In a significant development in the matter of Unique Identification (UID)/Aadhaar numbers, the Punjab & Haryana High Court has passed an order saying, “Linking Aadhaar Number to direct recruitment should not prima facie be a mandatory condition as it by result in violation of equal opportunity clause in Article 16(1) of the Constitution of India and deny easy access to applying online for jobs”. It observed that if “some other method” is devised, citizens “will be confronted with denial of employment opportunity, which is a very serious and sacrosanct right in a country where employment opportunities are fought on war footing”. The order was passed in Pradeep Kumar v Maharishi Dayanand University, Rohtak, on 28 February, 2018, by Justice Rajiv Narain Raina and the matter is likely to be heard on 28 March, 2018. Notably, National Human Rights Commission (NHRC) in its submission to the Parliamentary Standing Committee on Finance on National Identification Authority of India Bill, 2010 (Aadhaar Bill, 2010) had apprehended exclusion because of Aadhaar. The petitioner is represented by advocate Ravinder Singh Dhull.
It is germane to recollect that Supreme Court’s constitution bench comprising Chief Justice of India Dipak Misra and Justice AK Sikri, Justice AM Khanwilkar, Justice DY Chandrachud and Justice Ashok Bhushan had passed an order on December 15, 2017, saying the Aadhaar “matter stands governed by the judgment of this Court in Binoy Viswam v Union of India”. This is the last order of the Supreme Court which is the law of the land as of now. This bench has been hearing the UID/Aadhaar case since 17 January 2018. So far there has been hearing on 13 days wherein so far three of the petitioner’s lawyers have made their submissions. The next hearing is on 6 March, 2018.
In Binoy Viswam case, the Supreme Court observed that Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 does not make UID/Aadhaar mandatory in its order dated 9 June 2017.
UID/Aadhaar number is not mandatory for anything in India as per para 90-91 of this 9th June order at page numbers 105-106. This was reiterated on 27 June 2017 by the Supreme Court. All forms/circulars/letters/notifications/office memorandum/notices are subservient to the court's order. The paragraph 90-91 of court’s order of 9 June 2017, in the Binoy Viswam v Union of India reads: “it is clear that there is no provision in Aadhaar Act which makes enrolment compulsory… Fact remains that as per the Government and UIDAI itself, the requirement of obtaining Aadhaar number is voluntary. It has been so claimed by UIDAI on its website and clarification to this effect has also been issued by UIDAI… Thus, enrolment under Aadhaar is voluntary”. This order was passed in Writ Petition (C) No. 247 of 2017.
It is significant to note that a Punjab and Haryana High Court bench headed by then Chief Justice AK Sikri (currently member of the 5-judge constitution bench of the Supreme Court hearing the UID/Aadhaar case) had heard a matter challenging a circular making Aadhaar mandatory for vehicle registration. The moment the High Court raised questions of law, the circular making Aadhaar mandatory was withdrawn by the Union Government.
Chief Justice Sikri-headed High Court Bench had passed an order on 2 March 2013 after hearing a matter challenging a circular making UID number mandatory. These decisions underline that UIDAI’s UID/Aadhaar-related schemes are constitutionally assailable and indefensible.
It must be recalled that a division bench of the Andhra Pradesh High Court comprising Chief Justice Kalyan Jyothi Sengupta and PV Sanjay Kumar passed an order on 21 November 2013 that Aadhaar cannot be made mandatory. Several high courts, including Jammu & Kashmir High Court, have drawn on the Supreme Court’s order to ensure that citizens’ rights and entitlements are not made subservient to biometric identification based UID/Aadhaar system.
Given this unequivocal judicial position, UID/Aadhaar cannot be made compulsory.
In view of these orders, the Central Government is under legal compulsion to advise its agencies, state governments and banks to revise their orders making UID/Aadhaar mandatory. The making of Central Identities Data Repository (CIDR) of UID/Aadhaar is contrary to the principle of decentralisation in cybersecurity.
Notably, Aadhaar Act 2016 lists breaking into CIDR as an offence but this law criminalises a technological impossibility. In a bizarre act, it provides that only UIDAI can file a complaint when the data of a resident of India is misused or abused instead of the victim of abuse. As per Section 47, “Courts will take cognizance of offences under this Act only upon complaint being made by the UIDAI or any officer authorized by it.” This deprives the victim of a right to file complaint although Section 34 of the Act provides that “impersonating or attempting to impersonate another person by providing false demographic or biometric information will punishable by imprisonment of up to three years, and/or fine of up to ten thousand rupees”.
Victims cannot file complaint even when someone changes or attempts to change any demographic or biometric information of an Aadhaar number holder by impersonating another person (or attempting to do so), with the intent of i) causing harm or mischief to an Aadhaar number holder, or ii) appropriating the identity of an Aadhaar number holder although it is punishable under Section 35.
