Aadhaar

Aadhaar (Hindi: आधार, lit. 'base, foundation'; sometimes informally called UIDAI ID or UIDAI Number) is a 12-digit unique identity number that can be obtained voluntarily by all residents of India, based on their biometrics (10 finger prints, 2 iris prints and photo of face) and demographic data. The data is collected by the Unique Identification Authority of India (UIDAI), a statutory authority established in January 2009 by the Government of India, under the jurisdiction of the Ministry of Electronics and Information Technology, following the provisions of the Aadhaar (Targeted Delivery of Financial and other Subsidies, benefits and services) Act, 2016.

Aadhaar is the world's largest biometric ID system. World Bank Chief Economist Paul Romer described Aadhaar as "the most sophisticated ID programme in the world". Considered a proof of residence and not a proof of citizenship, Aadhaar does not itself grant any rights to domicile in India. In June 2017, the Home Ministry clarified that Aadhaar is not a valid identification document for Indians travelling to Nepal and Bhutan.

Prior to the enactment of the Act, the UIDAI had functioned, since 28January 2009, as an attached office of the Planning Commission (now NITI Aayog). On 3March 2016, a money bill was introduced in the Parliament to give legislative backing to Aadhaar. On 11March 2016, the Aadhaar (Targeted Delivery of Financial and other Subsidies, benefits and services) Act, 2016, was passed in the Lok Sabha.

Aadhaar is the subject of several rulings by the Supreme Court of India. On 23September 2013, the Supreme Court issued an interim order saying that "no person should suffer for not getting Aadhaar", adding that the government cannot deny a service to a resident who does not possess Aadhaar, as it is voluntary and not mandatory. The court also limited the scope of the programme and reaffirmed the voluntary nature of the identity number in other rulings. On 24August 2017 the Indian Supreme Court delivered a landmark verdict affirming the right to privacy as a fundamental right, overruling previous judgments on the issue. A five-judge constitutional bench of the Supreme Court heard various cases relating to the validity of Aadhaar on various grounds including privacy, surveillance, and exclusion from welfare benefits. On 9January 2017 the five-judge Constitution bench of the Supreme Court of India reserved its judgement on the interim relief sought by petitions to extend the deadline making Aadhaar mandatory for everything from bank accounts to mobile services. The final hearing began on 17January 2018. In September 2018, the top court upheld the validity of the Aadhaar system. In the September 2018 judgment, the Supreme Court nevertheless stipulated that the Aadhaar card is not mandatory for opening bank accounts, getting a mobile number, or being admitted to a school. Some civil liberty groups such as the Citizens Forum for Civil Liberties and the Indian Social Action Forum (INSAF) have also opposed the project over privacy concerns.

Despite the validity of Aadhaar being challenged in the court, the central government has pushed citizens to link their Aadhaar numbers with a host of services, including mobile SIM cards, bank accounts, registration of deaths, land registration, vehicle registration, the Employees' Provident Fund Organisation, and a large number of welfare schemes including but not limited to the Mahatma Gandhi National Rural Employment Guarantee Act, the Public Distribution System, old age pensions and public health insurances. In 2017, reports suggested that HIV patients were being forced to discontinue treatment for fear of identity breach as access to the treatment has become contingent on producing Aadhaar.

Unique Identification Authority
The Unique Identification Authority of India (UIDAI) is a statutory authority and a government department, established on 12July 2016 by the Government of India under the jurisdiction of the Ministry of Electronics and Information Technology, following the provisions of the Aadhaar Act 2016.

The UIDAI is mandated to assign a 12-digit unique identification (UID) number (termed "Aadhaar") to all the residents of India. The implementation of the UID scheme entails generation and assignment of UIDs to residents; defining mechanisms and processes for interlinking UIDs with partner databases; operation and management of all stages of the UID life cycle; framing policies and procedures for updating mechanism and defining usage and applicability of UIDs for delivery of various services, among others. The number is linked to the resident's basic demographic and biometric information such as a photograph, ten fingerprints and two iris scans, which are stored in a centralised database.

The UIDAI was initially set up by the Government of India in January 2009, as an attached office under the aegis of the Planning Commission via a notification in the Gazette of India. According to the notification, the UIDAI was given the responsibility to lay down plans and policies to implement the UID scheme, to own and operate the UID database, and to be responsible for its updating and maintenance on an ongoing basis.

The UIDAI data centre is located at the Industrial Model Township (IMT), Manesar, which was inaugurated by the then Chief Minister of Haryana Bhupinder Singh Hooda on 7 January 2013. Aadhaar data is kept in about 7,000 servers in Bengaluru and Manesar.

Starting with the issuing of the first UID in September 2010, the UIDAI has been aiming to issue an Aadhaar number to all residents ensuring that it is robust enough to eliminate duplicate and fake identities, and that the number can be verified and authenticated in an easy and cost-effective way online anywhere, anytime. In a notification dated 16December 2010 the Government of India indicated that it would recognise a letter issued by the UIDAI containing details of name, address, and Aadhaar number as an official, valid document. Aadhaar is not intended to replace any existing identity cards, nor does it constitute proof of citizenship. Aadhaar neither confers citizenship nor guarantees rights, benefits, or entitlements. Aadhaar is a random number that never starts with a 0 or 1, and is not loaded with profiling or intelligence that would make it susceptible to fraud or theft, and thus provides a measure of privacy in this regard. The unique ID also qualifies as a valid ID while availing various government services such as a LPG connection, a subsidised ration, kerosene from the PDS, or benefits under NSAP or pension schemes, e-sign, a digital locker, a Universal Account Number (UAN) under EPFO, and some other services such as a SIM card or opening a bank account. According to the UIDAI website, any Aadhaar holder or service provider can verify the genuineness of an Aadhaar number through a user-friendly service of UIDAI called the Aadhaar Verification Service (AVS), which is available on its website. Also, a resident already enrolled under the National Population Register is not required to enrol again for Aadhaar.

Previous identity card programs
In 1999 after the Kargil war, the Kargil Review Committee, headed by security analyst K. Subrahmanyam, was formed to study the state of national security. It submitted its report to the then Prime Minister, Atal Bihari Vajpayee, on 7January 2000. Among its various recommendations was the proposal that citizens in villages in border regions be issued identity cards on a priority basis, with such ID cards issued later to all people living in border states.

