The New Oil

Aadhaar’s mixing of public risk and private profit

01 May 2018

IT WAS A BLACK-AND-WHITE PHOTOGRAPH of a crowded street, centred on a man glancing backwards into the camera. His face sat in the crosshairs of a computer-generated box populated with a mobile number, a date of birth, an address and other personal information. Superimposed above this was a 12-digit number, with four digits redacted: a representation of an Aadhaar number, the biometrics-backed digital identifier that the government has looked to impose on every resident of India. A few other faces in the crowd were framed by boxes crowned with Aadhaar numbers too. Above the image were a few lines of text, one of them reading, “Welcome aboard @On_grid team.”

The text and image were part of a tweet by India Stack in February 2017, announcing that OnGrid had joined a select group of its user entities. India Stack is a set of Aadhaar-specific application programming interfaces, or APIs—code that allows and governs communication between various programmes, as, for instance, when an app on your phone interacts with an e-retailer’s database or a payment gateway. In effect, India Stack’s APIs are building blocks in the software architecture required by many third-party entities, whether public or private, to use Aadhaar. OnGrid, a private company, provides background checks on employees for companies hiring blue-collar workers. It verifies individuals’ identities using their Aadhaar data, but also collates data from numerous other sources to show their employment history, criminal background, and more.

India Stack had taken the tweeted image from OnGrid’s homepage. Many were quick to call it frightening and dystopic—an illustration of Aadhaar’s potential use for mass surveillance. India Stack took the image down from its Twitter feed within hours, but OnGrid’s practices still came in for scrutiny. “Does it mean that Aadhar, PAN, passport etc docs for a given individual will be linked and available on your server?” one person tweeted. One of the company’s founders, Piyush Peshwani, replied, “With consent, yes. The record belongs to the Aadhaar-holder and only he/she decides what stays on it and what doesn’t.” Another user responded, “You have removed the image and repeated the same thing in words.”

Don't want to read further? Stay in touch

  • Free newsletters. updates. and special reads
  • Be the first to hear about subscription sales
  • Register for Free

    Aria Thaker is a journalist who reports on the intersection of technology and politics for Quartz India. She was formerly a copy editor at The Caravan.

    Keywords: privacy Nandan Nilekani government biometric data Aadhaar data biometric UIDAI IndiaStack Khosla Labs