Hape is not, as the Quick Reader may imagine, the last of the items (the others, like hape, were also evil) to emerge from Pandora’s box, in the Greek myth.

All round the world, business content and business processes are being digitised and made available to stakeholders, often in a highly restricted manner, ie on some kind of subscription basis. Subscribers do so, often paying money, in the faith that they get, in return, some sort of exclusive or protected access.

Quite often, in order to do so, they also voluntarily make available some kind of personal information (it varies, of course, depending on the need).The people who put together the service then store this digitised information and make it available as a part of their subscriber verification.

It works like this: if you are who you claim to be, then you should know [this] about you, because you gave us that information. If you don’t know [this], it isn’t you, so please (the please is optional, and mostly absent, I have observed) go away.

That’s all very well.

What underlies all of this is a tremendous amount of faith, faith in the quality of business processes used by the people who manage that service, that they will keep their part of the bargain – which is sometimes expressly stated, and sometimes implicit – to hold the information securely. And, a lot of the time, that is exactly what happens.

Until it hapens.

Hape is a word coined by my fellow listmember, Dinesh Bareja, to describe what happens when that trust is belied. To quote from his entertaining post:

“The Theory of Hape (abridged):

Every system or technology environment is built with known or unknown holes all over waiting to be penetrated and exploited.
After a hape, weak controls and dirty data are exposed to the world, and management [people] have to run around trying to save their reputation, jobs and more.”

These words somehow reminded me of India’s shining hope, the UIDAI, a quasi-legal organisation foisted on the country by the Planning Commission. The latter, an august body is not known for its cowboy antics, has quixotically chosen the path less often trod, that of mandating a special purpose vehicle, an Authority of India, with the task of ensuring that every resident of India gets a unique identification, a number that cannot possibly be allotted to anyone else, a passkey to all manner of delights, fancifully branded Aadhaar (foundation).

Of course, to work, whoever is charged with delivery of a particular service must be sure that the person quoting the number is actually who she says she is. Or he is, if you object to commonly accepted gender-free phraseology.

Enter the verifier. In its wisdom, UIDAI has decided that this shall take the form of biometric markers – fingerprints will do the job.

Or not. Turns out that fingerprints, the stuff of crime novels for well over a century, are well left there, in works of fiction.

Fingerprints have some problems: 1. they are not immutable, they can change with time, depending on the kind of work the person engages in, and also the state of health; 2. they may not be unique (no study of very large populations has ever been conducted, so the belief in fingerprinting is no more real than a belief in the Flying Spaghetti Monster – or no less real, to be sure); 3. fingerprint recording machines are not very pragmatic for countries like India (shaky electricity, poor hygiene, poor housekeeping); 4. digital fingerprints are based on algorithms that have never been applied to very large populations, so they may be even less perfectly unique than the fingerprint patterns themselves; and so on.

Enter the iris. This central part of the human eye turns out to be even more uniquely patterned than the fingerprint, and luckily, its digital version is also more perfectly matched to the real thing, than in the case of fingerprints. Except. This has also not been researched and scientifically established.

Somewhere in all this hype, one little factor seems to be missing – the act of verification. Each nodal point where it is needed will have to be equipped with a biometric scanner and Go/No-Go display device that will need to communicate very fast (oh, very fast indeed) with a digital store to immaculately match those credentials.

Recalling this, I was struck again by something in Dinesh’s post:

“THE EMPEROR’S NEW CLOTHES: A story about an egoistic king [who] believes he was wearing a robe that was invisible to the lower classes [ie anyone who wasn't royal enough], whereas he wasn’t wearing anything.”

Actually, the story is also about the clever pair of rascals who japed the king into blindly and faithfully accepting their story (and swiping a few bags of gold, but that is another story, hopefully not part of the modern Indian saga).

So, in the new clothes being sold, like a pup, to the country, there is some new fabric, that didn’t belong in the old fable. This is the inviolability of digital storage systems.

To be sure, there are millions of digital storage systems around the world into which no-one has ever been broken. Why then worry about the one (or ones) in which the digitsed personal information of 1.2 bn+ folks are going to one day be stored?

UIDAI has a simple answer: the information itself won’t be stored there, their store will only link the biometric information with the number. Of course, since other bits of personal information may or may not be pertinent, depending on the service being offered, the storage system will also provide a linking service between dozens of ‘silos’ of information. A silo is the charming geeky term for an information store that, figuratively, stacks up vertically, insulated from other such stores.

Interlinking stores is not a very good idea. That’s the general recommendation of security experts. Digital security experts. Dinesh’s post was probably triggered by the clever attack on the digital store maintained by an American cybersecurity firm (the matter is subjudice, so I’m protecting myself legally by not providing links here) by an anonymous network of cyberexperts (yes, there is a clue in that phrase, I’m not leaving my Devoted Readers entirely in the dark).

That story illustrates my point: the inviolability of digital stores is very closely linked to the value of the store. Very few people are interested in breaking into a pile of old clothes, they want stuff that can be traded for real value (in the case above, it was the value of very publicly embarrassing the cybersecurity firm, flushing out details of some very dodgy ethical practices).

What could the value of UIDAI’s store be, in this real world? After all, UIDAI is going to serve the poor. “Aadhaar will empower poor and underprivileged residents in accessing services such as the formal banking system and give them the opportunity to easily avail various other services provided by the Government and the private sector.”

Sounds very innocuous, and not very attractive to a would-be thief.

Till one reads between the lines. Bank accounts, mobile phones, payment systems – all are, already or in the pipeline, features of the modern economy that will be ‘facilitated’ by Aadhaar. There’ll be more, but this is quite enough, eh?

Now that’s a treasure!

And to close, let me leave my Patient Reader with this last thought from Dinesh’s post:

“Hape is inevitable.”

Surprisingly, for most people who hardly ever need to think twice about such an obvious attribute of free people, this right is fast vanishing around the world, and most dismayingly, in democratic countries.The second meeting followed hard on the heels of the first, and at the same venue, the Amorita Resort just off Alona beach. This was organised by the Association for Progressive Communications, an NGO that has been at the heart of keeping the Internet open and freely available for people around the world.

Although for most people today, networking implies computers and the Internet, APC was put together before the Internet had much meaning or relevance for social activism, when the Cold War still cast its fading shadow across the world. It enthusiastically adopted the networking capabilities of the Internet when it did become possible, and has fought an uphill battle to ensure that its potential is brought to all people in the world, not just those empowered by economic supremacy.

I have had the luck to be at several conferences and workshops put together by APC across South Asia over the past decade or more, in India, Pakistan and Bangladesh. PI, which has been part of APC almost since the beginning, was invited to take part in the Networking and Learning Forum, the invitation being extended to everyone at the PI meeting, although most of our organisations are not formally members of APC.

The PI meeting was primarily a review of the ongoing awareness initiative across Asia. It involves eight countries directly, stretching across the region, from Pakistan in the west to Australia and The Philippines on the edge of the Pacific.

One thing that made this meeting special was the fact that PI officially turned 21 while we were together. We celebrated with a quiet evening of fellowship, together with all the people from APC who had arrived by that time, on the 17th of March. Unfortunately, several of the representatives could not stay back, and we missed them.

Another very nice thing about this meeting was that APC too is celebrating its 20th birthday year, having come together in 1989, and formalised during the following year. APC very quickly took to the Internet once it got started, and established itself within formal international fora as a non-governmental interlocutor. Quite an incredible achievement, but that is not its only milestone. It is also strong with women from every continent, who have steadily and purposefully fought for equality and respect in very male-centric professions and conclaves.

I’m in this picture, together with nearly everyone who attended, wearing a tee shirt with a cartoon by the talented Chris Slane. The APC celebration took place on the concluding night of the Forum, on the 20th, which was fortunate for the remaining Indians and several others from PI, who left the next morning.

Not all, as Shahzad Ahmed, from Bytesforall (the South Asian network originally started over a decade ago by Partha Sarker – Bangladesh, Fred Noronha – India and Zunaira Durrani – Pakistan) stayed on for APC’s internal meetings, and to be elected a Council member of APC. Congratulations, Shahzad!

Being present at both these meetings, was both emotionally and intellectually challenging and fascinating, in equal parts. All across Asia, the kind of intrusiveness and careless adoption of ubiquitous surveillance of the citizenry, that was once portrayed as being part of the paraphernalia of totalitarian autocracies, is now seen as routine, as a matter of course, in country after country that proclaims its adherence to democratic values. Such occasions provide a wide experience of the techniques that occasionally have worked to stem the tide, mostly in European countries, where the emergence of the EU has also seen the widespread adoption of actionable guides to democratic and citizen-centric governance. On the other hand, there are forces within Europe too that seek to return the Asian world to the kind of repressive and regressive environments that once characterised colonialism.

How can the positive examples be replicated in Asia? As the well-known saying goes, the impossible just takes a little longer. The learning and the sharing we got, from the experiences of our fellow researchers into Asian levels of privacy awareness, from the fearless people who have led PI for two decades, and from the APC participants for whom the principles of ‘ahimsa’ and peaceful action are a core belief, are a vital step forward on that rocky road.

One of the participatory exercises (among a set of discussion based learning and experiential exchanges) involved creating posters that tied into a handful of themes. Artistic expertise was not so much the objective as delivering the message. Nagarjuna and I tried to convey a holistic spirit towards learning in our poster, one that invited collaboration. The PI team put up a poster too, but for some reason it was taken down before the judging round, and reappeared mysteriously at the end, at which point it got a special award for creativity and pertinence (a bag of excellent Bohol Free Trade coffee, if you’re interested). I don’t have a picture of it, unfortunately, but hopefully PI will upload it somewhere.

Other than networking, learning from each other’s experiences, and sharing some of the trials and triumphs of the human spirit that have brought us this far, some of us had the chance to very briefly sample some of the island’s beautiful land and sea ‘scapes. The main island, Bohol, to which Panglao is appended (by a couple of narrow causeways, the source of much local pride), is rich with history, being credited with the first peaceful agreement between the people of the islands and the Spanish, which took place only a few decades after Magellan’s global crossing came to a violent end on Cebu, across a small sea (almost an inland sea) from Bohol.

The agreement did not bring lasting peace, largely because the Spanish also brought with them a crusading religion and, as is probably an inbuilt habit of colonisers, an overbearing attitude. Boholanos are credited with what must be one of the world’s longest armed resistance movements led by a single person, lasting almost 85 years. Today the island is mostly peaceful, due to the continuing efforts of local activist groups, including many of the people who helped make the two conferences stunningly successful and enjoyable, although it has had its share of violence in the recent past, part of The Philippines’ emergence from colonisation. Most of the last century found the islands ruled by the USA, following a war with Spain.

Originally a mix of Islam (brought by sea-trading – and colonising – Arabs), and tribal faiths, Bohol is today largely Roman Catholic and Islamic, with a charming flavour of the original tribal customs infusing the celebrations of both major faiths. To casual outsiders, it is almost impossible to guess the faith of an islander, not even from the names, which are mixed between Spanish, Islamic and ethnic. Some of us had a chance to do a little touring, and I must say the ancient churches are fairly oppressive in construction, perhaps because they were built from huge blocks carved from calcified coral.

The colour of the sea around Bohol is incredible, a clear jade green near the shore changing to a deep blue a few meters further out. This part of the island chain is largely made from ossified coral, with a handful of volcanic mounts that delineate the Pacific Rim of Fire.

Simple and very effective outrigger boats, made from lightweight woods and bamboo, make boatrides across the sea remarkably comfortable, if very noisy, due to their unsilenced diesel engines. Dolphins and whales abound, and in the coral reefs, an enormous variety of tropical fish and other sea animals in fantastic colours and shapes. Even for the inexperienced (like me) snorkeling is very simple and inexpensive, while scuba diving is very accessible for the adept with more time.

Bohol is also known for its curious coral formations, the Chocolate Hills. These round grassy mounds, well over a thousand, fill one region of the island, and are truly a remarkable sight. The colours of the hills change from green to brown in the summer, and lend them the name.

Other than seafood, Bohol is known for its raffia, honey, coffee and chocolate, and a variety of fauna and birds that once thronged the rich tropical forests, especially mahogany. Islanders today are making huge efforts to revive the mahogany and other biodiversity, ravished by commercial exploitation for centuries. Almost completely vanished is the tarsier, a nocturnal simian barely the size of a small fist.

