SC Constitution Bench on Aadhaar – Final Hearing (Day VII)

In October 2015, a 3-judge bench of the Supreme Court of India referred challenges to the Aadhaar program to a constitution bench. One of the primary concerns of this petition was to decide on the existence of a fundamental right to privacy, which has since been upheld. Other similar petitions, concerned with the legitimacy of Aadhaar had been tagged with this petition. While the existence of the fundamental right to privacy has been upheld, challenges against the Aadhaar programme and linking services to this programme were yet to be adjudicated upon.

An interim order was passed in December of 2017, a summary of the arguments can be found here and here.

The final hearing commenced on January 17, 2017. Summaries of the arguments advanced on the first four days can be found here.

The matter is being heard in front of a constitutional bench, comprising of Chief Justice Dipak Misra, Justice Sikri, Justice Khanwilkar, Justice Chandrachud and Justice Ashok Bhushan.

Senior Counsel Shyam Divan started off the day’s hearing by referring to the Shanti Devi case and other instances of exclusion caused by the Aadhaar programme. He stated that apart from exclusion, these were also relevant from the perspective of dignity and Article 21.

Justice Chandrachud referred back to fingerprints being an unsustainable form of biometric identification, stating that citizens suffering from leprosy, for instance, would not be able to avail of benefits.

Mr. Divan stated that similarly, there were several other people for whom biometric identification would not be suitable. He also stated that it was an aspect of bodily integrity.

In addition, he stated that exclusion, death and dignity were also relevant aspects.

Referring to the biometric system, he stated that beyond a certain point cannot detect duplication. He stated that its best use would be for identification purposes.

Justice Chandrachud stated that notwithstanding the Aadhaar programme, misuse cannot not be stopped even with the PDS system.

Mr. Divan stated that a person’s body for whatever reason could not be used as a marker against them and that Section 7 of the Aadhaar Act contained a coercive element.

Referring to an affidavit, he read out reports of citizens who had been adversely affected by the programme or were not familiar with what it entailed.

One such citizen did not know of the Aadhaar matter being sub-judice at the time of enrolment, and stated that he would not have enrolled otherwise. He stated that he wanted all his data to be deleted from the UIDAI system.

Mr. Divan further stated that requesting entities were retaining biometrics. Referring to another affidavit he stated that it was effortless to pick up biometrics from the system. He further stated that leakages could happen at any time without the UIDAI gaining knowledge of the same. In addition, he stated that private entities were not contractually obligated and had no fiduciary relationship with the UIDAI either.

Justice Chandrachud enquired if, for the purpose of authentication, the instrument in use had to be state machinery. He also questioned if there was any assurance when giving over biometric information to a private entity, that it would not be stored.

Mr. Divan agreed, stating that there should be implicit assurance that biometric information will not be stored.

He then went on to discuss the various methods in which biometric data could be hacked.

He then discussed fingerprints as a form of biometric identification and referred to instances of artificial fingerprints of operators being used.

He stated that fingerprints were easy to clone, and that it has reportedly been done before. In addition, authentication is done on a probabilistic system, which makes the system more problematic. For instance, cloned fingerprints could be used to uphold a bogus Aadhaar card. There have been reports of false fingerprint moulds being used to clone fingerprints of genuine operators. There were certain patches that could be used to bypass iris scan requirements too.

Moving on, he referred to instances where biometric information was rejected because of duplication. He referred to the figure of 6.23 crores, stating that it was highly unlikely that these citizens were trying to defraud the government. He also stated that as the database increases, there is a higher chance of duplication. This is not uncommon for a probabilistic system. He also stated that this was indicative of exclusion.

Moving on, he referred to school children being affected because of faulty biometric attendance systems. He stated that Aadhaar was not registering several students and that there was no statutory sanction for it.

Mr. Divan went on to discuss Salmond on bodily integrity. He stated that this went to the core of Article 21 and the relationship between citizens and the state.

He then went on to read out the pleadings.

He stated that the state could not compel an individual to pass his or her biometrics. He stated that it should be mandatory to get free and informed consent before collecting biometric information. He also stated that the above instances impinged on Article 21.

He then referred to the issue regarding personal autonomy of the body, questioning if one had to seek control of biometrics presented before the UIDAI at every juncture. He stated that in a digital world personal autonomy should also extend to biometric information.

He stated that the Aadhar programme essentially criminalizes the citizenry at large.

He concluded his arguments by discussing surveillance and the dominion of the state, referring to the domination the Indian state would have if the Aadhaar programme was allowed to roll out unimpeded.

Senior Counsel Kapil Sibal commenced his arguments.

He started off by referring to the matter as one with far reaching implications, stating that if this Act was to be upheld, every child would be born with an Aadhaar number. He also stated that there were several implications on the polity of this number.

He also stated that information was a powerful tool and that there was no tool more powerful than information.

He also stated that Aadhaar was tantamount to a Right to Information Act for the state, by which individuals were being made transparent and accountable, rather than the state.

