Note: This is the first piece in a three-part series on elections, Aadhaar-linking and voter targeting.
New Delhi/Bangalore: India’s Election Commission (EC) adopted a host of tactics to rapidly link hundreds of millions of voter IDs to Aadhaar numbers in 2015, some of which may have skirted the boundary between responsible data-sharing practices and outright violations of privacy and user consent.
According to the organisation’s internal documentation, obtained through multiple right to information (RTI) requests, in at least four major states, the local election commissions had access to parts of the National Population Register (NPR) database, which helped hasten the Aadhaar seeding process.
Other methods the EC deployed included the use of the controversial DBT Seeding Data Viewer (DSDV) tool – a service that allows third-parties to view non-biometric identity data held by the Unique Identification Authority of India (UIDAI).
In Gujarat, the state election commission used Aadhaar details and voter ID numbers (also called EPIC numbers) collected by a separate government department for the purpose of seeding it with electoral rolls, raising questions over whether informed consent was obtained.
At one point, the UIDAI, acting on the suggestion of the EC, even started a pilot project to mandatorily collect the EPIC numbers of adults (18-year-olds and above) who signed up for Aadhaar enrolment in order to help the linking process. While it’s unclear whether the pilot was replicated elsewhere, this too raises questions over the EC’s claims that the linking process was strictly voluntary.
Put together, the documents, which include correspondence* between the UIDAI, EC and Registrar General of Census, help answer a crucial question with regard to Aadhaar-voter ID linkages: How did the EC manage to link the voter IDs of 300 million people with their respective Aadhaar numbers in just three months?
In March 2015, the EC launched the National Electoral Roll Purification and Authentication Program (NERPAP). As the name suggests, its aim was to “clean up” India’s electoral rolls using Aadhaar authentication. Or in other words, to eliminate potential voter fraud by deleting ghosts or people who had somehow gotten more than one voter ID from the system.
The programme’s goals and deadlines were ambitious: internal EC documents show that it wanted to achieve draft electoral rolls that were “100% error-free” and “100% multiple-entry free” by August 15, 2015.
While the EC is an institution known for its efficacy, the extensive coverage with regard to the NERPAP scheme before it was shut down by the Supreme Court in August 2015 is surprising.
By the time the initiative was forcibly shut down, it had collected the Aadhaar numbers of over 300 million voters. Chief election commissioner O.P. Rawat publicly claimed that 320 million voter IDs were linked to Aadhaar during NERPAP in the span of just three months and that another 545 million Aadhaar numbers would be linked to the remaining voter IDs in six months, once the Supreme Court allowed it.
How exactly was this done? Was the consent of voters taken for this exercise? If voters were in the loop, as Rawat and the EC have consistently maintained, was informed consent taken, with citizens clear on how their data could be used?
Individual states offer a few clues with regard to the bulk seeding of Aadhaar numbers.
For instance, in Maharashtra, only 301,000 voters had registered themselves for the voter ID-Aadhaar linking programme by the beginning of May 2015, but when the programme ended three months later in August 2015, the chief electoral officer of the state claimed that 1.8 million voters had provided their Aadhaar numbers.
On a national scale, the numbers look even more stark. A report published in DNA noted that by May 2015, 130 million voters had applied for linking – 30 million had “applied online” while 100 million requests came through “other means”.
Given that the EC “did 32 crore in just three months”, how did it do so and what other means did it employ?
Organic and inorganic
There are multiple ways to seed Aadhaar to new databases. The first is what is called ‘organic seeding’, where an individual provides the data by herself with consent.
In this ‘manual’ mode, a citizen links her voter ID to her Aadhaar by herself. To help out with this, the EC used the National Voters’ Service Portal (NVSP). All people had to do was enter their voter ID number, a few demographic details and their Aadhaar numbers.
A person could then verify that their Aadhaar number was indeed their own through a one-time-password (OTP) sent to the user’s smartphone, after which the voter ID would be linked. However, this approach is slower as it involves a citizen’s willingness: they have to come forward on their own and sign-up to link their voter ID and Aadhaar.
The other method is inorganic seeding of Aadhaar, in which details of the elector is collected and then seeded automatically with Aadhaar with the help of an algorithm.
In a response to the RTI request, the EC confirmed that it used the DSDV, which is a tool that can be used to automatically seed any beneficiary database with Aadhaar numbers.
A letter from V.N. Shukla, director-IT of the EC, to the UIDAI in March 2015 shows that the organisation wanted the DSDV service in the form of of a web API or service.
How does DSDV work? Put simply, it is a tool that allows departments to search, verify and seed Aadhaar automatically when they have collected data from other sources, such as the voter ID database. The tool allows placing voter ID details and the Aadhaar details of a resident side-by-side on a computer screen. Demographic details including photographs can be compared instantly to automatically seed Aadhaar into the Voter ID database.
The tool’s user manual also points out how voter ID details can be compared using this approach.
DSDV has been a controversial service because critics reckon that it violates consent, since the user manual itself makes it clear that to view data from the central Aadhaar database, consent of the Aadhaar holder is not required.
The UIDAI is keenly aware of this: in an early 2015 letter to the EC, the Aadhaar agency amusingly notes that “when a person furnishes a copy of any document, his consent for verification of veracity of the document is inherent”.
Or in other words, the UIDAI hints that using the DSDV tool is not a violation of privacy because when the EC’s block-level officers supposedly collected the Aadhaar details of voters to link it with their voter IDs, they also inherently allowed the EC to verify that data in any way possible (including via DSDV).
