Your Aadhaar bucket-o-links
(Most recent stories and links first.)
2017/12/13 HDFC's depravity:
Here's what you sign when you link one HDFC account to Aadhaar (highlights added):
Mid-November 2017:
Aadhaar Card-Mobile linking: From December 1 do it through OTP
2017/12/13 HDFC's depravity:
Here's what you sign when you link one HDFC account to Aadhaar (highlights added):
I hereby submit my Aadhaar number as issued by Government of India, to HDFC Bank and voluntarily give my consent to link them to all my accounts / relationships (existing and new) maintained with HDFC Bank in my individual capacity and / or as an authorized signatory.
I authorise HDFC Bank to map my Aadhaar number at NPCI to enable me to receive Direct Benefit Transfer (DBT) from Government of India in the above specified Savings account. I understand that if more than one Benefit transfer is due to me, I will receive all Benefit Transfers in this account. I, holder of the above stated Aadhaar number, hereby voluntarily give my consent to HDFC Bank to obtain and use my Aadhaar number, Name and Fingerprint/Iris and my Aadhaar details to authenticate me with UIDAI as per Aadhaar Act, 2016 and all other applicable laws.
HDFC Bank has informed me that my Aadhaar details and identity information would only be used for demographic authentication, validation, e-KYC purpose, OTP authentication including; for availing banking services, operation of my accounts / relationships and for delivery of subsidies, benefits and services and / or any other facility relating to banking operations. HDFC Bank has informed that my biometrics will not be stored / shared and; will be submitted to Central Identities Data Repository (CIDR) only for the purpose of authentication.
I have been given to understand that my information submitted to the bank herewith shall not be used for any purpose other than mentioned above. I also authorize HDFC Bank to link and authenticate my Aadhaar number to all my accounts / relationships with the Bank as may be opened in future in addition to those mentioned below. I will not hold HDFC Bank or any of its officials responsible in case of any incorrect information provided by me.
Mid-November 2017:
Aadhaar Card-Mobile linking: From December 1 do it through OTP
From December 1, link your mobile number to Aadhaar via OTP & IVRS
Aadhaar re-verification via OTP for mobile numbers from Dec 1: Here’s what it means
Aadhaar re-verification via OTP for mobile numbers from Dec 1: Here’s what it means
And, come 1st December:
But for the common Indian person slave:
UIDAI says Aadhaar linking deadlines for bank account, PAN, SIM card valid
Aadhaar: Mandatory, not mandatory, mandatory, not mandatory…
More and more people are seeing through the game. Mobile companies and banks have already spent hundreds of crores on those text messages, emails and phone calls. You think they would have done that without a guarantee that the (not so) Supreme Court would cave in to the government?
The Aadhar Card - What are the real intentions of the [???]
If you didn't sneak a peek at the URL, you'd fill the [???] with "BJP" and ... you would be wrong! This was an article criticizing the UPA for Aadhaar. Thus, Shourie's equation "BJP = Congress + cow" is proven right again.
Here's why Aadhaar should be destroyed
The writer is naive. Aadhaar can never be destroyed. Even in the impossible case of the (not so) Supreme Court ordering all data to be destroyed, what national security jockey or corporate Big Data milking machine will not leave around illicit copies?
Aadhaar Information Leakage: Citizens Demand Imposing Fines On Banks, Telecom Providers
Demand? The citizens and what army? Don't they know about Equifax? Once that fingerprint leaves your finger that's it, you have no control what is done to/with it. Always remember you are neither a citizen nor a customer to UIDAI, you are the product.
Another of the wake-up articles:
Aadhaar unacceptably intrusive, by Gopal Krishna. The writer is the convener of the Citizens Forum for Civil Liberties. He had appeared before the Parliamentary Standing Committee on Finance that examined the UID Bill. And yet, a comment springs up after his article within hours:
Well over 80% of comments on Indian news articles are like this one, and they come from the most affluent and supposedly educated section of society with access to the Internet, press, books and so on. When the experiment called Indian democracy is declared over, we have largely these people to blame.
This is not going to nearly suffice, but finally the press is waking up to some of the real reasons why Aadhaar will doom Indians to random harassment and worse.
It might appear that UIDAI has offered at least a minimal fig-leaf for its biometric insecurity: you can always lock up your biometric data, so that (ostensibly) no one outside UIDAI can access it. (When you need to authenticate, you can unlock it for several minutes if you carry your mobile phone with you.) Many people who tried this recently (Oct 2017) are getting the UIDAI site wedged, with this response:
Ah yes, the System. We all salute the System. Or do they mean System D?