The Rangarajan Commission set up to revamp the statistical system in India in 2000 recommended under the Socio-economic statistics chapter the setting up of a centralised database of citizens in India. The Commission submitted its report to the Government in August 2001 and in its analysis noted under para 9.2.26. Many developed countries and an increasing number of developing countries, including China, have databases of their citizens while also providing for each adult individual citizen of the country a unique identification number. Such a unique identification number assigned to a citizen would be a proof of his/her identity for a variety of purposes. The major advantage is that all this can be taken care of by simply producing citizen identity card as a proof of individual identity. Presently, there are different kinds of cards and means of establishing identity in India, such as electoral identity card, income-tax PAN card, passport, ration card, driving licence, birth, and education certificates, etc. However, none of the systems are equipped to handle a population figure that exceeds more than 1 billion in India. So far there has not been any attempt whatsoever to standardise a format of citizen's database, which can link the information available for each citizen from different sources and analyse this according to the needs and project a comprehensive picture of the human resources in the country." Further, the Commission made the specific recommendation under para 9.2.27 made the following observations: 9.2.27 Taking note of the initiative taken by the Ministry of Home Affairs for issuing national identification cards to the citizens, the Commission concludes that: A centralised database of the citizens of the country with a system of issuing a unique identification number/card has several potential benefits to its citizens and will improve the efficiency of administration. The project, if implemented, will have obvious benefits to the statistical system.

A Group of Ministers (GoM), headed by L. K. Advani, was formed to study the recommendations and examine possible implementation. The GoM submitted its report in May 2001 in which it accepted the recommendation for an ID card and stated that a "multi-purpose National Identity Card" project would be started soon, with the card to be issued first in border villages and then elsewhere. In late September 2001 the Ministry of External Affairs proposed that a mandatory national identity card be issued. This announcement followed reports that some people had obtained multiple Indian passports with different details. This was attributed to the lack of computerisation between the passport centres. In December 2003 the Citizenship (Amendment) Bill 2003 was introduced in the Lok Sabha by L.K. Advani. It primarily aimed to provide various rights to persons of Indian origin, but the bill also introduced Clause14(a) that said: "The Central Government may compulsorily register every citizen of India and issue national identity card to him."

2009–2013
The UIDAI was established on 28 January 2009 after the Planning Commission issued a notification. On 23June Nandan Nilekani, the co-founder of Infosys, was appointed by the then-government, UPA, to head the project. He was given the newly created position of Chairman of the UIDAI, which was equivalent in rank to a Cabinet minister. In April 2010 the logo and the brand name Aadhaar was launched by Nilekani. In May 2010 Nilekani said he would support legislation to protect the data held by the UIDAI.

In July 2010 UIDAI published a list 15 of agencies which were qualified to provide training to personnel to be involved in the enrolment process. It also published a list of 220 agencies that were qualified to take part in the enrolment process. Before this, the project had been only 20 states and with the LIC of India and the State Bank of India as qualified registrars. This announcement introduced several private firms. It was estimated that to achieve the target of enrolling 40% of the population in two years, 31,019 personnel and 155 training centres would be needed. It was also estimated that 4,431 enrolment centres and 22,157 enrolment stations would have to be established.

On 3 November 2011 Former Supreme Court judge V R Krishna Iyer released a book "Aadhaar; How a Nation is Deceived", in Kochi by handing over the first copy to Dr. Sebastian Paul. The book authored by Mr. P B Jijeesh was the first critique of Aadhaar Project. Speaking on the occasion Justice V R Krishna Iyer said that "the project AADHAAR should not be implemented for it amounts to an assault on privacy and basic rights of individuals and is suited only for fascist nations.

On 7 February 2012 the UIDAI launched an online verification system for Aadhaar numbers. Using the system, banks, telecom companies and government departments could enter an Aadhaar number and verify if the person was a resident of India.

On 26 November 2012 Prime Minister Manmohan Singh launched an Aadhaar-linked direct benefit transfer scheme. The project aimed to eliminate leakages in the system by directly transferring the money to the bank account of the recipient. The project was to be introduced in 51 districts on 1 January 2013 and then slowly expanded to cover all of India.

In late November 2012 a former Karnataka High Court judge, K. S. Puttaswamy, and a lawyer, Parvesh Khanna, filed a Public Interest Litigation (PIL) against the government in the Supreme Court of India. They contended that the government was implementing the project without any legislative backing. They pointed out that the National Identification Authority of India Bill 2010, which had been introduced in the Rajya Sabha, was still pending. They further said that since the UIDAI was proceeding only on the basis of an executive order issued on 28January 2009, it could not collect biometric data of citizens as it would be a violation of privacy under Article 21 of the Constitution. In December 2011 the Parliamentary Standing Committee on Finance, led by Yashwant Sinha, rejected the National Identification Authority of India Bill 2010 and suggested modifications. It termed the project "unethical and violative of Parliament's prerogatives". On 23September 2013 the Supreme Court issued an interim order saying that the government could not deny a service to anyone who did not possess Aadhaar, as the identity number was voluntary.

In late September 2013, following the Supreme Court verdict, Union Minister of State for Parliamentary Affairs and Planning, Rajeev Shukla, said that it would attempt to pass the National Identification Authority of India Bill 2010 in the winter session of the Parliament. On 9October 2013 the National Payments Corporation of India launched an Aadhaar-based remittance system. Using the system, funds could be transferred to any Aadhaar-linked bank accounts if the Aadhaar number was known. It was announced that an SMS could be used for amounts up to inr 5000 and for amounts over that a mobile bank app could be used. By this time around 440 million Aadhaar numbers had been issued.

2014–2015
In March 2014 Nilekani resigned as the chairman to contest in the general election on an Indian National Congress nomination from Bangalore South. His responsibilities were taken over by 1981-batch IAS officer Vijay Madan, who was given an extension of his term as the director-general and mission director by the government. Nilekani lost to Ananth Kumar.

On 10 June 2014, the new government disbanded four cabinet committees to streamline the decision-making process; among them was the cabinet committee on Aadhaar. Also in June 2014, the IT Department held a meeting with the secretaries of the states to receive feedback on the project.