All this, and more, we learned in a tour conducted by Panglao’s own Doris Obena, an amazingly knowledgeable and sensitive person. A burgeoning Fair Trade movement makes local chocolate, honey and coffee available through shops that ensure better returns for agriculturists and handicraft artisans. It is not an easy task, as we have seen in India with our own struggling cooperatives, to counter the pernicious effects of absentee ownership on trade and cultivation.

The utter disregard of the country and its people implicit in this kind of facile performance is stunning and salutary, especially in light of the public agitation that has spread across northern Africa and parts of Asia, with citizens of many countries taking to the streets to express their disgust at the way that they have been taken for granted, by governments and leaders that claim to have their best interests at heart. Some of the perpetrators of such callousness now find themselves scrabbling to escape, together with untold amounts of wealth stolen from their hapless countries.

That the Indian public has so far been a little more forgiving of such small degradations is a current feature, not a guarantee.

Today, February 28, 2011, I am trying to be equally forgiving.

Of course, Bills are meant to be discussed threadbare in Standing Committees formed of Parliamentarians designated for the purpose, and it is the result of their deliberations – with amended and restructured wording adjudged most acceptable to the House – that actually comes up for vote. This is a good thing, generally, as it avoids the House itself from getting bogged down in sometimes not very fruitful debate – not everyone can be fully aware of all the implications of every matter where laws are needed.

Unfortunately, the truth is that the House spends most of its time in precisely such fruitless discussions, and the real business, the creation of laws to implement a long-term strategic national policy, is swept away in a welter of triviality.

This is the fate of the country’s IT policy, the synthesis of the features of a rapidly changing technology with the immediate as well as the future needs of the people of this country. Nothing could signify this more than the fact that the IT Act 2008, comprising amendments to the Act of 2000 that were proposed in 2006 (the original name of the Bill was, in fact, the IT (Amendment) Act of 2006), could not be passed until 2008, and the rules to actually enforce the Act have come up for public discussion in a period that ends today, two and quarter years after passage of the Act.

After all that, only three weeks have been given for the public to actually respond, and I only learned about it on Friday, three days ago. So here I am, trying to figure out why other people seem to be upset by this draft.

The draft rules are posted up here, with links to three documents archived in Portable Document Format (.pdf), which is readable on any modern browser, very helpful. They could have been made available in HTML5 compliant format, of course, even more helpful, but Rome wasn’t built in a day, as they say.

We Indians have learned through bitter experience that such ‘people-facing’ improvements come about only gradually, and that the servants of the people tend to live in ivory towers, answerable only to themselves, oblivious to the winds of change blowing outside.

Since the documents themselves are hosted for public access, I won’t reproduce them here in their entirety, simply the bits that I feel deserve comment.

However, in order to actually comment on the rules, it is necessary to read the Act itself, and there are, naturally, two versions of this, the original Act (ITA 2000, for brevity), and ITAA 2008 (which even the Ministry refers to by its original title, ITA 2006, although it wasn’t actually passed in the House of Parliament until Dec 2008, not endorsed by the President until Feb 2009, and then only notified in October 2009.

These are very kindly hosted by the Ministry as pdfs images of the original copies as released in the Gazette of India, which is, of course, a paper document, thus making it almost useless as a reference. Thankfully, legal service organisations have already done the hard work of uploading digital versions of the actual content, from where I have copied the relevant text.

Section 43 A

Compensation for failure to protect data (Inserted vide ITAA 2006)

Where a body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, such body corporate shall be liable to pay damages by way of compensation, not exceeding five crore rupees, to the person so affected. (Change vide ITAA 2008)

Explanation: For the purposes of this section
(i) “body corporate” means any company and includes a firm, sole proprietorship or other association of individuals engaged in commercial or professional activities
(ii) “reasonable security practices and procedures” means security practices and procedures designed to protect such information from unauthorised access, damage, use, modification, disclosure or impairment, as may be specified in an agreement between the parties or as may be specified in any law for the time being in force and in the absence of such agreement or any law, such reasonable security practices and procedures, as may be prescribed by the Central Government in consultation with such professional bodies or associations as it may deem fit.
(iii) “sensitive personal data or information” means such personal information as may be prescribed by the Central Government in consultation with such professional bodies or associations as it may deem fit.

The wording of the Act is curious, and close to obnoxious, actually. It carefully defines the potential offender as a body corporate, inclusively defining all the permutations and combinations recognised by company law in India. It leaves out, very deliberately, bodies that belong to us all, the citizens of India, held for us by the President of India or by the other subsidiary corporatised entities such as undertakings and so on.

This is a particularly odd omission, in the light of the gradual admission or discovery that the government routinely wiretaps and records voice and data interactions, numbering in the hundreds of thousands. All of this is supposedly done under carefully crafted permissions and oversight, yet hundreds of such conversations have been flagrantly revealed in the public domain, perhaps with the active connivance of some government employees (this is a surmise, as the matter is in court, and no such evidence has emerged).

At least one of these conversation has been alleged, by one of the interlocutors, in a petition filed in the Supreme Court, to be entirely private and unrelated to the alleged offenses in respect of which the recordings were made. Needless to say, such recordings are nowadays made almost completely in digital mode, and the dividing line between ‘telephony’ and ‘computer resources’ (as defined in the Act) has become very blurred indeed.

So what are the proposed Rules pertaining to this section?

Firstly, the intermediary shall observe following due diligence while discharging its duties.-
(1) The intermediary shall publish the terms and conditions of use of its website, user agreement, privacy policy etc.
That seems innocuous enough.
It goes on to say:
(2) The intermediary shall notify users of computer resource not to use, display, upload, modify, publish, transmit, update, share or store any information that [contravenes any other law in force, detailing them fairly exhaustively].

And so on. All of these are apparently designed to protect citizens from misuse of their personal information by other privately owned bodies (including individuals). What they actually do is impose enormous restrictions on the ability of information providers to host content that could conceivably be at odds with the government in power ie implicit censorship.

Subclause (12) is interesting in a different way, because it asks ‘the intermediary’ to notify CERT-IN – and to share details – of breaches in security (that might lead, obviously, to leakage of such personal information of subscribers. The context is very clearly expressed). Some government websites (income tax, election commission and others) themselves are in almost continuous breach of such security. The draft Rules seem to deliberately exempt the government from protecting its citizens, in an Act designed precisely to do that!

Subclause (13) is delightful in its vagueness, that intermediaries shall not deploy or install or modify the technological measures or become party to any such act which may change or has the potential to change the normal course of operation of the computer resource than what it is supposed to perform thereby circumventing any law for the time being in force. The emphasis is mine.

Who is going to determine what a computer, a general purpose computer, is ‘supposed’ to do, or what it ‘normally’ does? Such modifications become acceptable if their purpose is to secure the computer resource. Who is going to prove that the purpose is actually to ‘secure’ the resource? This looks like an enormous potential for lawsuits, government-sponsored intimidation and in general, restriction of technological development in India.

The creation of a well-constructed cyberlaw ought to be to promote, not restrict, the development of technological advances in the country. As it is, the country has almost completely missed out on the development of digital voice technologies for communication, that have made serious inroads into the domination of older, almost outmoded, analogue technologies, and it would be disastrous to have such continuance of blinkered restrictions, especially in the context of a law designed to nurture the country and its people in an environment of cyber technologies.

Finally, to strike a slightly minor note, the title of the relevant pdf file hosted by the Ministry is due_dilligance4intermediary07_02_11. It is quite disgraceful, imho, to have such misspellings, without any evidence of checks and quality control.

Let’s move on.

Section 79

Exemption from liability of intermediary in certain cases
(1) Notwithstanding anything contained in any law for the time being in force but subject to the provisions of sub-sections (2) and (3), an intermediary shall not be liable for any third party information, data, or communication link hosted by him. (corrected vide ITAA 2008).

The next two subsections cover the conditions in which this applies, and in which it doesn’t apply, respectively.

However, the Rule talks only about entities securing collected personally identifiable information. And it does so in a really curious manner. It makes it mandatory for the intermediary to follow the dictates of the international security standard IS/ISO/IEC 27001, declaring that this ‘has been adopted’ for use in the country.

Standards in India are normally prescribed by the Bureau of Indian Standards, and the nomenclature to be used is prescribed by that agency (standards follow the nomenclature BIS[nnnn]. Well-known cyber-lawyer ‘Naavi’ has pointed out that the 27001 document happens to cost USD 160, not a trivial sum for a small organisation in India, especially one that may not actually have any international business interests.

This appears to be a subtle nudging of business towards larger corporations, by raising the cost of doing business beyond an affordable level for the MSME sector (the prescribed upper limit of penalty for a breach of security that results in leakage of PII is Rs 5 crores, meant to be a compensation to the person(s) whose information is put at risk).

The subheading of this particular set of rules is ‘Reasonable Security Practices and Procedures’, but the definition of ‘reasonable’ is arguable.

On the other hand, if the PII of hundreds and thousands of citizens is put at risk by some organisation, by an identifiable lack of adequate security, is Rs 5 crores going to be enough? The country is still riven by the measly compensation legally determined for the thousands of people killed and injured by the 1984 Bhopal gas tragedy, and the last thing we need is another legal blockage to equitable compensation. This Rule seems to err on both sides of the limit.

Today’s draft Rules conclude with the duties and responsibilities of cybercafes, to be called the Information Technology (Guidelines for Cyber Cafe) Rules, 2011.

Cybercafes are to be licensed, under the rules, and the ‘appropriate government’ shall notify the agency to carry out this task. This certainly implies that cybercafes shall be centrally administered under these rules, an extraordinary choice for what is often – actually, almost always, except for a handful of big corporations that have tried to get into it – a very small business.

The next point is that cybercafes shall not permit users who do not carry one of 7 different kinds of identity document (seven alternatives are listed, but are numbered from one to six, another glaring typographical error). In lieu of such identification documents, the user must be photographed by the cybercafe, such digital photographic image forming a part of the user’s registration with the cybercafe. Children (the rules do not define ‘child’) who do not possess a photographic identity card (this wasn’t specified for adults, but all seven alternatives happen to be photo-identity cards) must be accompanied by an adult who does.

The next condition is almost risible: the cybercafe must ensure it has adequate measures to assure itself that the identity of its users is established. This is something the Government of India has been flagrantly unable to do for decades, and I really wonder whether the person who drafted this classic had a thinking cap, because it couldn’t have been worn.

The cybercafe must maintain logs (a log register) for a year, and submit copies on monthly usage logs in both hard and soft form to the designated agency (note it hasn’t been designated yet, and this seems oddly reminiscent of the confusion around digital certificates and digital signatures). Over and above this, the cybercafe owner shall be responsible for maintaining logs in extraordinary detail for six months, per user.
(i) History of websites accessed using computer resource at cyber cafe
(ii) Logs of proxy server installed at cyber café
(iii) Mail server logs
(iv) Logs of network devices such as router, switches, systems etc. installed
at cyber café
(v) Logs of firewall or Intrusion Prevention/Detection systems, if installed.

Helpfully, CERT-IN has already prepared a document to ‘help’ cybercafes follow this rule, and it is hosted at www.cert-in.org.in. This guideline attempts to provide (it says) some insights into the issues related to Auditing and Log Management and suggest best practices for enabling and maintaining Auditing and logging on Windows hosts, Linux hosts, Microsoft IIS server, Apache Web server, Oracle 10g database Server and Microsoft SQL Server 2005. Implementation of these best practices will enable administrators to acquire vital information to identify and respond to the computer security incidents.

This doesn’t sound quite like a document intended to help security agencies investigate crimes, yet (see further on) that is clearly the purpose for which the rules are framed, for it is the police or equivalent that will certify cybercafe compliance!

The next few rules relate to organising the space in the cybercafe to prevent users from maintaining privacy. In fact, with the intention of preventing users from viewing ‘pornographic sites’, the subsections describe how to ensure that users have no privacy at all. Unfortunately, pornography has not been defined under Indian law, to the best of my knowledge.

The subclause following is even more odd, as it prohibits the user from ‘tampering’ with the computer system settings. What could these be? That is not defined, nor is the word ‘tamper’. Simply choosing between two available printers could amount to tampering with settings, for instance. Booting up from a secure OS on a pen drive could also amount to ‘tampering’, and yet pen drive computers are quite possibly one of the directions that computing may take, enabling millions of people to securely access shared computer resources (eg power supplies, microprocessors, networks, printers and other peripherals) relatively inexpensively, without sacrificing personalisation or privacy.