He questioned how a choice of this nature could be imposed on someone, stating that members of Scheduled Tribes or Scheduled Castes for instance, could be severely disadvantaged if a point of service was not functional.

Further, he stated that the Aadhaar programme was procedurally unreasonable and lacked safeguards.

He moved on to discuss entitlements, and their relation to a status of an individual. Referring to a widower’s pension, he stated that an entitlement should only be related to the status of an individual and not their identity. He stated that identity was just a mode of proof and had nothing to do with one’s status. He questioned if there could be a condition imposed on a citizen to deny them an entitlement on the ground that they don’t have an Aadhaar card.

Further, he stated that any conditional approach with affiliation was not ideal.

He also mentioned that biometrics was a western concept, and is suitable for countries with fewer religious identities.

He moved on to discuss the issue of savings, stating that there were far more pressing issues to consider. He further stated that:

1) The digital world is far more susceptible to manipulation than the physical world.

2) No legislation can or should allow an individual’s personal data to be put at risk in the absence of a technology assured and safe environment.

3) Such endeavours of assurance would be impossible to obtain in the digital space.

4) Core biometric and demographic info of an individual once part of the digital world is irretrievable.

5) The digital world is a vehicle to benefit the information economy

6) The move from an information economy to creating an architecture or an information polity has far reaching consequences.

Mr. Sibal then read out sections of the Aadhaar Act, referring to the relevant provisions.

He also referred to Section 7 and 8 of the Act, stating that the difference between the two was that biometric information was not taken in every instance under Section 8.

He stated the Aadhaar programme would enable the creation of a monolith, which would lead to a system of no choices or preferences.

Mr. Sibal then went on to discuss the infrastructure of the Central Identities Data Repository (CDIR), stating that it was controlled by a foreign entity. He stated that the software was created by a foreign entity as well.

The discussion then moved on to requesting entities, Justice Chandrachud posed a question to Mr. Sibal, asking him who he considers to be requesting entities. Mr. Sibal read out the relevant provisions from the Authentication Regulations.

Mr. Sibal and the Bench then discussed Section 8(3)(c) of the Aadhaar Act and whether the ‘alternatives to submission of identity information’ affected the mandatory nature of Aadhar. Section 3(c) was also discussed in this context.

Moving on, Mr. Sibal focussed on the intended use of the Aadhaar programme, questioning how an Aadhaar number could determine if someone was a terrorist or a money launderer. He also discussed metadata, while comparing it to data.

Mr. Sibal also questioned why Aadhaar was passed as a money bill.

Justice Chandrachud mentioned that money bills may pertain to the consolidated fund of India, which could explain its nexus with Aadhaar. Mr. Chidambaram stated that this would be taken up later.

Mr. Sibal then went on to discuss the ill-effects that the programme could have, and the power that one would have to give up to the state.

Justice Chandrachud stated that a possibility of misuse of power could be no ground for unconstitutionality.

Mr. Sibal responded, stating that it wasn’t a question and that misuse was a certainty in the field of information technology.



SC Constitution Bench on Aadhaar – Final Hearing (Day VI – Part I)

In October 2015, a 3-judge bench of the Supreme Court of India referred challenges to the Aadhaar program to a constitution bench. One of the primary concerns of this petition was to decide on the existence of a fundamental right to privacy, which has since been upheld. Other similar petitions, concerned with the legitimacy of Aadhaar had been tagged with this petition. While the existence of the fundamental right to privacy has been upheld, challenges against the Aadhaar programme and linking services to this programme were yet to be adjudicated upon.

An interim order was passed in December of 2017, a summary of the arguments can be found here and here.

The final hearing commenced on January 17, 2017. Summaries of the arguments advanced on the first four days can be found on the following links – I, II, III, IV and V.

The matter is being heard in front of a constitutional bench, comprising of Chief Justice Dipak Misra, Justice Sikri, Justice Khanwilkar, Justice Chandrachud and Justice Ashok Bhushan.

Mr. Divan continued discussing the example of the Kerala Dairy Farmers Welfare Fund, and clarified the issue of client IP’s and client IDs. A one-page note was submitted by Mr. Divan to clarify certain related concepts.

He revisited the discussion on tracking and the accuracy with which a citizen could be tracked by the UIDAI.

Justice Sikri stated that our phones could track our location regardless.

Mr. Divan responded, stating that there were certain apps that may have access to geographic location like maps or a weather app, however, it would not be the same as the state having such information.

Justice Chandrachud posed a hypothetical question, asking whether a PAN card could be used for authentication instead of Aadhaar. He stated that a citizen has several interfaces with the state which may include property tax, electricity bills, paying income tax online, receiving pension etc. He stated that all these services would create numerous interfaces with the state which could allow the tracking of their location.

He then went on to refer to the PAN card. He enquired if the situation would be any different if instead of Aadhaar, a PAN card was used for the same services. He also questioned if the issue was with centralisation of data, asking if that was what made it unconstitutional.