On 1 July 2014, Nilekani met with the prime minister Narendra Modi and finance minister Arun Jaitley to convince them of the project's merits. On 5 July 2014, Modi announced that his government would retain the project, and asked an official to look into the possibility of linking the project with passports. The 2014 budget allotted inr 20400000000 to the project for the fiscal year 2014–2015. It was a substantial increase from the previous year's allotment of inr 15500000000. Also in July, it was reported that UIDAI would hire an advertising agency, and spend about inr 300000000 on an advertising campaign.

On 10 September 2014, the Cabinet Committee on Economic Affairs gave approval to Phase V of the UIDAI project, starting the enrolment process in Uttar Pradesh, Bihar, Chhattisgarh, and Uttarakhand. The Union Cabinet allocated inr 12000000000 to the project in order to reach the target of one billion enrolments by the end of 2015.

On 5 July 2015, finding the experience with DBT scheme in LPG "very encouraging", with a reported savings of inr 127000000000 to the public exchequer this year, Jaitley said, "If we can realize the government's JAM—Jan Dhan, Aadhaar, Mobile—vision we can ensure that money goes directly and more quickly into the pockets of the poor and from the savings we achieve, we can put even more money for the poor. If we can be careful in our design and implementation, we can extend DBT to other commodities, so that the poor get more money to spend for their upliftment."

In March 2015 the Aadhaar-linked DigiLocker service was launched, using which Aadhaar-holders can scan and save their documents on the cloud, and can share them with the government officials whenever required without any need to carry them.

On 18 June 2015, in a high-level review meeting on the progress of the UID project and DBT scheme, Modi asked officials to accelerate the delivery of benefits and expand the applications of the Aadhaar (UID) platform. He also asked them to examine the possibility of offering incentives to the states to increase participation in the project, through a one-time sharing of a portion of the savings. It was reported that the government was saving up to 14–15% in the direct benefit transfers of subsidies on LPG to the beneficiaries through Aadhaar.

2016–present
During the budget presentation on 29 February 2016, Jaitley announced that a bill would be introduced within a week to provide legislative support to the Aadhaar project. On 3March 2016 the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Bill, 2016, was introduced in the Parliament as a money bill by Jaitley. The decision to introduce it as a money bill was criticised by the opposition parties. Ghulam Nabi Azad, an INC leader, wrote in a letter to Jaitley that the ruling party, the BJP, was attempting to bypass the Rajya Sabha, as they did not have the majority in the upper house. A money bill is only required to pass in the lower house Lok Sabha. Tathagata Satpathy of Biju Janata Dal (BJD) raised concerns that the project could be used for mass surveillance or ethnic cleansing in the future.

On 11 March 2016 the Aadhaar (Targeted Delivery of Financial and other Subsidies, benefits and services) Act, 2016, was passed in the Lok Sabha. During the Rajya Sabha debate on 16March, Sitaram Yechury of the CPI-M said that bill should not have been passed when the issue of the right to privacy was still in the Supreme Court. On 16 March 2016 the bill was returned to the Lok Sabha by the Rajya Sabha with some suggested amendments, which the Lok Sabha promptly rejected.

The Unique Identification Authority of India (UIDAI) introduces Face Authentication to further strengthen Aadhaar security. It decided to enable 'Face Authentication' in fusion mode on registered devices by 1 July 2018, so that people facing difficulties in other existing mode of verification such as iris, Fingerprint or One Time Password (OTP) could easily authenticate. The biometric technology was provided by consortium partners Tata Consultancy Services and Neurotechnology. In 2019, Nirmala Sitharaman, the finance minister of India, has proposed the use of Aadhaar card for the cash transactions above ₹50,000 in her maiden budget speech.

Direct Benefit Transfer
The Aadhaar project has been linked to welfare schemes and unemployment benefit schemes such as the domestic LPG scheme and MGNREGA. In these Direct Benefit Transfer (DBT) schemes, the subsidy money is directly transferred to a bank account which is Aadhaar-linked. Previously, however, the direct-benefit transfer had been carried out quite successfully via the National Electronic Funds Transfer (NEFT) system, which did not depend on Aadhaar.

On 29 July 2011, the Ministry of Petroleum and Natural Gas signed a memorandum of understanding with UIDAI. The Ministry had hoped the ID system would help eliminate loss of the subsidised kerosene and LPG. In May 2012 the government announced that it would begin issuing Aadhaar-linked MGNREGS cards. On 26November 2012 a pilot programme was launched in 51 districts.

Under the original policy for liquefied petroleum gas subsidies, the customers bought gas cylinders from retailers at subsidised prices, and the government compensated companies for their losses. Under the current Direct Benefit Transfer of LPG (DBTL), introduced in 2013, customers had to buy at full price, and the subsidy would be then directly credited to their Aadhaar-linked bank accounts. This scheme, however, did not take off, and in September 2013 a Supreme Court order put a halt on it. Subsequently, the GOI constituted a committee to review the "Direct Benefits Transfer for LPG Scheme" to study the shortcomings in the scheme and recommend changes. The DBTL scheme was modified later as PAHAL by the new government in November 2014. Under PAHAL, subsidies could be credited to a purchaser's bank account even if he or she did not have an Aadhaar number. Official data show that cooking gas consumption during the January–June period grew at a slower 7.82%, which is nearly four percentage points less than the 11.4% growth in the same period last year.

The PAHAL scheme has covered 118.9 million of the 145.4 million active LPG consumers until March, as stated by the Petroleum Minister in the Parliament. The DBT has thereby become a "game changer" for India, claimed the Chief Economic Adviser to the Finance Ministry, Government of India, Arvind Subramanian, for in case of LPG subsidy, DBT had resulted in a 24% reduction in the sale of subsidised LPG, as "ghost beneficiaries" had been excluded. The savings to the government were to the tune of inr 127000000000 in 2014–2015. The success of the modified scheme helped fuel marketing companies save almost inr 80000000000 from November 2014 to June 2015, said oil company officials. The DBT for the public distribution system (PDS) will be rolled out in September 2015.

The government's own data, however, suggest that the cost of implementing the DBT for LPG was over a million dollars, a figure quite at odds with the savings figures that the government cites.

Prime Minister Modi has asked for integration of all land records with Aadhaar at the earliest, emphasising at his monthly PRAGATI (Pro-Active Governance and Timely Implementation) meeting on 23March 2016 that this was extremely important to enable monitoring of the successful implementation of the Pradhan Mantri Fasal Bima Yojana or crop insurance scheme.

Aadhaar-enabled biometric attendance systems
In July 2014 Aadhaar-enabled biometric attendance systems were introduced in government offices. The system was introduced to check late arrival and absenteeism of government employees. The public could see the daily in and out of employees on the website attendance.gov.in. In October 2014 the website was closed to the public but as of 24March 2016 is again active and open to public access. The employees use the last four digits (last eight digits for government employee registering as of August 2016) of their Aadhaar number and their fingerprints, for authentication.

Other uses by central government agencies
In November 2014 it was reported that the Ministry for External Affairs was considering making Aadhaar a mandatory requirement for passport holders. In February 2015 it was reported that people with an Aadhaar number would get their passports issued within 10 days, as it sped up the verification process by making it easier to check if an applicant had any criminal records in the National Crime Records Bureau database. In May 2015, it was announced that the Ministry of External Affairs was testing the linking of passports to the Aadhaar database.

In October 2014 the Department of Electronics and Information Technology said that they were considering linking Aadhaar to SIM cards. In November 2014 the Department of Telecom asked all telecom operators to collect Aadhaar from all new applicants of SIM cards. On 4March 2015 a pilot project was launched allowing Aadhaar-linked SIM cards to be sold in some cities. The purchaser could activate the SIM at the time of purchase by submitting his Aadhaar number and pressing his fingerprints on a machine. It is part of the Digital India plan. The Digital India project aims to provide all government services to citizens electronically and is expected to be completed by 2018.

In July 2014 the Employees' Provident Fund Organisation of India (EPFO) began linking provident fund accounts with Aadhaar numbers. In November 2014 the EPFO became a UIDAI registrar and began issuing Aadhaar number to provident fund subscribers. In December 2014 Labour Minister Bandaru Dattatreya clarified that an Aadhaar number was not necessary for any provident fund transaction.

In August 2014 Prime Minister Modi directed the Planning Commission of India to enrol all prisoners in India under the UIDAI.

In December 2014 it was proposed by the Minister for Women and Child Development, Maneka Gandhi, that Aadhaar should be made mandatory for men to create a profile on matrimonial websites, to prevent fake profiles. In July 2015 the Department of Electronics and Information Technology (DeitY) called a meeting of various matrimonial sites and other stakeholders discuss the use of Aadhaar to prevent fake profiles and protect women from exploitation.

On 3 March 2015 the National Electoral Roll Purification and Authentication Programme (NERPAP) of the Election Commission was started. It aims to link the Elector's Photo Identity Card (EPIC) with the Aadhaar number of the registered voter. It aims to create an error-free voter identification system in India, especially by removing duplications.

Other uses by states
In the Hyderabad region of Telangana state, Aadhaar numbers were linked to ration cards to remove duplicate ration cards. The project was started in July 2012 and was carried out despite the 2013 Supreme Court order. More than 63,932 ration cards in the white category and 229,757 names were removed from its database in the drive between July 2012 and September 2014. In August 2012 the government of the state of Andhra Pradesh asked citizens to surrender illegal ration cards before it began to link them with Aadhaar numbers. By September 2014, 15 lakh (1.5 million) illegal ration cards had been surrendered. In April 2015 the state of Maharashtra began enrolling all school students in the state in the Aadhaar project to implement the Right to Education Act properly.

Electronic-Know Your Customer (e-KYC) using Aadhaar card is also being introduced to activate mobile connections instantly to check Aadhaar Card Status.

PVC Card
In the year 2020, UIDAI introduced a new physical Aadhaar card which is made using a chemical named Poly(vinyl chloride) or PVC with additional security features such as holograms, micro text, ghost images, guilloché Patterns, invisible logos etc. The PVC Aadhaar Card can be ordered by any Aadhaar holder from UIDAI's official website and it will be delivered to the Aadhaar holder's registered address in the UIDAI database via Speed Post at a fee of ₹50/-.

Bhudhaar
Government of Andhra Pradesh started Aadhaar based innovative first of its kind project called Bhudhaar to assign an 11-digit unique number for every land parcel in the state as part of the "land hub in E-Pragati Programme". Andhra Pradesh Chief Minister N. Chandrababu Naidu launched the programme on 20 November 2018 to streamline the land records. Union Government of India also implementing Unique Land Parcel Identification Number (ULPIN) Project with the reference from this Bhudhaar Project.

Bhuseva Authority, an inter-departmental committee was formulated to implement and its progress monitored in real time basis by Andhra Pradesh Chief Minister and all citizens using CM Dashboard (Developed and managed by Real Time Governance Society)

Any type of land parcel categories i.e. agriculture lands, rural properties & urban properties (like houses, house sites, vacant lands) are managed by all land related department in the states. These are Revenue, Panchayat Raj, Municipal Administration, Registration, Survey & Settlements, Forest, Endowments, Wakf. Under the Land Hub core platform these departments integrating their land related services and issuing a new Bhudhaar number to each land holding or property upon ownership change.

In general Land records consists of two types of data.

1) Textual data (like village name, name of land owner, survey number, extent, ID proof like Aadhaar, voter id or other related documents).

2) Spatial data (the data depicting the sketch of the land, its measurements (in links/metres/feet), adjacent fields, location on ground).

The Bhudhaar issuing process contain 2 stages. Firstly Temporary Bhudhaar is assigned based on valid textual data of an agriculture land holding/rural property/urban property. It will be started with 99 and following numbers are generated on random basis only and there is no meaning for these 9 digits. But it is a unique id for that land holding / rural property/urban property. A special series number is allocated to government lands either agriculture lands or rural/urban properties.for example 99.312.725.202). "99" indicate that it is a temporary Bhudhaar.

