Although the Supreme Court has upheld the Aadhaar programme and many provisions of the Aadhaar Act, the reading of the judgment delivered by Justice AK Sikri would show that all is not well with the Aadhaar.
The court, in order to address the apprehensions expressed in the petitions challenging the Aadhaar Act, has issued the following directives to UIDAI and Central Government:
The petitioners had contended before the court that the Act enables data collection indiscriminately regarding all aspects of a person (biometrics, demographic details, authentication records, meta-data related to transaction) even though such data has no nexus to the purported object of subsidies, thus violating the principle of data minimization. They had also expressed apprehensions about Regulation 26 of the Authentication Regulations requires the UIDAI to store “authentication transaction data” consisting of: (a) authentication request data received including PID block; (b) authentication response data sent; (c) metadata related to the transaction; and (d) any authentication server side configurations as necessary. The authentication record affords access to information that can be used and analyzed to systematically track or profile an individual and her activities, it was argued by the petitioners.