The manner of passing the Election Laws (Amendment) Bill, 2021 in the Lok Sabha with incredible haste — without putting up the legislative text for public consultations beforehand, and without any discussion whatsoever — was disconcerting. We perhaps lost an opportunity to comprehensively address the crucial issues.
Considering that the Registration of Electors Rules, 1960, (RER) was formulated under the Representation of the People Act, 1950 well before the digital age, it is undeniable that they required urgent reforms. But that not only required a careful understanding of the new challenges and technological possibilities, but, more importantly, also required the patient building of public trust and concurrence through a consultative process. Both, linking the voter IDs with Aadhaar, and the tension between transparency and privacy of electoral rolls — one of making them publicly and digitally available, versus keeping them inaccessible to prevent analytics driven profiling and influencing of voters — are tricky and contentious issues, and the need for adequate debate and discussions cannot be over-emphasised.
Given the ready availability of a nation-wide digital identity instrument, it is inevitable to consider the possibility of using it for electoral rolls. However, on close examination — even setting aside the issue of legislative competence in view of the 2018 Supreme Court judgment on Aadhaar restricting its use only to welfare disbursal and income tax — the move appears to be ill-advised for several reasons.
First, Aadhaar is not meant to be a citizenship proof but only a digital identity for all residents. Residence of 182 days can make even a non-citizen eligible for an Aadhaar ID.
Second, even according to public statements by several government functionaries, Aadhaar was only meant to be an identity proof but not an address proof. In contrast, the RER clearly stipulates address to be a key index for electoral rolls. Moreover, the enrolment processes for voters’ lists and Aadhaar are completely different. Whereas Aadhaar enrolment is based on production of existing documents and the “introducer system”, voter enrolments involve physical verification and “house visits” by a registration officer or representative. It even allows the Booth Level Officers (BLO) to make judgments on age and proof of residence in order to ensure that the homeless and the marginalised may be included, though this perhaps is rarely practised in reality.
Third, there are no publicly available audit reports either on the efficacy of Aadhaar deduplication or on the authenticity of the Aadhaar database. Even the Supreme Court accepted the Unique Identification Authority of India’s (UIDAI) claims on the integrity of the Aadhaar database at face value without any scrutiny. Using Aadhaar to clean the electoral rolls is fraught with the risk of disenfranchisement, especially of the marginalised communities. Indeed, there are numerous reports of large-scale deletion of voters without proper verification in Andhra Pradesh and Telangana due to EPIC-Aadhaar linkage. It is to be noted that there is also ample publicly documented evidence of large-scale exclusion in PDS and welfare disbursal due to Aadhaar.
Fourth, and most importantly, maintenance of the voters’ lists is a primary responsibility of the ECI, which is an independent constitutional body, whereas Aadhaar is a government instrument and UIDAI is under government control. Since the ECI has no control on either enrolment or deduplication in Aadhaar, it appears inappropriate — and a potential conflict of interest — to use Aadhaar for electoral rolls. In particular, since Aadhaar is directly used for disbursal of welfare and direct benefit transfers, linking it with voter ID may provide a direct method for the government to influence and manipulate voters. It is the responsibility of the ECI to ensure that not only are the electoral processes clean, but also that they appear to be clean.
Finally, Aadhaar is a ubiquitous ID that is used in a variety of applications. Linking it with the voter ID will open up avenues for profiling and targeting of voters. This is of particular concern because neither the UIDAI nor the ECI have publicly audited architectures for purpose limitation and protection against insider attacks. While profiling using public data is not illegal according to current laws, both the electorate and Parliament need to clearly understand the risks of such profiling.
It is well understood in computer science that even without using sophisticated analytics techniques, it is far easier to win elections through digital analysis of electoral rolls than through attacking the electronic voting process, especially when election results are available at booth-level granularity. For example, in a keenly contested constituency with say one per cent margin, profiling and selectively influencing a little over one per cent of the most vulnerable voters using the electoral roll data, or manipulating as many entries in the electoral roll itself, can swing the result. Hence, both privacy and integrity of the electoral rolls are of paramount importance in the digital age, and the clear tension between the two makes the problem challenging.
The RER of 1960 clearly opted for transparency as a means to the integrity of the electoral rolls, thereby ensuring that all additions and deletions can be publicly audited. However, with the possibility of digital processing of electoral data, the risks associated with such complete transparency have increased manifold. Yet, there are several modern techniques from cryptography and computer science that may help mitigate the risks by enabling both privacy and public auditability. An electoral reforms bill at the onset of 2022 needed to explore and address these issues head-on.
This column first appeared in the print edition on December 23, 2021 under the title ‘The missing debate’. Banerjee is with the computer science department, Ashoka University, on leave from IIT Delhi. Sharma is with the Computer Science and Engineering department, IIT Delhi