We wrote to the Ministry of Civil Aviation urging them to stop the DigiYatra Scheme
tl;dr
The Digi Yatra Scheme (‘the Scheme’) was launched at the Delhi, Bengaluru, and Varanasi airports on December 01, 2022. During the second phase of implementation, the Scheme will be launched at Kolkata, Pune, Vijayawada, and Hyderabad airports. The Scheme allows digital processing of passengers using facial recognition to check the passengers’ identities at the entry checkpoint, entry into security check, self-bag drop, check-in, and aircraft boarding.
We wrote a letter to the Secretary, the Ministry of Civil Aviation raising our concerns about the exclusion that may be caused by the Scheme. In this blog post, we look at not only logistic exclusion but also the Scheme’s exclusion by design.
Why should you care?
The implementation of the Scheme puts data privacy and passenger ease at risk. While the Scheme states that the Digi Yatra Biometric Boarding System will conform and adhere to data protection laws as applicable and mandated by the Government of India, presently the country does not have any specific laws on data protection. Further, when Facial Recognition Technology (‘FRT’) itself is the subject of an international challenge as well as proceedings before the Allahabad High Court and the Telangana High Court for being antithetical to the rights to equality and privacy, the usage of such technology for ‘passenger ease’ seems redundant.
Background
The Scheme was launched by the Ministry of Civil Aviation on June 08, 2017, by the then Minister of State for Civil Aviation, Shri Jayant Sinha, to make air travel paperless and hassle-free per a press release. The Scheme would facilitate the digital processing of passengers at airports. Using the Scheme, a passenger can get a Digi Yatra ID by sharing details like their name, email ID, mobile number, and any approved identity proof, including Aadhar.
With FRT being proven to be racially and gender biased, it increases the chances of exclusion in a diverse country such as India. Logistically, instead of increasing passenger ease, as it sets out to do, the Scheme will only increase the burden on the airport personnel and the passengers, especially at busy airports.
The categories of data listed for collection also include a passenger’s Personally Identifiable Information (‘PII’). As per a press release, the Ministry of Civil Aviation stated that there is no central storage of a passenger’s PII data; the same is encrypted and stored in the passenger’s smartphone wallet and purged from the system within 24 hours of the flight. This is at odds with the interview given by Avinash Komireddy, the founder and CEO of Dataevolve, which has designed the Digi Yatra ecosystem. He states that data authentication takes place on the Amazon Web Services cloud platform. The Ministry has not referenced this authentication flow in its statement about the exchange of information between a passenger’s smartphone and the origin airport. Further, the Privacy Policy of the DigiYatra Scheme states that the collected data may be used for other purposes, such as improvement of products, contact for surveys and to process user requests, among others. The collection of this wide range of data for purposes other than passenger verification appears to be irreconcilable with the object of the Scheme.
Our Letter
We wrote a letter on April 05, 2023, to the Secretary, the Ministry of Civil Aviation, about our concerns concerning the implementation of the Scheme across airports in India.
We have raised logistical concerns regarding the Scheme in the letter. Due to the exclusion caused by FRT, the DigiYatra Scheme could fail to identify registered travellers, which could lead to unnecessary delay and inconvenience to passengers as well as airport staff. Our letter also highlights that the Scheme does not sufficiently advertise the alternative to FRT for passenger-ID verification.
We relied on illustrative examples to elaborate our point. In India, for instance, if just 1% of passengers on a daily basis opt for verification using the Scheme, the multiple check-in spots should be allocated in such a manner that there is no impact on the resources allocated to the 99% who do not opt for the Scheme resulting in bottle necks. This could prevent inconvenience at airports such as Delhi’s Indira Gandhi International Airport, where all boarding and entry gates are reportedly soon going to become Digi Yatra-enabled. Internationally, additional concerns have been raised that opting out of FRT at airports has purposely been made more convoluted by design to increase dependence on the technology.
In our letter, we have requested:
- The operation of the Scheme be ceased at airports, or
- The Scheme not become the primary method of verification, and
- The allocation of resources to the implementation of the Scheme be made according to the average percentage of passengers opting for verification using the Scheme.
In light of the concerns raised in the letter as well as in our previous posts (linked below), we hope that these are taken into account and that our recommendations are implemented.
This post has been authored by Policy Intern Anahida Bhardwaj and reviewed by the IFF Policy Team.
Important links
- Letter to Secretary, the Ministry of Civil Aviation with our concerns with respect to the implementation of the Scheme across airports in India dated April 05, 2023. (link)
- Part 1: The dangers of DigiYatra & facial recognition enabled paperless air travel #SaveOurPrivacy dated January 18, 2022 (link)
- IFF explains DigiYatra: Turbulence ahead dated January 29, 2022 (link)
- DigiYatra Project on Panoptic website (link)