All of this is to be inspected and supervised, according to subsection 7, by a police officer not below the rank of inspector. Presumably such officers are competent to inspect (‘at any time’) the logs and other technical functioning of the cybercafe. The rules do not prescribe any qualification at all for such officers, other than their rank.

Are these rules drafted to improve the functioning of cybercafes, or is there some implicit agenda relating to involving cybercafe users (and owners, of course) in crime investigations?

Summary

In short, the rules as drafted appear to be exceptionally vague. I hope this is not deliberately so, even though it is uncomfortably obvious that it has taken a long time to come up with this draft, a period markedly low on public consultation.

Equally uncomfortably, I can’t help feeling there is a needle of suspicion that the rules impose a large measure of censorship and control on content on online services (unknown for any other form of media available in India), leaving service providers (including cybercafes) open to potential harassment and worse. As I pointed out, earlier restrictions blindly applied (and still in force, by the way) led to Indian technologists in India losing out on a lucrative business opportunity.

For the government to avoid pushing Indian enterprise towards conglomeration and away from distributed and disseminated business models (a key part of IT business everywhere), it must avoid sketchily drawn up (and poorly drafted, full of typos and more) rules like this. Moreover, if the Net is to be treated on par with other forms of media, whose reach, determined by their physical formats, is regrettably low in India (despite being among the largest media consuming countries in the world), the government needs to avoid imposing censorship in the name of ‘protecting’ our sensibilities.

The UID project is in many ways a global watershed, expecting to assign a unique number to every resident of the country, well over 1.2 bn people, a staggering concept, the scale of which has itself been used to justify taking on the project (by equating the immensity of the challenge to its worth). Considering my association with Privacy International, my concern is well-founded on grounds of potential destruction of personal privacy, but this is a very difficult viewpoint to defend in India, which does not have a specific privacy law, and for which the existing Constitutional protections (alluded to, not spelt out) have not always been strongly defended by Indian courts.

An international project, studying Privacy in Asia, seeks to ameliorate this situation, by getting to grips with comprehending Indian attitudes (ie, within the ambit of Asian attitudes). However, given that the UID project is gathering steam and proceeding willy-nilly, it is imperative to make every effort to bring it to a halt, at least a temporary halt, until sufficient information is available.Surprisingly little awareness exists about the UID project itself, about which whatever little is known is largely the ‘party line’ handed out by the UIDAI’s PR effort, itself extremely high profile. To try and stem the tide, volunteer organisations are working to bring crucial information into the public eye, that casts doubt about the UIDAI project, its intentions, and its likely results.

I was part of 3 public meetings, in Pune and in Mumbai, just last week, conducted with Dr Usha Ramanathan, a legal researcher from Delhi and Prof R Ramkumar, a professor from the Tata Institute of Social Sciences in Mumbai.

The first meeting was at Symbiosis Institute, a ‘deemed’ university. There were 5 panelists, Dr Usha Ramanathan, Prof R Ramkumar, a professor from the Tata Institute of Social Sciences in Mumbai, Prof JG Krishnayya, widely acknowledged as the ‘father’ of e-Governance in India, Prof Lalit Kathpalia, the director of the Institute, and myself. The panel was moderated by Anupam Saraph, the CIO of Pune city, and organised by Open Spaces, a very active NGO in Pune, together with the Symbiosis Institute of Computer Studies and Research. It was well attended, with about 50 people present, including students, mediapersons and general public.

About the other panelists: Usha and Ramkumar are fairly widely known (to a limited audience) as opponents of the UID project, Ramkumar having authored an article in Frontline (a popular magazine) in July 2009, shortly after Mr Nandan Nilekani was appointed as chair of the UID Authority of India, a quasi-governmental organisation. Usha has also written and lectured widely. Prof Krishnayya has run the Systems Research Institute in Pune for decades, and this was Mr Narayanamurthy’s first workplace, before he left to start Infosys with Mr Nilekani and 5 others (this link, from a news report published on 21 Jan about a function held to felicitate Prof Krishnayya’s 75th birthday, is interesting as it hints at the relationship between the infosys founders and Prof Krishnayya). Prof Kathpalia has joined academia after about 23 years in the IT sector, including 5 years with Infosys.

Mr Saraph began by introducing the UID project, a subject close to his heart as he has been running an ‘identity’ project in Pune city, aimed at assisting its migrant population, since his appointment 3 years back. As he informed us, Mr Nilekani, whom he also knows personally, was briefed about the existence of this project as soon as he was appointed, but has failed entirely to take note of it or to interact with Mr Saraph. One of the initiative’s chief characteristics is its lack of dependence on a central database, and the second is its entirely voluntary (opt-in) nature. The objective has been to help Pune residents get bank accounts etc in the absence of the documents specified by the Reserve Bank of India’s ‘Know Your Customer’ norms, and flowing from this, other services, as needed, from government agencies (bank accounts that remain unauthenticated under the KYC protocol are frozen, and if fresh, will not be sanctioned).

Mr Kathpalia expressed the belief that a central identity authenticating service was essential to ironing out the kinks in delivery of public services, especially subsidies, in which leakages are felt to severely damage effectiveness, despite the vast budgets.

Prof Krishnayya described the Indian demographic scenario, which broadly divides the country into three very large groups. The Urban sector lives in vary large cities, the semi-urban in smaller cities, and the Rural lives in villages and hamlets with less than 3,000 residents, typically very widely dispersed. The design of public services delivery must take into account the very different conditions each of these geographical dispersals impose on systems, but this has largely been lacking, he feels.

Usha laid out several procedural problems with the project, beginning with the fact that it has been undertaken without even a feasibility study. This lacuna, which might conceivably be a key part of Mr Nilekani’s objective of driving the project ahead at all speed, is being dealt with by using each of its initial phases as opportunities for streamlining. However, problems being thrown up are being wilfully ignored, defeating the purpose of streamlining, especially as they indicate the presence of deep structural and conceptual flaws in Mr Nilekani’s vision (which was expressed in a book he published at the end of 2008, Imagining India, believed to be the reason the Indian Prime Minister invited him to head the project). She has also personally witnessed enrollment processes of migrant workers in Delhi, and observed appalling compromises and the use of coercive techniques to finish the work, with lack of oversight and training resulting in callous disregard of the existing identity information put together by migrant workers for themselves, in some cases, over decades.

Ramkumar described his interactions with Mr Nilekani at the project definition stage, at a retreat attended by senior government officials. He is convinced that Mr Nilekani is now completely impervious to suggestions that this project is flawed, including serious problems with his grasp of the root problems of delivery of public services. This may not even be the purpose of the project, which Ramkumar’s research has revealed is rooted in the Kargil war, a border skirmish with Pakistan in 1999, following which the then government (now in the opposition) proposed to issue the Multipurpose National Identity Card to border residents, evidently to prevent infiltration by undercover militants. A secondary purpose was to stem illegal immigration, most significantly from Bangladesh, which shares a very large land border with India. The issues of foreign militants and immigrants are a popular topic to drum up political support, most typically by right-wing political ideologists, and hardly ever countered by political thinkers representing other viewpoints.

The trouble with MNIC or any other such card concepts is that the Census Act specifically protects the privacy of censused people, thus this database is inaccessible for the purpose of issuing citizen identity cards. To get around this, the Citizenship Act of 1955 was amended in 2004 to enable the creation of the National Population Register, a database of Indian citizens. The exercise is to kick off this year, 2011, by using census data collection staffers to ‘double up’ as NPR data gatherers, thus bypassing the privacy provisions of the Census Act. The ‘right-wing’ government (actually a coalition of interests) was defeated in the following General Elections, but is unlikely to significantly oppose (and hasn’t done so) moves by the present government to create such a database.

The present talk of social service delivery comes across as a smokescreen to cover the underlying ‘national security’ need. In fact, it is very conveniently placed to ease the exit of direct government participation in services delivery, substituting this with an outsourcing model with which Mr Nilekani is well familiar, having helped build Infosys’ commercial business on just this basis. This also explains the surprising lack of public discussion, as this is a very radical policy change, likely to be highly contentious. Widespread corruption within the subsidy schemes also explains why their implementing agencies are poorly positioned to criticise the UIDAI approach, which effectively places the blame for leakage of money and goods on the end-users, the poverty-stricken beneficiaries of those schemes.

Aside from subsidies and services delivery, the UIDAI approach also harps on financial inclusion, ie, bringing the majority of the Indian population within the ambit of the mainstream banking system. As has happened in other parts of the world, the banking system is growing towards increasing automation and lessening emphasis on personal interactions, and this has seen a drop-off in the number of retail branches available per capita. The informal rural banking system, run by moneylenders, is being edged out by microfinance institutions, but these too have proven difficult to operate, with high rates of interest resulting in defaults and the rise of coercive techniques to extract repayments.

The UIDAI project is seen as a fillip to the mainstream banking segment, which will gain a vast number of new accounts to which subsidy payments will be credited directly by government agencies. There is no onus to create branches, as ‘agents’ are being appointed to disburse cash to accountholders, for which identity authentication systems are necessary in order to minimise fraudulent diversions. Such systems are also needed in order to open the bank accounts in the first place, as the documents demanded by the mainstream banking system as identity authenticators are mostly unavailable for the rural poor. Instead, the UID number is being touted as the perfect substitute, and the banking system is already making plans to compulsorily apply the UID number as an identifier. The ‘voluntary’ nature of enrolling for a UID number is thus creeping into a mandatory registration, without which modern life (bank account, telephone services, utilities) life will be impossible.

My contribution comprised an outline of the technology issues relating to the implementation of this project, ending with a summary of its project management flaws. Primarily: biometric information, both fingerprints and iris scanned, is completely unknown and largely unresearched as a tool for use in unique identification. While iris scanning is pretty new, about a decade or so, fingerprints have been used to identify repeat offenders by police/security forces around the world, and as a part of forensic investigation at crime scenes, and their use in access control systems has emerged in parallel only fairly recently, with the introduction of digital emulations of fingerprint patterns. Interestingly, the future of fingerprints in forensics is now in severe doubt, as court cases in the US have revealed that the procedures are fundamentally flawed. Iris scanning is akin to airport bodyscanning, in that the processes are being put in place in various places around the world, without any scientific basis or reason to believe that they are valid or foolproof, while being fundamentally an extreme invasion of personal space (in the case of bodyscanning, also invasive in terms of potentially hazardous radiation exposure). Other biometric identification systems, that at least in theory ought to be more accurate, such as DNA fingerprinting, are far too expensive and slow for this application.

About project management, the lack of a preliminary feasibility study, resulting in a project taking off without a tightly designed process, serious flaws in the process design, including a flagrant lack of process audit during enrollment, the current phase, and the lack of infrastructure to take advantage of ‘voluntarily’ proffered PII to assure tailored delivery of public services. As all these things are supposedly ‘in the pipeline’, the overall design of this project seems to be in the risky Ready, Shoot, Aim style, with ‘problems’ being ‘taken care of’ in due course (the ‘quotes’ are actual phrases used by Mr Nilekani in several interviews).

The other two meetings, with different audiences in Mumbai, covered much of the same ground, excepting that I was not myself a featured speaker or panelist. Instead, a biometrics expert, JT D’Souza, selling biometrics-based access control systems for secure locations, demonstrated how simple it is to spoof fingerprints, using extremely cheap commonplace materials and a little ingenuity. A video capture of the spoofing demo has been uploaded to YouTube.

The first meeting was held in St Xavier’s, a well-known Mumbai college (actually, arguably the best known college in the city). It was primarily for students, and the meeting hall was packed with students from the Economics, Sociology and Mass Media faculties. The post-presentation interaction was also very lively.

The second meeting was for the press, held in the Press Club, Mumbai, a favoured location for non-PR (ie not commercially sponsored) events here. It has resulted already in two news reports from the mainstream press in Mumbai city, and another from Chennai.

An important addition at this last meeting was pointing out the dubious connection between this project and L-1 Identity Systems, a US based company awarded the job of de-duplication, despite 1. its spotty record with other government bodies such as the New York State DMV, which slammed it (in a previous corporate avatar as Viisage Systems) for validating forged driving licenses, and 2. the presence on its board and in top-level positions of former senior persons from US intelligence agencies and armed forces, including Mr George Tenet, former chief of the CIA, whose submissions proved instrumental in assigning legitimacy to the invasion of Iraq, but were subsequently proven to be false, and former Joint Chiefs of Staff head Gen. Colin Powell, who as Secretary of State, actually presented the same false evidence to the United Nations. Last year’s report of World Bank funding for L-1 Identity Systems-focused identity projects in emerging economies, purportedly to improve the quality of delivery of government services, is disquieting, under the circumstances.