Further, he stated that in the absence of a problem with centralization, the only other relevant aspect was location tracking. He referred back to the point of citizens already being subject to location tracking and giving over their IP addresses and questioned why there would be a problem in the given instance.

Justice Chandrachud continued, stating that Uber tracks people who use their services, questioning why Aadhaar would be problematic then.

Mr. Divan then went on to detail the issues with this line of reasoning.

He stated that firstly, in the Aadhaar system, data was being centralised. Referring to the examples of electricity bills and income tax raised by Justice Chandrachud, he clarified that these were merely silos of information, as opposed to centralised information.

Justice Chandrachud stated that citizens were still being tracked, regardless of the storage.

Mr. Divan stated that as far as the individual facility was concerned, service providers may have a sense of a citizen’s location. Referring to the case of Digital Rights Ireland, he stated that the court ruled that maintaining log records of conversation was still prohibited.

He also stated that a particular service provider knowing a location was inherently different from the process of centralising data.

Mr. Divan then stated that the Bench had been trained to uphold the rights of the citizen, for which it was apt to consider the present situation 25 years in the future. He referred to the instance of school children being subject to Aadhaar authentication for scholarships. He also referred to an experimental use of Aadhaar, where movement of a citizen between cities could be tracked. Referring back to the example of service providers having geographic information as well, he stated that the state also had an obligation to ensure that service providers cannot profile individuals or have access to the kind of data that enables profiling.

Referring to the example of the PAN card being used for authentication, he stated that a system where identity could be established with a PAN card and where services could be received in return, would ensure complete satisfaction and would not have the adverse effects of surveillance.

He clarified that his implication of ‘surveillance’ was not in line with being ‘watched from behind a screen’. He stated that that was however, not the only form of surveillance foreseeable.

Justice Chandrachud then raised a question about insurance policies that had to be paid. He questioned if citizens were opening themselves up to surveillance in this instance.

Mr. Divan responded to the broader issue, questioning if the Indian constitution could allow for a surveillance state. He stated that checks and balances would not be of relevance, considering the degree of invasiveness at play.

Responding to the question on giving over geographic information to banks, he stated that a citizen still had the option to choose from different banks, since there would be different systems of information storage. He also stated that they could choose between a credit and debit card, clarifying that the former enables some form of information collection by the bank but with the latter, sensitive information would be protected completely. Compared to the over-arching power of the state, the power of private service providers and their relationship with citizens was wholly different.


SC Constitution Bench on Aadhaar – Final Hearing (Day V)

In October 2015, a 3-judge bench of the Supreme Court of India referred challenges to the Aadhaar program to a constitution bench. One of the primary concerns of this petition was to decide on the existence of a fundamental right to privacy, which has since been upheld. Other similar petitions, concerned with the legitimacy of Aadhaar had been tagged with this petition. While the existence of the fundamental right to privacy has been upheld, challenges against the Aadhaar programme and linking services to this programme were yet to be adjudicated upon.

An interim order was passed in December of 2017, a summary of the arguments can be found here and here.

The final hearing commenced on January 17, 2017. Summaries of the arguments advanced on the first four days can be found on the following links – I, II, III and IV.

Following from the last hearing, Senior Counsel Shyam Divan continued with the discussion on surveillance.

He started off by discussing the ECHR case of Zakharov vs. Russia, which dealt with how intercepted data was stored and the alleged violation of Article 8 of the European Convention. This judgment was passed by a 17 judge bench. The issue in this case was that the provisions which allowed interception by the government were allegedly in contravention of Article 8 of the EC, which was upheld by the ECHR.

He then went on to discuss another decision of the ECHR – Digital Rights Ireland vs. Minister of Communications. In the context of this case, he discussed a EU directive (2006/24/EC) on data retention and the obligation of retaining data relating to public communications.

He also made references to how the process entails an interference with the fundamental rights of nearly the entire European Union

Mr. Divan then discussed UIDAI documents on State Resident Data Hubs, making references to ‘360-degree profiling of individuals’. Referring to documents on Odisha and Madhya Pradesh, he specified that interlinking made it possible to obtain a 360-degree profile. He also stated that the State Resident Data Hubs retain biometric data.

Justice Chandrachud interjected, stating that aggregation of data for the sake of social welfare benefits (referring to the MP and Odisha documents) should be permissible.

Mr. Divan rebutted, stating that aggregation could not be justified at all.

Justice Chandrachud stated that perhaps that could be true for aggregation in a broader sense and could also raise serious concerns, but aggregation for social welfare schemes should be permissible.

Referring to another SRDH document, he illustrated how it was possible to detect the geographical location of citizens. To this, the Bench interjected stating that the technology would only make it possible to know registered information and not actual movements.

Mr. Divan stated that there were foreseeable problems with the government knowing details about citizens’, including but not limited to their religion and their relationship to communities. He stated that in a democracy, the government cannot know everything about its citizens.

