A study of the low and middle income segment reveals privacy choices when using India's national ID system.
Aadhaar, India’s national ID system is the largest of its kind in the world, covering a whopping 1.33 billion people. During the COVID-19 pandemic, Aadhaar enabled the Indian Government to deliver G2P (government to people) payments worth 366.59 billion INR (approximately 4.4 billion USD). Although not mandated by law, Aadhaar is a commonly used ID to access education, employment, travel, and housing.
Recent literature suggests that privacy and data protection are key factors that influence the adoption of a digital ID as well as its usage to access financial and other services. However, there is a limited understanding of the needs and aspirations of people from the low and middle income (LMI) segment concerning privacy in the context of Aadhaar.
We conducted a qualitative study investigating the perceptions of the LMI segment around privacy. We wanted to understand which services or goods people from this group were willing to exchange for their Aadhaar information. Given Aadhaar’s widespread use, we were unsurprised to learn that 85% of all respondents trust the platform and feel comfortable sharing their Aadhaar details with the government. Specifically, they were confident that Aadhaar is secure and difficult to misuse due to the biometric scan which people felt is difficult to replicate. One respondent mentioned,
“I am not concerned about Aadhaar data being misused as it cannot be accessed without my fingerprints.”
Further, most of the respondents who disclosed Aadhaar information to access government services and subsidies were confident that the government would not misuse their data. In fact, only one respondent expressed explicit suspicion of the government’s intentions in collecting data through Aadhaar. We found that trust in the institution, whether public or private, was the primary driver of confidence in sharing private information. For example, 85% of the respondents would give personal information to schools to enrol children (even though it is not mandated by the law). One respondent stated,
“Schools need to know who the parents are before they admit the children, so it is fine if they ask for Aadhaar.”
When presented with various trade-off scenarios where respondents would receive attractive prizes for sharing data with private third-party players, most respondents stated that they would not disclose information in exchange for rewards. In fact, most were willing to pay a premium to preserve their information. According to one respondent,
“If I am going to a store and I am willing to pay for whatever I want to buy, the seller has no business asking me for my details. Even if they want to give me a heavy discount in exchange for my details, I would be willing to pay the higher price. I am afraid that misuse of my data could potentially lead to a bigger loss as compared to the discount I am getting right now.”
The Edelman Trust Barometer, 2021 indicated that Indians have high trust in the government. This trust also extends to Aadhaar because it is a government system, and perhaps further to the banking system which is largely public sector. The trust of the LMI segment in Aadhaar has been one of the primary factors leading to its higher adoption and its associated usage to accessing financial services (Aadhaar is used to conduct know-your-customer or KYC processes for most banks in the country). The State of Aadhaar 2019 report highlights that “90% of people trust Aadhaar on data security”.
As we saw in our study, people value privacy and are willing to pay a premium or go the extra mile to protect personal and sensitive data. They will always balance the risk of data sharing with the service/reward they are getting in exchange. On a paradoxical note, in 2019 around three-fourths of people were not using advanced features (many of which are privacy-enhancing) such as QR codes, the virtual Aadhaar number, etc. This indicates that there is a lack of awareness, especially in the LMI segment, on ways and approaches to enhance data privacy even when there is a clear preference to do so. Hence, governments must invest adequately in awareness and communication of privacy-enhancing features in digital ID systems.
While most of the respondents are confident that their Aadhaar details cannot be duplicated due to the requirement of biometric/OTP authentication for every transaction, there are some lingering fears about financial loss or misuse of sensitive personal data especially in the case of mobile wallets. This observation is in line with the earlier findings of the State of Aadhaar 2019 report, where 8% of people mentioned that they are worried about the misuse of Aadhaar and 2% stated they have experienced fraud that could be related to Aadhaar.
India’s case demonstrates the importance of credibility when designing an ID system. It is also important to communicate to people that they can trust such a system and use it for financial and other services.
Taking note of the above, policymakers in developing countries may choose to invest more effort and resources to understand the key factors that determine the trustworthiness of a digital identity system and its usage to access financial services. There is also a need to develop an overarching data protection framework that instils confidence in people that their personal data is secure while using mobile wallets and other financial services.
The authors thank Professor Carsten Maple, The Alan Turing Institute, and Anshul Pachouri, Microsave Consulting for their review and valuable inputs.