Watch out, Aadhaar biometrics are an easy target for hackers
Aadhaar in a double bind
Sophisticated Aadhaar-related bank fraud has left police in Delhi and Noida baffled
"Sophisticated", huh? You don't say?!
The only mark of "sophistication" in fraud and scam is that it succeeds and the crooks remain at large. I don't need to be intellectually impressed!
Government to audit and inspect all Aadhaar enrolment centres
Indeed. The government could have done similar things to PAN centers, ration shops and LPG depots. That would also have reduced duplicate PAN cards and subsidy leakage. But you see, that would be just routine grind and exclude the "look we are doing something for the country" drama, and the payoffs to infotech sector fat cats. Of course, given the prior of how power is (ab)used in India, no one is surprised to hear:
Aadhaar officials part of private firms that use Aadhaar services for profit
So it's anyone's guess how those audits and inspections will be subverted.
Linking Aadhaar to mobile and bank accounts is illegal. Here is what you can do if you are forced
Well, voluntary linking is not illegal, but forcing to link should be. Banks and mobile companies are going ape-shit crazy. People are getting multiple emails and text messages every day, quoting a government "mandate" but no deadline. Paradoxically, the pressure only increased after the Indian Supreme Court ruled that "privacy is a fundamental right". No one has any idea what the fuck that actually means, because so are supposedly the right to not defecate in open air, not be polluted by air, water and food, and the right to be educated, and we all know how well those rights are doing in India! So the chronology went like this:
Let’s be realistic about Aadhaar
Yet another attempt to torch the privacy straw man. Privacy has been an excellent smokescreen to hide what's really wrong with Aadhaar: the all-powerful government and the non-entity citizen. In the whole Aadhaar system, the only party who is legally allowed victim status is UIDAI. Someone whose Aadhaar ID has been stolen and abused is not a victim, and can only "appeal" to a UIDAI-appointed tribunal to act as they please. The person whose ID has been stolen and abused cannot sue UIDAI or even the third party that was responsible for the leak. (Not that suing in a country where existing cases will take over 300 years to clear is much use, but it is the spirit of the thing.)
Preaching people to be "realistic about Aadhaar" by comparing with the privacy people forgo to use Android and Facebook is deceitful at many levels. No private player ask for biometrics. They may have powerful lawyers, but private companies are not above the law, unlike UIDAI. You don't get your mobile disconnected or bank account frozen the day you delete your Gmail account. (Not to mention that Google security experts have forgotten much more about security than UIDAI can ever learn.)
Aadhaar isn’t progress — it’s dystopian and dangerous
Aadhaar: Mandatory, not mandatory, mandatory, not mandatory…
More and more people are seeing through the game. Mobile companies and banks have already spent hundreds of crores on those text messages, emails and phone calls. You think they would have done that without a guarantee that the (not so) Supreme Court would cave in to the government?
The Aadhar Card - What are the real intentions of the [???]
If you didn't sneak a peek at the URL, you'd fill the [???] with "BJP" and ... you would be wrong! This was an article criticizing the UPA for Aadhaar. Thus, Shourie's equation "BJP = Congress + cow" is proven right again.
Here's why Aadhaar should be destroyed
The writer is naive. Aadhaar can never be destroyed. Even in the impossible case of the (not so) Supreme Court ordering all data to be destroyed, what national security jockey or corporate Big Data milking machine will not leave around illicit copies?
Aadhaar Information Leakage: Citizens Demand Imposing Fines On Banks, Telecom Providers
Demand? The citizens and what army? Don't they know about Equifax? Once that fingerprint leaves your finger that's it, you have no control what is done to/with it. Always remember you are neither a citizen nor a customer to UIDAI, you are the product.
Another of the wake-up articles:
Aadhaar unacceptably intrusive, by Gopal Krishna. The writer is the convener of the Citizens Forum for Civil Liberties. He had appeared before the Parliamentary Standing Committee on Finance that examined the UID Bill. And yet, a comment springs up after his article within hours:
This is not going to nearly suffice, but finally the press is waking up to some of the real reasons why Aadhaar will doom Indians to random harassment and worse.
- We are not Fully Armoured to Secure Aadhaar Data
- Aadhaar cards linked with mobile numbers are an Orwellian nightmare
- Breach fears: How safe is Aadhaar data?