Legal experts have differing opinions, though.
“If this [DSDV] was used subsequent to the coming into force of the Aadhaar Act, it would violate s.29(2), which states: ‘(2) The identity information, other than core biometric information, collected or created under this Act may be shared only in accordance with the provisions of this Act and in such manner as may be specified by regulations’,” said Pranesh Prakash, an affiliated fellow at the Yale Law School’s Information Society Project
“There is no regulation that permits the use of the DSDV tool. It is shocking that UIDAI would create such a tool after promising residents at the time of collection of their data that all they would ever do is to provide a “Yes/No” response to specific queries, and would not share the data,” he added.
Prasanna S., a lawyer who assisted the petitioners’ side in the right to privacy and Aadhaar cases, believes that inorganic seeding would fall afoul of the Aadhaar Act.
“DSDV should not exist at all. First of all, even seeding is disallowed under the Aadhaar Act. Section 8 is clear that the Aadhaar information collected by any requesting entity shall only be used for the purpose of submitting it for online authentication and nothing else. The lawlessness is compounded by unlawfully sharing it with a third party like EC and that too without notice to and consent of the individual concerned,” he told The Wire.
NPR and other databases
Another aspect that helped speed up the Aadhaar-voter ID linking process was when state election commissions in Tamil Nadu, Gujarat, West Bengal and Uttar Pradesh used parts of the National Population Register (NPR) database to help in everything from general seeding to identifying electors and then verifying and cleaning up the collected data.
A letter sent by R.K. Srivastava, the then principal secretary of the EC, to the Registrar General of Census in March 2015 describes the requests made by the states.
“…You had mentioned that RGI collected EPIC number and Aadhaar number of persons being registered with NPR project and that the same is available to you, the letter starts.
“The CEOs [chief electoral officers] of Gujarat, UP and West Bengal stated if this can be made available to them, it will be very convenient for them to seed the Aadhaar number of such EPIC holders in ER database,” it adds.
Srivastava also notes that the RGI’s officers could then be directed to share “village-wise data collected so far with the CEOs, in soft form, so that CEOs are able to prepare a list of voters booth-wise and verify at the field level”.
A separate note details how the NPR project had collected EPIC numbers through the KYR+ (know your resident) forms to a certain extent and that it would be shared with the CEOs of the three states.
Documentation from Tamil Nadu’s state election commission details how it organised special camps to collect elector information and their Aadhaar numbers. It then went onto to seed Aadhaar “using NPR data obtained from Registrar General of Census” in the districts of Dharmapuri, Tiruvallur and Coimbatore.
Specifically, the state election commission in Tamil Nadu used NPR data to build a data-viewing tool like DSDV to compare voter data with the data of the RGI, which helped in verification and seeding.
“Sh SK Chakraborti, Addl RGCR, RGI informed that RGI has provided RGI database with Aadhaar number, enrolment number and TIN number to states who have made request to them,” a letter dated July 2015, sent out to all state chief electoral officers, notes.
In some cases, this data-sharing helped the state election commissions understand how many voters in their state actually had an Aadhaar number.
“CEO West Bengal indicated that although as intimated by RGI, Aadhaar coverage for the State is above 80% while on the basis of data collected by BLOs through house-to-house visit it comes around 30%. It appears that letters are stuck in post officers either because of incomplete addresses or for some other reasons,” one document, summarising an EC meeting, says.
“CEO West Bengal requested to RGI to provide enumeration block number attached to the records in database, which would help them to get the part-wise data… and it would be easier to manage collection, feeding and seeding of Aadhaar number by respective BLOs and EROs,” it adds.
Strangely enough, in December 2017, the Registrar General and Census Commissioner (ORGI) had a totally different approach towards sharing NPR data: it was reported that when state governments sent across data-sharing requests for social welfare targeting, the RGCC refused, citing privacy and data security concerns.
“It is clear in my mind that the Registrar General & Census Commissioner of India sharing data collected as part of the NPR exercise with various election commissions without the consent of those from whom the data were collected is a gross a violation of privacy. That even the RGI came around to this view is clear from their [refusal to share NPR data with states in 2017],” Pranesh Prakash told The Wire.
In states like Gujarat, internal documentation appears to indicate that the state election commission used data collected by the “civil supplies department” to do Aadhaar tagging (seeding) of the electoral database.
“Regarding linking Adhaar [sic] data, we have tied up the the matter with the Civil Supplies department as presently they have taken up house to house survey and are collecting various data including Aadhaar and EPIC number. They have also adopted a validation process with the UID office,” a February 2015 letter, from Gujarat’s chief electoral officer to the EC, says.
“On the basis of data collected by Civil Supplies department, we will seed available Aadhar numbers with the electoral roll. Whatever will be left, will be covered by BLOs during House to House Survey,” the letter adds.
In this case, it’s unclear how user consent worked: did the house-to-house surveys of the civil supplies department, which was also collecting other unrelated data, indicate to the residents of Gujarat that it would be used to link their Aadhaar numbers to the voter IDs?
These questions, and the recent Supreme Court judgement on Aadhaar, are prompting critics and legal experts to call for the deletion of UID-voter ID linkages.
“After the privacy and the Aadhaar judgments, it is clear and EC must seek legal opinion and perhaps approach the SC for appropriate directions on the deletion/destruction of the data collected or used or developed without consent from the individuals,” said Prasanna S.
*Note: Some of the RTI inputs for this story were provided to The Wire by media organisation GoNews and reporter Sidharth Pandey, whose reports on Aadhaar can be read here.