While Aadhaar-enabled DBT has been suspended by the UPA government, the problems that need to be addressed lie in the implementation of the programme (See earlier post). It must be kept in mind that even as the government was quick to impose Aadhaar on its DBT, numerous gaps plagued the process, for instance establishing statutory legitimacy of the UIDAI; articulating the roles of banks and non-banks and the limits of jurisdiction by banking and other regulators; affixing the onus of responsibilities in a bank-led model of financial inclusion; and lastly, defining the commercial model for implementation.
The Congress manifesto accepts Aadhaar, but does not push for Aadhar-enabled DBT. Currently, the Aadhaar end of financial inclusion is set: infrastructure and payment bridges and protocols are ready, and have been tested. However, the other critical pieces have not been put in place, especially the cleaning, de-duplication and mapping of numerous beneficiary databases with Aadhaar, a task that must be done by the government departments. The challenges listed below need attention, so that Aadhaar-enabled DBT can resume effectively and efficiently.
The first step needs to be to recognise the UID as a primary identity document, and accord one institution – whether the UIDAI or any new entity that combines the NPR and UIDAI - status as an independent statutory institution and allocate resources under the Consolidated Fund of India.
The UIDAI should have complete and exclusive accountability over the personal and biometric data capture and processing, which must not be outsourced to private parties, drawing lessons from the Passport Office. Over time, the Passport Office and Aadhaar number can even be issued by one authority.
The core function of the UIDAI is to collect and archive personal information in safe and encrypted form and issue the UID to any applicant. The UID number is one among several documents to identify a natural person.
Aadhaar online authentication for commercial/ financial transactions is different from the core function of issuance and verification of an Aadhaar number. Aadhaar verification must not be made compulsory or the sole/ exclusive source of identity to access services or benefits provided by government institutions.
For real time, online authentication of the Aadhaar number, the role and scope of UIDAI service should be limited to answering session-based queries real time returning a binary True/False result, without any obligation or power to share any personal data.
Authentication service charges should be session-based, with tariffs based on a normative cost-recovery and reasonable profit principles to ensure sustainability and adequate information security standards.
UIDAI should be liable for any financial losses or damages arising from false positive identification on the UIDAI database against an authentication query. The liabilities should be covered by appropriate insurance and reinsurance on the lines of other banking and financial institutions.
The cleaning and de-duplication of the beneficiary databases under all schemes need to be accelerated and seeded with the identity numbers, irrespective of whether Aadhaar is used for verification.
There is a lot to be done, and a government committed to reducing corruption and leakages in the subsidy process can use the Aadhaar infrastructure, provided the gaps mentioned above are addressed. The key lies in bringing all stakeholders on board before the programme rolls out again, the question is whether the next government can pull this off.
This post draws on insights given by S V Divvaakar and Laveesh Bhandari.