It might appear that UIDAI has offered at least a minimal fig-leaf for its biometric insecurity: you can always lock up your biometric data, so that (ostensibly) no one outside UIDAI can access it. (When you need to authenticate, you can unlock it for several minutes if you carry your mobile phone with you.) Many people who tried this recently (Oct 2017) are getting the UIDAI site wedged, with this response:
Your request cannot be processed now due to some technical issue. Please try again later.Some technical issue?! Nice touch, fuckers! Anyone with Indian genes who tries and fails thus is going to think "hmm, next time I am in the Airtel store trying to prove I am a UIDAI-compliant patriot by unlocking temporarily, what if UIDAI gets its knickers in a twist just like now?" So this is a great deterrent to locking biometrics. Of course, UIDAI is not too subtle about this. On the same page (as of 2017/10/24) they serve the stern notice:
Caution Note:Users of this System are cautioned to use this facility with care to prevent denial of Authentication services.
Ah yes, the System. We all salute the System. Or do they mean System D?
Watch out, Aadhaar biometrics are an easy target for hackers
"The government claimed that Aadhaar is completely secure, and the data of the consumers was absolutely safe from any malicious party until a severe flaw was detected in the system. The bug allowed a malicious operator to save a user’s biometrics and simply use it to carry out transactions on the victim’s behalf via replaying the saved biometrics."Correction: The person whose biometrics have been collected is not the "consumer". If the data is stolen, that person is not an aggrieved party and cannot sue either UIDAI or some other party that was responsible for the ID theft and abuse. This is very similar to Equifax. Social security number holders are not customers of Equifax, they are the product that Equifax sells to banks, real estate companies and car dealers.
Aadhaar in a double bind
"The Court, while delivering its order regarding the sale of firecrackers [Diwali 2017] remarked that it knew that the order was going to be violated. Is the Court now waiting for its various interim orders on Aadhaar to be violated by the government itself?"Any parent knows never to pose a challenge to a kid she or he cannot follow through. If the Supreme Court is hell-bent on becoming non-supreme and then irrelevant, they could not have played it better. The government has already demonstrated beyond all doubt what it thinks of the Supreme Court. Why make it so public?
Sophisticated Aadhaar-related bank fraud has left police in Delhi and Noida baffled
"Sophisticated", huh? You don't say?!
The only mark of "sophistication" in fraud and scam is that it succeeds and the crooks remain at large. I don't need to be intellectually impressed!
Government to audit and inspect all Aadhaar enrolment centres
Indeed. The government could have done similar things to PAN centers, ration shops and LPG depots. That would also have reduced duplicate PAN cards and subsidy leakage. But you see, that would be just routine grind and exclude the "look we are doing something for the country" drama, and the payoffs to infotech sector fat cats. Of course, given the prior of how power is (ab)used in India, no one is surprised to hear:
Aadhaar officials part of private firms that use Aadhaar services for profit
So it's anyone's guess how those audits and inspections will be subverted.
Linking Aadhaar to mobile and bank accounts is illegal. Here is what you can do if you are forced
Well, voluntary linking is not illegal, but forcing to link should be. Banks and mobile companies are going ape-shit crazy. People are getting multiple emails and text messages every day, quoting a government "mandate" but no deadline. Paradoxically, the pressure only increased after the Indian Supreme Court ruled that "privacy is a fundamental right". No one has any idea what the fuck that actually means, because so are supposedly the right to not defecate in open air, not be polluted by air, water and food, and the right to be educated, and we all know how well those rights are doing in India! So the chronology went like this:
- Up to 9 am on a certain day, the government's line was like, "Aadhaar may conflict with privacy, but the right to privacy is not absolute, and in the bigger interest, you plebs had better suck it up."
- Then around midday the Supreme Court said, in their usual pomp and grandeur, "privacy is a fundamental right".
- By 4 pm, the government's tone completely changed to "we have always upheld the sanctity of privacy as a fundamental right, which has no conflict with Aadhaar".
Let’s be realistic about Aadhaar
Yet another attempt to torch the privacy straw man. Privacy has been an excellent smokescreen to hide what's really wrong with Aadhaar: the all-powerful government and the non-entity citizen. In the whole Aadhaar system, the only party who is legally allowed victim status is UIDAI. Someone whose Aadhaar ID has been stolen and abused is not a victim, and can only "appeal" to a UIDAI-appointed tribunal to act as they please. The person whose ID has been stolen and abused cannot sue UIDAI or even the third party that was responsible for the leak. (Not that suing in a country where existing cases will take over 300 years to clear is much use, but it is the spirit of the thing.)
Preaching people to be "realistic about Aadhaar" by comparing with the privacy people forgo to use Android and Facebook is deceitful at many levels. No private player ask for biometrics. They may have powerful lawyers, but private companies are not above the law, unlike UIDAI. You don't get your mobile disconnected or bank account frozen the day you delete your Gmail account. (Not to mention that Google security experts have forgotten much more about security than UIDAI can ever learn.)
Aadhaar isn’t progress — it’s dystopian and dangerous
... and the inevitable mindless mudslinging: