It would not do for people to find out all of a sudden that their bank accounts have been cleaned out, or that your BHIM and Aadhaar data are available for sale on the Internet.
Some people are raising questions about Aadhaar and about Electronic Voting Machines (EVMs). It is hard to dismiss them out of hand even if you make allowances for their vested interests. The reason is that, fundamentally, computer and network security in India is in its infancy. As the country is dragged kicking and screaming into a future with electronic money and electronic identity and electronic everything else, it is pertinent to worry about how things can go wrong.
The objectives behind Aadhaar and the EVM are laudable: it makes sense both to have an unalterable identity mechanism and a way of quickly and accurately tabulating election results. Indeed there is a case for even greater introduction of digital mechanisms into daily activities: for instance, we need land records and medical records to be reliable and portable. So the thrust behind Digital India and India Stack is doubtless, sensible. The devil is in the implementation details.
It would be instructive to look at what has happened elsewhere with the introduction of a unique identifier and electronic voting machines, though their situations may not be entirely comparable. They are different countries with different problems, yes, but certainly one can learn from the experiences of other people.
Electronic Voting Machines have been banned in several American states (and in Germany they have been ruled unconstitutional) because it is evident that there are multiple ways of tampering with them, thus denying a citizen the constitutional right to the vote.
As for identity, the social security number (SSN) was introduced in the US quite some time ago as a way of providing a national worker’s pension. But the SSN soon became used for all sorts of other things, and in effect, it is a de facto unique national id now. Other government agencies such as the income tax authorities as well as businesses began to track data using the SSN as the unique id, and even though it was illegal to do so in the first place, but you have a fait accompli now.
The net result today is that it is possible to construct the entire profile of any US resident these days by just using their SSN: you can track their credit card use, their medical history, their ATM use, and so on. There was a film The Net that shows the nightmare scenario if someone were to delete your SSN from the system: you become a non-person. For all practical purposes, you cease to exist.
Separately, with the arrival of the smartphone, not only the US government but also Google, Facebook, Apple and Amazon know everything about you: where you have been at any time, who you fraternise with, what your interests are, what topics you search for on the net, what you say to whom on social media or phone calls. Everything.
If you were a bit of a pessimist, you might say that the age of the Panopticon has arrived: that the scary future European philosopher Jeremy Bentham imagined, where Big Brother is really watching you and knows what you think.
For privacy advocates, this is a nightmare: imagine if a government were to be malign, and wanted to round up people based on thought crimes – in fact you can do this today. Witness how every time some terrorist is caught, they say he had been watching propaganda videos on YouTube or learning how to assemble bombs from common household chemicals. You leave your digital footprints everywhere, and it is almost impossible to hide from the eye in the sky.
But what is worse is that it is not only governments, but hackers too who know or can know anything about you.
One popular trick these days is ransomware: your computer is locked up by a remote hacker, who refuses to let you access it unless you pay good money. One way of dealing with this is to keep regular backups of all your data on computers or disks that are never attached to the Internet. But that is hard to do because your computers need the regular software updates pushed by the manufacturers.
Beyond that, there is identity theft. By piecing together data about your activities, and especially based on the SSN, it is possible for thieves to create new identities that mimic you: the data is yours, but someone has control of it. Large numbers of people fall prey to this every year in the US, and billions of dollars are stolen. A crook who clones your identity can with little trouble create a new credit card with your SSN, and charge thousands of dollars to it. You, alas, will get the bill. This is so widespread that there is identify theft insurance available now.
Imagine how identify theft might play out in India. Unscrupulous bank employees have already been caught in scams where they clone credit cards, and arrange for the PIN numbers to be sent to addresses they or their friends control: the banks end up absorbing this kind of loss (unless they can bully the consumer into paying for the fraud). But imagine how this would be a nightmare if clever hackers are let loose on millions of unsuspecting and unprepared, often illiterate and gullible users in India. And all their financial information is centred around their Aadhaar numbers.
When BHIM-Aaadhar is made a major mechanism for financial transactions, it should be assumed that there will be continuous and wilful security breach attempts made by hackers. It would not do for people to find out suddenly that their bank accounts have been cleaned out, or that your BHIM and Aadhaar data are available for sale on the Internet.