No wait, that’s not quite right. It was 2 o’clock in the afternoon, actually.

However, it was certainly dark and stormy, Mumbai’s wettest day this monsoon, with 16 measured cm of rain, most of which seemed to be pelting down my collar as I arrived at the Moneylife Foundation’s Shivaji Park offices on 17th August 2010.

I went there to interact with people who wanted to learn more about Aadhaar, India’s multi-billion dollar IT project, that promises to assign unique identity numbers for each resident of India. Keen readers of this blog will have doubtless noted that it was the subject of the previous blogpost too.

Sucheta Dalal, the crusading journalist who edits the magazine Moneylife together with Debashis Basu, has set up the Foundation to assist people who feel lost and abandoned in India’s race to become a superpower, at least from the point of investing and financial matters. It lends assistance to complain and follow up with India’s huge and faceless institutions, covering insurance, banking and more, the faces of which have changed and are continuing to change at a bewildering pace.

It also provides a platform for public interactions and study, in a large and well-equipped book-lined room that seats about 50 people comfortably. That afternoon, I had prepared a presentation expected to last about an hour, posing the questions about financial inclusion asked in my previous blog and more, from 2:30 to 3:30 pm, with a further hour set aside for interaction and discussion, till 4:30 pm. The presentation is about the UID project, naturally, as seen from the viewpoint of an IITian (I am an alumnus of IIT Delhi), given that one of the heavy selling points of the project is UIDAI chairman Nandan Nilekani’s IIT (Bombay) qualifications.

At about 2:35 pm, with only a handful of people seated, Sucheta suggested I begin, feeling the unexpectedly heavy rain would probably discourage most of the 40 or so people who had confirmed attendance. As it happened, because I was just recovering from a bout of malaria, I was rejigging the speaking arrangement a bit so I could talk while sitting down, instead of standing at the neat podium, installed in a corner by the projection screen. Anyway, in a couple more minutes, I was ready to begin.

To my surprise, the room was now half full, and before I had got past the introductory slide, it was more or less packed. I thanked Ram Krishnaswamy and Samir Kelekar in particular, two of the host of IITians who have helped with research and interaction to distill some of the salient issues surrounding this vast public enterprise, in that opening slide.

We are graduates of three different IITs, separated by space and time, both in college years, age and present location, as are many other of our alumni who interact by email only, spread as we are throughout India and the world. Actually, the three of us have never even met. What we share is our apprehensions about many aspects of this scheme.

Almost from the beginning, the interaction began, led by questions and clarifications from Dr Prakash Hebalkar, also an IITian, who heads Mahindra Lifespace Developers, a huge private sector company, part of the Mahindra & Mahindra engineering group. He was one of the few people in the room I had met before. The rest were mainly from the engineering and civil sector.

I thought it was much more useful to allow interactions to continue together with the presentation, and tried to ensure these remained within the purview of each slide, as I had loads more information to share about various aspects of Aadhaar and its rollout, and these were detailed in succeeding slides.

As a result, an hour later, we were just halfway through the slideshow, and Sucheta suggested a break for refreshments in the next room.Dr Hebalkar was in the middle of a question, so I thought it was best we finish it before breaking.

Not a great idea, because about 20 minutes and several slides later, we noticed once again that we hadn’t actually yet taken a break. I suggested that people use either of the exits from the room to move to the antechamber and get their tea and coffee and come back, as we continued our interaction.

I must say, this too was not a great idea, because it was clear that hardly anyone wanted to miss a word. Anyway, I think about half the people did slip out to get something down their throats before the slideshow came to its end, at around 4:30 pm.

Even then, a large number of people stayed on to carry on discussing issues surrounding the project. There were some great ideas and suggestions for completing adnumbering of people, if it can be handled safely and securely, such as completing the Election Commission’s Voter Identity Project with rectitude and sincerity, or extending the Census to use universal enumeration instead of the present half-baked and random numbering systems. These ideas came from several women present, who work at the grassroots in both slums and rich areas, to empower houseworkers and senior citizens. We finally closed down the interaction at 5:30 pm.

It is clear that the amount of misinformation and simple lack of clarity about the UID project is immense, a tribute to its high-powered and heavily financed publicity campaign, that has resulted in over 400 articles in the mainstream Indian media to date. One of the objectives of the Authority is to disseminate what they ingenuously call the “right” information, and several aspects of the rightness of this information were eye-openers for this audience.

I hope that we and others like us will be able to interact again and again, as soon as possible, with more such audiences in other parts of India. I very much fear that the country is getting inextricably committed to spending an unconscionable amount of money(USD 2bn this fiscal, and USD 12bn by 2015) to undertaking an enterprise that has been likened to The Manhattan Project, the vast wartime exercise to build the atomic bomb.

That, too, involved the rapid development of hard to handle technologies and materials (as this one involves hard to handle technologies, processes and concepts), and it is doubtful the world is the better off for it, other than ongoing improvements in our understanding of basic science (which did not actually need The Bomb to achieve). Over the past few months we have been watching Aadhaar’s targets become a moveable feast, from tangible cards to frangible numbers, and I am not alone in worrying that this bomb might blow up in our faces.

A friend of mine, Ram Krishnaswamy, has tracked well over 400 articles extolling the merits of the project, and gathered them at the blog “Aadhararticles.blogspot.com”. Specific references are linked in this blogpost.

Rather than reassure, however, they raise questions in the mind about the worth of the project. Ram and I decided to work together to compile some key questions. A detailed version of our study has been published in print, in MoneyLife, the magazine brought out by crusading journalists Sucheta Dalal and Debashis Basu, here and here. This blogpost reflects that article (which is part of an ongoing series). It also reflects some additional information about Q2 below received after it was originally written, and is updated as of Friday, 20 August, 2010.

Q1. Will the intended beneficiaries truly be people who live below the poverty line?
Q2. Will UID meet the needs of the poor?
Q3. How will UID contribute to the country’s economy?
Q4: Is UID (enumeration via a single reference high technology archive) the best way to reduce inefficiencies and prevent money leakages in subsidy programs?
Q5. How effective is the conduct of the pilot studies being carried out?
Q6. Will adequate precautions be taken to safeguard the database?

What is Aadhaar?

What is UID?: The Aadhaar scheme (the brand name has recently been assigned) proposes to assign each Indian resident a unique 12-digit number, thus enumerating Unique IDentity for all. Since the current population of India stands at around 1.2 bn people, in addition to which several millions of foreigners are temporarily based here (some welcomed, others not so, some for weeks, typically on holiday, others for months and years, on business or for many other reasons), UIDAI has set an initial target of issuing some 600 mn unique numbers within five years, ie around 2015 (Making a unique impression).

It seems an ambitious target, and certainly, the scale and cost (Rs 45,000 cr for the first phase) by themselves are ambitiously large.

One might be forgiven for thinking that, possibly, the size of this project, touted as the world’s largest single IT project ever commissioned, is more important than finishing it successfully. So much so, that it is hard for me to define what success might mean.

Q1. Will the intended beneficiaries truly be people who live below the poverty line?

Several press releases and announcements say the primary purpose is social welfare: a problem of dividing wealth equitably. Of course, ‘wealth’ is not really in the picture, India is just trying to guarantee everyone the bare minimum needed to live healthily. Benefits in cash or kind are distributed under various schemes, such as the National Rural Employment Guarantee Scheme, Sarva Shiksha Abhiyaan, National Rural Health Mission and Bharat Nirman.

One of the problems with all these projects, initiatives and schemes is apparently the difficulty of ensuring that benefits are given wholly to the specific people identified as qualifying for specific programs, typically persons living below the poverty line. Such people are easily disenfranchised by an endless cycle of verification of records, ruining efforts made to ensure fair distribution, and is one of the reasons that real delivery rates falter, between 6 and 15 per cent, as estimated by the late Prime Minister Rajiv Gandhi and others.

With Aadhaar, this problem is expected to be dealt with firmly. Aadhaar is a one-time verification system, against which all records will be inextricably linked (Unique Identification Number Project: Cautious Optimism). Any scheme wishing to verify a beneficiary or applicant, given the number, need only check a few critical details – for instance, name, fingerprints and now, perhaps, iris scans – in order to quickly assure the identity. Actually, largely due to the additional need found for iris scans to reduce error rates, the per-user cost estimate has shot up from Rs 31 to Rs 450.

Now, here’s an interesting statement : “The UID will become the single source of identity verification”(Law Resource India). It means that once residents are enrolled, they can use the number in many places – they will be spared the hassle of repeatedly providing supporting identity documents for each service they wish to access.

However, it is pertinent to note that the services that will actually, in the near term, be simplified by Aadhaar numbers, are obtaining a bank account, passport, driving license, and the like (Law Resource India). The public distribution system, the NREGS and other public benefits services have neither budgets nor plans to harmonise their systems with Aadhaar referrals.

It seems clear that, after spending this huge amount of money and putting in all this effort, the UID will, in the initial few years, primarily benefit people who access relatively sophisticated and upmarket services.

What should be particularly sobering is the fact that the home page of the project, which states the Mission, has no mention of benefits, to the poor or anyone else: the task is limited to issue of an unique identifier for all. There is no explanation of why this is a priority. The Mission statement reads: “The role that the Authority envisions is to issue a unique identification number (UID) that can be verified and authenticated in an online, cost-effective manner, and that is robust enough to eliminate duplicate and fake identities.”

Further down, both cost-effectiveness and robustness are examined.

Q2. Will UID meet the needs of the poor?

If a poor person gets money that is due to him directly in his bank account, he will have no reason to plead with tyrannical local officials or grovel before his elected representatives (Against insecurity – UID is a Good Idea).

Sadly, banking in India barely scratches the surface: the total number of bank branches as of March 2009, the latest published figures I could find (Source: Reserve Bank of India), was just over 66,000, and less than half of these were in rural areas, which account for around 70 % of the population.

A quick back-of-the-envelope calculation shows that each and every rural branch would need to service over 22,700 persons. Assuming a family of 4 with a single wage-earner, that would mean over 8,000 accounts – clearly beyond their reach, in a land where urban customers struggle to get decent and timely bank services from branches who need to reach only around 10,000 customers each.

In fact, if we assume that by the time the UID scheme actually reaches the remoter regions, that at least one other adult member is also getting either a job or compensation under NREGS, the number of accounts would creep up beyond urban levels. If disbursements are to be paid mandatorily to bank accounts (the process to be simplified using UID), it sure won’t target the poorest of the poor.

I’ll go one step further: talk about bank accounts is risible. Rural banking is so far from a reality that any leveraging of it for the poorest is highly unlikely.

One emerging solution is microbanking, but microbanking organisations will need to upgrade their technology considerably to deliver services, if UID referrals are to be included. Microbanks are also not included within the broad banking framework, meaning that security measures in place ensure they cannot access clearing house operations, and other such enablers of modern banking, without which none of this leveraging can happen.

The upgrade cost of banking operations is not factored into UID budgets, nor is UIDAI mandated to drive the changes that are needed in the banking system, without which the UID referral is irrelevant.

Q3. How will UID contribute to the country’s economy?

This (Unique ID for Indians – Boon or Bane?) is a big vision project through which government services can be provided, tracked and accounted, together with enabling a multitude of private sector products and services that rely on accurate and positive identification of consumers.

Various departments, based on their needs, will refer to this number. The UID will help remove duplicate names from their service lists. While this would help clean up lists for NREGS (National Rural Employment Guarantee Scheme), senior citizen Pension Schemes, PDS (Public Distribution System) etc, it may also help clean up benami (faux) bank accounts etc. Informally, the Income Tax Department is said to have projected an additional tax collection of about Rs.40,000 crores annually!

These claims might be true, were the scheme intended to act against the continuing use of unaccounted money for trading. In that case, the target community would only be the economic ‘arrivistes’, the people who already have enough money to regularly feel the need to spend or acquire it by underhanded means. This would include all government officers, their extended families, politicians, businesspeople, agriculturists controlling upwards of 25-50 hectares of land, and so on.

