[By Alan Chia (Lego Color Bricks) (CC BY-SA 2.0), via Wikimedia Commons]

Sometime in the next few weeks, the Supreme Court will hear a case on whether Aadhaar violates the fundamental right to privacy. The judgement will be as important as the one that established privacy as a fundamental right earlier this year.

It is important because the bench will be pronouncing not just on a technology project, but on a radically different approach to development and delivery of public goods. The approach comes from the world of technology, and is essentially about building digital infrastructure and giving lego blocks of tech for the government agencies to design solutions to meet their needs. The same lego blocks can be used by businesses and the social sector.

This approach has huge potential and is much needed, but it also comes with huge risks

I would argue that this approach has huge potential and is much needed, but it also comes with huge risks. Huge potential, because these lego blocks can be used to build a range of solutions that empower people. Huge risks, because they can also be used to build solutions that are useless or even harmful. The challenge before the country is to find a way to use it for our benefit, while bringing down the risks.

From the British Raj to Billionaire Raj

Going back to the 1990s is not a bad place to start. Do you remember the early days of ‘global internet’? Connecting to the internet was painfully slow, and there used to be jokes that ‘www means world wide wait’. But the optimism about the new technology was huge. Conversations those days revolved around the death of distance, the dawn of truly free markets, democratisation of information, empowerment of individuals, and even the end of wars. This was no Silicon Valley talk. I have heard intense debates around these themes at Woodlands Drive-in in Chennai in the late 1990s.

Cut to 2017. The wealth gap has widened across the world—and in India. The cover of a new book (to be published in 2018) by former Financial Times journalist James Crabtree has a striking picture of Mukesh Ambani’s 27-floor home, and the image powerfully makes a statement about inequality in India even without contrasting it with slums. The book is titled The Billionaire Raj.

Research by Thomas Piketty shows that the wealth gap, after narrowing for a few decades after independence, is widening today. The gap reflects on development. India has a poor record in health and nutrition (15% of India’s population is malnourished), education (only 48% of class V students in India can read class II level textbooks), and access to finance (the poor pay exorbitant rates to borrow). Whatever happened to the golden age that digital economy promised?

Broken promises

The promise of technology has eluded the poor for three reasons. First, most of the innovations in digital economy are aimed at those at the top of the pyramid. It’s not just about headline grabbing devices such as iPhone X. Fire any app on your phone, and you will see the default (and only language) is English, spoken by 10% of India’s population. Second, even when tech programmes were designed for the poor, they failed to scale up, thanks in part to the diverse needs of the country. Early solutions tend to be bad, discouraging others to try them out (in contrast to the SEC A markets). Third, and this is an important factor, local solutions are often not strong enough to push people to a higher orbit of wealth, away from the patterns determined by systemic, structural forces.

To really live up to the initial promise any technology solution has to address the issues of scale (1.2 billion population, not just the top 200-300 million), scope (overall wellbeing rather than one small part of their lives), diversity (India is a diverse country, and cookie cutter approaches tend to fail), speed (there is some urgency, because high levels of inequality cannot be morally defended) and the system as a whole (to ensure that the changes are long lasting, and the old patterns don’t pull people to the old equilibrium). The existing approaches haven’t worked well, as evidenced by the social and economic indicators.

What then is the answer? Digital platforms, according to Nandan Nilekani and his team which designed and built Aadhaar.

But, first, a bit on platforms.

The power of platforms

The idea of platforms comes straight from the world of technology. One example of a platform is the operating system—such as Windows, Linux and MacOS—on the top of which programmers build applications for the users. They have been around for a long time.

A more recent trend is platform businesses, highlighted by Sangeet Paul Choudary in his books Platform Scale and Platform Revolution. Choudary contrasts platforms with pipes. In the pipe model, value gets created at one end (by the producers) and it gets consumed at the other end (by the users). Hollywood produced movies at one end, distributed them through cinema halls, television channels, DVDs, etc, and at the other end of this supply chain, people watched the movies. A platform on the other hand just attracts producers and consumers to it, and enables transactions between them. YouTube lets producers post their videos and users watch them. Value is created on the platform.

Platforms have many of the desired qualities we discussed earlier. Platforms can scale up (check out the growth of Uber, Airbnb, YouTube). Platforms can cater to a range of services (there are platforms for education, health and entertainment). Platforms can nurture diversity (the range of travel options available on Ola is wide). Platforms can gain momentum very fast (it is a reason why venture capitalists get attracted to platform businesses). Platforms can dramatically change the industries they operate in (a reason why there they meet with opposition from the incumbents).

Platforms do all these by bringing down transaction costs. Transaction costs, by textbook definition, have three components.

  • search and information costs
  • bargaining and decision costs
  • policing and enforcement costs.