He also referred to Justice Chandrachud’s judgment in Puttaswamy vs. Union of India, stating that data aggregation was an infringement of privacy.

Mr. Divan then went on to discuss the example of the Kerala dairy farmers welfare fund board and their pension authentication records, illustrating that the timestamp was retained and details of the device ID were too, in addition to several other details.

Further on this point, Mr. Divan pointed out that it was possible to locate where a person was in real time (within 200-500 meters). He also mentioned that the UIDAI retained information on biometric mismatches as well.

Justice Chandrachud interjected stating that we were all part of a highly networked age anyway, implying that a certain amount of data aggregation/surveillance would have to be permissible.

The Bench stated that several other forms of electronic transactions could lead to surveillance, for instance using an ATM card could entail giving up personal information. According to the Bench however, that would not be considered to be surveillance.

To this Mr. Divan responded stating that the information given up during an ATM transaction would be known to the bank alone.

He then stated that the Aadhaar identity system was initially meant for select pension schemes, which was no longer the case. He stated that if this was system was allowed to function as is, 20 years down the line citizens would be subject to an ‘electronic leash’ and their actions throughout the day could be tracked easily.

Further, allowing this system to prevail would also allow for a certain totalitarian line of reasoning to prevail, where the state could question what the citizens had to hide from the state to begin with.

Justice Chandrachud responded with the example of the World Bank, stating that Aadhaar was praised for its ability to deliver citizen centric services. He also stated that this was one of the best aspects of Aadhaar.

Mr. Divan disagreed, stating that monetary justifications could not be used to praise the system.

Justice Chandrachud stated that the Delhi Development Board argument should be focussed on and the argument relating to Section 57 should be visited separately.

Mr. Divan stated that this was a system of complete surveillance and that a perfect system of surveillance could not be constitutionally permissible.

Justice Chandrachud then stated that it was important to ‘get down to the brass tacks’ and not get carried away with the rhetoric of surveillance.

Mr. Divan mentioned that the first and foremost consideration was whether this was a matter of surveillance or not and whether Aadhaar could be used as an instrument of mass surveillance.

In addition, in the context of authentication he mentioned that the technology in question was not developed, owned or maintained by the UIDAI.

He then went on to discuss concepts of limited government, constitutionalism and the rule of law.

Mr. Divan stated that limited government had various dimensions, one of its dimensions being fundamental rights.

He questioned if the state could mandate a specific form of identification on a citizen. This was a further aspect of limited government interference.

The final aspect he discussed was that of dignity, which was applicable to individuals and collectives.

Further on issues of good governance and the rule of law he stated that the Aadhaar programme had gone ahead on the basis of an administrative notification, which did not mention the use of biometric data. In addition to which, several private parties who were not under contract were trusted with sensitive information. Lastly, the Parliamentary Standing Committee report has also pointed out that the system in place is flawed. Mr. Divan stated that to carry on with the existing system despite the afore-mentioned gaps appears to be unconstitutional and against the rule of law.

The hearing will continue on Thursday (1/2).

SC Constitution Bench on Aadhaar – Final Hearing (Day II)

In October 2015, a 3-judge bench of the Supreme Court of India referred challenges to the Aadhaar program to a constitution bench. One of the primary concerns of this petition was to decide on the existence of a fundamental right to privacy, which has since been upheld. Other similar petitions, concerned with the legitimacy of Aadhaar had been tagged with this petition. While the existence of a fundamental right has been upheld, challenges against the Aadhaar programme and linking services to this programme were yet to be adjudicated upon.

An interim order was passed in December of 2017, a summary of the arguments can be found here and here.

The final hearing commenced yesterday, a summary of the argument can be found here.

Senior Counsel Shyam Divan started off by reiterating that fingerprints are unsustainable and usually alter over time. Justice Chandrachud agreed stating that they are known to be unreadable after a couple of years.

Mr. Divan then stated that 3 aspects were problematic. He stated that the ‘integrity of the process’, the ‘integrity of the information being collected’ and whether ‘there is a pervasive invasion of fundamental rights’ would have to be considered.

Referring to the report, he also highlighted additional concerns relating to privacy, personal autonomy and information, which would include compelled speech.

He then went on to refer to the structure of the personnel at the UIDAI, reiterating the point about enrollers being private entities.

The focus then shifted to enrollment forms, and the contents of these forms over the years.

Referring to an older version of the form (pre-statute), he stated that:

1) There was nothing on the form that suggested that enrolment was voluntary.

2) There was no mention of biometric information being collected.

3) There was no indication of the basis on which this information was being filled

He also reiterated that the state could not compel anyone to pass on information to a private entity. He mentioned that there was no statute in place at the time the form was in circulation.

Justice Chandrachud asked if the private entity being an agent of the state would have made a difference to the situation, to which Mr. Divan responded in the negative.

