In October 2015, a 3-judge bench of the Supreme Court of India referred challenges to the Aadhaar program to a constitution bench. One of the primary concerns of this petition was to decide on the existence of a fundamental right to privacy, which has since been upheld. Other similar petitions, concerned with the legitimacy of Aadhaar had been tagged with this petition. While the existence of the fundamental right to privacy has been upheld, challenges against the Aadhaar programme and linking services to this programme were yet to be adjudicated upon.
The final hearing commenced on January 17, 2017. Summaries of the arguments advanced on the first four days can be found here.
The matter is being heard in front of a constitutional bench, comprising of Chief Justice Dipak Misra, Justice Sikri, Justice Khanwilkar, Justice Chandrachud and Justice Ashok Bhushan.
Senior Counsel Shyam Divan started off the day’s hearing by referring to the Shanti Devi case and other instances of exclusion caused by the Aadhaar programme. He stated that apart from exclusion, these were also relevant from the perspective of dignity and Article 21.
Justice Chandrachud referred back to fingerprints being an unsustainable form of biometric identification, stating that citizens suffering from leprosy, for instance, would not be able to avail of benefits.
Mr. Divan stated that similarly, there were several other people for whom biometric identification would not be suitable. He also stated that it was an aspect of bodily integrity.
In addition, he stated that exclusion, death and dignity were also relevant aspects.
Referring to the biometric system, he stated that beyond a certain point cannot detect duplication. He stated that its best use would be for identification purposes.
Justice Chandrachud stated that notwithstanding the Aadhaar programme, misuse cannot not be stopped even with the PDS system.
Mr. Divan stated that a person’s body for whatever reason could not be used as a marker against them and that Section 7 of the Aadhaar Act contained a coercive element.
Referring to an affidavit, he read out reports of citizens who had been adversely affected by the programme or were not familiar with what it entailed.
One such citizen did not know of the Aadhaar matter being sub-judice at the time of enrolment, and stated that he would not have enrolled otherwise. He stated that he wanted all his data to be deleted from the UIDAI system.
Mr. Divan further stated that requesting entities were retaining biometrics. Referring to another affidavit he stated that it was effortless to pick up biometrics from the system. He further stated that leakages could happen at any time without the UIDAI gaining knowledge of the same. In addition, he stated that private entities were not contractually obligated and had no fiduciary relationship with the UIDAI either.
Justice Chandrachud enquired if, for the purpose of authentication, the instrument in use had to be state machinery. He also questioned if there was any assurance when giving over biometric information to a private entity, that it would not be stored.
Mr. Divan agreed, stating that there should be implicit assurance that biometric information will not be stored.
He then went on to discuss the various methods in which biometric data could be hacked.
He then discussed fingerprints as a form of biometric identification and referred to instances of artificial fingerprints of operators being used.
He stated that fingerprints were easy to clone, and that it has reportedly been done before. In addition, authentication is done on a probabilistic system, which makes the system more problematic. For instance, cloned fingerprints could be used to uphold a bogus Aadhaar card. There have been reports of false fingerprint moulds being used to clone fingerprints of genuine operators. There were certain patches that could be used to bypass iris scan requirements too.
Moving on, he referred to instances where biometric information was rejected because of duplication. He referred to the figure of 6.23 crores, stating that it was highly unlikely that these citizens were trying to defraud the government. He also stated that as the database increases, there is a higher chance of duplication. This is not uncommon for a probabilistic system. He also stated that this was indicative of exclusion.
Moving on, he referred to school children being affected because of faulty biometric attendance systems. He stated that Aadhaar was not registering several students and that there was no statutory sanction for it.
Mr. Divan went on to discuss Salmond on bodily integrity. He stated that this went to the core of Article 21 and the relationship between citizens and the state.
He then went on to read out the pleadings.
He stated that the state could not compel an individual to pass his or her biometrics. He stated that it should be mandatory to get free and informed consent before collecting biometric information. He also stated that the above instances impinged on Article 21.
