I think you'll find that people consider organisations responsible for the actions of their employees, and failure to police their actions is very much the government's fault.
If a Microsoft employee gave people access to your mailbox, and they used it to get $5000 from your bank account, would you consider them responsible ? Because I sure would.
This is a similar situation, except of course, that no Indian citizen has any choice in the matter: they cannot change their ID card provider, nor can they demand banks not give access that way : both have been legislated.
So when banks gave access to criminals with the (official, government-issued, through bribed officials) ID cards of the owners of those bank accounts, I feel like it is very much the case that the government is responsible, in at least 3 ways.
1) it was government officials who gave people access to that bank account
2) the banks tried to stop it, but are legally forced to give access to bank accounts to people holding those ID cards
3) the government is refusing to fix these issues, or secure their side
4) and the least way, the government is supposed to stop criminals. Which they did in a few cases, and did not do in thousands of other cases ...
Unfortunately In this case the govt is already ahead of you.
It was several years ago when the UIDIA and the banks were arguing over who should be held responsible for incorrectly authenticated transactions and govt (aadhar authority) held that it was the banks who would be responsible, not them.
They want it treated like a service with an error rate- responsibility for the big picture is always pushed to the nodes.
This is just indicative that the govt has already built barricades and breaks in order to ensure that the aadhar system and its agency are hard to target.
While you can have public outrage (unlikely since this is technical discussion which can be spun in many ways) which could force the govt to act - mostly it’s going to be NGOs and PILs which deal with aadhar.
Don’t forget that the govt kept this thing alive even though it had no legal backing, and then finally gave it credibility via a money bill.
There’s been no privacy discussion or safe guards discussed legally or constitutionally - we have a SC ruling only Now.
Its unfortunate but the authority was built with many arguments and challenges already anticipated.
Simply put - It is very close to being out and out nefarious.
If a Microsoft employee gave people access to your mailbox, and they used it to get $5000 from your bank account, would you consider them responsible ? Because I sure would.
This is a similar situation, except of course, that no Indian citizen has any choice in the matter: they cannot change their ID card provider, nor can they demand banks not give access that way : both have been legislated.
So when banks gave access to criminals with the (official, government-issued, through bribed officials) ID cards of the owners of those bank accounts, I feel like it is very much the case that the government is responsible, in at least 3 ways.
1) it was government officials who gave people access to that bank account
2) the banks tried to stop it, but are legally forced to give access to bank accounts to people holding those ID cards
3) the government is refusing to fix these issues, or secure their side
4) and the least way, the government is supposed to stop criminals. Which they did in a few cases, and did not do in thousands of other cases ...