When the project was rolled out in 2009, the Unique Identification Authority of India (UIDAI), which administers the Aadhaar project, wanted to use the 12-digit personal identification number to mitigate corrupt practices and bring transparency to systems and processes.

There was also much chatter about Aadhaar linking being mandatory for opening of bank accounts and getting mobile connections, among other things.

By the time India’s supreme court ruled that Aadhaar linking wasn’t necessary for these services, millions of Indians were already trapped. At times, not having the ID has come in the way of people receiving welfare benefits and has even prevented the enrolling of kids in school. More worryingly, reports of several breaches and data leaks have stoked fears around data privacy violations.

India “avoided a maximum score because law enforcement isn’t permitted to access the database,” Paul Bischoff, tech writer, privacy advocate, and VPN expert wrote in the study published yesterday (Dec. 4).

Ireland and Portugal were the least questionable countries with low scores of 11. These countries maintain only small databases, guard biometrics in the workplace, and do not collect biometrics upon entry of travellers into the country, among other things.

It’s probably too late for India to go back on the mess it has created.

📬 Sign up for the Daily Brief

Our free, fast, and fun briefing on the global economy, delivered every weekday morning.