We just have to book a cab on Ola or Uber to see how these three work out. We spend dramatically shorter time and efforts in searching for a cab, bargaining etc. It offers similar advantage to drivers—they can mostly find their next ride close to where they drop the previous passenger.

Because digital platforms are both efficient and intelligent in using data, they can not only bring down transaction costs, but also provide additional value. Automated captions on YouTube is a great example of what data and machine learning can do. Voice recognition has traditionally been a tough problem for computers to master. Now, YouTube can even automatically recognise applause and laughter.

The risky business

Platforms however are not all good.

They can lead to exclusion. Uber by definition excludes people who don’t have access to smartphones.

They carry security risks and can engender fraud. Recently, it was revealed that Uber had lost control of private information of 57 million users.

They can be intrusive. Facebook not only profiles its users, it nudges its users to post more, stay longer, so it can profile them better. Its revenue model depends on looking into user data and making use of it.

The last point above highlights the big problem with commercial platforms. Those who run commercial platforms are in it for money, and not social good.

In the early days of Aadhaar—and even today—much of the public attention went to the fact that it’s a biometric ID project, and very little to the fact that it was built as a platform. It is different from the platforms we are familiar with in two ways.

Aadhaar is a small (if crucial) element, a single lego block, in a solution

One, Aadhaar is a small (if crucial) element, a single lego block, in a solution. It can be an enabler. But by itself, it’s not a complete solution. It’s true that with other pieces that were built around Aadhaar—eKYC, eSign, payments—its value goes up. But still, Aadhaar is not an app that we can open in our phone and derive immediate benefit—as in the case of Uber or YouTube.

Two, Aadhaar is not a commercial platform. It is a public platform. It is owned by a government agency, with no pressure to show profits, and can therefore be potentially used for public good.

As in other platforms, Aadhaar and the other digital infrastructure can potentially bring transaction costs down—by giving the option to identify a person remotely (biometric authentication / OTP), by easing money transfer (Aadhaar Payments Bridge, Aadhaar Enabled Payments System, Unified Payments Interface or UPI), by enabling sharing of data and documents (DigiLocker, eSign, eKYC).

Add a layer of tokenisation, and the possibilities get even more exciting. It is already present in UPI. UPI allows us to create multiple virtual payment addresses, which makes it revocable, enhancing privacy and security. It reduces the chances of someone building a 360-degree profile of a person. It is possible to do the same for Aadhaar (and reports suggest UIDAI is working on it).

Another exciting development is data empowerment and protection architecture, which is essentially a framework that lets you share your data with others (could be a university, hospital, bank or insurance firm) in return for specific benefits.

Imagine these to be lego blocks, using which you can build a solution for users.

Lego blocks for development

It can potentially change the way things work. For example, a well-designed programme using these digital components can enable greater mobility of the beneficiaries, allowing them to access targeted subsidies irrespective of where they are. A social sector initiative like the school voucher programme of the Centre for Civil Society can scale faster. Banks can assess creditworthiness based on the cash flow, rather than look for assets (for which they might not have the documents).

However, building solutions using these blocks is the crucial step. To understand why, consider this analogy. Suppose there are two banks that use pretty much the same, commoditised technology applications/components—for core banking, payments, business intelligence, analytics,  etc—that are available in the market. Is it possible that one of them gives a fantastic customer experience, and other a totally terrible experience? It is not only possible, it is very likely.

Tools are commoditised. But the way they are bundled together in the broader context of the bank’s strategy, culture and execution capacity  will determine whether they add or destroy value. Tools are only one part of the puzzle.

So it is with Aadhaar, with some additional levels of complexity. One of them comes from the use of biometrics. Not everyone has biometrics. For example, some might have lost fingers and eyes to disease or accidents, and some might have fingers that have gone bald due to old age or hard labour. Secondly, biometrics is probabilistic, which means that there will always be false positives and false negatives. Any agency that uses the lego block of biometric authentication without being aware of these features (bugs) is certain to design a system that will harm rather than help its constituents.

Another layer of complexity comes from the nature of the Aadhaar number itself.

  • It is a number, and not a card. Its value comes from biometric authentication. Without it, the card itself doesn’t prove anything.
  • It is a foundational ID. It doesn’t convey anything about your status, not even citizenship.
  • It is unique. Its uniqueness can be useful for deduplicating other IDs which are also supposed to be unique—PAN card, voter ID, passport.

Atul Gawande, author, physician and public health policy expert, loves to quote the work of Samuel Gorovitz and Alasdair MacIntyre, two philosophers who studied human fallibility to conclude that mistakes happen because of two reasons:

1. Ignorance: You don’t know what you don’t know.
2. Ineptitude: Where knowledge is applied inconsistently or incorrectly.

Both apply to Aadhaar as well, leading to risks of exclusion, fraud and intrusion.

