Manda Prathap Reddy of Hyderabad applied for an Aadhaar. His application was rejected because of a failure to capture his biometrics accurately. In the meanwhile, he was employed by an Aadhaar enrolment operator as he was in need of money. He worked there for half a month or so. Subsequently, he reapplied for an Aadhaar, only to be rejected for “technical reasons”. So he applied again. And again. Again, rejected for technical reasons.

Finally, frustrated, he visited UIDAI’s main office in Hyderabad, where he was informed that his fingerprints matched with 13 other people, so he couldn’t be issued an Aadhaar till he found these 13 people and made them update their biometrics – or provided their death certificate in case they had died. He has no idea who these people are or how to find them. Some of the people were elderly, according to the information provided to him.

The best guess the UIDAI officials had for the duplication was that his own biometrics may have been accidentally recorded when showing the others how to place their hands on the biometrics scanners. They told him that this was a fairly common problem.

When Prathap, frustrated with repeated rejection refused to leave the UIDAI office without a letter stating his enrollment, He was given one.

Letter given by UIDAI to Manda Prathap Reddy confirming enrollment
Letter given by UIDAI to Manda Prathap Reddy confirming enrollment

Even after this, he was unable to get an Aadhaar. And the letter given to him was useless, as it can’t be accepted in replacement of an Aadhaar – which is a number.

This should be very hard to believe – that UIDAI officials simply gave out details of people whose biometrics matched his after all the claims of Aadhaar data being perfectly safe. However, the response of UIDAI that he describes is identical to the one Mallikarjun Gurrikar got when his biometrics matched those of seven others and his repeated efforts to enrol were all rejected for “technical reasons”. It took him writing a threat of suicide to the Prime Minister’s Office for him to know that the reason for him being refused an Aadhaar was the matches with the seven others. Unlike Prathap, he was able to find the seven people and get them to update their biometrics in person, before finally being issued an Aadhaar.

Getting an Aadhaar too is no protection from the biometric match horror, as you can see from this letter one Gangabai Mahadev Jadhav from Parbhani received. She has an Aadhaar card, which the UIDAI threatened to deactivate if she did not update her biometrics at the regional office in Mumbai within the stipulated period, as there was a match between her prints and another person’s. Parbhani to Mumbai is 10 hours by road. To get to keep her “free” Aadhaar card, she was given 15 days to do a 20 hour journey at her own expense, of course.

UIDAI threatens to deactivate Gangabai Mahadev Jadhav's Aadhaar card
UIDAI threatens to deactivate Gangabai Mahadev Jadhav’s Aadhaar card

How is a woman from Parbhani, who dutifully made her Aadhaar when told to, going to undertake a journey to Mumbai, 10 hours away if she wants to keep it?

Kannan Gopinathan, District Collector of Lunglei in Mizoram made a series of tweets describing the plight of a young man who came to meet him and was crying because he had been applying for Aadhaar for 6 years and being denied. As a District Collector, Kannan believed he could assist this young man, but he couldn’t. When he made enquiries with the UIDAI, he was informed… yes, you guessed it. The young man’s fingerprints must have matched partially with someone else. Again, note this beautiful pattern, where the UIDAI doesn’t have the simple decency to give a correct reason for rejecting someone’s enrollment year after year. Over and over.

What is common in these stories? Desperate people. The first man wrote to the Prime Minister threatening to commit suicide. The second is depressed and at a dead end. He does not know how to live without Aadhaar. This last young man broke down crying in front of the District Collector.

Is this the “dignity” UIDAI is claiming to give people through Aadhaar as it denies exclusion in the Supreme Court?

