The Dangers of NATGRID and the Proliferation of 360-Degree Profile Databases

This mindless proliferation of personal data has had so many effects that these systems should have been shut down by the Supreme Court during the Aadhaar judgment.

India is rapidly digitising. There are good things and bad, speed-bumps on the way and caveats to be mindful of. The weekly column Terminal focuses on all that is connected and is not – on digital issues, policy, ideas and themes dominating the conversation in India and the world.

The country seems to be in the grip of an epidemic of 360-degree profile databases. After nearly a decade of Aadhaar, the grand plan to interlink various identity databases is now complete. These profiles provide even the most granular demographic and socio-economic data – religion, caste, education, marital status, etc – of citizens at the click of a button.

These efforts began with the National Intelligence Grid or NATGRID, which was envisioned after the 26/11 Mumbai attacks as a counter-terrorism measure and was initially supposed to interlink 20 population databases in the first phase. This would allow information sharing between different agencies. But over the years, databases related to financial information, telephone numbers, tax records and criminal records have all been interlinked, allowing intelligence agencies to get a 360-degree profile of every Indian. The Ministry of Home Affairs (MHA) now plans to “scale up” surveillance by offering real-time 360-degree profiling.

Unfortunately, NATGRID is not the only 360-degree profile database out there. The National Population Register is also a 360-degree profile database, and so are the State Resident Data Hubs. The Social Registry –  which will automatically track when a citizen moves between cities, changes jobs, buys new property, and when a member of a family is born or dies – planned by the Ministry of Electronics and Information Technology is also a 360-degree profile database. As is the Inter-Operable Criminal Justice System being implemented by the e-courts committee, the income tax department’s project insights and the Telangana Police’s Integrated Information Hub or Crime and Criminal Tracking Networks and Systems.

Every database out there is now interconnected and collects even the minutest information about us. This interoperability, allowing the interlinking of various databases, is powered by the unique ID: Aadhaar. Just entering the Aadhaar number – or other ID cards which are linked to Aadhaar – allows government officials to get all of our details. What we have here is the proliferation of our identity information across government databases, allowing the creation of complete profiles of the population. 

It doesn’t matter what kind of database is out there and what its purpose is, it automatically becomes a surveillance database for the intelligence establishment. The creation of these population databases to track people from their birth to death has always been made clear by the MHA. There is no law at the moment to allow this or any of the other 100 databases for which the government collects data and shares it with the surveillance complex. The upcoming data protection Bill also does not plan to regulate this setup – in fact, it gives complete exemptions to it.

The idea of 360-degree surveillance is not just in the interest of the intelligence establishment anymore. The state governments want to know everything about you to decide whether you deserve welfare or not. State governments can also abuse this data to extract tax from everyone. These systems of 360-degree profiling have been active for a long time and the Supreme Court didn’t address this issue entirely during the Aadhaar judgment. 

Before NATGRID was even built, states had their own STATEGRIDs. This model of 360-degree profile governance was active in Telangana and Andhra Pradesh much before the rest of the country. It is not limited to policing and intelligence agencies, but to how governance in this country has been transformed. The state knows everything about us and wants to use it to govern us, while not disclosing entirely how it intends to govern us or with what data. This increased proliferation of identity information and 360-degree profiles has been abused for voter deletions, electioneering and harassment of the general public by police departments.

Andhra Pradesh’s State Resident Data Hub interlinks all government services including electricity bills. Photo: Author provided

This mindless proliferation of personal data has had so many effects that these systems should have been shut down by the Supreme Court during the Aadhaar judgment. Instead, there are plans being made to share all of this data with the private sector – which the apex court prohibited – to promote private sector profits. The proliferation of these systems is going to harm our society in ways we are unable to fully understand yet.

Whether it is rejecting welfare, deleting our voter information, forcing us to pay extra taxes, or being subjected to policing harassment through digital policing and surveillance, it doesn’t matter what the occasion is – the tool and system are the same. Some people could argue that all of these systems are different and there is no one master database with all of our personal information. But all of our personal information is interlinked and interoperable across every government system, resulting in a host of effects.

This setup is not going away with any surveillance reforms, Supreme Court judgments or any future data protection Bill. Surveillance of the population is now an accepted norm, no matter how it is abused by any political establishment – the BJP or others. We as a society have accepted the effects of these 360-degree profiling databases and this issue can’t be addressed unless the larger public demands change. Of all places, we see their effect more in our election with surveillance of the population being used to influence voters.

Srinivas Kodali is a researcher on digitisation and hacktivist.