In fact, the projected gains, in terms of enhanced income tax collection, simplifying transactions and dealings with government agencies for cash-related activities and so on primarily benefit this economically stable or upwardly mobile class.

However, the scheme is sought to be justified on the basis of deliverables to the downtrodden, not to uncover the moneys conceivably being hidden by the well-off.

It is doubtful whether this project will really boost the country’s economy directly, or will assist it by reducing the outgo on avoidable subsidies, a combination of both these things, or whether the true objective depends on who asks the question.

It seems far more likely that the unstated purpose of the scheme is to target the upwardly mobile class, but to do that, all Indian residents will have to be induced, by one means or another, to register themselves “voluntarily”.

Q4: Is enumeration via a single reference archive the best way to reduce inefficiencies and prevent money leakages in subsidy programs?

Most articles about Aadhaar (see, for instance, The Unique Identity number — putting all eggs in one basket?) harp on the superior quality of technology to be used, and that this will significantly cut the cost, time and hardship of necessary verifications.

The reality is somewhat different: to suggest that the UID assignation process will be robust enough to eliminate duplicate and fake identities, and can be verified and authenticated in an easy, cost-effective way, is somewhat premature, if not simply hype.

Some of the potential flaws in the process are listed briefly:

(a) digitally stored fingerprints are not image scans of real fingerprints, they are digital maps, reduced to a finite number of ‘points’. This computerised system was designed decades ago to cut down the time and effort needed to manually match thousands of prints of previously convicted criminals with a criminal suspect, not to provide perfect identifiers;
(b) digital representations of biometrics invariably allow for both false positives and negatives, as the original purpose is either to facilitate security pass-throughs for a relatively small number of people (convenience), or to rapidly filter through large numbers of images by pre-matching each image to a reduced set of digital markers;
(c) the value addition of iris scanning is unknown for testing on such a scale. The immediate cost is stupendous: per-identity costs go up from about Rs 31 to about Rs 450, but the results are not known, as such testing has never been done. This is quite different from scaling up a relatively reliable known procedure: iris scanning may well be quick and reliable (even after optimising it with a digital shortcut, and securing it from man-in-the-middle attacks during data transfers), but this is currently untested.

Again, it must be emphasised that the purpose here is mission-critical: every single genuine person must be allowed to move ahead with whatever activity is being filtered, without fail, or else the expenditure on UID is wasted.

Similarly, every single fraudulent attempt must be detected and stopped, without fail. Neither achievement is even claimed at this point in time.

By the time the database is created and verification scanners become commonplace, we could end up with a database with a population that exceeds the census figures, and UIDAI will again have to spend again for de-duplication, which would involve knocking on doors of suspected fraudsters (and genuine applicants who may have failed one of the tests or another, for a host of reasons) for identification. This is the present problem, that databases of applicants cannot be absolutely verified.

And it is not even as though the government is blind to the problem. Recently, the Rural Development Ministry launched its own revamped enumeration exercise to identify the poorest of the poor (who qualify for the designation ‘below the poverty line’, or BPL). This exercise is carried out every five years, and the current process is being revamped to eliminate the failures of previous surveys.

Q5. How effective is the conduct of the pilot studies being carried out?

Reports indicate that the rural studies being undertaken in several states fall short of standards of both accuracy and confidence. The National Census exercise, which has been merged this time with the National Population Register, at the urging of the UIDAI, is also contentious.

It is crucial, for a participatory democracy, that those surveyed be honestly and fully informed about the purpose of collecting personal information on such an intrusive and massive scale. Unfortunately, this appears not to be the case, as respondents later claim they were told that they would get free photographs and eye tests, or that this survey would assure them subsidies or the supply of free essentials.

Similarly, respondents of the National Census have been surprised to find that they are expected to reveal details of religion and caste, an enumeration that is against the letter and spirit of the Constitution of India. This has been sidestepped by replacing the census exercise with the creation of the National Population Register, a crucial component of the proposed UID database.

While doing this is evidently legal, it goes beyond the ambit of the Census. As such, it compromises the integrity of an institution that has an honorable and long history (the current Census is the 15th).

A recent article in the mainstream media describes how the trial runs take place: due to the lack of reliable electricity, officials take down data on laptops and even on paper, “to be transported to Bangalore some 75km away and filed electronically.” Will this data be erased from the laptops, and will the paper be destroyed? There’s not a word of caution in this article, which like many in this publication and others like it, seems uncritically laudatory of the mission (and by extension, its superhero-like leader). The thought of such personal information being casually or even criminally accessed, uncommonly easy due to the lack of safeguards, is frightening, or should be.

Q6. Will adequate precautions be taken to safeguard the database?

No system is completely immune to attack or, for that matter, internal leakages, other than one completely sealed off from outside links. Since a centralised digital identity store can only work when incoming data can be matched to the information in the database, one must take for granted that it will be prey to such attacks. This is the bane of all e-Governance scheme designs (Unique ID for Indians – Boon or Bane?).

Legally, there is no effective deterrent for such attacks. Worse, insiders (ie government personnel) are specifically protected by their sovereign work contracts from legal action, except with the specific permission of their superior officers. The existing laws on cybercrimes have not been tested against leakages in government systems, because their Draconian provisions (search and seizure without warrant, massive penalties) do not even apply to government servants.

There are three kinds of database faults: creational (deliberate or accidental falsification of identity, resulting in diversion of benefits from those entitled to them); design-based (incorrect verification due to compromise of the verification process, including man-in-the-middle attacks on data transfers); and procedural (for instance, when telecommunication faults or natural disasters create a need for rapid re-routing of verifications to alternate, or manual, methods). In the absence of an effective legal redressal framework, the process needs review, and should not proceed beyond the research stage.

Even at the research stage, the lack of judicial protection for the Constitutional right to personal privacy deserves highlighting. The conduct of research and live pilot studies inevitably places citizens and residents of India at risk of loss of privacy, particularly with regard to sensitive personal information, including biometrics. Much of this information is needed to safeguard property, ownership, both fixed and movable, especially money itself, and the addition of UID must be wholly positive, or else, not put property at risk.

UIDAI officials have repeatedly stated that such protection must be created, but its lack does not daunt them in practice from carrying out trial activities that in themselves place ordinary people at lifelong risk from abuse of personal information.

The consequences of wrongful identity matching, once UID becomes the standard reference point, are really harsh on the individual, and the current legal environment (civil cases take years and decades to resolve) is not up to the task of providing remediation.

For this reason alone, without completely foolproof systems in several areas of both technology and law (idealistic at best, if not far-fetched), going ahead with the UID is a deplorable waste of money.

To summarise, Ram and I narrowed down on six simple questions, to clear doubts about the deliverable merits of the Aadhaar scheme.

We find that firstly, it is not likely to provide benefits to the poorest of the poor in India, and secondly, is not designed to do so, definitely not in its first phase. We find that it is likely to benefit, on the contrary, the upwardly mobile part of the population, and the government, in the narrow terms of revenue collections, that may get enhanced due to the ease of tracking such well-off people and their financial transactions.

As far as solving the terrible problems that plague the delivery of benefits to the poor is concerned, a single reference point for verifications is neither the best solution known, nor is the exceeding difficulty of building and operating a centralised database achievable at a reasonable cost and effort. The systemic leakages that plague the delivery of social benefits hardly need misidentification, and that too, deliberate misidentification originating from faux beneficiaries. There is no clarity, therefore, on whether making this effort is sensible at all.

There is also no clarity on whether it will be possible to adequately safeguard the database, from its creation to its subsequent use as the ultimate reference. We found serious concerns with the methods being used to gather data in the pilot studies, that point to the possibility of future abuse, as well as manipulation of ill-informed people, in order to make them cooperate.

But this post is about spectrum usage, and energy. Odd combination. Eager readers of my tireless prose might wonder, since I have already posted here about alternate energy conversion routes, and about spectrum, at length (friends assure me it is entirely too much length, in fact. As Garth Brooks put it, I’ve got friends. On the other hand, maybe I don’t have a lot of readers).

The other evening, in fact, I was over at a friend’s place, and she happened to mention in broad terms where our* refined fossil fuel oils are consumed, in response to my questioning about diesel in cars and trucks (yes, she knows).

Typical cell tower installed on building roof

A major consumer of diesel, one that did not even exist before 1994, is mobile switches – cellular switchgear. Despite the fact that the rural rollout is still way behind what it could have been, had it not been for a particularly opprobrious system of licensing and spectrum allocation, these gadgets, seen everywhere in cities and towns, ugly masts festooned with strangely disturbing grey antennae in different shapes and sizes, account for a significant amount of diesel consumption.

*In India, I mean

Of course we all know that 24/7 electricity is an almost unknown phenomenon in India, aside from at a handful of urban conglomerations, like, for instance, Mumbai. Since there isn’t anywhere quite like Mumbai, it may well be that it is the only place where anything other than 24/7 electricity is likely to draw newspaper reports. Still, it hadn’t impinged on my consciousness that the cell-towers need to be well juiced, whether or not the grid power delivers, or else communications, such as they are, will cease.

Now, has this little but important fact come to the attention of anyone else? I mean, by anyone else, the nabobs of the powers-that-be, who dole out licenses and spectrum, whose delays in reallocating spectrum between current users and the proponents of 3G services means that 3G will be an irrelevant technology by the time it finally arrives. Do these worthies think it relevant to nudge cellphone service providers towards more responsible energy-use policies?

Look, if the answer was yes, then this would be a press release, not a blogpost. Wake up.

Here’s a small suggestion. For existing license holders, we need an energy audit: how much of cell-tower energy comes from fossil fuel consumption (total amount and per-tower consumption, measured at the tower, so it must include grid-power drawn from fossil fuel consumption as well)? Then demand an annual improvement as a condition for licensing, and impose financial penalties on failure to maintain continuous improvement, or to file reports on time. Make payment of these penalties a precondition for renewal of spectrum allocation. For new licensees, demand a minimum value right from the word go, based on the overall previous year’s consumption reports across the entire industry.

Wait, you may well think, what about the other users of spectrum, shouldn’t they also be nudged towards lean energy practices?

I say yeah! For sure, anyone using as much spectrum and energy as cellular services should also be made to pay for it. The biggest consumer in this respect is probably the military. In fact, anytime the issue of shortage of scarce spectrum resources comes up, fingers point at the military.

As far as I am concerned, the military pays in ways we can’t even imagine already, although that is not and should not be an excuse for profligate behaviour. Still, there is no great harm in the country understanding what it really costs to protect the state, and also perhaps to demand some kind of proper accounting for it. It would be interesting to learn whether this kind of accounting (not accountability!) has ever been demanded in the past. SnoCats and coffins make for good headlines, but the real money goes elsewhere, which is why arms dealers manage to continue in business long after they have been found engaged in the most knavish deeds. A step must be taken somewhere, and spectrum may be the place to start. It may happen that spectrum usage has actually one of the tiniest budget impacts for the military, in which case it is a good place to check out the quality of an audit, before rolling it out to bigger ticket items.

But I digress (to tip a baseball cap in fond tribute to Tom Lehrer). We should have a good, if not an excellent, communication system all along our coastline. There are four principal users of our coastal waters: commercial goods transporters, industrial fishing vessels, small fishing vessels and the military (including the Coast Guard etc). Perhaps offshore natural resource extraction also plays a big role as far as consumption of spectrum and energy goes, but I would tend to imagine it isn’t very large compared to the others, as a chunk, except in certain specific geographical areas.

The commercial goods people (international shippers) already have a decent comms system in place, mainly using satellites, and so do the military (at least, I hope they have, for I haven’t checked). That leaves the industrial and small fishing vessels. Both use diesel in large amounts, but only the former uses spectrum in any meaningful quantities, relative to the numbers and economic value add.

Which is a real shame, for it is the small fisherfolk whose ordinary lives are conducted in an environment of extraordinary risk, till recently almost completely unaided by any decent organised support system, and very sparingly aided with energy from fossil fuel. They need an easy-to-use, reliable and mission-critical comms system, one that is energy efficient to boot. The last ‘improvement’ anyone needs is to have to spend just to stay in the same place.

I have something in mind to muse about, pertaining to the efficient sharing of spectrum, in this context. I had, in fact, planned to write it now, but this post is probably too long already, so I will cease and desist for the moment.

Watch this space.

FM broadcasting, being roughly medium wave transmission, works in line-of-sight principally, which means that signal attenuation  with a host of interfering material objects, such as trees and houses, is brutal on the one hand, and that the horizon is the effective limit, on the other. Stray signals will occasionally travel much further than that, but not very reliably.