Permanent Bhudhaar is assigned once the spatial data is also captured and linked to textual data, the spatial data contains measurement of the land and its resultant sketch(FMB), location of the land on ground along with geo-coordinates. To capture the measurement of land holding or a sub-division, Andhra Pradesh Government using Continuously Operating Reference Station" (CORS) a state-of the art technology in surveying of land holdings/properties.Once the Geo-coordinates captured was completed using CORS, Permanent Bhudhaar will be assigned and first two numbers i.e, 99 in the temporary Bhudhaar will be replaced with 28 (State Census Code).

Feasibility concerns
In October 2010 R. Ramakumar, an economist at the Tata Institute of Social Sciences, wrote in an editorial for The Hindu that the project was being implemented without any cost-benefit or feasibility studies to ensure whether the project would meet its stipulated goals. He also pointed out that the government was obscuring the security aspects of Aadhaar and focusing on the social benefit schemes. He quoted a former chief of the Intelligence Bureau Ajit Doval, who had said that originally Aadhaar aimed to weed out illegal aliens.

In March 2011 Rajanish Dass of IIM Ahmedabad's Computer and Information Systems Group published a paper titled "Unique Identity Project in India: A divine dream or a miscalculated heroism". Dass claimed that even if enrolment was voluntary, it was being made mandatory by indirect means. He pointed out that essential schemes like the National Food Security Act, 2013, was being linked to the UIDAI. He also stated that the feasibility of a project of this size had not been studied and raised concerns about the quality of the biometric data being collected. He cited statements of another researcher, Usha Ramanathan, that the UIDAI would ultimately have to become profit-making to sustain itself.

The debate on the feasibility of sustaining a project of the size of population of India is settled as over 1.22 billion Indians are enrolled in Aadhaar as of July 2018, representing about 90% of the total estimated population. The scheme complements other initiatives taken by the government, for example Digital India, to benefit people by giving easier access to public services.

On 9 November 2012 the National Institute of Public Finance and Policy (NIPFP) published a paper titled A cost-benefit analysis of Aadhaar. The paper claimed that by 2015–2016 the benefits of the project would surpass the costs, and by 2020–2021 the total benefit would be inr 251000000000 against a total expenditure of inr 48350000000. The benefits would come from plugging leakages in various subsidy and social benefit schemes.

On 2 February 2013 Reetika Khera, a development economist at IIT Delhi, published a paper in the Economic and Political Weekly titled A 'Cost-Benefit' Analysis of UID, in response to the cost-benefit analysis published by NIPFP. She argued that the seemingly large benefits were based 'almost entirely on unrealistic assumptions' and outdated data. The paper pointed to how the relative cost-effectiveness of Aadhaar in comparison with alternative technologies – the basic premise of any cost-benefit analysis – was entirely ignored. Further, concerns regarding a possible conflict of interest were also raised. In March 2016 the International Institute for Sustainable Development released a report that the benefit from Aadhaar-linked LPG subsidy scheme for 2014–2015 was inr 140000000 and for 2015–2016 was inr 1210000000. These sums were much lower than the number stated by Finance Minister Jaitley in the Lok Sabha. He had said in March 2016 that the government had saved inr 150000000000 from the scheme. The paper said that the government was also including the savings from the efforts of oil marketing companies (OMCs) prior to the introduction of Aadhaar. The method used by the OMCs to weed out duplicates and ghost customers was 15–20 times more effective than the Aadhaar-based method. It has to be noted that the savings of inr 150000000000 from the scheme was not claimed by the government to be from LPG subsidy alone, but by plugging leaks and checking corruption with the help of Aadhaar in all the schemes administered by the government of India.

Lack of legislation and privacy concerns
On 2 February 2015, the Supreme Court asked the new government to clarify its stance on the project. This was in response to a new PIL filed by Mathew Thomas, a former army officer. Thomas had claimed that the government was ignoring previous orders while pushing ahead with the project and that the project was unconstitutional as it allowed profiling of citizens. In a reply on 12February the government said that it would continue the project. On 16 July 2015 the government requested the Supreme Court to revoke its order, saying that it intended to use Aadhaar for various services. On 21 July 2015 the Court noted that some states were insisting on Aadhaar for benefits despite its order.

On 11 August 2015, the Supreme Court directed the government to widely publicise in print and electronic media that Aadhaar was not mandatory for any welfare scheme. The Court also referred the petitions claiming Aadhaar was unconstitutional to a Constitutional Bench.

On 19 July 2017, a nine judge bench of the Supreme Court began hearing the arguments on whether there is a fundamental right to privacy. On 24 August 2017 the nine judge bench unanimously upheld the right to privacy as a fundamental right under the Constitution.

A five-judge constitutional bench of the Supreme Court has heard various cases relating to the validity of Aadhaar on various grounds including privacy, surveillance, and exclusion from welfare benefits. As of 27 February 2018, senior counsels Shyam Divan, Kapil Sibal, and Gopal Subramanium, argued over a span of 13 days in this matter.

In a majority opinion dated 26 September 2018, the Supreme Court upheld the use of Aadhaar.

Legality of sharing data with law enforcement
In 2013 in Goa the CBI was trying to solve the case of a rape of a schoolgirl. It approached a Goa local court saying that they had acquired some fingerprints from the scene that could be matched with the UIDAI database. The court asked the UIDAI to hand over all data of all persons in Goa to the CBI.

The UIDAI appealed in the Bombay High Court saying that accepting such a request would set precedent for more such requests. The High Court rejected the argument and on 26February 2014 in an interim order directed Central Forensic Science Laboratory (CFSL) to study the technological capability of the database to see if it could solve such a crime. The UIDAI then appealed in the Supreme Court. It argued that the chance of a false positive was 0.057% and with 600 million people in its database it would result in hundreds of thousands of false results.

On 24 March 2014, the Supreme Court restrained the central government and the UIDAI from sharing data with any third party or agency, whether government or private, without the consent of the Aadhaar-holder in writing. Vide another interim order dated 16March 2015, the Supreme Court of India has directed that the Union of India and States and all their functionaries should adhere to the order passed by this court on 23September 2013. It observed that some government agencies were still treating Aadhaar as mandatory and asked all agencies to issue notifications clarifying that it was not.

On 26 September 2018, the Supreme Court ruled that Section 57 of the Aadhaar Act was unconstitutional, meaning that private entities cannot compel their customers to provide their Aadhaar number as a condition of service to verify their identity, specifically citing requiring it for bank accounts, school admissions, and mobile phone service as examples of unlawful use cases. However, it did uphold its requirement for income tax filing and welfare programmes.

