--- title: "Update Rethink Aadhaar And Onevote" description: "Dear all,  We are pleased to announce our partnership with the good folks at [One Vote](https://hasgeek.com/onevote) to bring you more news, updates and thoughts about Aadhaar, and how we can reimagin..." pubDate: 2022-05-05 author: Rethink Aadhaar category: Uncategorized originalUrl: https://rethinkaadhaar.in/blog/update-rethink-aadhaar-and-onevote --- Dear all,  We are pleased to announce our partnership with the good folks at [One Vote](https://hasgeek.com/onevote) to bring you more news, updates and thoughts about Aadhaar, and how we can reimagine our digital futures.This update focuses on two things we’re worried about: the proposed Aadhaar Voter-ID linkage, and the recent announcement on Aadhaar-linked UPI payments. But first - the [Comptroller and Auditor General’s Report on the UIDAI](https://cag.gov.in/webroot/uploads/download_audit_report/2021/24%20of%202021_UIDAI-0624d8136a02d72.65885742.pdf).  [**CAG Report confirms criticism of Aadhaar**](https://rethinkaadhaar.in/blog/2022/4/11/cag-report-confirms-criticism-of-aadhaar-time-to-end-project) ***Time to end project?*** On April 6th, 2022, the Comptroller & Auditor General released a [Report](https://cag.gov.in/webroot/uploads/download_audit_report/2021/24%20of%202021_UIDAI-0624d8136a02d72.65885742.pdf) on the functioning of the UIDAI which confirmed what scholars, activists have been warning about Aadhaar: it is a badly designed system, with security risks, and places an unacceptable burden on people, without accountability systems or grievance redress. The UID was promised as a robust identification card that would “solve” the problem of duplicates and corruption, becoming the only trusted ID card any citizen needs. However, the CAG audit report shows that the UID is not a trustworthy ID, and that enormous flaws persist because of the imposition of the UID. The report is an assessment of the Enrolment and Update Ecosystems as well as the Authentication Ecosystems of the UIDAI for the period from 2014-15 to 2018-19. It begins by stating that, “Various Ministries/Departments of the Government as well as other entities such as banks, mobile operators, rely upon Aadhaar for the identity of the applicant.” However, we note that it fails to mention thefunction creep of Aadhaar and how it continues to be made mandatory for a host of services, outside the limited uses which were permitted by the Supreme Court in its 2018 Aadhaar judgement. It did, however, note the problems created by UIDAI's (lack of) governance, and its negligent oversight of the private parties contracted by it. Some excerpts:   > "*UIDAI is maintaining one of the largest biometric databases in the world; but did not have a data archiving polic*y."* * *“...UIDAI had not ensured that the client applications used by its authentication ecosystem partners were not capable of storing the personal information of the residents, which put the privacy of residents at risk. The Authority had not ensured security and safety of data in Aadhaar vaults. They had not independently conducted any verification of compliance to the process involved.” * *“There were flaws in the management of various contracts entered into by UIDAI. The decision to waive off penalties for biometric solution providers was not in the interest of the Authority giving undue advantage to the solution providers, sending out an incorrect message of acceptance of poor quality of biometrics captured by them.”* The CAG report also notes the huge volume of biometric failures. Biometrics are, as we have been saying, a probabilistic technology. When UIDAI started collecting biometrics in 2010, it was untested at this scale. The report noted high numbers of poor quality biometrics in the Aadhaar database: > *“Aadhaar numbers with poor quality biometrics induces authentication errors. UIDAI takes no responsibility for it and transfers the onus of updating the biometrics to the resident and also charges fees for it. Issue of Bal Aadhar to minor children below five years was largely focused towards expanding the Aadhaar footprint, without establishing uniqueness of identity of the children. Costs to the Government for issue of these Bal Aadhar numbers were at best avoidable”... * The CAG found that the huge volume of"voluntary" updates indicated that the quality of data captured to issue Aadhaar numbers was not good enough to establish unique identities. The burden of this poor quality data (and the UIDAI's biometric experiment on India) was