Skip to navigationSkip to content

India has the world’s largest biometric data store, and it is terrible at handling it

A villager goes through the process of a fingerprint scanner to register for the Unique Identification (UID) database system at an enrolment centre at Merta district in the desert Indian state of Rajasthan
Reuters/Mansi Thapliyal
Leaving behind prints.
  • Ananya Bhattacharya
By Ananya Bhattacharya

Tech reporter

Published This article is more than 2 years old.

Almost 1.25 billion Indians, who have enrolled in the world’s largest biometric programme, Aadhaar, may have reasons to worry.

New research shows that India is among the worst offenders when it comes to the collection, storage, and use of biometric data, according to an analysis of 50 countries by Comparitech, a website that researches and compares technology services.

The country scored 19 out of 25 when assessed for where biometrics are being taken, what they’re being taken for, and how they’re being stored. Higher scores indicate extensive and invasive use of biometrics.

Only China (24), Malaysia (21), Pakistan (21) and the US (20) fared worse. Indonesia, the Philippines, and Taiwan showed the same lack of regard for the privacy of people’s biometric data as India did.

When the project was rolled out in 2009, the Unique Identification Authority of India (UIDAI), which administers the Aadhaar project, wanted to use the 12-digit personal identification number to mitigate corrupt practices and bring transparency to systems and processes.

There was also much chatter about Aadhaar linking being mandatory for opening of bank accounts and getting mobile connections, among other things.

By the time India’s supreme court ruled that Aadhaar linking wasn’t necessary for these services, millions of Indians were already trapped. At times, not having the ID has come in the way of people receiving welfare benefits and has even prevented the enrolling of kids in school. More worryingly, reports of several breaches and data leaks have stoked fears around data privacy violations.

India “avoided a maximum score because law enforcement isn’t permitted to access the database,” Paul Bischoff, tech writer, privacy advocate, and VPN expert wrote in the study published yesterday (Dec. 4).

Ireland and Portugal were the least questionable countries with low scores of 11. These countries maintain only small databases, guard biometrics in the workplace, and do not collect biometrics upon entry of travellers into the country, among other things.

It’s probably too late for India to go back on the mess it has created.

📬 Kick off each morning with coffee and the Daily Brief (BYO coffee).

By providing your email, you agree to the Quartz Privacy Policy.