Land allotment dispute
In September 2013 the Delhi Development Authority accepted a complaint from the activist group India Against Corruption and cancelled a land allotment to the UIDAI. The land was previously owned by BSNL, and MTNL had also laid claims on it. It had an estimated inr 9000000000 value but had been allotted to the UIDAI at a very cheap rate.

The issue of constructing the UIDAI HQs and UIDAI Regional Office building in Delhi was resolved with Department of Telecom (DoT), following which the Ministry of Urban Development issued a notification on 21May 2015 clearing the titles of the land in favour of the UIDAI, including projected land use.

Security concerns
In an August 2009 interview with the Tehelka, former chief of the Intelligence Bureau (IB), Ajit Doval, said that Aadhaar was originally intended to flush out illegal immigrants, but social security benefits were later added to avoid privacy concerns. In December 2011 the Parliamentary Standing Committee on Finance, led by Yashwant Sinha, rejected the National Identification Authority of India Bill, 2010, and suggested modifications. It expressed objections to the issuing of Aadhaar numbers to illegal immigrants. The Committee said that the project was being implemented in an unplanned manner and bypassing the Parliament.

In May 2013, deputy director general of the UIDAI, Ashok Dalwai, admitted that there had been some errors in the registration process. Some people had received Aadhaar cards with wrong photographs or fingerprints. According to Aloke Tikku of the Hindustan Times, some officials of the Intelligence Bureau (IB) had criticised the UIDAI project in September 2013, with the officials saying that the Aadhaar number cannot be considered a credible proof of residence. As under the liberal pilot phase, where a person claimed to live was accepted as the address and recorded.

In 2018, R. S. Sharma, former director general of the UIDAI shared his Aadhaar number on Twitter challenging people to show “one concrete example where you can do any harm to me!” Within hours, Twitter users managed to dig out his personal details like his personal mobile number(s), Gmail and Yahoo addresses, physical address, date of birth, his frequent flyer number, and that he uses an iPhone. After this incident, UIDAI tweeted urging users not to share Aadhaar numbers publicly.

In September 2023, independent analyst Moody raised concerns about the Aadhaar system, highlighting its tendency to result in service denials, especially impacting manual labourers in hot, humid climates due to questionable reliability of biometric technologies. The Government of India refuted Moody's claims emphasizing the absence of reported security or privacy breaches within the Aadhaar System. The centre's stance was reaffirmed in response to parliamentary enquiries, where it unequivocally stated that no breaches had been reported from the Aadhaar database.

Overlaps with National Population Register


The Aadhaar and the similar National Population Register (NPR) projects have been reported to be having conflicts. In January 2012 it was reported that the UIDAI would share its data with NPR and the NPR would continue to collect its own data. In January 2013 then-Home Minister Sushilkumar Shinde said that Aadhaar was not an identity card but a number, while the NPR was necessary for national security purposes. The 2013 Supreme Court order did not affect the NPR project as it was not linked to any subsidy.

In July 2014 a meeting was held to discuss the possibility of merging the two projects, Aadhaar and NPR, or making them complementary. The meeting was attended by Home Minister Rajnath Singh, Law and Justice and Telecom Minister Ravi Shankar Prasad, and Minister of State for Planning Rao Inderjit Singh. Later in the same month, Rao Inderjit Singh told the Lok Sabha that no plan to merge the two projects has been made.

On 23 September 2019, the then Union Home Minister Amit Shah announced an idea where the NPR and Aadhaar would be on 2021 census and would be used with the census data to build a new unique national document, however, UIDAI confirmed that for 2021 census, the Aadhaar use would be voluntary, also saying that "Collection of biometrics is not been provided under Citizenship Rules".

Fraud
In order to make Aadhaar accessible to often undocumented poorer citizens, obtaining an Aadhaar card does not require significant documentation, with multiple options available. In theory, the use of biometric facilities should reduce or eliminate duplication. So, in theory, while it may be possible to obtain the card under a false name, it is less likely that a person would be able to obtain another Aadhaar card under a different (or real) name.

The Aadhaar card itself is not a secure document (being printed on paper) and according to the agency should not be treated as an identity card though it is often treated as such. However, with currently no practical way to validate the card (e.g. by police at airport entry locations) it is of questionable utility as an identity card. "There are five main components in an Aadhaar app transaction – the customer, the vendor, the app, the back-end validation software, and the Aadhaar system itself. There are also two main external concerns – the security of the data at rest on the phone and the security of the data in transit. At all seven points, the customer's data is vulnerable to attack ... The app and validation software are insecure, the Aadhaar system itself is insecure, the network infrastructure is insecure, and the laws are inadequate," claims Bhairav Acharya, Program Fellow, New America.

The Aadhaar card is usually printed on glossy paper, and the government has stated black and white copies are valid. Some agencies charge extra to laminate the document. Other agencies have been reported charging ₹ 50 to 200 to produce a PVC version of the card, and it is marketed by them as a smart card, despite having no official validity and no chip.

Certain mobile apps claim to verify an Aadhaar card using a QR code scanner. However, the QR code is not a secure representation of an Aadhaar card either and can be copied and edited. The only way to validate an Aadhaar card is to perform an online validation, which will confirm that the card number is valid, confirm the postal code and gender of the holder (but not their name or photo). In theory, this means that is possible to create a false Aadhaar card using the number of a genuine holder from the same postal code with the same gender, with the card subject to a number of cases of counterfeiting.

The digital document itself is self-signed by a non-internationally recognised certificate authority (n)Code Solutions, a division of Gujarat Narmada Valley Fertilizers Company Ltd (GNFC) and needs to be manually installed on the PC. This is despite Entrust assisting in the development of the solution.

Cloning of biometric data
Aadhaar data is linked to the fingerprints of cardholders. This has been used by fraudsters to withdraw money from bank accounts. Most people have linked their bank accounts to their Aadhaar identity due to the mandatory nature of the linkage as promoted by the government. The Aadhaar program automatically enrolls the bank customer into a payment system wherein money can be withdrawn from their bank account using their Aadhaar card numbers and fingerprints. Fraudsters obtain customers' fingerprints through websites where land-owning documents are public or where fingerprints can be sold to fraudsters by people who can obtain copies of victims' fingerprints through objects in their homes. Essentially, one's fingerprints work as a password that cannot be changed, unlike credit card PINs and many other similar protective services.

