We are not accustomed to privacy. We live our lives with little thought to the consequences of sharing personal information with neighbours and friends.
Sometimes, the nature of our social circumstance makes privacy irrelevant. In various parts of India, we name our children using traditional conventions that allow them to be identified accurately within the extended family tree of the community. For those of us who live in joint families, personal privacy is at a premium and never taken for granted.
We don’t question this lack of personal space. It is part of the compromise we make when we choose to live in India. And for the most part, no one has ever suffered because of it.
So why, after centuries of carelessly parting with intimate personal information, is a privacy legislation important today?
The government today collects vast quantities of personal information about its citizens, and has been doing so for over a decade. Yet, even though we are dealing with numbers far in excess of anything the Western world has had to handle, we face none of the personal privacy challenges that they suffer.
One reason for this is the inaccuracy of the data that is being collected. By some estimates, up to 20% of government databases are made up of ghosts—persons who are registered within the database, but who do not actually exist. While the obvious effect is inefficiency in the distribution of public services, the unintended consequence is a lack of trust in the database itself. When agencies look to verify identity, they ask for multiple documents, to be doubly and triply sure that the person they are dealing with is who he claims he is.
This coping strategy, made necessary by an inefficient data collection process, has protected us from data theft. Today, it is hard to steal identity in India, as the thief would need to obtain not just one, but many pieces of identity information.
Aadhaar, the most ambitious personal identification project ever attempted anywhere in the world, will create an infrastructure through which public services will be directed more accurately to their intended recipients. The social dividend that it generates will be huge.
But Aadhaar will have one unintended consequence that must not be overlooked. By promising accurate and unique identity, it will allow us to rely on just one piece of identity information. It will strip away the artificial protection that we have relied on all these years, laying us open to identity theft. So, is Aadhaar bad? Most certainly not. The social benefit that we, as a country, will derive from cleaning up our public distribution system will be enormous. The vast majority of our country that remains under-served by government machinery will, doubtlessly, gladly exchange personal privacy for better public service.
But at the same time, we need to be mindful of the law of unintended consequences. It would be a shame if a project with the game-changing potential of Aadhaar is questioned just because we have not enacted a privacy legislation.
Rahul Matthan, a founding partner of law firm Trilegal, has drafted an approach paper on the proposed legislation for a privacy and data protection law.
Respond to this column at firstname.lastname@example.org