Aadhaar unreliable in ‘hot, humid’ India, rating agency (GS Paper 2, International Organisation)
Why in news?
- Global rating major Moody’s Investors Service has flagged concerns about security and privacy vulnerabilities in centralised identification systems like India’s Aadhaar programme.
Details:
- The Aadhaar system enables access to public and private services, with verification via fingerprint or iris scans and alternatives like One-Time Passcodes (OTPs).
- The Unique Identification Authority of India (UIDAI) administers Aadhaar, aiming to integrate marginalized groups and expand welfare benefits access. The system often results in service denials, and the reliability of biometric technologies, especially for manual laborers in hot, humid climates, is questionable.
Significant for DBT:
- The remarks assume significance in view of the government’s adoption of Aadhaar for routing direct benefit transfers to beneficiaries of official welfare schemes, and in particular, the diktat to mandate Aadhaar-based payments for labourers under the Mahatma Gandhi National Rural Employment Guarantee Act (MGNREGA) scheme.
- In August, the government extended its deadline for switching to Aadhaar-based payment system (ABPS) for MGNREGA beneficiaries for the fifth time, pushing it to December 31, 2023.
Privacy, security concerns:
- In a report on “Decentralized Finance and Digital Assets”, Moody’s acknowledged Aadhaar as “the world’s largest digital ID program” that assigns unique numbers to over 1.2 billion Indian residents using biometric and demographic data.
- It termed Aadhaar, and a new crypto-based digital identity token called Worldline, as two digital ID systems in the world that stand out due to their scale and extent of innovation. However, they have “drawn scrutiny, especially concerning privacy and security”.
- Stressing that ID systems like Aadhaar lead to the concentration of sensitive information with specific entities and increase the risks of data breaches, Moody’s made a pitch for decentralised ID (DID) systems such as digital wallets, based on blockchain capabilities that give users more control of their private data and can reduce online fraud.
Decentralised systems in practice globally:
- In recent years, the spotlight has shifted toward DID as a strategic response to the security and privacy vulnerabilities posed by centralized ID systems like Aadhaar.
- Catalonia, Azerbaijan and Estonia have used blockchain-based systems to issue digital identities.
- Estonia, known for its fully digitalized public services, has embraced SSI (Self-Sovereign Identity) to grant citizens complete control over their digital identities.
Why DID systems?
- The adoption of DID, where personal data is saved in a user’s digital wallet and identity verification takes place not via a single, centralised institution but on a decentralised digital ledger such as a blockchain, increases privacy and reduces the amount of personal information held by intermediaries.
- The DID can be stored and managed in a user’s portable and reusable digital wallet, rather than by a government, business, employer, or other entity.
Challenges:
- At a broader level, it warned that digital IDs, centralised or not, can have negative social repercussions, since they may strengthen group identities and political divides, particularly if offered by technology and social media companies with significant monopolistic influence.
- Consolidation of control within these entities could lead to a concentration of power over individual identities, shaping perceptions and interactions in the digital realm.
- Further polarization of group identities and political affiliations would undermine the goal of a united and diverse digital space.
Multiple entry, exit option in higher studies may not suit India, House panel
(GS Paper 2, Education)
Why in news?
- Recently, the Parliamentary Standing Committee on Education submitted its report titled ‘Implementation of the National Education Policy, 2020 in Higher Education’.
Details:
- After several organisations of students and teachers raised objections to the option of multiple entry and multiple exit (MEME) in the national education policy (NEP), it has advised the Centre to hold discussions with all stakeholders on it.
- The Kerala government has decided not to implement MEME in colleges and universities in the State. The curriculum document of the State had said that the government would allow multiple entry, but exit will be allowed either after three years with a degree or after four years with honours degree.
Concerns:
- The NEP proposes multiple entry and multiple exit options for the students in higher education. The panel said while MEME looked like a flexible system, which was being operated by western educational institutions effectively, it might not work well in the country.
- The panel, citing high population, said the estimated intake of students in higher education every year was high.
- The members in the panel also expressed concern that uneven geographical distribution of higher educational institutions would create hurdles in managing MEME in several areas, mostly countryside.
Recommendations:
- The panel, though noted that MEME will offer students greater flexibility and choice in their educational pathways, asked the Centre to develop comprehensive guidelines and a well-defined framework for MEME options, including specific eligibility criteria, credit transfer mechanisms providing clear road map for students pursuing different exit points.
- Also, implementation of a standardised Credit Accumulation and Transfer (CAT) system that allows students to earn and transfer credits seamlessly across institutions would facilitate smooth transitions between different levels of education, from certificate courses to doctoral programmes.
Way Forward:
- It recommended the Union Education Ministry to have wider consultations with various universities/institutions, their regulatory bodies and other stakeholders to devise ways in view of the difficulties being faced in implementing the MEME options and apprise the panel of it.
80 percentage cybercrimes from 10 districts, Bharatpur new Jamtara, Research
(GS Paper 3, Science and Technology)
Why in news?
- Rajasthan's Bharatpur and Uttar Pradesh's Mathura have replaced Jharkhand's Jamtara and Haryana's Nuh as the infamous hotspots of cybercrime in India.
- The findings have been mentioned by the Future Crime Research Foundation (FCRF), a non-profit start-up incubated at the Indian Institute of Technology (IIT)-Kanpur.
Top 10 districts:
- The study also revealed that just the top 10 districts collectively contribute to 80 per cent of cybercrimes in the country.
- Bharatpur (18 per cent), Mathura (12 per cent), Nuh (11 per cent), Deoghar (10 per cent), Jamtara (9.6 per cent), Gurugram (8.1 per cent), Alwar (5.1 per cent), Bokaro (2.4 per cent), Karma Tand (2.4 per cent) and Giridih (2.3 per cent) are the top contributors to cybercrime cases in India, collectively accounting for 80 per cent of reported incidence.
Key Highlights:
- The analysis of the top 10 cybercrime hubs (districts) in India reveals several common factors contributing to their vulnerability and these include geographical proximity to major urban centres, limited cyber security infrastructure, economic challenges and low digital literacy.
- While established cybercrime hubs continue to pose significant threats, the emerging new hotspots demand attention and proactive measures by people and authorities.
- These represent regions where various forms of digital criminal activity are on the rise, often catching both law-enforcement agencies and the public off guard.
Factors responsible:
- The surge in such cases can be attributed to a complex interplay of various factors such as low technical barriers allowing individuals with limited expertise to engage in such activities using readily available hacking tools and malware.
- Inadequate Know Your Customer (KYC) and verification processes on online platforms enable criminals to create fake identities, making it challenging for law-enforcement to trace them, while easy access to fake accounts and rented SIM cards on the black market allow thugs to operate anonymously, complicating the efforts to track and prosecute them, it stated.
- Furthermore, the affordability of AI-driven cyberattack tools empowers criminals to automate and scale their attacks, increasing their efficiency while virtual private networks (VPNs) provide anonymity for cybercriminals, making it difficult for authorities to trace their online presence and location.
- The FCRF also flagged that unemployed or underemployed individuals are recruited and trained by cybercrime syndicates, creating a growing pool of potential criminals.