A photograph went viral recently on social media. Someone had placed their old and new Indian passports side by side and pointed, with evident fascination, to a small rectangular symbol embossed at the bottom of the newer booklet. The post asked, in the breathless register that social media rewards: “What is this mysterious rectangle? Is it tracking me? Does the government now know where I am at every moment? Is my data being sold? Can hackers steal my identity from across the room?” The comments that followed were, predictably, a cascade of alarm, speculation, and outright fiction. It is worth pausing to address each of these anxieties in turn — not to dismiss the curiosity that animates them, which is entirely legitimate, but to replace the fog of disinformation with the plain light of fact.
I. What the Symbol Actually Is
The small icon — a rectangle enclosing a stylised circle, resembling a chip or a lens — is the internationally standardised symbol of the International Civil Aviation Organisation (ICAO) for a biometric or electronic passport. It signals that the booklet contains an embedded Radio Frequency Identification (RFID) microchip within its cover. India began transitioning to e-Passports in phases from 2022 onwards, in compliance with ICAO Document 9303, the global framework governing machine-readable travel documents followed by over 190 countries. The older dark-blue booklet had no chip; the newer one does. That is the whole mystery — demystified.
II. Myth I: The Chip Tracks Your Location in Real Time
This is perhaps the most widespread falsehood circulating about e-Passports, and it is wholly without foundation. The RFID chip embedded in the passport is entirely passive — it carries no battery, no transmitter, and no GPS module. It cannot emit a signal independently. It can only be activated and read when placed within a few centimetres of an authorised RFID reader operating at a specific frequency. The moment you close the passport cover or walk away from a reader, the chip is inert. There is no satellite uplink. There is no signal being beamed to a server. The Government of India does not receive a notification when you buy groceries in Chandigarh or cross a street in Amritsar. The idea that a passive RFID chip constitutes a tracking device is a technological category error of the first order.
III. Myth II: Anyone With a Reader Can Steal Your Data from a Distance
A second anxiety, almost as virulent as the first, is that hostile actors — hackers, thieves, foreign intelligence agencies — can skim your biometric data by standing near you in a crowd. This fear ignores several layers of protection built into the e-Passport standard. First, the chip can only be read from a distance of roughly four centimetres under ideal laboratory conditions; in the real world, through a passport cover, that range shrinks further. Second, and more importantly, the chip is protected by a cryptographic protocol called Basic Access Control (BAC) or its successor, Password Authenticated Connection Establishment (PACE). Under these protocols, the chip will not communicate with any reader unless the reader first optically scans the Machine Readable Zone — the two lines of text printed at the bottom of the biographical data page. In practical terms, your passport must be physically opened and the printed text scanned before the chip will respond to any query. Remote skimming is not merely difficult; under the current architecture, it is not possible.
IV. Myth III: Your Biometric Data Is Stored in a Central Database Accessible to Third Parties
A third strand of disinformation conflates the passport chip with cloud storage. The chip stores a digital copy of the holder’s photograph, name, date of birth, passport number, and nationality — precisely the information already printed on the biographical page. It does not store fingerprints in India’s current e-Passport rollout (some countries include fingerprints; India’s initial deployment does not). Critically, the data on the chip is not uploaded to a live server when the passport is read at an immigration counter. The reader simply verifies the chip’s data against the printed page and against the traveller standing before the officer. No transmission to a third-party commercial entity occurs. The data does not leave the chip and travel to an advertising network.
V. Myth IV: The Chip Is Unique to India and Represents Governmental Overreach
Some posts have implied that India’s adoption of the e-Passport is a novel exercise in state surveillance, distinct from practice elsewhere. This is simply false. Over 150 countries — including the United States, the United Kingdom, Germany, France, Japan, Australia, and Canada — have been issuing biometric e-Passports for two decades. The ICAO framework was developed in the aftermath of the September 2001 attacks precisely to strengthen the integrity of travel documents and reduce identity fraud. India’s adoption is a late but straightforward compliance with a universal standard, not a domestic innovation in surveillance architecture.
VI. What Legitimate Concerns Remain
To be fair to the anxious commenters: their instinct that new technology deserves scrutiny is not wrong. Legitimate questions do exist around data governance — specifically, whether India has enacted a sufficiently robust statutory framework, under the Digital Personal Data Protection Act 2023, to govern how biometric passport data is stored, accessed, and protected by issuing authorities. These are questions worth asking of Parliament and the Ministry of External Affairs. They are, however, entirely different questions from whether your passport is tracking you through the vegetable market.
VII. Conclusion, and your task
Social media has a peculiar genius for transforming the mundane into the menacing. A small rectangle embossed on a booklet cover is, in truth, a symbol of India’s belated integration into a global system designed to make international travel more secure and identity fraud harder. The questions it deserves are policy questions — about data protection law, about institutional accountability, about the pace of legislative reform. What it does not deserve is the avalanche of technological mythology that greeted its appearance online.
But let us end with a dose of perspective. If you are genuinely concerned about being tracked, do not scrutinise your passport. The passive chip on that booklet, readable only at four centimetres by an authorised scanner, is arguably the least intrusive piece of technology you carry. The device in your pocket — your smartphone — is, at this very moment, logging your precise location, mapping your daily movements, recording your app behaviour, monitoring your social interactions, and constructing a remarkably detailed portrait of your relationships and networks. It does so continuously, often with your cheerful consent buried in a terms-and-conditions document nobody reads. The passport chip is a postage stamp. Your smartphone is a surveillance instrument you paid for and carry voluntarily.
Curiosity is the beginning of understanding. Disinformation is its counterfeit. The real privacy audit you owe yourself is not of your passport — it is of the privacy settings across every device and application you use. Start there.