He mentioned that the enrolment system was flawed and that ‘everything about it from beginning to end is unconstitutional’. He also mentioned that there was no counselling that was done prior to the statute, stating that that suggested a lack of integrity.

He stated that all of the above was problematic from a constitutional design and legal architecture perspective.

Mr. Divan then stated that the UIDAI had no contractual agreement with the private entity that collects information, and that no legal obligation had been created.

Justice Chandrachud questioned why it would be problematic to handover data to a private entity, given that insurance companies, telecom companies and several other private entities have records of sensitive information like addresses, etc.

Mr. Divan stated that parting with private information would be different in that context since there may be some form of a contractual obligation in that instance. In the case of biometric information, a citizen would be unaware of the identity of the private entity handling their data, as opposed to when data is handed over to a telecom company or an insurance company. He further stated that the example stated is wholly different than the state compelling someone to handover their data to a private entity, specifically one with which they do not have a contractual obligation.

He went on to discuss the role of operators and how close to 40,000 operators were reportedly blacklisted in 2017. He then went on to discuss the roles and responsibilities of the registrar (pre-statute). In addition, he discussed the role of verifiers and introducers, and listed out the requirements for these positions.

The focus then shifted to a memorandum of understanding between the Delhi government and the UIDAI (dated 2010).

Mr. Divan mentioned that this was the first stage at which the use of biometric data for identification was mentioned.

He stated that the memorandums were not supported by a legal framework either.

Referring to the points mentioned above, he stated that there was palpable arbitrariness and a lack of integrity in the system. In the absence of supporting contracts, citizens were in a fragile position and there was no protection for them as such.

The focus then shifted to the Supreme Court judgment on a fundamental right to privacy (Puttaswamy vs. Union of India).

Mr. Divan read out excerpts from the judgment. He started off with Justice Chandrachud’s judgment, focusing on the ‘right to personal liberty’.

Referring to Maneka Gandhi vs. Union of India, he also referred to the ‘variety of rights’ covered by Article 21.

He also made reference to the ‘jurisprudence on dignity’ section (Para 96, Page 94) in Justice Chandrachud’s judgment.

The focus then shifted to the NALSA judgment (Para 84, Page 85), stating that the right to privacy does not necessarily have to fall within the ambit of any one provision in the chapter on fundamental rights”.

Lastly, he made reference to the concept of ‘spatial control’ in Justice Chandrachud’s judgment, as well as that of information privacy.

The hearing will continue on the 23rd of January, 2018.


SC Constitution Bench on Aadhaar – Final Hearing (Day I)

In October 2015, a 3-judge bench of the Supreme Court of India referred challenges to the Aadhaar program to a constitution bench. One of the primary concerns of this petition was to decide on the existence of a fundamental right to privacy, which has since been upheld. Other similar petitions, concerned with the legitimacy of Aadhaar had been tagged with this petition. While the existence of a fundamental right has been upheld, challenges against the Aadhaar programme and linking services to this programme were yet to be adjudicated upon.

An interim order was passed in December of 2017, a summary of the arguments can be found here and here.

The final hearing commenced today.

The matter is being heard in front of a constitutional bench, comprising of Chief Justice Dipak Misra, Justice Sikri, Justice Khanwilkar, Justice Chandrachud and Justice Ashok Bhushan.

Senior Counsel Shyam Divan commenced the arguments for the day. He mentioned that since the range of the matter was vast, the petitioners would take necessary measures to not repeat arguments and allocate time amongst themselves.

Mr. Divan stated that the Aadhaar project itself was under challenge, as opposed to merely the Aadhaar Act. He stated that from January, 2009 to July, 2016, the system existed in the form of a project, which was followed by an Act. The relevant consideration however, was whether the project was constitutional at all.

He stated that the project was of a continuing nature, and that the statute only covered a few aspects of the project.

He also mentioned that the threat of the Aadhaar project was considered to be ‘insidious’, making reference to an ‘electronic leash’ which connected citizens to a database.

He then questioned the consequences of challenging an order of the court. He stated that the Aadhaar Act was under challenge, in addition to which certain parts of the Aadhaar programme which are not under the ambit of the act would also be under challenge. He then listed out a few other challenges.

With relation to handing over biometric information to the state, he stated that there was no concept of eminent domain that could be applicable to the body or that of bodily autonomy, and that this would be unconstitutional. He also shed light on concerns regarding free consent raised by several people. He argued that there should be an ‘out’ provision, and that self-determination was an important consideration.

He then stated that from 28th January 2009 till 2016, the programme functioned under an administrative direction.

He then went on to discuss the orders passed in 2015, which stated that Aadhaar could not be mandated for any services other than PDS and LPG, except as may be directed by the court for the purposes of criminal investigation. He then mentioned a subsequent order which included 4 other schemes in addition to the ones mentioned above.

He then referred to several schemes and services that had to now be linked to Aadhaar, in addition to the eKYC requirement, stating that it would be difficult to avail of a multitude of basic services without an Aadhaar card.