More power will cause a better signal at longer distances, but not much. The marginal increase of cost with power is exponential, directly opposite to the marginal increase in reach. Given these constraints, it becomes obvious that the greatest efficiency for a poor community comes from very low powered transmitter stations. I have enthusiastically discussed this at great and wordy length in another blogpost here. Our own work, at Radiophony, indicates that such stations may be as small as a square kilometer in reach, for such a throwaway cost, that to actively prevent such stations flourishing is in itself a travesty of freedom.

But I digress.

The announcement, at the dawn of 2003, brought about a great degree of excitement, as the numbers of radio stations possible were, according to the government, as high as 4,000. Subsequent announcements made it clear this number was being thought of as a preliminary target, something that might be achieved in a couple of years or so.

Nowadays, six years down the line, figures for the upper limits on Indian community radio stations are bandied about in public places, even by persons who have worked hard to gain international recognition in the world of community radio. Just recently, a senior officebearer of the Asia-Pacific focus group within AMARC, which is the French acronymed-name of the world association of community radio broadcasters, said he hoped the Indian government would find ways to put support in place, so that the potential target for 5,000 stations of 50 Watt capacity each, which he characterised as ‘the potential for the broadcast spectrum in the country’, could be met.

To some eyes, it may certainly look like an ambitious target, especially considering the number of stations licensed under the Community Radio Policy have barely topped 50 so far (54, in September of 2009).

Yet.

How meaningful is this figure, in terms of using a ‘limited’ spectrum capacity? The total bandwidth, by international agreement, is just about 20 MHz, while the technology permits broadcasting at neighboring frequencies with not less than 200 KHz separation. One of the most dense FM regions in the world in the city of New York in the US, which hosts around 72 working stations.

Still, we don’t need to go across the world, to find out what people are doing with the spectrum. Look at Thailand: a land area (discounting water bodies etc) of 511,771 sq km, and population of about 65 million. Well over 2,000 stations (wikipedia) broadcast currently, down from an estimated 3,000 a couple of years back, in the teeth of active restrictions, due to policy disputes at the highest levels of government. Put in simple terms, it amounts to one community station per 250 sq km, or 0ne station per 32,500 people (ie, considering all the people in the country, not just the ones within listening distance).

India, on the other hand, has a land area of 2,973,190 sq km, and a population of around 1,170 million, counting projections of around July of 2009. The target of 5,000 stations thus amounts to barely one station per 600 sq km, or one station per 234,000 people. Not quite reaching for the sky, is it?

Several years ago, on the email list popularly used between supporters of community radio, I worked out the estimated potential capacity of low power broadcast radio in India. The true FM capacity of the country worked out to over 900,000 stations of ~5W*, reaching a pragmatic zone of about 5 km in dia each, to adjust for 50W stations, which will reach a zone of about ~25 km in dia. This is 25 times the effective area of reach of 5W stations, hence we must cut down the total to 1/25th, or 4%.

That is still 36,000 stations, give or take a few hundreds.

My working out this calculation does not imply that I am in favour of 50W stations per se, and I will get back to this point below.

[*I had originally assumed about 100 channels per fixed area, resulting in 1.25 million stations for the country, but after discussions with practiced US broadcasters, reduced this number to 72. Accordingly the 1.25 million got cut down by 25%, about which I had subsequently posted to the list].

This willingness by the ‘haves’ of our country to accept lower targets of accomplishment devils just about every single reasonable attempt being made in the country to get the ordinary people, the disenfranchised and exploited, the most basic chance to pull themselves together to reach the very basement level of empowerment: a voice. Put this together with the divisiveness between commercial and non-commercial, and educational and ‘broader’ purpose objectives, and the situation in FM gets quite vitiated.

Plain vanilla economic arguments towards the division of use of spectrum give, in effect, more to the ‘haves’ in terms of super-powerful transmission capacities (for a price, but meeting the price is much easier for them). Unfortunately, this cruelly cuts down the options for those in more straitened circumstances, because powerful radio stations invariably drown out, or ‘interfere’, with signals from lower powered stations in the vicinity.

Much worse, it effectively reduces every need in the country to an economic need, and transforming the government’s main purpose from governance to revenue collection. What a travesty!

While I do not have anything against some stations being more powerful, for those few places in the country that have low population density in high-foliage (or other high-attenuation contributory factors) geographies, to take it as the norm is simply a waste of a fantastic resource, simply because it is there.

What is quite depressing, vis-a-vis the quality of discussion in many fora, including the one specifically set up to share concerns and support between community radio enthusiasts, is the sniping that keeps cropping up between supporters of ‘educational’ and ‘community’ broadcasting, as practices. This is a prime example of the confusion that hierarchical governmental systems tend to foster, in order to cling on to their implicit or de facto autarchy, which has no place in a democratic civilisation. Apparently, democratic civilisation is our national choice, as recent arrests (on the grounds of sedition, or espousing sedition) of intellectuals who favour other approaches show.

This situation was brought about by simply placing limits on technologies, by ascribing different price points to the radiated power. In other markets (the 3G auctions that keep getting postponed, even though vastly superior 4G telephony technology is now nearly ready to become commercially available, and the fact that GSM technology in and of itself does not need to be purveyed or deployed by national-sized megacompanies), the allocation of parcels of frequency is the market-shaping determinant, rather than sheer broadcast power.

On the list, the discussions haven’t even begun to question the government’s fiat accompli of allocating some FM frequencies to some organisations at the national level. Nobody seems interested in questioning why commercial stations are allowed 1. tsunami transmitters that drown out all less expensive options in the vicinity and 2. fixed frequencies across the country.

What does a fixed frequency deliver, in terms of value propositions? The ability to create a brand around a frequency? How many of these commercial chains still rely on frequency branding to promote their channels, and how is it in the nation’s interest to lower their costs of advertising in national newspapers and other media? Of course, it does not affect the cost of advertising in local media. I really don’t know why the private sector companies played along with the government, when the terms of frequency allocation became to shape up, earlier this decade. Anyway, they seem to be stuck with that foolishness.

What does opening up the spectrum to low power transmission do for the country, and its people?

A brief list:

1. Allow small groups or communities of people to express themselves through an inexpensive technology, providing them with their own choices of entertainment and useful information.
2. Empower such small groups with the management and creative expertise needed to meet the needs of their own special listener groups, without forcing them to install a complete educational framework before getting started (international readers of this blog may be surprised to know how pathetically incomplete the education sector coverage remains, never mind the more specialised learning environments that include management and creativity).
3. Regularise the use of FM spectrum for a host of occasional, local and community-oriented activities, such as local music performances, simultaneous multiple language translation of non-local language content by external speakers, public speeches in general, religious gatherings and so on. Such applications are often employed in India, although it is illegal here, apparently (the rules are not clear), but they are permitted in many countries around the world, often for nominal fees.

At present, such commonsense, inexpensive and inoffensive usage of spectrum is either proscribed or discouraged, for reasons that remain undebated in public fora, for the simple reason that the agenda at such fora is often set by the current controllers of spectrum (ie, the government). While representations at such fora have been made several times, it does not seem to be recorded in any responsible form by the government itself.

The FM band remains tightly in the control of the government and the revenue generating private sector, with applications for the common good either poorly served, or not at all. It is truly unfortunate that this situation now finds endorsement from representatives of community media.

Following an angry comment from a reader that the post is obscure and turgidly written, I have made an effort to edit and hopefully improve it. I have put my ‘comments’ as asides, however, both Ralph’s original post and my comments are in first person voice)

(This is a) design for a wind-powered energy system that can tap at least 60 times as much energy as the United States Renewable Energy Laboratories states is available in a square meter of wind. The system does this not by some magical process (it is extremely mundane) but apparently by tapping into very large volumes of moving air, as seen in the sails of large sailing ships. With it, you should be able to easily reach single-digits megawatt/hours of power in windspeeds as low as 10 statute-miles- per-hour, or drive a pump with thousands of horsepower of kinetic energy in those same winds.

And, in case it needs to be repeated, anyone outside of the U.S. can use this design (patent pending in America), to the best of my knowledge, free of charge. And should prove very, very cheap to assemble. (My thanks go out to Dr. Win Wenger, whose original public-domain invention was the seed that inspired this design.)

You can conceivably get away with building this system with little more than copper, sailcloth and steel… and just the sailcloth and steel if all you want to do is drive a pump. With just four sails, sixteen strips of cloth, a turntable, a driveshaft, a rotor and a simple reciprocating pump, you can supply the hundreds or thousands of horsepower required to handle virtually any task required by an irrigation system, a municipal water supply, a sewage system, a water pipeline sending your supplies far afield, or… what is already the cheapest form of water desalination in the world — reverse-osmosis desalination.

How does it do all this? Introducing sails to wind-power  generation is nothing new, yet the tremendous productivity we see in the sails of ships seems to elude designers. A major “secret” to the following system is a matter of scale — setting up sails large enough to capture the kind of high power yields we are talking about, in a design robust enough to handle that kind of power without tearing apart, while being cheap enough (both financially and in terms of locally available resources) to be an incredibly productive investment.

The fact that sails have yet to migrate to electrical production or water distribution in this form is not surprising — apparently the hundred-foot- tall and larger masts sported by the world’s seagoing sailing vessels looked a bit too challenging to most reasonable engineers. Hence the tiny sails we are used to seeing in conventional turbine designs. But getting around such limitations is the point of this invention.

Comment: I don’t think the writer (Ralph) has got this spot on. My own take is that designers of modern turbine systems are blindsided by the general abandonment of sail in shipping, and by the exotic nature of rigid turbine blade design. While it is true that flexible sails need a great deal of maintenance, the accompanying ease of local support in carrying out such maintenance more than compensates.

Before I go on, I should mention that the “ideal system” for most users, will, ironically, not be the theoretically ideal design. To take an extreme example, if you are in a village in remote Africa, and you simply need to move water to your fields, you may be using the broken axle of an old car or truck as the rotor in this system. And if you do not have a reciprocating pump, you may set up two or three of these devices, and have them drive screw pumps you have hand made out of, say, some old sheet metal. The point of providing free power around the world — while this gesture can certainly help people in all walks of life — is to assist individuals and communities, no matter their circumstances, in providing power for themselves, using the means they have available, rather than becoming dependent on some distant organization or expert for the resources fundamental to their survival.

But again, how does all this work?

The Picton Castle Example

To summarize the technique in the simplest terms possible, let’s refer to the example of an actual sailing ship, the three-masted barque Picton Castle. This vessel weighs a bit over 300 tons – say 330 with its 52 member crew, supplies and cargo. She has 12,500 square feet of sail at full sail (though she often sails using less). The Picton Castle can sail at over 5 knots (over 30,000 feet/hour) in average winds of 8 to 12 statute miles per hour.

Photograph Courtesy picton-castle.com

If 12,500 square feet of sail can move 330 tons of ship, cargo and crew at 5 nautical miles per hour in 8 to 12 miles per hour of wind… well then, 660,000 pounds x 500 feet/min = 330,000,000 ft•lb/min = 10,000 horsepower… or 7.45 MW.

Or to put it another way, an area of sail equal to a 100′ by 125′ rectangle can supply 10,000 horsepower in 8 to 12 mph windspeeds. This is important, because 12,500 square feet of sail is slightly less than 1,200 square meters. And according to the U.S. National Renewable Energy Laboratory, the maximum amount of power available in a square meter of wind at, say, 9.8 miles per hour, is 0.1 kW. Even at 12.5 mph, that potential energy increases to only 0.2 kW.

The sails of the Picton Castle – without any particular optimization for utilizing windpower, other than those standard to a sailing ship of her type – are therefore, at a minimum, tapping about 60 times as much energy as is considered theoretically possible with a 100% efficient conventional wind turbine. (Because the power of the wind does not increase linearly with speed, but cubes, the implications are even more startling for electrical generation — an average windspeed of roughly 20 mph in a Class 7 wind zone would not double those 7.45 MW, but multiply them by a factor of 8.)

The following description discusses in detail how this kind of immense kinetic power could be practically and easily utilized with, say, the “four sails, sixteen strips of cloth, a turntable, a driveshaft, a rotor and… simple reciprocating pump” mentioned above. (Not to mention the electrical-generation aspect of the device.) But in brief, once you have four large sails turning in a circle, with wind only allowed to strike them directly aft or at angles where they can ‘tack into the wind’… then all you need to do with this mechanical force is attach it to a reciprocating pump and use your thousands of horsepower to move as much water as you may require. The simplicity of this design belies its power.

