wordpress blog stats
Connect with us

Hi, what are you looking for?

Aadhaar PIL in Delhi HC: Shamnad Basheer calls for committee to ascertain extent of Aadhaar data breaches

In response to the UIDAI’s claim that Aadhaar data has never been breached, academician and lawyer Shamnad Basheer suggested the constitution of a neutral, court-ordered committee to independently ascertain the extent of Aadhaar data breaches, reports Bar & Bench. Basheer suggested this as part of a rejoinder he filed in the Delhi High Court, seeking damages for Aadhaar leaks.

In its counter-affidavit filed in February, UIDAI had sought dismissal of the PIL on grounds that the Supreme Court had already ruled on the constitutional validity of the Aadhaar Act, that the UIDAI database had never been breached, and that the petition was based on unsubstantiated facts.

Basheer’s rejoinder to the court argues that:

  • The statements made by UIDAI in its counter-affidavit were false, misleading, and vague.
  • His petition was not based on ‘unsubstantiated news reports and surmises’. He arguing that it relied on credible sources, including a report published by a reputed think tank and MeitY’s reply to the Rajya Sabha. Newspaper reports were cited in allegations of data breaches. “Indeed in many of the instances of reported breaches, the Respondent through press releases, registration of FIRs and initiation of other proceedings has validated the occurrence of these events.”
  • Any suggestion by UIDAI that the petition challenged the Constitutional validity of the Aadhaar act, linking of Aadhaar with PAN, bank account etc, was false and misleading.
  • UIDAI’s claims that Aadhaar has a strong security infrastructure have been refuted by instances of breaches in the public domain.
  • UIDAI’s claim of having a fraud analytics system is uncorroborated and not based on any material record. Even if the claim was taken to be true, it’s clear that the system is only capable of detecting and analysing cases of biometric replay by AUAs. The system is incapable of detecting other forms of data breach and to that extent remains vulnerable to misuse and abuse.

UIDAI in April had also demanded dismissal of the petition on grounds that the Supreme Court had already passed judgment on the Aadhaar matter. Basheer pointed out that the SC had specifically stated that it was not dealing with the issues raised in his petition. In the KS Puttaswamy judgment, the SC had noted that, “Section 43A of the IT Act attaches liability to a body corporate, which is possessing, handling and dealing with any 68A challenge to the Aadhaar project for violation of IT Act and Rules has been filed in the Delhi High Court in the matter of Shamnad Basheer v UIDAI and Ors. Therefore, we are not dealing with this aspect, nor does it arise for consideration in these proceedings.”


In his PIL, Basheer elaborated that he had signed up for an Aadhaar Card in 2015, believing the project to be safe, secure, and consent-based. He later also linked his bank account with Aadhaar for fear of his account being suspended.

  • However, his petition noted that he learnt via news reports that the security of the Aadhaar database had been compromised multiple times.
  • “The Petitioner fears that his valuable data (as also that of countless other Aadhaaris) is in the illegal possession of unauthorised third parties, who can, at any time, misuse it for their own personal gain. This fear is not just a theoretical one, but one which has played out in the past.”
  • The PIL claimed that the security breaches were due to the “negligence/wilful recklessness” of the UIDAI in the absence of adequate security measures, and caused breaches and/or compromise of the data of Aadhaar holders.
  • It asserted that such conduct violates that Aadhaar Act and the IT Act, 2000 and Rules – violating Basheer’s right to privacy under the Constitution.
  • The petition argued that UIDAI and the Centre were liable to compensate Aadhaar holders for security breaches under Section 43A of the IT Act, since their negligence in handling personal information and data had caused “wrongful loss or wrongful gain to individuals.”

Basheer’s petition also demanded:

  • Information on the number of data breaches involving Aadhaar, seeking details of the scope and specific ways in which data was compromised.
  • An independent investigative/audit committee to investigate all Aadhaar breaches, and addressing the adequacy of the existing security architecture.

Advertisement. Scroll to continue reading.
Written By

I cover health, policy issues such as intermediary liability, data governance, internet shutdowns, and more. Hit me up for tips.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



While the market reality of popular crypto-assets like Bitcoin may undergo little change, the same can't be said for stablecoins.


Bringing transactions related to crypto-assets within the tax net could make matters less fuzzy.


Loopholes in FEMA and the decentralised nature of crypto-assets point to a need for effective regulations.


The need of the hour is for lawmakers to understand the systems that are amplifying harmful content.


For drone delivery to become a reality, a permissive regulatory regime is a prerequisite.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