The fact that these cases describe a similar and irresponsible pattern on behalf of the UIDAI raises several questions:

  • Whose responsibility is it that accurate fingerprints are captured for the Aadhaar database? If there are errors in capturing fingerprints, whose responsibility is it that the errors are resolved?
  • Is it not the UIDAI’s responsibility that the operators be made aware of the risk of their biometrics being accidentally captured and implementing a robust process that prevents this?
  • If someone’s fingerprints were found to match with seven other people or thirteen other people, how were these people able to obtain Aadhaar cards with prints matching six or twelve others?
  • Can any resident of India be provided with the details of people whose fingerprints match with theirs and be tasked with tracing them and making them update their biometrics? Can their own “entitlement” to Aadhaar (as per the Aadhaar Act) be made conditional on such arbitrary tasks assigned to them by the UIDAI?
  • If the people on the list provided by UIDAI refuse to update their biometrics, are legitimate residents to be denied their right to various entitlements made impossible because of a lack of Aadhaar? What is UIDAI’s legal authority to outsource these tasks to random people?
  • What happens if the fingerprints are a match even after updating?
  • In the case of Prathap, his first enrolment for Aadhaar was before he took the job with the Aadhaar operator. There is no question of his fingerprints being accidentally captured at that time. What if the UIDAI has sent him on a fool’s errand?
  • Prathap stands to have his salary account and Provident Fund account closed unless he can provide an Aadhaar. Will the UIDAI compensate him and the countless others like him who have been denied their entitlements and in his case, even legitimate income because of the manner in which they run this system?
  • Given that fingerprints, particularly partial ones, may not be unique, does the Aadhaar Act give the UIDAI the right to deny an Aadhaar to residents “entitled” to an Aadhaar repeatedly in spite of them proving their identity over and over?
  • Is it not a breach of the Aadhaar data if unauthorized people are provided a list of Aadhaar holders whose fingerprints match with theirs? Who is responsible if this information is misused by a person unable to enrol themselves for an Aadhaar to simply take over someone else’s Aadhaar based on the fingerprint match UIDAI has so helpfully provided?

But I suppose the biggest question here is “What gives UIDAI the legal right to employ blackmail as official procedure to resolve issues related with duplicate biometrics?”

How can the UIDAI simply reject repeated enrolments for “technical reasons” and it takes escalating the problem to even know why the Aadhaar application was rejected? How can they then task applicants with tracing down random people and making them update their biometrics if they want an Aadhaar? How can they provide names and contact information for Aadhaar holders to completely unauthorized applicants who are essentially strangers? Is this the UIDAI’s idea of data security or even a robust enrolment process?

Basically what the UIDAI is saying is “We have a duplicate. We have no idea what to do. We have no process. We have no solution for Aadhaar holders having same fingerprints. Here are the names. You go solve it if you want Aadhaar.”

In other words, a clusterfuck.

Vidyut is a commentator on socio-political issues with a keen understanding of tech and policy. She has been observing and commenting on Aadhaar since 2010 from a perspective of human rights, democracy and technological robustness.

5 thoughts on “UIDAI’s process of blackmail to resolve fingerprint matches

  1. “They told him that this was a fairly common problem.”

    Two important questions this statement raises:
    1. What is the efficiency of de-duplication? Is this “common problem” a contributor to increased failure rates?
    2. What is UIDAI’s liability in case of a false positive authentication?

    We deserve an answer to the second question from the SC in case Aadhaar is upheld.

  2. “Aadhaar Fail” fails to understand that it, like, UIDAI, seems to imagine that biometrics identification gives unique IDs. Please read the U.S. National Academies Report and Dr. Hans Mathews” paper. Could you please point out to your website visitors that these are proof of faliure inherent in biometrics. That’s why it’s a misapplication of technology in India and Pakistan, the only two countries indulge in think stupidity.

    1. Thank you for your comment, Col. Thomas. Biometrics are indeed inherently probabilistic and failure as both false positives and false negatives is possible. I should probably dedicate a post to this. Thank you for pointing out.

  3. It will be good to provide some proof like copies of complaints, photographs etc or links to news items related to such case studies with the posts.

Leave a Reply

Your email address will not be published. Required fields are marked *