borne by people, who were faced with denial of services because their biometrics did not match, and who were made to ensure their records were accurate. > “*Troublingly, the onus of ensuring records were accurate was placed on people themselves. “During 2018-19 more than 73 per cent of the total 3.04 Crore biometric updates were voluntary updates done by residents for faulty biometrics after payment of charges.” * The CAG report recommends that “*UIDAI may levy penalties on Biometric Service Providers for deficiencies in their performance in respect of biometric de-duplication (FPIR/ FNIR) and biometric authentication (FMR/ FNMR). Agreements in this regard should be modified, if required (Paragraph 4.4.1)* This is perhaps an attempt to introduce some accountability for biometric failures, the fact that CAG recommends the levy of penalties on providers of this technology for failures, makes it evident that biometric authentication does not work. The report also excoriated the UIDAI for poor grievance redress mechanisms, finding: > *“The grievance redressal system at the UIDAI Hqrs and Regional Offices was ineffective and was plagued with delays in redressal of grievances.”* While highlighting thevarious issues that plague the UID system, Chapter 6 of the report titled ‘Redressal of Customers Grievances’ finds that, “*UIDAI caters to the entire population of India and hence Customer Relationship Management (CRM) is an important aspect of its functioning*.” This confirms the criticism raised by civil society over the last decade, although it fails to recognise that UIDAI was thrust onto citizens who were forced to enrol in an evidently poorly designed and executed database project. We are not customers, we are citizens for whom some of the most basic rights have become contingent on having an Aadhaar card and successfully “authenticating” our biometrics. The government and UIDAI must recognise that a functional and accountable grievance redress system - and system for accountability and transparency - must be at the heart of this project upon which access to basic rights has become contingent, and that began as a coercive experiment. Its recommendation for a centralised grievance redressal system will not address the problem of lack of sufficient capacity, transparency and accountability for issues within Aadhaar. As this piece from last year explains, existing grievance redress mechanisms were incapable of answering a simple question of how a person was to retrieve a misplaced Aadhaar number. ( [https://indianexpress.com/article/opinion/columns/flaw-in-aadhaar-architecture-uidai-card-enrolment-7389133/](https://indianexpress.com/article/opinion/columns/flaw-in-aadhaar-architecture-uidai-card-enrolment-7389133/) ) While the CAG report highlights the poor quality of the UID database and related issues, it is important to remind ourselves of the human cost of this faulty and coercive program including [denial of school admissions](https://www.tribuneindia.com/news/nation/up-girl-with-unusual-aadhar-name-madhu-ka-panchwa-bacha-gets-admission-in-school-384132), [denial of pension](https://www.telegraphindia.com/jharkhand/jharkhand-blind-at-birth-denied-governments-old-age-pension/cid/1858192) [for the elderly](https://twitter.com/anumayhem/status/1501064563361710081?s=20&t=l0tXp_S2QXV8RwhiT0leXA), [denial of food](https://twitter.com/GourangoDutta7/status/1510255984719015941?s=20&t=l0tXp_S2QXV8RwhiT0leXA) under the PDS, which are just a few instances in a much larger and longer list. We reiterate our concerns with the UID project. We call upon the government to end mandatory Aadhaar linking, and to [re-evaluate](https://scroll.in/article/1013700/six-types-of-problems-aadhaar-is-causing-and-safeguards-needed-immediately) the viability of the project itself.  We encourage you to read the [report](https://cag.gov.in/webroot/uploads/download_audit_report/2021/24%20of%202021_UIDAI-0624d8136a02d72.65885742.pdf) yourselves. You can read our statement [here](https://rethinkaadhaar.in/blog/2022/4/11/cag-report-confirms-criticism-of-aadhaar-time-to-end-project). Please see also two articles explaining it, one by Usha Ramanathan [here](https://www.financialexpress.com/opinion/a-cag-callout-high-time-for-uidai-to-be-held-accountable/2499562/) and one by Reetika Khera and Ria Singh Sawhney, [here](https://www.bloombergquint.com/preview/story/KBJlp9_b_YgHYyl1ZH75nv2zDcBtRWMCt4c_d1YNNFn-MvfwzMWgxbltH0m4qmQ0).   **____________________________** **Linking Aadhaar and Voter ID for voter verification**