Application issues
While the service is free for citizens, some agents have been charging fees. Despite the modern processes, there are cases where enrolments are lost in the system without explanation. mAadhaar is an official mobile application developed by the UIDAI to provide an interface to Aadhaar number holders to carry their demographic information including name, date of birth, gender, and address along with photograph as linked with their Aadhaar number in smartphones. In one case, every resident in a village in Haridwar was assigned a birthday of 1January.

Threat of exclusion
Many private and public benefits are being linked to Aadhaar numbers and made contingent on it: food aid, cooking-gas subsidies, mobile connections, NREGA wages, government examinations, banking facilities, tax filings etc. In fact, much of the massive enrolment resulted from the fear of being excluded from these benefits. There have been instances where people have been denied food aid because of issues with authentication rising from network issues or problems with identifying fingerprints (sometimes fingerprints become faded from age or manual labour).

Documentary proof may be difficult to obtain, with the system requiring documents such as bank accounts, insurance policies, and driving licences that themselves increasingly require an Aadhaar card or similar documentary evidence to originate. This may lead to a significant minority underclass of undocumented citizens who will find it harder to obtain necessary services. Introducers and Heads of family may also assist in documentation; however, for many agencies and legitimate applications, this facility may not be practical.

Non-resident Indians, overseas citizens of India, and other resident foreigners may also find it difficult to avail themselves of services they could previously freely obtain, such as local SIM cards, despite assurances to the contrary.

Since the Unique Identification Authority office first opened in Delhi, people have been allowed to designate their gender as "transgender" on their Aadhaar card, according to an August 2013 report.

Data leaks and security incidents
The Aadhaar database has experienced multiple data leaks and security breaches since its inception. These have ranged from the sale of unauthorised access by database administrators, the exposure of personal information on government websites, and unauthorised use and access of Aadhaar data by private institutions.

The detailed personal information being collected is of extremely high importance to an individual. However, once collected, it is not being treated with the required sensitivity for privacy concerns. Major financial transactions are linked with information collected in Aadhaar. Data leaks are a gold mine for criminals who now use sophisticated hackers. Government departments and various other agencies that collect this information such as banks cannot be trusted to maintain the secrecy of all this collected information. Another case occurred wherein Aadhaar data collected by Reliance Jio was leaked online, and the data may now be widely available to hackers. The UIDAI confirms more than 200 government websites were publicly displaying confidential Aadhaar data; though removed now, the data leaked cannot be scrubbed from hackers' databases. In July 2017 privacy issues with regard to the Aadhaar card were discussed in the Supreme Court. A report from the Center for Internet and Society suggests that the records of about 135 million Indians may have been leaked. A loophole was identified that allows all records to be accessed by anyone though hackers can find other routes.

2017
In February 2017, the Unique Identification Authority of India filed a police complaint after confirming that Axis Bank, a private banking institution, Suvidhaa Infoserve (a business news reporter) and eMudhra (an agency providing e-signature services) had illegally accessed the Aadhaar database and further, had impersonated people after illegally storing their personal data. In April 2017, the government of the state of Jharkhand exposed Aadhaar details and personal information of over 10 lakh (1 million) people as a result of a programming mistake on the website of the Jharkhand Directorate of Social Security, making this information available to any person who was logged on to the website.

In March 2017, the UIDAI blacklisted a contracted agency charged with collecting biometric data, after they shared a photograph containing the personal information of Indian cricketer M.S. Dhoni. The photo was tweeted as part of efforts to promote Aadhaar enrolment in India, and showed Dhoni enrolling, including a visual of his enrolment form being fed into a computer. The image was retweeted by several people, including Ravi Shankar Prasad, the then-Information and Broadcasting Minister of the Indian Government.

In August 2017, a software engineer was arrested after he created an app that exploited vulnerabilities in the official Aadhaar app in order to allow him to re-route requests for data, after unlawfully accessing the networks of the National Informatics Centre. He was able to exploit the Aadhaar app before detection for six months, between January and July 2017.

Wikileaks tweeted on 25 August 2017 that the same American supplier of fingerprint and Iris scanning equipment that collaborated with the CIA to identify Osama Bin Laden was also supplying equipment to India. The complex structure of ownership is detailed in an article in Fountainink.in Concerns were raised as early as 2011 in the Sunday Guardian regarding not following due process and handing over contracts to entities with links to the FBI and having a history of leaking data across countries. How the CIA can hack and access the Aadhaar database using a secret Expresslane project is documented in a report on the GGInews website and saved in an archive lest it be removed. Further communications have also identified the clauses under which data may have freely flowed to foreign agencies due to the nature and wordings in the Aadhaar contracts and archived here.

The Centre for Internet and Society, a non-profit research organisation from India, reported that during 2017, the Aadhaar of 130 million people was leaked as a result of information exposed on websites relating to four government social security schemes. These schemes were the National Social Assistance Programme and the National Rural Employment Guarantee Act (managed by the Ministry of Rural Development), and the Daily Online Payment Reports under NREGA and Chandranna Bima Scheme (managed by the State Government of Andhra Pradesh). In May 2017, the Central Government of India admitted in the Supreme Court that Aadhaar data had been leaked several times in that year. Arghya Sengupta, the head of policy consulting institution, Vidhi Centre for Legal Policy, argued that none of the leaks had come directly from the Aadhaar database, while the Attorney General, Mukul Rohatgi, defended the leaks and argued that, "one cannot have an absolute right over his or her body". The leak of Aadhaar data was further confirmed publicly by the Ministry of Electronics and IT.

2018
In 2018, the Aadhaar database suffered several breaches, resulting in 1.1 billion people's data being leaked and compromised. This was described by the World Economic Forum 2019 Global Risks Report as the "largest breach" of personal information in that year. In the same year, Right to Information petitions filed by media organisations indicated that 210 Indian government officials and institutions had posted parts of the Aadhaar database in publicly accessible sources, resulting in the leak of personal data, resulting in post-facto removals of this data by the Unique Identification Authority of India.

