oppn parties Supreme Court Addresses Privacy Concerns Over Aadhar Data

News Snippets

  • S Jaishankar, Minister of External Affairs, says Pakistan should release and repatriate Kulbhushan Jadhav immediately
  • Karnataka Governor Vajubhai Vala asks the Speaker to hold the trust vote latest by 1.30 pm today
  • The Government sends a list of 24 questions to mobile app company that runs video app TikTok seeking answers for anti-national and obscene content carried on the platform
  • Sarvana Bhawan founder P Rajagopal, serving a life term for murder, dies in a Chennai hospital
  • SC allows time till July 31 to the Ayodhya mediation panel
  • IT department attaches "benami" plot worth Rs 400cr in Noida. The plot allegedly belongs to BSP leader [email protected]@@s brother and his wife
  • Dawood [email protected]@@s nephew, Md. Rizwan Iqbal, was arrested from Mumbai airport as he was waiting to board a flight to Dubai
  • Trouble brews in Bihar JD(U)-BJP alliance as Bihar police asks special branch officers to keep tabs on RSS activities
  • Trust vote in Karnataka assembly today. With rebel MLAs deciding to stay away after the SC order, the Congress-JD(S) government is likely to fall as it does not have the numbers
  • Amit Shah says the government will identify and deport illegal immigrants from all parts of the country
  • Reports from Pakistan confirm that Hafiz Saeed has been arrested and sent to jail
  • After the SC order, Karnataka Speaker says he will go by the Constitution in deciding on the resignations of the 16 MLAs
  • Rebel MLAs say they will not attend the trust vote on Thursday
  • Supreme Court rules that rebel MLAs cannot be forced to attend the assembly and vote in the floor test
  • Both the Centre and the Assam government have sought re-verification of up to 20% of draft NRC data
International Court of Justice agrees with India, stays Kulbhushan Jadhav's execution. It asks Pakistan to allow consular access to the accused.
oppn parties
Supreme Court Addresses Privacy Concerns Over Aadhar Data

By Sunil Garodia

About the Author

Sunil Garodia Editor-in-Chief of indiacommentary.com. Current Affairs analyst and political commentator. Writes for a number of publications.
Having upheld the constitutional validity of Aadhar Act, 2016 and collection of biometric data, the Supreme Court has struck the right balance in protecting the right to privacy of citizens and protecting them from data theft by striking down sections 33(2), 47 and 57 of the said act. In the process, the court has clearly demarcated the services for which providing Aadhar is mandatory and those for which it is not. The judgment would have been perfect if the court had ordered those service providers for whose service Aadhar is no longer mandatory to delete the data collected so far and had specified a mechanism and time frame for the same.

The main objection against Aadhar was based on the fact that since every Tom, Dick and Harry was asking for Aadhar number before providing any service, the common man was losing control over his private data. With cyber crimes on the rise and hackers in every lane of the country (not counting the international ones), chances of identity theft were real and the scenario was scary. The court has addressed these issues by deleting the provisions in the abovementioned sections.

Section 33(2) reads as follows:- (2) Nothing contained in sub-section (2) or sub-section (5) of section 28 and clause (b) of sub-section (1), sub-section (2) or sub-section (3) of section 29 shall apply in respect of any disclosure of information, including identity information or authentication made in the interest of national security in pursuance of a direction of an officer not below the rank of Joint Secretary to the Government of India specially authorised in this behalf by an order of the Central Government:
Provided that every direction issued under this sub-section, shall be reviewed by an Oversight Committee consisting of the Cabinet Secretary and the Secretaries to the Government of India in the Department of Legal Affairs and the Department of Electronics and Information Technology, before it takes effect:
Provided further that any direction issued under this sub-section shall be valid for a period of three months from the date of its issue, which may be extended for a further period of three months after the review by the Oversight Committee.

It is clear from the wording of this sub-section that the government had given itself arbitrary powers that could have been misused. Hence the court did the right thing by striking it off.

Section 47 reads as follows:- (1) No court shall take cognizance of any offence punishable under this Act, save on a complaint made by the Authority or any officer or person authorised by it. (2) No court inferior to that of a Chief Metropolitan Magistrate or a Chief Judicial Magistrate shall try any offence punishable under this Act. The wording of both these sub-sections makes it completely discriminatory and restrictive. It does not give an opportunity to the common man to get his grievances addressed by a court of law. Hence it had to go.

Lastly, Section 57 reads as follows:- Nothing contained in this Act shall prevent the use of Aadhaar number for establishing the identity of an individual for any purpose, whether by the State or any body corporate or person, pursuant to any law, for the time being in force, or any contract to this effect: Provided that the use of Aadhaar number under this section shall be subject to the procedure and obligations under section 8 and Chapter VI.

This was the section that provided a free licence to all companies providing services like mobile telephony, insurance, banking, financial services, housing and the like to ask for Aadhar number from customers and applicants. It was highly mischievous in the sense since the UIDAI was expressly prohibited from disclosing and biometric information to such requesting entities, there were many other documents like Voter ID card, Pan Card (already mandatorily linked with Aadhar) and Passport to establish the identity of the person. The insistence on asking for Aadhar number by these private or even government service providers was wrong. Since the person collecting the information was a counter clerk, the chances of the data being sold and put to criminal use were great. As subsequent reports on sale of Aadhar data proved, these fears were not unfounded. The court has done well to delete this section.

But where the court has probably erred is in not expressly telling these service providers to delete the data collected so far with intimation to the person whose data had been collected, providing a transparent and verifiable mechanism for the same and obviously a specific time frame within which it should have been done. Millions of Indians have provided their Aadhar numbers to hundreds of entities. Just ensuring that these entities can no longer ask for Aadhar number is not enough. To protect privacy, the collected data needs to be deleted from their servers in a prescribed manner and as early as possible.