That brings us to the crux of the matter. It is true that Aadhaar is a high-tech mechanism using fingerprints and iris scans to precisely identify individuals. It may even be that this is superior to other UID mechanism available elsewhere.
But there are several problems: one is that current processes need to be re-engineered, another is that there needs to be a clear idea of ownership of data, and a third is that the data must be stored in a manner that it is unalterable.
The first problem is the hardest. Many of the processes we use in India unnecessarily reveal too much information, and they can be leaky – just the thing that the friendly neighbourhood hackers are looking for. Every process using Aadhaar for authentication needs to be re-engineered end to end to ensure that only information that is absolutely necessary (“need to know”) is revealed, and that too in a secure manner.
Secondly, it is not clear who owns the information; maybe the Aadhaar Act has clear rules about this. But the working assumption is that all the data belongs to the government (and that it is not merely the custodian of private data). On the contrary, it must be absolutely clear that the data belongs to the individual, and that he/she must be in control of how much of it is revealed. For instance, if one wants to reveal his/her medical or financial history to some corporation, it should be based on informed consent.
The third problem may have a general solution: blockchain. Although there are concerns about the physical security of devices using blockchain, by integrating that technology into the (orthogonal) technology of identity management, it may be possible to create solutions so that important data is guaranteed to be inviolate.
As for Electronic Voting Machines, speaking strictly from a technology perspective, they are not as safe as we may believe. It would be necessary to have full control of the chips and firmware on them to be confident that EVMs are not being messed with. Researchers in 2010 showed how they could be fixed up with radio-aware chips, which could be manipulated with a mobile phone to activate, say, a Trojan Horse programme that deletes itself after use and transfers say 40 per cent of all votes polled to a specific candidate.
Today, EVMs follow a sort of ‘security by obscurity’, and the voter-verified paper audit trail (VVPAT) terminals with printouts are only a partial solution. But they can be made far more secure. In fact, if sufficient safeguards are inserted, including multi-factor authentication, internet voting could be introduced, so that non-residents and expatriates can also exercise their franchise. The belly-aching by certain parties is just an excuse, but the dangers of EVMs may be real.
Recent Posts
Petrol in India is cheaper than in countries like Hong Kong, Germany and the UK but costlier than in China, Brazil, Japan, the US, Russia, Pakistan and Sri Lanka, a Bank of Baroda Economics Research report showed.
Rising fuel prices in India have led to considerable debate on which government, state or central, should be lowering their taxes to keep prices under control.
The rise in fuel prices is mainly due to the global price of crude oil (raw material for making petrol and diesel) going up. Further, a stronger dollar has added to the cost of crude oil.
Amongst comparable countries (per capita wise), prices in India are higher than those in Vietnam, Kenya, Ukraine, Bangladesh, Nepal, Pakistan, Sri Lanka, and Venezuela. Countries that are major oil producers have much lower prices.
In the report, the Philippines has a comparable petrol price but has a per capita income higher than India by over 50 per cent.
Countries which have a lower per capita income like Kenya, Bangladesh, Nepal, Pakistan, and Venezuela have much lower prices of petrol and hence are impacted less than India.
“Therefore there is still a strong case for the government to consider lowering the taxes on fuel to protect the interest of the people,” the report argued.
India is the world’s third-biggest oil consuming and importing nation. It imports 85 per cent of its oil needs and so prices retail fuel at import parity rates.
With the global surge in energy prices, the cost of producing petrol, diesel and other petroleum products also went up for oil companies in India.
They raised petrol and diesel prices by Rs 10 a litre in just over a fortnight beginning March 22 but hit a pause button soon after as the move faced criticism and the opposition parties asked the government to cut taxes instead.
India imports most of its oil from a group of countries called the ‘OPEC +’ (i.e, Iran, Iraq, Saudi Arabia, Venezuela, Kuwait, United Arab Emirates, Russia, etc), which produces 40% of the world’s crude oil.
As they have the power to dictate fuel supply and prices, their decision of limiting the global supply reduces supply in India, thus raising prices
The government charges about 167% tax (excise) on petrol and 129% on diesel as compared to US (20%), UK (62%), Italy and Germany (65%).
The abominable excise duty is 2/3rd of the cost, and the base price, dealer commission and freight form the rest.
