commission, Government of India, January 2007. http://planningcommission.nic.in/aboutus/committee/wrkgrp11/wg11_smtcard.pdf. International Institute of Information Technology. Information and Communications Technologies for Development: A Comparative Analysis of Impacts and Costs from India, July 2005. Kent, S. T, and L. I Millett. IDsnot that easy: questions about nationwide identity systems. Natl Academy Pr, 2002.

27

Kent, S. T, and L. I Millett. Who goes there?: authentication through the lens of privacy. Natl Academy Pr, 2003. Lyon, D. Identifying citizens: ID cards as surveillance. Polity, 2009. Maringanti, Anant. Sovereign State and Mobile Subjects: Politics of the UIDAI. Economic & Political Weekly 44, no. 46 (2009): 35. Mehmood, T. India's New ID Card. Playing the identity card: surveillance, security and identification in global perspective (2008): 112. Mehmood, Taha. The ID-Entity Bogey. The Indian Express, August 20, 2006. http://www.indianexpress.com/news/the-identity-bogey/10969/. Roy, Subir. UID to empower the poor: Nilekani. Business Standard. Bangalore, September 9, 2009. http://www.business-standard.com/india/news/uid-to-empowerpoor-nilekani/369531/. Shukla, R. Reimagining Citizenship: Debating indias Unique identification scheme. Economic & Political Weekly 45, no. 2 (2010): 31. Times News Network. Citizen IDs to cost Rs 1.5 lakh crore - India - The Times of India. The Times of India, June 26, 2009. http://timesofindia.indiatimes.com/India/Citizen-IDs-to-cost-Rs-15-lakh-crore/articleshow/470379 4.cms. The Economic Times. UIDAI brings out status paper on iris scan-Software-Infotech-The Economic Times. The Economic Times. New Delhi, May 5, 2010. http://economictimes.indiatimes.com/infotech/software/UIDAI-brings-out-status-paper-on-iris-sca n/articleshow/5893961.cms. UIDAI. Ensuring Uniqueness: Collecting iris biometrics for the Unique ID Mission. Unique Identification Authority of India, Planning Commission, Govt. of India, May 2010. UIDAI. UIDAI Strategy Overview. Unique Identification Authority of India, Planning Commission, Govt. of India, April 2010.

28