He then referred to the issue regarding personal autonomy of the body, questioning if one had to seek control of biometrics presented before the UIDAI at every juncture. He stated that in a digital world personal autonomy should also extend to biometric information.
He stated that the Aadhar programme essentially criminalizes the citizenry at large.
He concluded his arguments by discussing surveillance and the dominion of the state, referring to the domination the Indian state would have if the Aadhaar programme was allowed to roll out unimpeded.
Senior Counsel Kapil Sibal commenced his arguments.
He started off by referring to the matter as one with far reaching implications, stating that if this Act was to be upheld, every child would be born with an Aadhaar number. He also stated that there were several implications on the polity of this number.
He also stated that information was a powerful tool and that there was no tool more powerful than information.
He also stated that Aadhaar was tantamount to a Right to Information Act for the state, by which individuals were being made transparent and accountable, rather than the state.
He questioned how a choice of this nature could be imposed on someone, stating that members of Scheduled Tribes or Scheduled Castes for instance, could be severely disadvantaged if a point of service was not functional.
Further, he stated that the Aadhaar programme was procedurally unreasonable and lacked safeguards.
He moved on to discuss entitlements, and their relation to a status of an individual. Referring to a widower’s pension, he stated that an entitlement should only be related to the status of an individual and not their identity. He stated that identity was just a mode of proof and had nothing to do with one’s status. He questioned if there could be a condition imposed on a citizen to deny them an entitlement on the ground that they don’t have an Aadhaar card.
Further, he stated that any conditional approach with affiliation was not ideal.
He also mentioned that biometrics was a western concept, and is suitable for countries with fewer religious identities.
He moved on to discuss the issue of savings, stating that there were far more pressing issues to consider. He further stated that:
1) The digital world is far more susceptible to manipulation than the physical world.
2) No legislation can or should allow an individual’s personal data to be put at risk in the absence of a technology assured and safe environment.
3) Such endeavours of assurance would be impossible to obtain in the digital space.
4) Core biometric and demographic info of an individual once part of the digital world is irretrievable.
5) The digital world is a vehicle to benefit the information economy
6) The move from an information economy to creating an architecture or an information polity has far reaching consequences.
Mr. Sibal then read out sections of the Aadhaar Act, referring to the relevant provisions.
He also referred to Section 7 and 8 of the Act, stating that the difference between the two was that biometric information was not taken in every instance under Section 8.
He stated the Aadhaar programme would enable the creation of a monolith, which would lead to a system of no choices or preferences.
Mr. Sibal then went on to discuss the infrastructure of the Central Identities Data Repository (CDIR), stating that it was controlled by a foreign entity. He stated that the software was created by a foreign entity as well.
The discussion then moved on to requesting entities, Justice Chandrachud posed a question to Mr. Sibal, asking him who he considers to be requesting entities. Mr. Sibal read out the relevant provisions from the Authentication Regulations.
Mr. Sibal and the Bench then discussed Section 8(3)(c) of the Aadhaar Act and whether the ‘alternatives to submission of identity information’ affected the mandatory nature of Aadhar. Section 3(c) was also discussed in this context.
Moving on, Mr. Sibal focussed on the intended use of the Aadhaar programme, questioning how an Aadhaar number could determine if someone was a terrorist or a money launderer. He also discussed metadata, while comparing it to data.
Mr. Sibal also questioned why Aadhaar was passed as a money bill.
Justice Chandrachud mentioned that money bills may pertain to the consolidated fund of India, which could explain its nexus with Aadhaar. Mr. Chidambaram stated that this would be taken up later.
Mr. Sibal then went on to discuss the ill-effects that the programme could have, and the power that one would have to give up to the state.
Justice Chandrachud stated that a possibility of misuse of power could be no ground for unconstitutionality.
Mr. Sibal responded, stating that it wasn’t a question and that misuse was a certainty in the field of information technology.