Here is an approximate break-up (in Rs):
a)Base Price | 39 |
b)Freight | 0.34 |
c) Price Charged to Dealers = (a+b) | 39.34 |
d) Excise Duty | 40.17 |
e) Dealer Commission | 4.68 |
f) VAT | 25.35 |
g) Retail Selling Price | 109.54 |
Looked closely, much of the cost of petrol and diesel is due to higher tax rate by govt, specifically excise duty.
So the question is why government is not reducing the prices ?
India, being a developing country, it does require gigantic amount of funding for its infrastructure projects as well as welfare schemes.
However, we as a society is yet to be tax-compliant. Many people evade the direct tax and that’s the reason why govt’s hands are tied. Govt. needs the money to fund various programs and at the same time it is not generating enough revenue from direct taxes.
That’s the reason why, govt is bumping up its revenue through higher indirect taxes such as GST or excise duty as in the case of petrol and diesel.
Direct taxes are progressive as it taxes according to an individuals’ income however indirect tax such as excise duty or GST are regressive in the sense that the poorest of the poor and richest of the rich have to pay the same amount.
Does not matter, if you are an auto-driver or owner of a Mercedes, end of the day both pay the same price for petrol/diesel-that’s why it is regressive in nature.
But unlike direct tax where tax evasion is rampant, indirect tax can not be evaded due to their very nature and as long as huge no of Indians keep evading direct taxes, indirect tax such as excise duty will be difficult for the govt to reduce, because it may reduce the revenue and hamper may programs of the govt.
Globally, around 80% of wastewater flows back into the ecosystem without being treated or reused, according to the United Nations.
This can pose a significant environmental and health threat.
In the absence of cost-effective, sustainable, disruptive water management solutions, about 70% of sewage is discharged untreated into India’s water bodies.
A staggering 21% of diseases are caused by contaminated water in India, according to the World Bank, and one in five children die before their fifth birthday because of poor sanitation and hygiene conditions, according to Startup India.
As we confront these public health challenges emerging out of environmental concerns, expanding the scope of public health/environmental engineering science becomes pivotal.
For India to achieve its sustainable development goals of clean water and sanitation and to address the growing demands for water consumption and preservation of both surface water bodies and groundwater resources, it is essential to find and implement innovative ways of treating wastewater.
It is in this context why the specialised cadre of public health engineers, also known as sanitation engineers or environmental engineers, is best suited to provide the growing urban and rural water supply and to manage solid waste and wastewater.
Traditionally, engineering and public health have been understood as different fields.
Currently in India, civil engineering incorporates a course or two on environmental engineering for students to learn about wastewater management as a part of their pre-service and in-service training.
Most often, civil engineers do not have adequate skills to address public health problems. And public health professionals do not have adequate engineering skills.
India aims to supply 55 litres of water per person per day by 2024 under its Jal Jeevan Mission to install functional household tap connections.
The goal of reaching every rural household with functional tap water can be achieved in a sustainable and resilient manner only if the cadre of public health engineers is expanded and strengthened.
In India, public health engineering is executed by the Public Works Department or by health officials.
This differs from international trends. To manage a wastewater treatment plant in Europe, for example, a candidate must specialise in wastewater engineering.
Furthermore, public health engineering should be developed as an interdisciplinary field. Engineers can significantly contribute to public health in defining what is possible, identifying limitations, and shaping workable solutions with a problem-solving approach.
Similarly, public health professionals can contribute to engineering through well-researched understanding of health issues, measured risks and how course correction can be initiated.
Once both meet, a public health engineer can identify a health risk, work on developing concrete solutions such as new health and safety practices or specialised equipment, in order to correct the safety concern..
There is no doubt that the majority of diseases are water-related, transmitted through consumption of contaminated water, vectors breeding in stagnated water, or lack of adequate quantity of good quality water for proper personal hygiene.
Diseases cannot be contained unless we provide good quality and adequate quantity of water. Most of the world’s diseases can be prevented by considering this.
Training our young minds towards creating sustainable water management systems would be the first step.
Currently, institutions like the Indian Institute of Technology, Madras (IIT-M) are considering initiating public health engineering as a separate discipline.
To leverage this opportunity even further, India needs to scale up in the same direction.