I should add, however, that the empirical evidence discussed above is not quite the whole story. First, while ocean currents can in fact either help or hinder the progress of a ship, the other factors excluded from this calculation all imply that the efficiency of sailpower is even greater than my example suggests. I did not mention the tons of seawater the Picton Castle (a very heavily built vessel) is constantly plowing through as it moves. And her three masts, while important from a seafarer’s viewpoint, insure that any wind striking directly from behind, with greater theoretical efficiency, will be interrupted by a barrier before it can reach the middle mast, and again before it can reach the foremast. Further, the wind rarely strikes a vessel at an angle that maximizes efficiency, unlike the windjammer system, which is designed to make the best use of windpower coming from any direction.

And finally, she does not always employ her full 12,500 square feet of sail. All of which suggests that an effectively configured system using sails could tap at least 100 times the maximum power theoretically available to conventional wind turbines.

How much desalination could a handful of these pumps provide? Well, as an example, the Ashkelon desalination plant in Israel produces 100 million cubic meters of desalinated water a year, using 6 5.5 megawatt pumps, with another 2 such pumps on standby. Obviously all eight are less powerful than the 10,000 horsepower/7. 45-MW-equivalent pumps discussed earlier. Imagine being able to produce 100 million cubic meters of freshwater a year (0.1 cubic kilometers) from one site without having to pay the cost of driving those pumps. And being able to do this even in areas of relatively modest windspeeds, such as you might find even on your less windy coastlines. (You probably would not use those pumps directly, but I discuss this option in more detail below.)

Building a Lateen Sail-based Windjammer Turbine

The Vertical, Axial, Lateen-Sail Wind-Turbine with Supporting Panels, or ‘Windjammer System’, takes the conventional axial wind turbine, adds sails in place of blades as suggested in Dr. Wenger’s public-domain version, but then adds the following modifications in order to fully achieve the advantages detailed above.

As seen in the included* drawing, the windjammer system sets up several sails (typically sizable lateen sails of a modern, triangular design) on a rotating disk or frame (or other rotating structure).

Comment: I have linked Ralph’s drawings below

When the wind blows, these sails spin in a circle surrounded by a set of sixteen equidistant ‘panels.’ These panels are each laid out along a line that is tangent to the edge of the circle (though the panels themselves draw up short of the circle), and they all have the same orientation, whether that orientation is clockwise or counterclockwise. The line of each panel begins 1 ½ diameters from the edge of the circle from which it is tangent, and extends 2 ½ diameters out from there. This blocks incoming wind most effectively so far.

The effect of these panels is to channel all wind coming towards the windjammer system predominantly towards one side of the turbine – only allowing wind to directly strike certain parts of the ‘blocked side.’

Along these exposed sections of the ‘blocked side’ the lateen sails turning back in the direction of the wind will still be able to ‘tack against the wind’, thus still drawing power from it. The impact of the wind is weakest on the far edge of that blocked side (the edge opposite the tangent point from which the panel most directly oriented into the wind takes its bearings).

The net result is that the sails will be able to rotate in one direction only, but will do so with considerable force. (Which direction is unimportant so long as the lateen sails and their surrounding panels are set up to favor wind from that direction.)

• Because the panels are fixed in position, wind is instantly channeled into the turbine, regardless of how quickly or unpredictably it changes.
• Because lateen sails are able to ‘tack’ into the wind more efficiently than other designs – drawing power from the wind due to their design even when moving at an angle against the wind (an angle more directly opposed to the direction of the wind than most sail designs can manage) – this simple sail can draw power for most of its rotation.
• The panels are positioned to primarily block wind from striking the outer segment of a sail when it is moving directly upwind or almost directly upwind.

While an automatic ‘flip-flop’ mechanism can be included in this system, it is probably more practical to simply fix the lateen sail in a position that is relatively ideal for most of its rotation, and to simply block incoming wind where it hinders the sails’ progress, as described above.

This is a useful option for maximizing efficiency, because a lateen sail that does not require the space to flip back and forth can be fixed more securely to the ‘turntable’ within which its mast is embedded – with the mast at the edge of the spinning disk, the narrow, leading point of the sail abutting the next mast in the circle, and the great expanse of the sail extending in a wide sweep beyond the edge of the circular turntable. Indeed, in some cases that segment of the lower spar may in fact be embedded in the turntable disk, depending on how individual builders choose to assemble their version.

This combined set of spinning sails drives the generator at the center of the turbine (the turntable to which the masts are secured being the top disc in the generator).

• Alternatively, the central drive shaft can be connected to a reciprocating pump.
• Or you can use a gear system to connect that drive shaft to a pump as needed, and shut down the electromagnets that some forms of the generator will use while pumping water, sewage, or what have you.

Lateen sails can move sizable sailing vessels in only a slight breeze, so you have plenty of power available, for whatever purpose. The generator in this turbine will therefore be optimized to make use of the tons of kinetic force harnessed by the system.

On a normal sailing vessel, a lateen sail does suffer problems – the large yardarm is difficult to handle on the deck of a ship in stormy weather, and it has ‘bad tack’ when airflow comes from the wrong side of the sail and forces the mast against the sail (thus interfering with the airflow the sail is using). Neither of these problems is an issue in this design, because there is no need for sailors to adjust the sail in storms and because the sails are almost always receiving wind from their optimal side or else a fairly optimal tacking position.

Further, because the upper yard supporting the sail pivots at its point of contact where it abuts the next mast on the disk, while resting on its own short mast, the entire sail and yard can be swiftly dropped – a useful safety option for extremely high winds and other occasions when turbine operators wish to shut down the system quickly.

The upper and lower spars provide a frame for the sail, so the camber of the sail is simply a function of how tightly the spars stretch the sail. This means that lateen sails are often cut flat, without the complex cutting and stitching required to provide camber in Bermuda rig sails. This characteristic of lateen sails makes them simpler and thus less expensive than many other sail options.

Comment: It also means that training local sailmakers is relatively simple.

The Electrical Generator

Comment: Electricity generation is not always necessary, so this section may be skipped

Ideally, the generator itself may be a very simple, very robust design – perhaps with just one disc of fixed, alternating magnets rotating past a disc holding a set of coiled copper wires, while an attached framework connected to the magnets’ disc spins a matching set of magnets underneath the copper coils, thus increasing the generator’s magnetic flux and efficiency. This setup would enable engineers to affix the top disc very firmly to the rotating sails and yardarms, and to bolt the lower disc to the ground or floor (or otherwise fix it very firmly in place), while the attached framework could function without in any way interfering with either of these discs. (Note: Image not to scale.)

Comment: I could not find Ralph’s generator drawing, but the descriptions seems straightforward enough.

However, designing an electrical generator in this form would make the design dependent on rare-earth magnets, that would not exist in sufficient and affordable quantity if this system became widespread. Therefore, an electromagnetic variant of the design becomes advisable. There are a few relatively simple ways to do this. One, and probably the more practical and resource savvy, is simply to store a considerable amount of electrical power in your disk, perhaps using a series of simple capacitors or supercapacitors, (or conventional batteries) and use that flow of electricity to power simple electromagnets (copper coils around iron cores).

A capacitor is simply a pair of conductors separated by a dielectric material, such as plastic, glass, mica and ceramics. Some materials normally less used for capacitors because of their particular physical properties may work well with this system, because, say, low-voltage electricity is not really an issue when you are transmitting only a foot or two away. The capacitors or other storage devices (such as more conventional batteries, if you could preserve them from the elements) would have to be charged periodically, but then, you would be sitting on top of considerable electrical generation capacity and, as discussed further on, considerable storage capacity as well.

A second option is to generate power for those electromagnets upon the upper disc itself, perhaps in concert with the above storage methods.

Power generation options would naturally include solar in some climates, especially solar panels made of relatively low-cost, common materials normally not considered up to modern standards of solar design. But cheap, renewable and capable of a small trickle of power may well be all many systems actually need, especially where smaller, remote generators are concerned, particularly in relatively impoverished areas. (There is another, completely speculative method for amplifying the number of these generators that can be powered using a far smaller number of permanent rare-earth magnets — a kind of compromise between the heavy use of such magnets and the complete renunciation of all materials in relatively short supply — that we will discuss in a later update.)

A third option, grudgingly noted, but working against the notion of keeping this design as simple, easily constructed and easily maintained as possible, would be to simply use some graphite bushings to convey power to the upper disc, and thus to the underslung framework, with the electricity for these being brought up through the central rotor. (Even many automobile rotors that might be pressed into service in remote areas have a hole in their center through which these connections might be made, a gap normally meant for an axle, that could instead include a more complicated mechanism.)

Comment: It is also quite possible to jury-rig a geared transmission made up from automobile scrap, in order to set up a standard genset outside the sail-swept area. It will also make it much simpler to hook up a water pump or other rotary mechanical devices.

The Windjammer System

There are at least two major variants of the windjammer system. The first, lightweight version, uses sailcloth suspended between two poles embedded in the floor, roof or ground to fill the role of softer, lighter-weight ‘panels.’ The second, heavier and potentially more durable version, uses relatively rigid panels made out of wood, metal, synthetics or any other materials capable of holding the form of a panel and channeling air into the turbine. In either form, the panels can be connected together along their top edges using strong struts or metal rods (linking the edge themselves in the case of the rigid version, or the supporting poles in the case of the sailcloth panels).

By connecting in a framework bracing the top halves of those sections, the entire structure reinforces the panels (instead of leaving them as unsupported, freestanding sheets of material being regularly hammered by the winds). Though again, whether you include such a structure will depend on the size of your system, local environmental conditions, and the judgment of the builder.

This connecting framework can also support a rotor connection at the top of the central shaft above the generator at the core of the system. Rods crossing directly over that central shaft can lock together to form a robust support structure for the upper rotor. The bulk of the shaft’s weight may remain on the lower rotor, but this tactic can nevertheless greatly relieve the burden on the bottom rotor joint. (Again, this is very much optional.)

The two kinds of panels can be modified to deal with major storms and other threats in different ways. The sailcloth panels can simply be installed in a manner that enables caretakers to quickly remove them in the event of severe dangers.

For the most part, the framework of rods on which these lightweight panels rest, along with the rest of the supporting structure and other heavy elements of the system (the sail yardarms, the rotating ‘turntable,’ the generator itself), can be made light enough to be easily removed (though this will obviously vary with the scale of your system — an irrigation pump being far easier to remove than a desalination pump or the typical 100 megawatt/hour capacity generator).

One option installers can use with those pieces that have to be driven into the earth or bolted to solid surfaces is to affix them securely in place as shorter female sections into which the bases of rods or other pieces can be inserted and to which those rods or other pieces can then, in turn, be secured. When breaking down the system for evacuation or storage, the pieces embedded in the ground can be left in place for later retrieval or system reinstallation.

Partial disassembly of the framework over the generator (if such a framework is included) should be possible and a requirement in the construction of every system no matter what design is used, in order to permit caretakers to service the upper (and possibly the lower) axial rotor joints.

The alternative, hardened version of this energy system can be designed to weather extreme conditions while remaining in place. The solid panels can consist of two separate panels set back-to-back (both standing in the position of a single panel) and joined to a supporting pole set at one end. One panel section will be connected to that pole with swiveling joints and that entire segment will be able to swing freely in an arc from its normal position backing the section of panel. It will swing around to assume a closed position blocking the closest wind intake path into the turbine. These panels can be locked into either position – usually in the backing position, during normal operation.

Shutdowns and Emergencies

In the event that the system needs to be shut down and sheltered, that swinging section can be unlocked and the panel segment swiveled around into the ‘closed position’ and then again locked into place. In this position, horizontal airflows into the system are effectively blocked, thus shielding the system from high winds and many other threats. This unlocking, swiveling and relocking could all be triggered remotely or manually, and actually accomplished electromechanically (for example, by electric motors swinging the panel sections open and closed).

Depending on how the ‘roof’ of a rigid-design system is constructed (if one is included), the turbine may simply have a literal roof over its central area integrated with the folded panel sections to create a completely sealed structure. Alternatively, panel segments similar to those conducting wind into the turbine could be put in place on the top of the system’s central area. These could also be unlocked and folded (in this case, down) to create a roof integrated with the panel-segment ‘walls’ established in emergencies. This could also be triggered remotely or manually, as described above. (Again, all this is completely optional, but given how much your site is threatened by storms or other extreme conditions, could always become an issue. So there it is.)

