The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Bill, 2016, better known as Aadhaar Bill, was introduced in Lok Sabha on March 3.
The Bill intends to provide for targeted delivery of subsidies and services to individuals residing in India by assigning them unique identity numbers.
Parliament is debating on the certain portions of the Bill, which may need clarification or amendments:
By striking down Section 57 of Aadhaar Act, Supreme Court has firmly put an end to the mass surveillance exercise being carried out under the guise of #Aadhaar by the Central Government and the grotesque distortion of an idea conceived by the UPA: Kapil Sibal, Congress pic.twitter.com/n5TXETY2gT
— ANI (@ANI) September 26, 2018
1. Allowing private agencies to use Aadhaar contradicts statement of objects and reasons of the Bill
The Statement of Objects and Reasons of the Bill states that identification of targeted beneficiaries for delivery of various government subsidies and services has become a challenge for the government. At the time of the introduction of the Bill, the government stated that “the Bill confines itself only to governmental expenditure.” However, the Bill also allows private persons to use Aadhaar as a proof of identity for any purpose.
2. Issues with sharing information collected under Aadhaar
The provisions in the Bill with regard to protection of identity information and authentication records may be affected by an ongoing writ petition in the Supreme Court. The petition claims that Aadhaar may be in violation of right to privacy. A five-judge Bench of the court is examining whether right to privacy is a fundamental right.
Supreme Court strikes down the section 57 of Aadhaar Act; as a result, private companies cannot ask for Aadhaar card pic.twitter.com/sg9HMax86L
— ANI (@ANI) September 26, 2018
3. Disclosure of information to intelligence or law enforcement agencies
The provisions regulating disclosure of private information under the Bill differ from guidelines specified under another law — the Indian Telegraph Act, 1885. The Bill differs from the guidelines for phone tapping in two ways. First, the Bill permits sharing in the interest of ‘national security’ rather than for public emergency or public safety. Second, the order can be issued by an officer of the rank of Joint Secretary, instead of a Home Secretary.
4. Potential to profile individuals
The Bill does not specifically prohibit law enforcement and intelligence agencies from using the Aadhaar number as a link (key) across various datasets (such as telephone records, air travel records, etc.) in order to recognise patterns of behaviour.
Techniques such as running computer programmes across datasets for pattern recognition can be used for various purposes such as detecting potential illegal activities. However, these can also lead to harassment of innocent individuals who get identified incorrectly as potential threats.
– Mandatory linking of bank a/cs & SIM cards quashed
– Corporates can't seek Aadhaar for authentication
– Aadhaar not mandatory for school admissions
– Passing of Aadhaar Act as money bill upheld https://t.co/vCPFlFKbID
— Nandagopal J Nair (@Njnair) September 26, 2018
5. UID authority’s exclusive power to make complaints
A provision says, “Courts cannot take cognizance of any offence punishable under the Act, unless a complaint is made by the UID authority, or a person authorised by it.” This may present a conflict of interest as under the Bill the UID authority is responsible for the security and confidentiality of identity information and authentication records. There may be situations in which members or employees of the UID authority are responsible for a security breach.
6. Discretionary powers of UIDAI
The Bill empowers the UID authority to specify demographic information that may be collected. The only restriction imposed on the authority is that it shall not record information pertaining to race, religion, caste, language, records of entitlements, income or health of the individual. This power will allow the authority to collect additional personal information, without prior approval from Parliament.
7. Collection of personal information
The enrolment form currently being used contains fields for capturing information such as the National Population Register (NPR) receipt number, mobile number, and bank account number. Though these fields are labelled ‘optional’, it is unclear why this additional information is being recorded.
Constitution Bench of the Supreme Court today upheld the validity of the Aadhaar Act and scheme.
For obtaining bank acc.- Not Required
For mobile numbers- Not Required
School admissions- Not Required
Examinations [NEET, CBSE etc]- Not Required
Aadhaar-PAN linkage- Required
— Mohammed Danish (@cryptodanish) September 26, 2018
8. Ambiguity in specifying biometric information
The Bill specifies biometric information to include photograph, fingerprints, and iris scans. Further it empowers the UID authority to specify other biological information that may be collected. Therefore, the Bill does not prevent the UID authority from requiring the collection of biometric information such as DNA.
9. Time period for maintaining authentication records
The Bill does not specify the maximum duration for which authentication records may be stored by the UID authority. Instead it allows the UID authority to specify this through regulations. Maintaining authentication records over a long time period may be misused for activities such as profiling an individual’s behaviour.