He also made reference to the fact that the whole scheme was supposed to be voluntary and that by imposing a mandate, a false declaration was also being imposed.

The arguments then moved on to matters of exclusion, and how the programme was working against the interests of several parts of the population.

Mr. Divan started off by stating that a large number of people working in the field have found that Aadhaar is operating as an instrument of exclusion.

He stated that citizens from several remote areas of the country have not been able to access the facilities necessary to issue Aadhaar cards. In addition, it is well known that biometrics are an unsuitable form of identification, because they are prone to change, especially for those below 15 and over 60 years of age. This is also applicable to people who are involved in manual labour.

He concluded by stating that the programme stigmatizes and excludes several people.

He stated that similar to the concern that privacy was merely an elite concern, brought up during the 9 judge bench hearing in Puttaswamy vs. Union of India, it was apparent from the above instances that Aadhaar is detrimental for under-privileged sections of the society.

He went on to focus on the issue of duplication of biometric information, and how it was estimated at the beginning of the programme that a minuscule portion of the population (roughly a 1000 people) may have to face exclusion due to duplication.

However, as of 15th Jan, 2017, biometric duplication rejects amounted to 6.23 crores, which amounted to more than the population of a few states. Citizens with duplicated information could not come on to the system.

He then went on to discuss different forms of identity systems, referring to a deterministic system and an idealistic system. He stated that a deterministic system functions on exact matches, like an OTP or a security code. The Aadhaar programme does not function on this principle, which is an important concern from a constitutional perspective.

The system in place is idealistic and functions on probability. He went on to discuss how exact fingerprint matches were not considered in the Aadhaar system, and that a template was used. The use of this system implies that there is a risk of rejecting valid biometric information.

He stated that if a citizen is entitled to a service, then the process connected to it cannot be based on probabilities, but should instead be deterministic.

The focus of the arguments then shifted to the structure of the UIDAI. He made reference to enrolment officers and how they were all private entities. He then went on to discuss the composition of the UIDAI.

The Bench stated that the functions did not appear to be labour intensive.

Mr. Divan stated that while this may be the case, there was no government control over when the information was being gathered, and that this information could easily make its way into the hands of private parties.

He further stated that some form of statutory governance should be mandatory for sensitive data. He stated that the validity of the charter under which the programme was operating should be questioned, and the larger concern was whether this was an adequate charter for biometric data collection at all.

Mr. Divan explained how the Aadhaar system would allow for surveillance in real time.

He also stated that there were different silos of information, which were bridged by Aadhaar and which allowed for profiling.

He went on to question why a system through which the central government could track movements in real time would be permissible and also questioned its architecture.

The bench questioned whether the problem was with the states use of the data.

Mr. Divan stated that the entire structure was unconstitutional, and not merely because there was no Act in place.

He referred to the system of data collection and stated that the design itself was flawed and that biometric systems across the world do not work on this scale. After a certain age, most countries don’t collect biometric information. Due to these inherent flaws, there are several people in the country who do not have identity documents at all.

The focus then shifted to the Standing Committee’s Report. Mr. Divan drew attention to several observations in the Report, relating to privacy and surveillance.  He also discussed the faults with the biometric identity system in the United Kingdom and why it was eventually revoked.

Mr. Divan further discussed the problems with the old bill highlighted in the report, which were applicable to the current Act as well. There was also a brief discussion about the nature of the money bill and the NIDAI bill, after which the hearing concluded.

The hearing will continue tomorrow (18th January, 2018).





Call for Applications – Civil Liberties

Update: Deadline to apply extended to January 15, 2018! 

The Centre for Communication Governance at the National Law University Delhi (CCG) invites applications for research positions in its Civil Liberties team on a full time basis.

About the Centre

The Centre for Communication Governance is the only academic research centre dedicated to working on the information law and policy in India and in a short span of four years has become a leading centre on information policy in Asia. It seeks to embed human rights and good governance within communication policy and protect digital rights in India through rigorous academic research and capacity building.

The Centre routinely works with a range of international academic institutions and policy organizations. These include the Berkman Klein Center at Harvard University, the Programme in Comparative Media Law and Policy at the University of Oxford, the Center for Internet and Society at Stanford Law School, Hans Bredow Institute at the University of Hamburg and the Global Network of Interdisciplinary Internet & Society Research Centers. We engage regularly with government institutions and ministries such as the Law Commission of India, Ministry of Electronics & IT, Ministry of External Affairs, the Ministry of Law & Justice and the International Telecommunications Union. We work actively to provide the executive and judiciary with useful research in the course of their decision making on issues relating to civil liberties and technology.

CCG has also constituted two advisory boards, a faculty board within the University and one consisting of academic members of our international networks. These boards will oversee the functioning of the Centre and provide high level inputs on the work undertaken by CCG from time to time.

