India’s Aadhaar identification system is a biometric identification of citizens, meant to streamline and universalise service delivery mechanisms through documentation of people’s demographic and biometric data. Aadhaar enrolment, which was voluntary earlier, through the Aadhaar Act 2016 became a mandatory requirement in 2018 for availing state scheme benefits, leading to a trade of personal information for provisions that people are constitutionally entitled to. The strong push for universalising Aadhaar severely impacted communities that lacked the ability to face the challenges and data protection implications. This created reservations about the implications such a vast data set could have on data security, privacy, and increased state oversight potentially restricting personal freedoms.

The upcoming 7th Digital Citizen Summit (DCS), on 14 and 15 November 2025, organised by the Digital Empowerment Foundation (DEF) in collaboration with the Government of Telangana and the Centre for Development Policy and Practice (CDPP), will explore such questions of platform power and digital governance. The first of the Pre-Summit webinar series, intended to initiate critical conversations around DCS, was themed “Governing Data, Governing Rights,” examined Aadhaar’s role in forcing digital participation, its implications for electoral systems, and the need for a fairer regulatory framework.

Complex processes

The grand claims of inclusivity through a simple and smooth process have fallen short, especially with the poorest, the elderly, and people with disability. The complex procedures of registration and updating often result in the exclusion of people living in remote areas, the elderly, people with disability, and people who lack literacy and digital access. Lack of supporting documents like birth certificate, residency proof for homeless people, and spelling mistakes could stop the issuance of Aadhaar.

Despite the Supreme Court’s ruling that Aadhaar cannot be a mandatory document for availing governmental services, through executive orders, made over 300 schemes and benefits conditional on Aadhaar registration. These include subsidies on food and gas cylinders, pensions, maternity benefits, school enrolment, etc. The integration of Aadhaar by private corporations like banks, insurance, and telecom companies has raised serious concerns about sensitive personal data being used for monetary gains by these actors. It has now become a key document for bank accounts, land registration, school admissions, examinations, and mandatory identity proof for Sabarimala, garba, or club event entries.

Manual labourers, especially the elderly, often face issues in biometric authentication due to withering of fingerprints, denying them food as ration stores use fingerprint authentication for Aadhaar verification. People who do not have a permanent address, housing documents, and birth certificates are also denied Aadhaar cards, blocking their access to state services, such as school enrolment for their children, which is a violation of the Right to Education. Linking phone numbers to Aadhaar is also required for school admissions, Scheduled Caste certificates, income certificates, BPL card, bank accounts that receive welfare funds from the government, and voter IDs.

To add to this, the process of e-KYC, meant to authenticate the identity for gas cylinders, Aadhaar, ration, and Ayushman Bharat cards requires one to match biometrics and OTP verification. In 2025, The Wire reported 5,22,000 people in Odisha alone, who were denied their right to food due to e-KYC related issues. Such an elaborate process guarantees the exclusion of underprivileged communities, saving the government’s effort and money as they have fewer people to tend to. The government has instead earned around 602 crores as fines for not linking PAN with Aadhaar, the Centre told the Lok Sabha on February 5, 2024. The extensive usage of Aadhaar data across the public and private sectors creates a humongous dataset, connecting almost every aspect of our lives, eroding our privacy.

Breach of data privacy

Data protection laws across the globe aim to minimise the data collection to only the relevant and necessary parts, however, the use of all Aadhaar data poses a threat to the data privacy. Amidst increasing instances of data leaks and third-party usage of data for promotion through ads and calls, it is crucial to strictly limit the number of entities allowed to access Aadhaar data. An India Today report in 2023, revealed that the Aadhaar details of 815 million people were leaked on the dark web in December 2023, of which 100,000 were verified to be authentic Aadhaar information, collected from various government databases.

In 2022, a report by the Comptroller and Auditor General of India (CAG) echoed the calls for improvement while citing a variety of issues in Unique Identification Authority of India’s (UIDAI) implementation of Aadhaar. Being the world’s largest biometric database, UIDAI is responsible for enforcing data management regulations and compliance from all entities possessing Aadhaar data. However, over 50% of the entities accessing this data never submitted their annual compliance reports. The absence of consequences on the Biometric Service Providers for faulty and inadequate data collection places the blame of inaccurate biometric data on the people, forcing them to update biometrics with their own money. Of the 3.04 crore biometric updates from 2018 to 2019, 73% were voluntary due to faulty biometrics, as per the CAG report.

The webinar discussants pointed out how the Election Commission of India (ECI) voluntarily collected Aadhaar data and linked it to EPIC numbers without statutory backing, based on which voters it deemed fraudulent were deleted. As the primary regulatory body, there have been many instances where the ECI has failed to prevent large-scale data theft such as the Telugu Desam Party using State Resident Data Hub data in 2019, the BJP using Bruhat Bengaluru Mahanagara Palike data in Bengaluru, and the Telangana government hiring Positex, and sharing EPIC data with it to run facial recognition.

The webinar underscored how Aadhaar, initially framed as a tool for efficiency and transparency, has evolved into a mechanism enabling mass surveillance and exclusion. The speakers called for a democratic dialogue and enhanced regulations to protect data privacy. The compulsion of Aadhaar-linking for services needs to be reconsidered, while also adopting consent-based data usage and enhancing digital coverage to remote regions to ensure beneficiaries are not excluded from essential services. Ensuring that digital governance empowers rather than alienates citizens remains central to building a truly inclusive digital ecosystem.

Arnav Panwar is a research fellow at Centre for Development Policy and Practice (CDPP) in Hyderabad. CDPP is an independent research institution working on economic and public policy issues with a focus on the development of marginalised populations.

📰 Crime Today News is proudly sponsored by DRYFRUIT & CO – A Brand by eFabby Global LLC

Design & Developed by Yes Mom Hosting