On 5 January 2018, media correspondents from The Tribune reported that they were, by posing as buyers, able to gain administrator access to the entire Aadhaar database for a payment of inr 500, revealing major security flaws. Acknowledging this data breach, the Unique Identification Authority of India suspended 5000 officials from accessing the database after an investigation revealed misuse and unauthorised usage. The incident was widely reported internationally. In response to the incident, UIDAI denied the breach, and filed a criminal complaint against the newspaper and journalists who reported the security flaws.

On 8 January 2018, India's Union Government confirmed that three websites belonging to the Government of the State Gujarat had exposed personal Aadhaar data of citizens. These websites included the website of the University of Gujarat, the Gujarat government website, and the website of Gujarat's Director of Developing Caste Welfare.

On 24 January 2018, a French security researcher posted on Twitter that the m-Aadhaar mobile application contained serious security vulnerabilities which could be used to compromise the personal data of users.

In March 2018, an Indian security researcher noted that a vulnerability in the website of Indane Gas, an Indian-government owned corporation supplying gas cylinders for domestic cooking, had resulted in exposing Aadhaar and personal data of every person enrolled with the Aadhaar database, and not just customers of Indane. American security website ZDNet reported that they spent a month attempting to contact the National Informatics Centre, the UIDAI, and Indian consulate officials in the United States, but did not receive a response, before they ran the story.

On 20 March 2018, it was reported that Aadhaar data and linked personal information, including addresses, linked to a special scheme by the Government of Andhra Pradesh for women and girls had been left unsecured online and could be accessed by anyone, even though the scheme itself had been suspended in 2015.

In May 2018, an Indian security researcher found that Aadhaar data linked to personal information, including caste identities, religious affiliation, bank accounts, and personal addresses and mobile numbers had been left unprotected on a website of the State Government of Andhra Pradesh, resulting in the leak of data belonging to 130,000 citizens.

In September 2018, R.S. Sharma, the chairman of India's Telecom Regulatory Authority of India and former UIDAI chairman, disclosed his Aadhaar number on Twitter and challenged anyone to misuse it, in an effort to demonstrate the security of the Aadhaar programme. Using his Aadhaar, French researchers were able to access and disclose personal information belonging to Sharma, including his personal telephone number, tax identity card, his secretary's phone number, personal address, family photographs, date of birth, frequent flyer numbers, telecom operator, model of phone, details of personal purchases and transactions, and advised him to change his personal Gmail account password as a precaution. The information was later used to make an unauthorised symbolic deposit of inr 1 in his personal bank account as well, teo demonstrate the possibility of blackmail and compromise. In 2020, his Aadhaar number was also used to unlawfully register him for certain government subsidies for which he was ineligible, resulting in the fraudulent receipt of government funding. Sharma has blamed this incident on the state government's failure to verify his enrolment.

Virtual ID
On 1 March 2018, Virtual ID aka VID was introduced and was made as an option for agencies to use Virtual ID by 1 September 2018. A Virtual ID is a 16 digit number that is generated using the Aadhaar number. This Virtual ID can then be used instead of the Aadhaar number to carry out some Aadhaar related work.

Revolving door problem
The question of the "revolving door" phenomenon (where "individuals using experience, knowledge and clout gained while in public service in pursuit of profit for private companies") has been raised in the context of Aadhaar, as people who were involved in the creation, design and popularisation of Aadhaar are now working in the private sector where they can use this knowledge for their own private enterprises which profit off this knowledge. Some examples of this are Khosla Labs as well as iSPIRT, a non-profit organisation which is dedicated to developing and supporting India Stack's APIs has had many employees who were involved with UIDAI in various capacities.

CAG Report on the functioning of the UIDAI
In April 2022, the Comptroller and Auditor General of India published an audit reoport on the functioning of the UIDAI. The report contains observations and recommendations based on a performance audit – which included assessments of both the Enrolment and Update Ecosystems as well as the Authentication Ecosystems for the period 2014–15 to 2018–19. The press release lists the Summary of Performance, Significant Audit Findings and the recommendations.

Drive to link Aadhaar with Voter ID card
In 2022, the Election Commission started a drive to link Aadhaar card with voter ID card. The Union Government claimed that this linking will be voluntary, but the bill passed in the parliament contradicts the claim. The rules issued by the Union Government mention that the only "sufficient cause" for a person to not link their Aadhaar Card with the Voter ID Card is if the person does not have one. The election officials cited 'orders from above' to pressure voters into linking these documents.

The linkage of Aadhaar with Voter ID card has several concerns. First, Aadhaar is not a proof of citizenship and such a linkage will not filter non-citizens. Another problem is the Unique Identification Authority of India in 2018 reported that Aadhaar based biometric authentication had a 12% error rate and linkage of voter ID with Aadhaar in Andhra and Telangana in 2015 lead to disenfranchisement of around 30 lakh (3 million) voters leading to Supreme Court cancelling the linkage process. Yet another problem is that such a linkage would assign Aadhaar's demographic information to electoral database leading to misuse for profiling of voters, and India's lack of data protection laws makes it even worse.

Supportive views

 * Nilekani, Nandan, "Data to the People: India's Inclusive Internet", Foreign Affairs, vol. 97, no. 5 (September / October 2018), pp. 19–26.
 * Nilekani, Nandan, "Data to the People: India's Inclusive Internet", Foreign Affairs, vol. 97, no. 5 (September / October 2018), pp. 19–26.
 * Nilekani, Nandan, "Data to the People: India's Inclusive Internet", Foreign Affairs, vol. 97, no. 5 (September / October 2018), pp. 19–26.
 * Nilekani, Nandan, "Data to the People: India's Inclusive Internet", Foreign Affairs, vol. 97, no. 5 (September / October 2018), pp. 19–26.
 * Nilekani, Nandan, "Data to the People: India's Inclusive Internet", Foreign Affairs, vol. 97, no. 5 (September / October 2018), pp. 19–26.

Critical views

 * Deciphering Aadhaar bill, its benefits and privacy issues
 * A rant on Aadhaar
 * Aadhaar sitting duck
 * A rant on Aadhaar
 * Aadhaar sitting duck