Every Family in J&K To Get Unique ID: 6 Reasons Why Experts Say This Is Worrying

Enter, the Jammu & Kashmir Family ID: A proposed identity card, with a unique eight-digit alphanumeric number to identify each family and its members vis-a-vis the head of the family. 

The programme, announced by Jammu and Kashmir (J&K) Lt Governor Manoj Sinha in November 2022 as part of the J-K digital vision document, is slated to carry details of all members of the family, including their names, ages, qualifications, employment status, according to media reports.

What's the objective? According to what government officials told The Indian Express, the objective of this is to create an authentic, verified, and reliable database of families in J&K to make sure welfare schemes reach eligible beneficiaries faster and in a more transparent manner.

Why this matters: Other than the ruling Bharatiya Janata Party (BJP), this development has not gone down too well with leaders across the political spectrum.

Former Jammu and Kashmir Chief Minister and PDP Chief Mehbooba Mufti in December 2022 called it "another surveillance tactic to tighten the iron grip" on the lives of Kashmiri people.

Technology and legal experts concur, except they seem to think that there is more to be worried about besides surveillance. 

The new card will be linked to the Aadhaar and the bank account of the head of the family.

While Aadhaar includes information about an individual, the family ID card, if implemented, will link details about families including name, age, qualifications, income, employment status and marital status, among other details.

With all of this information, databases of this type end up having a “360 degree view” of residents, according to cyber security expert Anand Venkat.

This is exactly what leads to surveillance, he added.

“Put simply, profiling is surveillance,” Venkat wrote in his blog.

For example, once this programme is implemented, the government, will not only know your religion, but will also know whether or not your entire family is from the same religious community. At the same time, it will know about the neighbourhood you reside in. With the help of the large-scale database, it will be able to piece together the approximate religious profile of your entire neighbourhood. 

This can, by and by, lead to targeting of specific neighbourhoods (based on those whole live there) for intensified facial recognition and policing, based on the negative traits attributed to the said population by the authorities, Vikas Saxena, an independent tech & policy researcher, explained in conversation with The Quint.

Experts also seem to think that Jammu and Kashmir’s precarious socio-political context makes this all the more worrisome and could add to the ever widening trust deficit between the government and people.

On 5 August 2019, Kashmir, which has witnessed decades-long military conflict, lost its semi-autonomous status after the Indian government abrogated Article 370 of the Indian Constitution.

This led to internet blockades for nearly a year and a half after reports of troop deployment and human rights violations.

That’s not all – in 2021, the UT administration reportedly subjected new government employees to a verification process which included monitoring their social media accounts, according to a circular issued by J&K’s General Administration Department (O9JK-GAD).

Not quite, say experts.

Kashmir is not the only state with such databases. More recently: Haryana, Tamil Nadu, and Maharashtra, among other states, also introduced similar programs. But none of these states have notified a specific law to integrate databases.

“If you collect data, you collect data to profile your residents, there’s certainly the right of privacy engaged. Once that is the case, the requirement of law becomes absolutely indispensable," Prasanna S, a Delhi-based lawyer who had helped petitioners challenge the Aadhaar Act, told MediaNama in a conversation about integrated databases.

He further pointed out how any data collection exercise leading to a 360 degree profiling of citizens in the absence of a law is a direct violation of the fundamental right to privacy.

“The law is a critical piece there. Because the law will then tell you what purposes you can use it for, to what extent the data can be collected and retained and what you cannot use it for. Otherwise, it’s a database that the state can use for any purpose it wants,” Prasanna added.

Interestingly, after Kashmir’s family ID program was announced, senior superintendent of police (security) M Y Kichloo told news agency PTI that the risk of “vulnerabilities and possibilities of cyber attacks will remain” when it comes to storage of data in a digital format.

A report published by the Netherlands-based cybersecurity firm Surfshark VPN revealed that India ranked sixth among countries vulnerable to digital attacks since such attacks were first recorded in 2004.

Even with Aadhaar – the world’s largest biometric system – there have been data security concerns. The Comptroller and Auditor General (CAG) of India, in its April 2022 report on functioning of the UIDAI, flagged several security concerns with Aadhaar. 

And, this becomes seemingly more concerning when you take into consideration that India currently has no data protection law in contrast to the European Union's General Data Protection Regulation (GDPR), which is considered the most stringent framework on data protection and privacy rights in the world.

The Personal Data Protection Bill has still not been passed. Initially introduced in 2018, was withdrawn after strong opposition on the exemption it proposed for the central government and its agencies from its provisions. 

Even a new version of it, which is yet to be discussed in parliament, has the potential to give more powers to the government if passed, The Quint had reported in a previous piece.

Exclusion from Welfare Schemes

Remember reports about starvation deaths in Jharkhand that are said to have happened as a result of people not being able to link their Aadhaar cards with their ration cards and therefore not avail of promised ration?

Experts fear a similar tragedy could emanate from the Family ID programme too.

Election Propaganda

In 2021, a petition in the Madras High Court alleged that the Bharatiya Janata Party’s Puducherry unit had misused voter data collected by the UIADIA during its Assembly election campaign.

The Madras High Court, during the hearing, had said there appears to be a “serious breach” in how the party conducted itself and directed the Election Commission to investigate this.

Experts The Quint spoke to, said that with this new initiative, similar misuse of data for electoral gains could become more convenient.

Like Vikas Saxena puts it:

“Hypothetically, these same data points can impact everything from redistricting and policing to accessing essential services like healthcare and education. In practice, once correlated with the Aadhar database, the use cases are potentially endless.”

He adds: