Nearly two months after it was sent a legal notice for launching a facial recognition-based app to verify pensioners’ ‘liveness’, the Meghalaya government has responded. The government contested points raised by digital rights organisation Internet Freedom Foundation.
In a press release in July, the Meghalaya CMO had announced the launch of the app, saying that it will replace the existing pensioner verification process involving periodic visits to Treasury Officer or Pension Disbursing Authority. The release noted that the app will be able to detect whether a pensioner is alive and verify their identity from their “real time photographs”.
The use of facial recognition technologies for the delivery of various public services has been increasing. In that context, it is important to keep note of the extent of legality of such technologies, their proportionality, and risks.
The Meghalaya government’s letter and IFF’s responses:
After receiving the response in a letter dated November 1, IFF released a blog post rebutting the government’s responses, and said it is considering further action.
Compliance with the Puttaswamy judgement: The IFF had raised objections earlier that the app collects sensitive personal data but is not anchored in legislation and does not conform with principles laid down in the landmark Puttaswamy judgement.
- Government: The app does not need legislative backing and it satisfies all other requirements as it is optional, and has a well-defined purpose and aim for establishing the identity and increasing the convenience of pensioners, the Meghalaya government has argued.
- IFF’s response: It said that the aim of convenience is not proportional to the risk of harm arising from collecting such sensitive personal data. Further, it said that the app does need legislative backing as the Puttaswamy judgement requires any act of government that may infringe to be anchored in specific legal provisions.
No recourse if data is misused: IFF had earlier said that Meghalaya residents would not have any recourse in case their data was misused in the absence of any legislative backing for the app.
- Government: Recourse can be sought under Section 43(a) and 66(e) of the Information Technology Act (related to sensitive data processing by ‘body corporates’) and provisions under the Indian Penal Code.
- IFF’s response: It said that Section 43(a) does not apply to governments but only on body corporates and Section 66(e) only relates to protections against non-consensual sharing of private images of a person and not FRT. Thus it has said that the existing legal provisions won’t apply.
Where’s the time period for data retention? Legislative anchoring would also provide a time period for data retention, the IFF had said in its earlier letter.
- IFF’s response: The IFF said that the period of retention is not clear, as the data retention policy says that data will be retained for a ‘reasonable period’.
FRT systems prone to high error rates: The IFF had said that the Meghalaya government’s system could have a high error rate, pointing to a study that showed FRT systems were prone to high error rates when used on homogenous groups (in one geographical area, age group).
- Government: “The Facial Recognition Technology used by the apps has obtained the accuracy of 99%,” the government said in its letter. It also said that the app uses deep learning to perform ‘facial verification’ and ‘liveness detection’.
Other details about the app: The government also revealed that the app was audited and received security clearance from the National Informatics Centre’s Regional Centre of Excellence for Application Security, Guwahati. It also said that the app and its data is hosted at the NIC Data Centre however if a citizen wants to opt out they can submit a request to the Treasury Office.
India moving towards facial recognition
PDS delivery: Ration delivery in Telangana may soon require facial recognition, along with Aadhaar-based biometric authentication. On November 9, MediaNama reported that Telangana’s Department of Consumer Affairs, Food and Civil supplies has issued a tender for ePoS devices (electronic point of sale devices), which are Aadhaar authentication devices, along with iris scanners mandating that they should be capable of facial recognition and photo-matching.
Elections: In October, the Telangana government initiated a dry run of a smartphone-based eVoting solution through facial recognition, among other technologies.
Lockdown violations: In April 2020, the Hyderabad Police deployed artificial intelligence tools via 2,000 CCTVs to identify mask violators.
Entrance exams: On August 11, MediaNama reported that the National Testing Agency has released a tender for the installation of CCTV cameras in 4,000 examination centres coupled with compulsory biometric verification such as iris and fingerprint scans as well as facial scans. These devices will reportedly be used to verify the identities of those appearing for exams like JEE, NEET, etc.
- How Telangana is using the pandemic to push facial recognition tech on its population
- Legal notice to Hyderabad Police puts spotlight on facial recongition
- Citing law and order situation, mobile internet ban extended for third day in Shillong
Have something to add? Post your comment and gift someone a MediaNama subscription.