"The largest and most sophisticated ID database in the world".
The Indian government is in the final stages of enrolling all of its citizens in the world's largest ID system.
Now information are being sold online.

The idea of getting biometric data - fingerprint and iris scans - of a billion people would seem to be an impossibly complex task. Indian officials in charge of the controversial biometric identity program have filed a police complaint after a report that citizens' personal account details, needed for an ID-card, were being sold for as little as 500 rupees ($7.8 or £5.8) online.

The Unique Identification Authority of India (UIDAI) wants a probe into "unauthorised access" to its database.

But it said biometric data was safe.

The Tribune newspaper claimed that it bought user details via an "agent" advertising his services on WhatsApp.

The report is the latest revelation against the UIDAI biometric system known as Aadhaar, which means foundation.

It said that once it paid the "agent", its reporters were given a username and password that allowed them to enter any Aadhaar number into the UIDAI website and get access to user information including name, address, photo, phone number and email address.

The report added that payment of a further 300 rupees provided "software" that allowed them to print out any Aadhaar card for which they had the number.

The UIDAI says the breach seems to be a misuse of a grievance redressal scheme that allowed Aadhaar agents to rectify issues like a change in address and wrong spelling of a person's name.

However, it added that the scheme did not grant access to people's biometric details.

The revelations in the report made headlines in India, with many on social media expressing concern over the security of their personal data.

Aadhaar started out as a voluntary programme to help tackle benefit fraud, but recently it has been made mandatory for access to welfare schemes.

Critics have repeatedly warned that the scheme puts personal information at risk" and have criticised government efforts to compulsorily link it to bank accounts and mobile phone numbers.

The government has always insisted that the biometric data is "safe and secure in encrypted form", and anybody found guilty of leaking data can be jailed and fined.

A case challenging its mandatory linking to schemes and bank accounts is pending before the country's Supreme Court.

It started as a voluntary programme to help tackle benefit fraud - and is now described as "the largest and most sophisticated ID database in the world".

Once the government committed to it - with the hope that it would be able to use it to raise more taxes, register voters and identify the hundreds of millions of drivers using false licences - it began taking the details of people whenever they came into contact with state agencies.

Biometric details were - and continue to be - recorded in schools, hospitals, childcare centres and special camps. Ten fingerprints, two iris and facial photographs are taken for issue of the unique identity card.

Aadhaar's website claims that 90% of Indians are now registered, though this figure is disputed by activists.
How does it work?

Aadhaar, or a Unique Identification Number, is allocated to every Indian and remains their national identity document forever.

It has become virtually impossible to do anything financial without it - such as opening a bank account or filing a tax return.

However, the scheme does in theory remain voluntary, and the highest court is hearing a petition on making it compulsory; the final judgement is awaited.
Why is it controversial?

When Indian cricket star MS Dhoni accidentally had his number published on Twitter in March 2017, it exposed the many worries Indians have about having one single code so crucial to many aspects of their lives.

One fear is that it will become a method of financial surveillance.

Questions have also been raised about the moral authority of the government to force citizens to share biometric data. Activists say it is breach of the UN's Fundamental Right of Privacy.

People's Union for Civil Liberties activist Suresh told the BBC that citizens were not briefed about the implications of sharing their private data, but did so as they feared they would not be able to carry out financial transactions, gain admission to educational institutions and access subsidised food products from government-run shops.

"There is no guarantee that the data will not be leaked and also no accountability structure is in place," Suresh explained.

Activists also fear that it will be impossible to ensure that data will not be misused or abused, though authorities told the BBC that all the biometric data was well protected.
Antiquated laws?

Investigative reporter Saikat Datta of the Observer Research Foundation says that Aadhaar has been converted into "the world's biggest surveillance engine."

And while India has a billion phones, laws for protecting the data on those phones are antiquated.

When the National Identification Authority of India Bill was introduced in 2016, it was sent to a special committee of the Parliament, whose members made scathing remarks about the project.

This committee recommended that enactment of legislation on data protection and privacy law was a "prerequisite" for the Aadhaar scheme.

Indian Prime Minister Narendra Modi, also strongly criticised the scheme in 2014.

But Aadhaar's authorities say their data protection goes far beyond what is required in the law.

But now biometrics have been sold online. - THE POLITICAL AVENUE™