The yardarms of the sails, as noted above, can be manually or remotely triggered to collapse into a folded position – a useful emergency method for slowing the turbine in the event of extremely high winds. The system could be installed with an electronic remote trigger – either a catch releasing the upper yardarm (lateen sails typically have at least an upper yardarm, if not a lower one also) and allowing it to fall along the arc permitted by the swiveling rod.

Once folded up in this fashion, the sail will no longer tap local winds effectively and the system will immediately begin to power down. Reducing the spacing of the yardarms by smaller degrees – by having the upper yardarm catch at set increments, or using a more precise controlling motor at the hinge of the yardarms – would enable overseers to control the amount of wind intercepted by the sails and thus to control how much wind power the system was tapping into at any particular time. This would, for example, enable overseers to control the force with which the reciprocating-pump variant of the system was pumping water.

As a backup to this electronic trigger, the system could also be equipped with a simple pull cord that would manually release the catches mentioned above, thus dropping all the yardarms with a single tug in an emergency, and thereby eliminating the system’s dependence on that electronic switch.

Finally, the panels extend outward from the circle normally swept by the sails and presumably increase the amount of wind intercepted and the airflow driven into the overall system, thus increasing the amount of power harvested at a particular windspeed, though there are some offsetting factors in terms of how the airflow is also disrupted by the presence of these panels.

Summary

• Given that a large set of sails for a sailing ship (such as the Picton Castle) can tap at least 60 times as much power than the maximum amount of power the U.S. Renewable Energy Resources Laboratory states is theoretically available in a square meter of wind passing through the area covered by the vanes of a conventional turbine (if not more), despite the factors preventing those sails from working at full theoretical efficiency.

• And given that this difference in available power seems to be the function of the much greater volumes of air apparently interacting with the large, broad sails of a ship than with the vanes of a conventional turbine, given an equal area covered by the sails and vanes respectively.

This system employs large sails, including those capable of moving an ocean-going sailing vessel, or larger, in a design robust enough to handle the kinetic energy involved, while still being inexpensive enough to be far less than the installation cost per megawatt/hour of the production capacity of the designs now prevalent in the marketplace. Since this system can drive a turbine that, in turn, can produce electricity, pump water, or both:

• And given that this system can also provide the services of a traditional windmill or waterwheel-driven mill, especially in areas lacking more advanced technology, thus allowing for the grinding of grain, the sharpening of tools, and the driving of lathes, some antiquated-textile equipment and other normally motor-powered tools, and the cutting of wood as a sawmill…
• And given that this system can immediately switch from one form of production to the next to thus maximize the efficient use of wind power when the wind is blowing at its strongest, for example pumping irrigation water or municipal water supplies or sewage when electrical demand on the electrical grid is lessened, or grinding a supply of grain that has been waiting for an increase in local wind speeds or a drop in electrical demand, or pumping water or sewage and producing electricity at the same time, it can provide critical energy to meet a wide variety of local needs, regardless of the technological level of the local economy.
• This system is sufficiently robust and easy to oversee as to operate with minimal supervision, and thus can power local energy grids while requiring relatively few personnel for maintenance.

The dedicated water-pumping system is even more robust and easy to oversee and far easier to build given limited resources, expertise and technology, and thus can service multiple end-uses, such as the supply of irrigation or municipal-water- pumping or sewage-system needs even in areas with very limited technology or infrastructure funds.

As this system can pump water with sufficient force, even in the thousands of horsepower, required for fracturing pumps (for example, on oil-drilling rigs) and reverse-osmosis-desalination plants:

• And given that the water moved for irrigation, municipal supplies or desalination can be pumped into elevated storage locations ranging from water towers to normal reservoirs to any structure capable of holding water in extremely large quantities so that the water can retain the kinetic energy to be gravity-fed to wherever it is needed in the immediate area.
• And given that the water stored in any structure capable of holding water in extremely large quantities can, when the structure is filled with a sufficient mass of water, be released through an opening in the bottom of that structure under enough pressure to theoretically meet the water-pressure requirements of a reverse-osmosis desalination plant.
• And given that the water pressure of water released under such pressure from such a large container of water can be adjusted by such commonly understood methods as pressure-relief valves on the pipe releasing the water, thus enabling a significant degree of control over the water pressure, and thus preventing the water pressure from reaching destructive levels.

This system can therefore presumably be adjusted to provide the steady, high-pressure flow of water for large-scale desalination.

Furthermore, this system, when applied to water pumping, whether used exclusively for that purpose or in combination with other tasks such as electrical generation, can be set up very inexpensively and provide hundreds and even thousands of horsepower worth of power to each of a series of pumps even in relatively low-average- wind-speed regions.

Consider that inexpensive pumps providing hundreds to thousands of horsepower of pumping power along a pipeline could enable the relatively inexpensive transport of desalinated water over hundreds of miles, thus providing municipal water or irrigation water purified at a coastline to far-removed locations.

Such a series of pumps could each push the water they move into an elevated container, as explained above, whether a water tower, a normal reservoir or any structure capable of holding water in extremely large quantities; and the pipeline itself could be laid out to pass over hills, ridgelines and other changes in elevation, thus making use of the commonly known siphoning effect to help draw water further down the pipeline, this form of pumping could be used even in areas where wind power was somewhat inconsistent, so long as available wind power were sufficient to store kinetic power in the form of stored, elevated water supplies along that pipeline route.

And in fact this system will enable the inexpensive set up of a powerful pump that, in combination with a large structure capable of holding water in extremely large quantities, will be able to provide the pressure for reverse-osmosis desalination at or near an irrigation site, thus enabling the removal of even minute amounts of impurities that may be associated with travel through a metal or other pipeline, thus enabling significant, judicious irrigation of an area over time without the normal build-up of metallic salts associated with the long-term deposit of such impurities.

The windjammer system can operate and provide extremely high levels of power, from multiple megawatt/hours of energy per hour, if not more, even at wind speeds that would normally be inadequate for conventional turbines, such as 10 statute-mile- per-hour winds. Which means the system can operate effectively and an in economically viable manner in many areas where that would otherwise be impossible for wind-power systems, and thus can supply electricity inside or near a city or town, thereby reducing the demand for grid transmission and the amount of grid infrastructure required to maintain the electrical supply within a nation.

The windjammer system will produce electricity at relatively low voltages, however, this electricity can be put into a series of flywheel electrical storage systems, such as compulsators, and then slowly released at a roughly steady level of current through a transformer, thus changing the voltage with little difficulty. Also, if the power is generated close to its end users, it will not have to be transformed into an extremely high voltage for long-distance transmission.

And finally, this slower moving set of sails, being part of a large, robust generator system, will suffer far less from pulsatory torque than most conventional vertical wind turbine systems.

See details above and the images (linked) below. The preferred embodiment will also vary based on the resources available and the priorities of those building it. Each individual system’s design should be determined only after the builders have an idea of where it will be, how much space can be devoted to it, what the average wind speed available is and what materials are best suited for its construction.

Those installing such a system may be interested in maximizing the energy they can generate in a particular area, or in maximizing their profit relative to their initial investment in it. Alternatively, a team may simply be interested in generating whatever power they can, within the constraints of the local materials available to them – a situation many poor communities, and those suddenly dealing with grave levels of instability or resource depletion, can appreciate.

Figure 1

1. The central circular area swept by the sails in this system.
2. The panels blocking wind from one side of the system and channeling it towards the other. These are set in a tangent from the edge of the circle, begin 1 ½ diameters from that edge, and extend 2 ½ diameters out from there. This blocks incoming wind most effectively so far.

http://s704.photobucket.com/albums/ww41/DryObserver/?action=view&current=WindjammerBraced001-1.jpg

Figure 2
1. Central disk
2. Braced end of lower spar
3. The rest of the lower spars
4. Area swept by sails

http://s704.photobucket.com/albums/ww41/DryObserver/?action=view&current=WindjammerBraced002.jpg

Figure 3
1. The basic supporting framework

http://s704.photobucket.com/albums/ww41/DryObserver/?action=view&current=WindjammerBraced004.jpg

Disclaimer:
All of the above is, to the best of my knowledge, still patent pending in the U.S. (except for those elements that are already public domain) and public domain everywhere else.

Two interesting snippets makes me feel a rethink is worthwhile. As primates, the evolution of our collection of species is exceedingly communication-centric, and no species on earth has developed communication more complexly and richly than humans.

One is the well-known fact that American Sign Language, or variants of it, have been used to communicate with chimpanzees and other apes for years, some of whom displayed a stunning ability to form complex statements using this tool.

Signing is interesting, because it has had, developed around it, an entire ethos about inclusion wrt hearing challenges, vis-a-vis an opposing school of thought that seeks to drive inclusivity by teaching persons with severe hearing challenges to overcome those challenges using non-verbal communication, on the input side, and developing speech-appropriate muscle control (sans the actual speech feedback) on the output side. For obvious reasons, speaking children find it much easier to be ‘accepted’ in mainstream schools. In India, we have a pretty robust variation of ASL, called ISL, suited to sub-continental languages.

Still, that set of experiments appeared to be aimed more at establishing the intelligence of apes, rather than being about communication, although this may be a spin put on by the popular media.

The second, however, is more interesting. Consequent to the problems faced by a musician family with a child born nearly totally deaf (ie, deaf prior to language development), they developed signing within the family as a normal process, including the parent’s siblings and their children too. The children soon showed, even a tot in his first year, and an older child with cerebral palsy, that they were certainly capable of complex advanced ‘speech’ ie signing, long before their vocal chord muscle development was mature enough to form words verbally. This can be seen on YouTube – search for Two Little Hands. The parents market the TLH technique of early learning as an ongoing business.

Evidently, the nascent ability to communicate may be nurtured by the availability of appropriate tools of communication, and arguably, ‘learning issues’ are compounded by the rate of development of the human muscles and nerves necessary for speech. Of course, for evolutionary reasons, speech is the ‘conventionally’ favoured – indeed, the primarily favoured – means.

It seems to me that human communication can be effectively delivered using different tools other than the usual ones we find ‘normal’, such as speech and hearing. Arguably, just as we find it acceptable to use multiple senses (sight and touch) to supplement hearing in order to make for more meaningful, easier and more effective communication, perhaps we should consider development of a tool based on, for instance (but not necessarily limited to), signing, as a more inclusive approach to HCI than what we have had in the past. Current tools, ie interfaces, are almost completely based on mimicking traditional paradigms, primarily textual and verbal communication. At some point, such development is a blind alley, simply because it runs into a wall when persons with severe sensory challenges need smart assistive tools.

There are hints of more inclusive communication methodologies in popular literature and entertainment – mostly SciFi, naturally. For instance, in the film “Close Encounters of the Third Kind”, the communication between humans and aliens takes place using a combination of arrays of lights and multiple monotonal (ie “pure”) aural tones. Quite obviously, just as in human-human communication, multiple channel communication affords much greater and faster information transfer rates. Moving away from the traditional in favor of the improved could also be a pathway towards abandoning the interfaces that persons with highly advanced senses, particularly the autism spectrum affected, find obnoxious.

Of course, the recognition of the limitations of conventional wisdom, insofar as learning issues are concerned, is not new. In fact, the term “conventional wisdom” itself has a faintly pejorative tinge for precisely this reason: generally speaking, humans are smart enough to notice when hallowed traditions prove hollow. In the case of dyslexia, the inability to reliably identify text, verbal and audiovisual workarounds have long been acceptable as fairly effective bridges to inclusion. The same applies to other common forms of sense-related communication dysfunctionalities, such as alexia, dyscalculia and dysgraphia, that cause enormous damage to the learning process when inadequately accounted for during formal schooling.

The noted communicators Temple Grandin and Amanda Baggs, both of whom are identified as severely autism spectrum affected, show that they are not only capable of complex communication, but that they enjoy a quality of communication that is arguably far richer than those less sensorily endowed.

As human beings naturally limited by our current comprehension (and therefore acceptance) of the reach of our sensory organs, we do not find that using technological enhancements is a puzzle, or calls for a stretch of credibility. There is no rational reason why we should not view the acceptance of our ability to use such sense-enhancing tools as a stepping stone to developing communication itself, right from a very early age.