Let's Build a Responsible Cyber Society




The National ID Card Challenge for Nandan Nilekani.. Part I

[This is part I of the series. Part II is available here]

It was a pleasant surprise to know that the Government of India thought it fit to pick a professional like Mr Nandan Nilekani and appoint him for one of the important projects such as the National ID Card  (NIDC) Project. Our good wishes to Mr Nandan for a successful stint in this new role.

It may be recalled that the idea of National ID Card has been floating for some time and already pilot projects had been initiated in at least two states at enormous costs. The issue became a talking point during the elections when BJP announced in its manifesto the implementation of the "Multi Purpose National Identity (MNIC) cards".  Now Congress has grabbed the opportunity as the ruling party and one should appreciate the alacrity with which the Government  has acted immediately on taking charge.

So far, this project of National ID has been a project which was driven by the Smart Card manufacturers who saw a golden opportunity of crores of smart cards being used in the project. Now this lobby will again be active and bringing pressure on Mr Nandan to ensure  that their commercial interests are protected.

The undersigned has been repeatedly suggesting that the Citizen ID card project does not necessarily require a "Smart Card" with a large memory in the Chip. Naavi's suggestions have also been examined closely by the Central Government (Ministry of Human Resources). Even the NeGP also seems to hold views similar to what Naavi had expressed earlier.

While Mr Nandan as an experienced IT professional can be expected to lead the project team to the most optimal solutions,  we will be failing in our duty if we donot bring to the discussion board some of the suggestions which had been placed before the Government earlier even if they had not been considered for implementation earlier. It is our desire that the new project team under Mr Nandan should again evaluate these suggestions and reject it if not found suitable. I am therefore reproducing the salient parts of these suggestions.

Naavi's suggestion of the use of a ZeMo card or what is called Zero Memory Card instead of the traditional smart card is built on the following key principles.

1. The essence of the NIDC project is the "Trusted Data Base". Card is only an instrument of identity for the access. The success of the project therefore lies in building and maintaining a reliable data base.

2. In many applications it is not necessary for the "Data" to be "Embedded with the ID". "Data" can be stored elsewhere and the ID can provide a pointer to the Data.

3. In many applications, unsatisfactory "Data Synchronization" between the memory based ID device (such as the Smart Card)  can make the system dysfunctional.

4. Stored memory on ID cards which are in the hands of the public are amenable for manipulations which are more difficult to prevent and diagnose than manipulations of data in the hands of the Government in a data base.

5. Memory based Cards for a massive project such as NIDC can be a crippling burden on the economy.

6. A massive project of national interest has to be  technology and vendor neutral

7. A security sensitive project such as NIDC need open source hardware and software solutions to ensure data integrity and information security.

Let's now discuss each of these points in a little more detail to open up issues for discussion. The undersigned presents one point of view in the following paragraphs which are not necessarily correct or complete and readers are open to add their suggestions so that there would be a set of information available to the Nandan Committee to take decisions on.

[Continued in Part II]


June 27, 2009

Related Articles:

Smart Cards and their limitations: 16th September 2003

Smart Cards for Citizen ID..Let's Not Build Castles in the Air  24th September 2003