About Our Work

The work at CCG is designed to build competence and raise the quality of discourse in research and policy around issues concerning civil liberties and the Internet, cybersecurity and global Internet governance. The research and policy output is intended to catalyze effective, research-led policy making and informed public debate around issues in technology and Internet governance.

The work of our civil liberties team covers the following broad areas:

  1. Freedom of Speech & Expression: Research in this area focuses on human rights and civil liberties in the context of the Internet and emerging communication technology in India. Research on this track squarely addresses the research gaps around the architecture of the Internet and its impact on free expression.
  2. Access, Markets and Public Interest: The research under this area will consider questions of access, including how the human right to free speech could help to guarantee access to the Internet. It would identify areas where competition law would need to intervene to ensure free, fair and human rights-compatible access to the Internet, and opportunities to communicate using online services. Work in this area will consider how existing competition and consumer protection law could be applied to ensure that freedom of expression in new media, and particularly the internet, is protected given market realities on the supply side. We will under this track put out material regarding the net neutrality concerns that are closely associated to the competition, innovation, media diversity and protection of human rights especially rights to free expression and the right to receive information and particularly to substantive equality across media. It will also engage with existing theories of media pluralism in this context.
  3. Privacy, Surveillance & Big Data: Research in this area focuses on surveillance as well as data protection practices, laws and policies. The work may be directed either at the normative questions that arise in the context of surveillance or data protection, or at empirical work, including data gathering and analysis, with a view to enabling policy and law makers to better understand the pragmatic concerns in developing realistic and effective privacy frameworks. This work area extends to the right to be forgotten and data localization.


CCG is a young and continuously evolving organization and the members of the centre are expected to be active participants in building a collaborative, merit led institution and a lasting community of highly motivated young researchers.

Selected applicants will ordinarily be expected to design and produce units of publishable research with Director(s)/ senior staff members. They will also be recommending and assisting with designing and executing policy positions and external actions on a broad range of information policy issues.

Equally, they will also be expected to participate in other work, including writing opinion pieces, blog posts, press releases, memoranda, and help with outreach. The selected applicants will also represent CCG in the media and at other events, roundtables, and conferences and before relevant governmental, and other bodies. In addition, they will have organizational responsibilities such as providing inputs for grant applications, networking and designing and executing Centre events.


The Centre welcomes applications from candidates with advanced degrees in law, public policy and international relations.

  • All candidates must preferably be able to provide evidence of an interest in human rights / technology law and / or policy / Internet governance/ national security law as well. In addition, they must have a demonstrable capacity for high-quality, independent work.
  • In addition to written work, a project/ programme manager within CCG will be expected to play a significant leadership role. This ranges from proactive agenda-setting to administrative and team-building responsibilities.
  • Successful candidates for the project / programme manager position should show great initiative in managing both their own and their team’s workloads. They will also be expected to lead and motivate their team through high stress periods and in responding to pressing policy questions.

However, the length of your resume is less important than the other qualities we are looking for. As a young, rapidly-expanding organization, CCG anticipates that all members of the Centre will have to manage large burdens of substantive as well as administrative work in addition to research. We are looking for highly motivated candidates with a deep commitment to building information policy that supports and enables human rights and democracy.

At CCG, we aim very high and we demand a lot of each other in the workplace. We take great pride in high-quality outputs and value individuality and perfectionism. We like to maintain the highest ethical standards in our work and workplace, and love people who manage all of this while being as kind and generous as possible to colleagues, collaborators and everyone else within our networks. A sense of humour will be most welcome. Even if you do not necessarily fit requirements mentioned in the two bulleted points but bring to us the other qualities we look for, we will love to hear from you.

[The Centre reserves the right to not fill the position(s) if it does not find suitable candidates among the applicants.]


Based on experience and qualifications, successful applicants will be placed in the following positions. Please note that our interview panel has the discretion to determine which profile would be most suitable for each applicant.

  • Programme Officer (2-4 years’ work experience)
  • Project Manager (4-6 years’ work experience)
  • Programme Manager (6-8 years’ work experience)

A Master’s degree from a highly regarded programme might count towards work experience.

CCG staff work at the Centre’s offices at National Law University Delhi’s campus. The positions on offer are for duration of one year and we expect a commitment for two years.


The salaries will be competitive, and will usually range from ₹50,000 to ₹1,20,000 per month, depending on multiple factors including relevant experience, the position and the larger research project under which the candidate can be accommodated.

Where candidates demonstrate exceptional competence in the opinion of the interview panel, there is a possibility for greater remuneration.

Procedure for Application

Interested applicants are required to send the following information and materials by December 30, 2017 to

  1. Curriculum Vitae (maximum 2 double spaced pages)
  2. Expression of Interest in joining CCG (maximum 500 words).
  3. Contact details for two referees (at least one academic). Referees must be informed that they might be contacted for an oral reference or a brief written reference.
  4. One academic writing sample of between 1000 and 1200 words (essay or extract, published or unpublished).

Shortlisted applicants may be called for an interview.


