India makes Aadhaar more ubiquitous, but critics say security and privacy concerns remain

The Indian government has launched a significant expansion of its Aadhaar digital identity system this month by introducing a new mobile application designed to integrate the 12-digit biometric ID into daily activities like hotel check-ins, law enforcement procedures, and digital wallets across the country. This strategic push aims to streamline authentication processes and increase the ubiquity of the world's largest biometric database in both the public and private sectors. By transitioning Aadhaar from a mere physical card to a versatile digital tool, the administration seeks to modernize India’s digital infrastructure and enhance the efficiency of service delivery for its 1.4 billion citizens. However, the rapid rollout of the new application has reignited a fierce debate among digital rights activists and cybersecurity experts regarding the safety of sensitive personal information. Critics argue that the government has failed to provide a transparent framework explaining how the data shared through the app will be shielded from the frequent breaches and leaks that have historically plagued the system. As Aadhaar becomes deeply embedded in sensitive areas such as policing, there are growing fears that centralizing such vast amounts of data without robust legislative protections could lead to unauthorized surveillance or identity theft. Beyond privacy concerns, the technical architecture of the new expansion remains a point of contention. While the government touts the app’s convenience, legal experts point out that India still lacks a comprehensive data protection law that can effectively hold entities accountable in the event of a security failure. The expansion into the hospitality and security sectors means that more third-party actors will have access to biometric-linked data, significantly widening the attack surface for hackers and potentially exposing vulnerable populations to systemic exclusion if the technology fails or is misused.