Why Today’s Aadhaar Judgement Matters for Data Justice

Linnet Taylor

Linnet Taylor

Linnet Taylor is Assistant Professor of Data Ethics, Law and Policy at the Tilburg Institute for Law, Technology, and Society (TILT). She was previously a Marie Curie research fellow in the University of Amsterdam’s International Development faculty, with the Governance and Inclusive Development group. Her research focuses on the use of new types of digital data in research and policymaking around issues of development, urban planning and mobility. She was a postdoctoral researcher at the Oxford Internet Institute, and studied a DPhil in International Development at the Institute of Development Studies, University of Sussex. Her work focuses on data justice – the development of a framework for the ethical and beneficial governance of data technologies across different regions and perspectives.

Today India’s supreme court issued a judgement on the constitutionality of Aadhaar, the world’s largest biometric database. Aadhaar is complicated, but here’s the gist: for nearly ten years, public welfare and administrative records have been feeding into a biometric database that had its roots in a private-sector company, Infosys. The database started as a way to keep track of welfare payments and work programs, but has gradually morphed into a unique public-private configuration. You can use your Aadhaar number to register for school or welfare, but also to get a bank account or mobile phone, and more recently to take a domestic flight, and even (informally but importantly) to prove you are a legal resident in the country. Many people see no problem with this, as Aadhaar serves a legitimate function in connecting the poor to welfare systems, as well as serving as a way for those with inadequate ID to identify themselves within the formal economy (paying utility bills, getting a SIM card). For a better and more in-depth explanation, see here.

Many others, however, including privacy advocates, have several problems with the system. They don’t like that Aadhaar has taken the place of a state database without being fully under the control of the state. Imagine Mark Zuckerberg creating his own database to help the poor get more efficient access to welfare, and then that database also swallowing up all the data from the national census, the drivers licensing authority, the educational system and the financial system. Suddenly if you get stopped by the police they want your Zuckerberg Card, not your drivers license. If you are getting on a plane, you have to show your Zuckerberg Card. This is the point the privacy advocates are making: the argument that the poor need an effective way to identify themselves does not justify a universal surveillance system, and certainly not one that is only dubiously connected to government. (In India’s case, ‘Zuckerberg’ is actually Nandan Nilekani, the former CEO of Infosys).

The question the supreme court had to answer: is Aadhaar constitutional, and does it violate the right to privacy? The court’s judgement was: yes, it’s constitutional because the Indian government has a responsibility to make life better for the poor and that includes access to welfare and government services. No, it doesn’t violate privacy because people should be prepared for the government to collect and manage their administrative data. Essentially: the poor and marginalised need an effective ID system, and Aadhaar is doing the job. The court did say, however, that private companies should not be allowed to demand Aadhaar numbers when people want to transact business with them, and that if they are holding people’s numbers they should destroy them immediately. It also clarified that although parents could register their children in the database, for example for school, those children should have the right to exit the database when they reached adulthood. Essentially: you should only *have* to be in Aadhaar to access state services, and you should do so as an adult citizen, with autonomous choice. No one except the government has the right to demand

So here’s why it’s interesting from a data justice perspective. The court’s decisions are based on the idea that we give up data about ourselves to the government as part of the social contract. If we allow the government to count and know us, then in return we can demand that it serve and protect us. If we choose to live off the grid, we still have rights – but if we want to put our children in public school or claim welfare, the government has the right to know that we are doing it according to the rules, which includes identifying us.

However – and this is a big however – this is entirely separate from our access to commercial services. Your mobile phone company can demand that you identify yourself, but not that you show it your welfare ID. Identifying yourself to the government is the act of a citizen, not a consumer. It is done by an autonomous adult with understanding that they are exercising both the rights and the responsibilities of citizenship. When a commercial airline demands the Aadhaar number of a child to allow them on a flight (which has been possible until the court’s judgement), the state is identifying them to a corporation for commercial purposes. This, the court says, is not the state’s job.

Interestingly, this is an obstacle to one of the main aims of the Aadhaar system, as it is currently constructed, which is to monetise administrative data about Indian citizens (at least this is what Nilekani indicated back in 2013). If commercial entities are given access to the database to check IDs, why not give Google access to the information in it? Why not let companies use it for advertising, and for determining what kind of consumers the Indian poor should be?

Here’s the rub: once you let private companies into public data, you devalue the relationship between citizen and state. People should not have to use their democratic votes to determine whether Google can market to them when they sign up for welfare or housing or school. They should not have to make themselves visible to tech companies and advertisers when they access government services. If these things cannot be kept separate there is no difference between government and the private sector, and having a mobile phone or money in the bank becomes the same as being a citizen. Once that happens, the rich start to gain access at the expense of the poor. For data to support just outcomes for everyone, databases have to reflect the basic principles of equality before the law and the state. Allowing them to connect to marketing objectives has the opposite effect.

Privacy advocates disagree with the court’s judgement that Aadhaar is constitutional. It has been shown to be greedy for data, leaky and unsafe, and only tenuously linked to government control, so they have a point. But the judgement that citizenship should be separate from commerce is an important one: it is one definition of data justice and should be heeded by countries worldwide.

Cross-post from Linnet’s blog

About the project

Places and populations that were previously digitally invisible are now part of a ‘data revolution’ that is being hailed as a transformative tool for human and economic development. Yet this unprecedented expansion of the power to digitally monitor, sort, and intervene is not well connected to the idea of social justice, nor is there a clear concept of how broader access to the benefits of data technologies can be achieved without amplifying misrepresentation, discrimination, and power asymmetries.

We therefore need a new framework for data justice integrating data privacy, non-discrimination, and non-use of data technologies into the same framework as positive freedoms such as representation and access to data. This project will research the lived experience of data technologies in high- and low-income countries worldwide, seeking to understand people’s basic needs with regard to these technologies. We will also seek the perspectives of civil society organisations, technology companies, and policymakers.