Dear all,

A couple of days ago I sent you an email alert about Common Mobility Cards (CMC) programme that the Government of India has started rolling out through the Ministry of Urban Development and UTI TSL - a public sector enterprise under the Ministry of Finance. A couple of readers responded saying that if the CMC is like London's Oyster cards my concerns about privacy and personal security would not be valid. I thank them for taking the trouble of writing back to me. I have clarified the matter below.

It is true that London Oyster cards cannot be traced back to the person who bought them. Oyster cards reportedly ensure a reasonable degree of anonymity of the user. However the CMC card may not afford the same level of anonymity in India. The picture of the CMC prototype card designed by UTITSL which will roll out this service shows a panel for pasting the photo of the cardholder and another for putting his/her signature. Look at Slide # 4 in the PPT attached ( also accessible at: A magnetic strip is also visible on this prototype which can potentially hold some personal information about the card buyer. But the RFQ docs for CMC (for these documents please click on: mention a chip that will be part of the CMC card. This is also likely to contain data about the personalised requirements of the card holder vis-a-vis travel and parking. If the photograph and signature are collected before issuing CMC cards it is very likely that other personal data such as name and address will also be collected at the time of buying this card. However this needs to be checked again as the procedural details of obtaining a CMC card are still a mystery. Even if none of these details are collected at the time of buying the CMC card a simple requirement of mentioning UID number is adequate to link the CMC card to all personal data including fingerprints and iris pattern of a person that is held by UID Authority or its eventual successor, the National Identification Authority of India. So until we get more authentic information from the Government, the similarity between London's Oyster cards and India's CMC cards does not go beyond cashless convenience of travel for the buyer. The only way to find out if it does is by compelling the concerned public authorities to make the whole deal about CMC cards public.

Or am I being unnecessarily paranoid about data protection and personal security? Recent media reports seem to indicate that the state of the art machines employed by the UID Authority of India are allegedly unable to register the finger prints and iris patterns of senior citizens (for example see: ). The dry weather and the individual's age are to blame, we are told. The technology being used of course must never be impeached. It is alright if the ISO standard for iris pattern recording and matching have not yet been approved at the international level. They are good for use in India, according to our technocrats. So if the means for collection of biometrics data is not fool proof why worry about its misuse? My biometrics may not even properly register on the state of the art machines. I should probably buy the CMC card with my eyes shut.

Then a third reader asked, "if CMC cards become compulsory will cash payments for tickets be refused? Can the bus or train ticket seller refuse cash which is legal tender around the country?" I do not know the answer because I did not design the system. Those who did are not telling us enough despite an obligation of disclosure under the Right to Information Act.

In order to access the our previous email alerts on RTI and related issues please click on:

You will find the links at the top of this web page. If you do not wish to receive these email alerts please send an email to this address indicating your refusal.


Venkatesh Nayak

Programme Coordinator

Access to Information Programme

Commonwealth Human Rights Initiative

B-117, 1st Floor, Sarvodaya Enclave New Delhi- 110 017

Tel: +91-11-43180215/ 43180200 Fax: +91-11-26864688

Skype: venkatesh.nayak Website: