Why linking Aadhaar to voter ID is a dangerous idea
Written by Vibhav Mariwala and Prakhar Misra
Last month, the Indian Election Commission (ECI) reminded the Law Department to approve a series of pending electoral reforms. Among these was the acceleration of the linking of voter cards (EPIC database) with Aadhaar. In a discussion paper for the Data Governance Network, we provided several reasons why the dangers outweigh the benefits. The absence of a law protecting personal data, the lack of clarity on the integration mechanism, the risk of leaks and the possibility of deprivation of the right to vote of voters are the main reasons why this approach should not be rushed. In light of these elements and the current movement, the whole idea should be revisited.
The ICE justified this integration for various reasons, two of which are the improvement of accessibility to the vote and the reduction of electoral fraud. First, there have been calls for migrant workers to have the right to vote regardless of their location, in order to enable them to participate in elections in their country of origin. Analysis by Sabrang India says India lags behind in voter turnout compared to other major democracies, one of the main reasons being the sheer number of migrant workers – an estimated population of 300 million. Linking the two databases will allow ICE to track migrant workers and improve voter turnout.
Second, this decision should also prevent voter fraud since Aadhaar information is authenticated using biometrics, which cannot be replicated, and in turn, duplication of voter ID cards is prevented. Duplication of voter ID cards could be problematic as it allows people to vote in multiple areas as they show different areas of residence.
In its current form, the proposed amendment to the People’s Representation Act (1950) will make this integration voluntary and not compulsory. This amendment does not remove other forms of identification to verify EPIC – such as driver’s license, passport, utility bills, etc. However, a precedent warns us of the obligatory vs voluntary position, which continued to change throughout the implementation of Aadhaar. Apart from that, we caution against this move due to three specific dangers.
First, the link proposed in the absence of a law on the protection of personal data, can lead to abuse and undermine the integrity of the electoral list. The use of demographic information, such as a caste certificate or driver’s license, when used to obtain an Aadhaar card, could be exploited by the EPIC database. This information could be used for the purposes of targeted political advertising and, possibly, denial of the right to vote. Institutional and technological mechanisms to prevent this need to be clarified before this movement is implemented.
Such fear has a precedent. There have been examples of targeted surveillance using Aadhaar information and demographic data. In Andhra Pradesh, 5.167 million families could be located on a website run by the state government, using religion and caste as search criteria. Likewise, in an attempt to âpurifyâ the electoral rolls and remove duplicates, the names of 2.2 million voters were removed from Telangana’s electoral rolls. Many voters – including badminton player and 14-time national champion Jwala Gutta – were surprised to have their names deleted. The Telangana Election Commission used Aadhaar-based software for this purpose, according to a request from RTI, which led to such deprivation of the right to vote and a violation of universal suffrage.
Second, the risk of fraud increases when these databases are interconnected. In 2020, the UIDAI reported having canceled 40,000 fake Aadhaar cards, the first time it admitted to defrauding its systems. Two specific concerns emerge for EPIC-Aadhaar integration. First, the authenticity of Aadhaar will determine the authenticity of the electoral rolls and this could lead to the legitimation of fraudulent identities. We have seen this in the case of the PAN-Aadhaar link where legitimation concerns benami financial transactions were lifted after the UIDAI accepted the extent of the fraud in Aadhaar. Second, UIDAI, in several court cases, admitted that it had no information about the registration operator, agency, or even their location when registering someone in Aadhaar. It therefore becomes difficult to remedy the problems of questionable registration practices. In the case of EPIC integration, the oversight mechanisms and other checks and balances to ensure the integrity of individual data are unclear. Given the reported scope of the fraud with Aadhaar, this process could undermine the sanctity of the voters list.
Third, numerous studies conducted by multilateral organizations such as the World Bank have shown that having a single form of identification deprives citizens of their rights and removes them from the social and electoral system. A study of voter identification requirements in Latin America found that countries with only one ID were likely to have fewer citizens participating in the electoral process since they were unable to prove their identity. This raises questions about the effectiveness of the Aadhaar system. Since many people have struggled to establish their identity to collect food rations or midday meals using Aadhaar, this could also be a problem for voting, thus undermining the institution of democracy itself.
Judge BN Srikrishna, chairman of the committee that drafted the personal data protection bill, had previously described the ECI’s proposal to link the two databases as “more dangerous”, arguing that “if [the government] can collect data, [it] can profile human beings. The lack of strong data protection standards and the fractured experience of previous integrations highlight the precariousness of this development. Instead, we would say that until the PDPB is enacted and the technical details of such integration are made public, this proposal should not go forward.
Mariwala is a senior analyst at the IDFC Institute and Misra is an independent researcher working on state capacity and Indian political economy.