In a big blow to the Unique Identification Authority of India (UIDAI), Supreme Court today ruled that Aadhaar cannot be mandatory for any government service. It also announced that the organisation cannot share Aadhaar details of any individual with government agencies without getting consent from the person for the same.
The petitioners told the three-judge bench headed by Justice BS Chauhan that the project violates right to privacy and that it was not backed by any statute, thus compromising national security. They also argued that “biometrics” is an unreliable and untested technology and public funds were being channeled to private enterprises without sufficient validation.
The Indian government has not yet succeeded in passing the National Identification Authority of India bill, that would have legalised Aadhaar and its use for direct cash benefits. It had earlier approved Rs 3,436.16 crore for Phase IV of the UID (Aadhaar card) scheme in May 2013. This fund includes Rs 1,600 crore to cover the cost of enrolling an additional 40 crore residents, Rs 490 crore updation services, Rs 1,049 crore for printing and dispatch of Aadhaar letters and Rs 247.16 crore towards additional cost for construction of buildings for headquarters, data centers and non-data centers of UIDAI.
The court had passed an interim order last year stating that Aadhaar cards should not be mandatory for social services, after a PIL was raised by Karnataka High Court judge KS Puttaswamy. He claimed that various state governments had linked social benefits to Aadhaar and that this had resulted in many people losing these benefits. Besides this, the PIL also claimed that the UID was violating Article 21 – “Protection of life and personal liberty: No person shall be deprived of his life or personal liberty except according to procedure established by law.” To get an Aadhaar card, one has to submit biometric details such as finger printing and iris scan.
The Centre, UIDAI and three oil PSUs – IOCL, BPCL and HPCL had then filed affidavits with the apex court seeking modification of its order. That being the case, Nandan Nilekani the former head of UIDAI project seems pretty pleased with the decision.
Happy to learn that the Hon’ble Supreme Court has upheld the principle of data privacy that the UIDAI has emphasised for #Aadhaar all along!
— Nandan Nilekani (@NandanNilekani) March 24, 2014
Chances of errors: UDIAI had announced earlier this month that it had issued 60 crore Aadhaar numbers. Though the number of sign-ups is pretty impressive, it is not clear how many of those have errors. UIDAI itself rejected Aadhaar numbers of 30 lakh people in Orissa a few days back because of errors and there have been several claims of Aadhaar cards with incorrect photos. One of the key points of Aadhaar is that it would be impossible for one person to get more than one Aadhaar card, but that myth too has been busted. These are just the cases that have been reported so far and there is no clear number that has been verified by a third-party on the number of errors that have cropped up in the project.
How this will affect CMS, India’s PRISM: There was the possibility of the government using Aadhaar data in its Centralised Monitoring Agency (CMS) as part of its surveillance efforts. Now that the Supreme Court has told UIDAI not to share the data with any government agency without explicit permission from the person, it’s not clear how the government will go about it.
That said, it is worth remembering that UIDAI had approached the apex court after the Goa high court ordered it to share biometric details of everyone who is enrolled in Goa with the Central Bureau of Investigation (CBI).
What abut financial sector?
UIDAI has been trying to highlight the advantages of Aadhaar in financial services, with Nandan Nilekani saying in October last year that the authority will introduce P2P payments using Aadhaar in two months. However, it has been a no show till now, may be because not enough people have linked bank accounts with Aadhaar to make it work as planned.
Reserve Bank of India has been trying to enforce the inclusion of biometric sensors in all new credit card swiping machines to enable use of Aadhaar-based biometric authentication while making card-based payments. This move has been questioned by MP Rajeev Chandrasekhar and by banks who felt it was being rushed and implemented without understanding the implication it has on banks.
With the new ruling it’s not clear what happens to this RBI circular. Why would banks invest so much money in setting up costly infrastructure for a service that not many people may use? Biometric based transaction will be most helpful in rural areas, where education levels are lower, but are banks really willing to invest so much money on building the infrastructure there?
Schemes where state government made Aadhaar card mandatory
– Brihanmumbai Municipal Corporation (BMC) employees had not received their salary for the month of December 2012 due to lack of UID card. The salary was stopped as per instructions from municipal commissioner Sitaram Kunte and additional municipal commissioner Manisha Mhaiskar. BMC had asked their staffers to get the aadhaar card back in 2011. However, BMC has now given them an extension of two months to get the UID card and have paid their salary for the month of December 2012.
– The revenue department experimented with mandating UID number or an enrollment slip for availing any of the 20 services offered by the revenue department.
– The Bombay High Court had suggested to the state government to consider linking ration cards with Aadhaar cards to tackle the menace of bogus and duplicate ration cards.
– The Ministry of External Affairs had advised all Passport Issuing Authorities to accept Aadhaar letter as Proof of Address and Photo identity. The ministry hopes this will makes passport documentation less cumbersome.
– Maharashtra government had planned to launch the Aadhaar-linked liquefied petroleum gas (LPG) subsidy project in Mumbai.
– Reserve Bank of India advised all banks to include biometric sensor in all new credit card swiping machines, to enable use of Aadhaar-based biometric authentication.
The Aadhaar scheme was launched in the hope of eliminating those who are undeserving of the subsidies. Various state governments had launched couple of schemes such as Direct cash transfer. However, Aadhaar card poses a privacy risk as it collects biometric data. If this data is compromised somehow, which by the way is not that difficult these days, there’s no way citizens could do anything to change it. Biometric data is not like a password, where you can change it if it’s compromised.
Also read: Who Owns The UID Database?