While designing a solution using a lego block approach, people might end up underutilising its features (a mistake that security at airport entrance makes, treating Aadhaar card as an equivalent of a driver’s licence or a passport; or the mistake that Maharashtra bankers made while connecting Aadhaar numbers to bank accounts for loan waivers, leading to random numbers getting linked passing off as Aadhaar). Or use them when there is no need to. The “is there, will use” attitude that marked a whole generation of PowerPoint users obsessed with word animations and slide transitions can lead to more than just an irritation.

Reagan on government: It is the problem

I have had several conversations with friends for whom the scope creep of Aadhaar is more than just an irritation. It is not that they don’t understand the power of platforms. They do. (Most of them happen to be engineers.) They are aware that exclusion, fraud/security risks and intrusion are a part of any technology project, not just Aadhaar. But their special concern about Aadhaar stems from three sources.

We don’t remember utilities when they work, or our human body when it is healthy

First, Aadhaar is a government project and that has two implications. One, unlike in commercial platforms, there is an urgency in using Aadhaar in various projects, not by market demand, but by government push. (And the government push is no ordinary push, because the state has the monopoly over violence). Two, commercial platforms are used by people who can afford them or used in situations where other options are available. If I don’t get an Uber, I can take an autorickshaw, or even call up a friend to pick me up. However, most Aadhaar-enabled programmes are designed for those who don’t have such cushions. When they fall, it hurts. It’s true that things have turned easy for a large number of people because of the use of technology, and I have personally met several of them. But, we don’t remember utilities when they work, or our human body when it is healthy. The problem is when it fails to work, when it falls ill.  

The second source of concern is the speed with which Aadhaar is spreading when the country doesn’t have a data protection law yet. With the Srikrishna Committee working on it, this concern is likely to be put to rest soon. (Provided the government follows up.)

The third source of concern is the way the government agencies handle data (not very well), and the way UIDAI reacts to the news of data leaks or fraud. Everyone understands that security is a cat and mouse game. But, how quickly government reacts to such events, how well it engages with those in the ecosystem (say, by organising regular bug bounty programmes), how transparent it is about security issues can send a strong signal. It can inspire confidence or evoke fear. Much of the discussion about the security of Aadhaar (and in fact the cost and benefits of Aadhaar) is a matter of faith, rather than of evidence. In cybersecurity, it is good to be a sceptic, if not a confirmed atheist. (Cyber security Black Swans always play on the side of atheists.)

When we want the government to be a welfare state, we also have to build the state capacity to provide those goods

There is nothing that the government can do about someone’s ideological position on government. If government is involved only in protecting people from violence and in enforcing contracts, we can control how much power we give it. However, when we want the government to be a welfare state and take care of the needy, we also have to build the state capacity to provide those goods—knowing that the state capacity can be misused. We have to depend on rule of law and democratic accountability to ensure that the government doesn’t misuse its power.

But the other two concerns are real, and the government has done little to address them so far. UIDAI, for example, sent legal notices to the Centre for Internet and Society, when it should have sent it a thank you note (and may be some compensation) for revealing the weaknesses in the system. UIDAI was once known for being transparent compared to other government agencies. Now, it has been pulling down previously available documents from its website. There is no sign of engaging with the broader community of cyber security experts to strengthen the system.

The dust kicked up by the arguments around these issues has in effect covered the questions around the effectiveness of digital platforms in a government setup.

Societal platforms

Is there a way for us to assess the effectiveness of platforms to help us achieve societal goals? Such a platform should not be pushed by the government; getting onto the platform should be strictly voluntary; and of course, it should be for social good.

Nilekani and his team are in fact building one such platform at EkStep. EkStep, like Aadhaar, is platform, a utility, on which solutions can be built. It hopes to impact the lives of 200 million students by 2020. It is designed for scale, diversity, and social good.

Here’s a presentation by Nilekani on societal platforms, which is worth watching.

EkStep was in news recently after it signed up as a technical partner for Co-Impact, a philanthropic initiative that hopes to improve the lives of the poor through systems change. Richard Chandler, Bill and Melinda Gates, Jeff Skoll, Romesh and Kathy Wadhwani, and The Rockefeller Foundation are the core partners of the initiative. In some ways, EkStep’s partnership with Co-Impact is a vindication of the platforms approach to development.

But that still doesn’t provide evidence of its effectiveness. We will know by 2020, or earlier.

All these make the upcoming Supreme Court case very interesting.

The boundaries the Supreme Court draws around the use of Aadhaar will to a large extent determine the shape it takes

The boundaries it draws around the use of Aadhaar will to a large extent determine the shape it takes in the coming months and years. And that in turn will influence how other digital platforms are used in government, social and development programmes.

If it draws it too broadly, there will be questions about protection from privacy and security risks. If it draws it too narrowly, its potential for development will not be realised.

likes comments
share bookmarks

READ NEXT