Supreme Court considers installation of CCTV units in courts – but will it regulate what happens next?

Earlier this month, the Supreme Court heard a petition seeking directions to ensure audio-visual recording of the proceedings in trial courts. The reasoning behind the request was that recording proceedings would enhance the fairness of trials. The Supreme Court decided to limit the question to whether CCTV (video only) cameras may be installed at various locations in the courts, in order to better serve security and administrative needs.

This is not the first time the Supreme Court has discussed the use of CCTV cameras for security and other purposes. However, there is also no comprehensive law that deals with the use of CCTV cameras and related security and privacy issues.

In the present case, the Court initially noted that multiple courts, including the courts in Gurgaon have undertaken such efforts in the past. The Court then requested the additional solicitor general and a senior advocate present in the court as amicus to visit the courts in Gurgaon, and report on the matter within four weeks. It stated that once the report is received, it will consider directing installation of CCTV (video only) cameras at district courts in various states. It has also indicated that any recordings made by these CCTV cameras will not be available to the public, and will be retained for specified periods of time only.

The Court has considered the use of CCTV cameras in public places in previous cases. In Deputy Inspector General of Police and Anr. v. S. Samuthiram, a case regarding eve-teasing / sexual harassment, the Court took cognizance of such cases and the need for prevention mechanisms. Amongst other things, it directed all states and union territories to install CCTV cameras in public places. The CCTV cameras were to be positioned such that they act as a deterrent to potential offenders, and if an offence was committed, the offenders would be caught / identified.

In Dilip K. Basu v. State of West Bengal and Ors, the Court considered the request of the amicus, and directed state governments to: (a) take steps to install CCTV cameras in all the prisons in their respective states, within a period of one year from the date of the order (but not later than two years), and (b) consider installation of CCTV cameras in police stations in a phased manner depending upon the incidents of human rights violation reported in such stations.

State governments have also, in various instances, directed the installation of CCTV cameras in public places. In Tamil Nadu, the state government has directed that CCTV cameras must be installed in every public building. The cameras must be installed in accordance with the recommendations of the local police officers. Such recommendations may be made for purposes such as ensuring public order or controlling crimes and the reasons for the recommendation must be recorded in writing.

In Chandigarh, the local government released a set of draft rules meant to regulate mobile app-based transport aggregators (such as Uber and Ola). Among other things, these draft rules require that every taxi must install a CCTV unit to monitor activities inside the taxi in real time. The rules suggest that the video feed from the CCTV cameras should be linked to a control room established by the aggregator.

The above are some examples of courts and government bodies providing for installation and use of CCTV cameras and video recordings. There is a common trend among them – the orders and rules only deal with when and where the units are to be installed, and used. They do not, however, provide a procedural / regulatory mechanism to ensure proper, lawful use of such cameras and associated video recordings.

Maintenance of law and order, security, deterrence of criminal activity, and identification of offenders, are all important issues, and appropriate means should be adopted to provide for the same. At the same time, there needs to be a balance between such means, and individual rights, such as the right to privacy. These laws and orders largely deal with installation and use of CCTV cameras in public places, where some may argue that an individual does not have a reasonable expectation of privacy. However, reports suggest there is misuse of CCTV cameras, especially where installed in customer heavy locations such as retail outlets.

Such misuse could be dealt with under some existing provisions of laws such as the Information Technology Act, 2000 – for example under the provision which criminalizes capturing of images or videos of an individual’s private parts, or the data protection rules. However, these laws are of limited applicability, and deal mostly with sensitive personal information, and images or videos of a private / sexual nature. We do not currently have a comprehensive law that deals with  surveillance equipment and its use in public spaces. Although some states such as Tamil Nadu provide that CCTV cameras must be installed based on police recommendations, there is no general prohibition or restriction on their installation and use. Further, there are no specific restrictions on the collection, use, retention, or transfer of any video recordings, or information that is derived from such recordings. There is no mechanism put in place to deal with a situation where an individual’s data is shared without authorization.

Certain authorities within the country appear to have recognized this gap, and taken some steps towards addressing these issues. In Maharashtra, the local municipal corporation in Navi Mumbai has implemented a CCTV surveillance system to help the local police maintain law and order. The corporation has issued a ‘voluntary code of conduct’ in relation to all surveillance camera systems in public and private places. This document attempts to “provide a framework to all the stakeholders so that there is proportionality and transparency in their use of surveillance”. Among other things, it provides that (i) the use of a surveillance system must always be for a legitimate and specified purpose; (ii) establishments must be transparent about the use of CCTV cameras on their premises; and (iii) access to the video feed will be limited and subject to clearly defined rules on persons who can gain access and purposes for which access may be gained.

Even a limited framework such as this, goes a long way towards ensuring transparency and protection of individual rights and freedoms. Perhaps the Supreme Court will provide more nuanced directions, not only on the installation of CCTV cameras, but also on the use of associated video recordings when the matter is next brought up.