Victims of abuse cannot file complaint in cases wherein collection of identity information is done by one not authorized by this Act, by way of pretending otherwise despite the fact that the Act makes it punishable under Section 36. Unless authorized by UIDAI or any officer authorised by it, victims cannot file complaint even when there is “intentional disclosure or dissemination of identity information, to any person not authorized under this Act, or in violation of any agreement entered into under this Act” under Section 37 although it is punishable. Unless authorized by the UIDAI, the intentional acts like accessing or securing access to the CIDR; downloading, copying or extracting any data from the CIDR; introducing or causing any virus or other contaminant into the CIDR; damaging or causing damage to the data in the CIDR; disrupting or causing disruption to access to CIDR; causing denial of access to an authorized to the CIDR; revealing information in breach of (D) in Section 28, or Section 29; destruction, deletion or alteration of any files in the CIDR; stealing, destruction, concealment or alteration of any source code used by the UIDAI, will be punishable under Section 38. Even in such cases victims cannot file complaint without authorization by UIDAI. Section 39 reads, “Tampering of data in the CIDR or removable storage medium, with the intention to modify or discover information relating to Aadhaar number holder will be punishable”. Thus, it admits that such acts are possible and imminent but the Act does not empower the victims of such tampering or removal instead it empowers UIDAI.
While Section 40 makes “Use of identity information in violation of Section 8 (3) by a requesting entity will be punishable with imprisonment up to three years and/or a fine up to ten thousand rupees (in case of an individual), and fine up to one lakh rupees (in case of a company)”, it is incomprehensible as to how a company or an individual feel deterred by such meager punishment when they can harvest big database of personal sensitive information which is admittedly a “national asset” and “rich asset”.
Section 43 visualizes a situation wherein offences can be committed by a Company but they can be excused “if they can prove lack of knowledge of the offense or that they had exercised all due diligence to prevent it.” It also underlines the possibility of an offence committed by a company with the consent, connivance or neglect of a director, manager, secretary or other officer of a company but they too can be excused if they can prove their ignorance, inability and inevitability. In a stark admission of the involvement of foreign locations and persons, Section 44 states that the Act “will also apply to offences committed outside of India by any person, irrespective of their nationality, if the offence involves any data in the CIDR.”
These questionable provisions of the Aadhaar Act make it a Black Act. In the meanwhile, the Secretary Government of India, Ministry of Communication and Information Technology, wrote a letter to the Secretary Department of Defence Production asking him to introduce Aadhaar-Enabled Biometric Attendance System in the department of defence production. The system would enable an employee with an Aadhaar number to register his/her attendance (arrival/ departure) in the office through biometric authentication. It also says that a web-based application software system will enable online recording of attendance and that the dashboard relating to real-time attendance and related statistics, can be viewed by everyone. There is a logical compulsion for withdrawing the letter and all consequential letters by which UID/Aadhaar is made applicable to defence application i.e. Department of Defence Production in the interest of supreme national security.
It is possible that such civilian and non-civilian applications are being bulldozed by some commercial entities in order to store and read biometric and DNA script of Indian population in the aftermath of the sequencing of Human Genome for epigenetics, medicine, big data, social control, inheritance, eugenics and genetic determinism.
In such a backdrop, all eyes are on the 5-judge constitution bench which is hearing some 30 petitions, including those filed by a former judge, a former defence scientist and a former Major General from engineering branch. Besides them, Prakash Katoch, former Lieutenant General from Special Forces, has expressed his concerns citing KC Verma, former Director R&AW, who said “Aadhaar is being abused by banks, telcos, and transport not to police entitlements, but as a proxy for identity-an improper gate to service. Such demands must be criminalized.” In face of unprecedented propaganda, Lieutenant General Katoch recollected what Paul Joseph Goebbels, Hitler’s Propaganda Minister had said. Goebbels said, “If you tell a lie big enough and keep repeating it, people will eventually come to believe it. The lie can be maintained only for such time as the state can shield the people from the political, economic and/or military consequences of the lie. It thus becomes vitally important for the state to use all its powers to repress dissent”. Indeed the misinformation campaign by proponents of UID/Aadhaar is drawing lessons from Goebbels.
It is noteworthy that the Parliamentary Standing Committee on Finance in its report placed before Parliament on 13 December 2011 observed that UID/Aadhaar project has been conceptualized “with no clarity of purpose” and “directionless” in its implementation, leading to “a lot of confusion”. It is noteworthy that 3.57 crore signatures against Aadhaar/UID were submitted to the Prime Minister on 14 March 2012.
It may be recalled that at a brainstorming-cum-workshop on “Understanding Aadhaar and its New Challenges” held at the Centre for Studies in Science Policy, Jawaharlal Nehru University (JNU) in May 2016, scholars critically examined the robustness of the official discourse and the current status of the project, the technology, the law, the constitutional position and the safeguards. It explored the implications of the exploitation of biometrics (facial recognition, fingerprints and iris) for identification of individuals and authentication of their identities and underlined how UID/Aadhaar presents new scientific, technological as well as social and political challenges. It might be useful for the Supreme Court to seek the proceedings of the workshop to ascertain the far-reaching implications of this project.
The author is a public policy and law researcher, convener of Citizens Forum for Civil Liberties (CFCL) and editor of www.toxicswatch.org