Reading on controversial e-NIC of Sri Lanka
There are a number of reasons to be skeptical. First, most software systems in Sri Lanka including various government databases have long used the NIC number as a unique key in their databases. If improving service delivery is the goal, merely digitizing existing government data and establishing a protocol of sharing that information should be enough to bring about most conveniences. You do not need biometrics or additional information not present in your current NIC to make that happen.
Quite apart from biometrics, there are the inherent risks of holding the nation’s entire identity information in a central database that is accessed by various government — and possibly private — entities. The system immediately becomes a magnet for hackers. In the age of cyberwarfare and the usual sloppiness with which information security is treated by those in the Sri Lankan government, this should be a serious concern.
None of this is theoretical. In Pakistan, the NADRA database that enables the country’s national digital ID has gone through multiple hack attacks some of it apparently successful. The program has also seen what can only be described as surveillance state innovation. The Pakistan Police now has NADRA enabled apps including ‘Hotel Eye’ — which tracks hotels and their guests, and so called ‘predictive crime software’ that upon entering the Digital ID pulls out data such as family tree, ATM cards, call data, hotel bookings and location information.
