Aadhaar-[Day-4 Session-1] Citizens Have The Right To Be Protected Against Excessive Monitoring Unless They Stand In Violation Of Law: Shyam Divan [Read Written Submission]

The hearing commenced on Wednesday with Senior Counsel Shyam Divan discussing the provision of section 59 of the Aadhaar (Targeted Deliveries of Financial and Other Subsidies, Benefits and Services) Act of 2016-

 “As per the text of the section, only the actions of the Central government, being in pursuance of the notification dated January 28, 2009 establishing the UIDAI, are retrospectively validated after the coming into force of the Act”.

“Such a validation does not extend to the acts of private entities like the enrolment agencies”, continued Mr. Divan.

“Even prior to the enactment of the law, the enrolment agencies were appointed by the UIDAI”, interjected Justice A. K. Sikri, to which Mr. Divan replied, “Under the pre-Act regime, there was no privity of contract between these private entities and the UIDAI”.

“But the UIDAI has been established by the Central government. So all actions flow therefrom”, said Justice Sikri.

  “The notification only covers the actions of the government in entering into Memoranda of Understanding (MoU) but not the Registrars”.

“But the actions of the Registrars too have their origin in the MoU”, intervened Justice D. Y. Chandrachud.

“The Registrars may be party to the MoU but any action of theirs cannot be said to one of the Central government. And enrolment agencies are not even covered under the MoU. Accordingly, the enrolments made prior to the enforcement of the Act cannot be validated under its section 59”, responded Mr. Divan.

“Besides, a violation of Fundamental Rights, particularly one which is already completed, cannot be accorded retrospective validation”, continued Mr. Divan.

“Was Aadhaar being sought by private entities before the coming into force of the statute? Because you say that would not be validated under section 59”, inquired Justice Chandrachud.

 “We will need to procure definite factual data in that behalf”, responded Mr. Divan.

“The Justice K. S. Puttaswamy judgment lays down that any encroachment on the right to privacy must be backed by a valid law. Section 59 attempting to accomplish that in respect of the pre-Act breaches is in the nature of legal fiction. We will have to deliberate on how to deal with those actions”, observed Justice Chandrachud.

“The aspect of informed consent is significant. All breaches preceding the Act cannot be subsequently validated on the premise that such consent was always present. Even if the constitutionality of the Act is upheld, section 59 must be given the narrowest interpretation”, remarked Mr. Divan.

Thereupon, the Senior Counsel proceeded to summarise the grounds of challenge to the Act of 2016 under various heads-

 “First is the concern about how the Aadhaar programme enables state surveillance.

 Secondly, the infringement of one’s privacy, which was carried on without any statutory backing from 2010 to 2016. And even after the enactment of the law, one is being compelled to disclose their every move to the State by way of digital footprints and the silos of information allowing for extensive profiling.

 Thirdly, the concept of limited governance which also finds place in the Constitution. By being empowered to deactivate or not issue Aadhaar numbers, the State has been given the switch to cause the civil death of any individual. Instead of bringing about transparency in the government, the citizen is being compelled to become transparent to the State. 

 The fourth concern is regarding the introduction of the Aadhaar Act as a money bill, which Mr. Arvind Datar and Mr. Kapil Sibal shall elaborate.

 Fifth, is the means and manner of collecting, storing and securing sensitive data, which is completely compromised, and hence, falls foul of Articles 14 and 21. The enrolment agencies have no direct relationship with the UIDAI; there is no mode of opting out if once enrolled; and even the consent of the individual applying for enrolment, in respect of their biometric and demographic information, cannot be said to be completely informed”.

“Moreover, there is no provision for credible verification of this data. Besides, the Biometrics being a probabilistic proof of ID, are acting as an instrument of exclusion from social security schemes. If your Biometrics do not match, then a living flesh-and-blood person is no better than a ghost”, continued Mr. Divan.

“In a democracy, a citizen cannot be forced to adopt such a highly invasive form of identification. By way of the ‘Authentication Record’, both the time of authentication as well as the identity of the ‘requesting entity’ is knowable. These records are stored for several years. Besides, the concept of the Central Identities Data Repository (CIDR), being a centralised database for all information, in itself reflects authoritarianism”, remarked Mr. Divan.

This was followed by a dialogue on the CIDR-

Justice Chandrachud- “Who maintains the CIDR?”

Mr. Divan- “On account of national security concerns, the particulars about the CIDR are not available in the public domain”

Justice Chandrachud- “Does the UIDAI have the source code?”

Mr. Divan- “No, it is proprietary in nature”

Continuing, the Senior Counsel reinforces his argument as to how enrolment agencies, being private players, cannot be trusted to secure “informed consent”.

With regard to the term ‘resident’ as defined in section 2(v), Mr. Divan argued, “The Aadhaar enrolment form merely requires self-certification. The individual needs to certify himself that he has been residing in India for a period of 182 days. There is no proper verification. It is an arbitrary definition”.

Discussing the provisions of section 3 dealing with the Aadhaar number, Mr. Divan advanced, “Please note the phrase ‘shall be entitled to obtain’ in sub section (1). This implies that to procure the Aadhaar number is a right of the residents and not an obligation. So section 7 is unconstitutional in so far it deprives one of their legal rights on account of Aadhaar”.

“An ordinary citizen has the right to be protected against excessive monitoring unless they stand in violation of the law”, commented the Senior Counsel.

Thereafter, the discussion veered to the circumstances for cancellation of an Aadhaar number. “The Authority is empowered to cancel one’s Aadhaar if it appears fraudulent. The Authority can simply switch off a person”, remarked Mr. Divan.

“Why must an Aadhaar number not be cancelled if it has been procured fraudulently?”, asked Justice A. K. Sikri

“The concern is regarding the conferment of such a power”, replied Mr. Divan

“The concern must arise only on account of the abuse of such a power”, observed Justice Sikri

“Besides, there is also a provision for rectification in case of incorrect cancellations”, added Justice A. M. Khanwilkar

Finally, Mr. Divan discussed the provisions of other legislations mandating the sharing of biometric data and the respective safeguards-

Section 15, Census Act of 1948; restricting the records of Census from being open to inspection or admissible in evidence

Section 7, Identification of Prisoners Act of 1920; providing for the destruction of the photographs and records of measurements upon acquittal

Section 32A, Registration Act of 1908; mandating affixation of photographs and fingerprints to any document presented for registration- “This is an example of legitimate purpose and proportionality”, commented Mr. Divan

Section 6, Bombay Habitual Offenders Act of 1959; empowering the District Magistrate to obtain impressions of fingers, palm, foot and photographs of registered offenders- “In this Act too there is a provision for cancellation of the registration thereunder after five years”, said the Senior Counsel.