The Indian Supreme Court is having difficulty reaching a decision about the Aadhar biometric database. I mentioned this case two weeks ago in our newsletter about biometrics (Your Body Is Your Password).
Indian lawyer Bhairav Acharya (@notacoda) has written an excellent overview of the questions at hand. More than 90% of Indian adults — around 926.8 million people — have already had their biometric information collected by the government, which should make you wonder why privacy regulations are only seriously being considered now.
The Aadhaar project is a new frontier in biopower: unparalleled in scale and unchecked by law, it is obliterating privacy.
If the Supreme Court finds that the right to privacy encompasses biometric information, Acharya argues that the Aadhar system needs to change how there is currently no informed consent; no information about who has access to data or how it may be used; nor any guidelines on what to do if data is misused. Another critique is that private companies, who are poorly regulated, are entrusted with collecting biometric data. There have been data breaches. And all the data is held in a central repository that Acharya likens to a “honeypot” for hackers.
This case should be of interest to anyone following digital privacy and security. The questions raised are not particular to India, but to anywhere biometric data is collected, whether by governments or companies.