Privacy after Aadhaar

If this bill with far-reaching implications for rights, accountability and the powers of the state is a money bill, then practically any legislation can be converted into a money bill.

Written by Pratap Bhanu Mehta | Updated: March 26, 2016 2:25 pm
Aadhaar coverage, 100 per cent aadhaar coverage, pune school, school, pune news Photo for representational purpose.

Aadhaar is a potentially useful instrument for delivering benefits and reducing fraud. But even its staunchest defenders should worry about the crude instrumentalism that has surrounded the passage of the Aadhaar bill. This instrumentalism has run roughshod over two values: Constitutional propriety and privacy. There should be great disquiet at the fact that the bill was treated as a money bill. This was a subversion of the spirit of Article 110, the provision that deals with money bills. If this bill with far-reaching implications for rights, accountability and the powers of the state is a money bill, then practically any legislation can be converted into a money bill.

Article 110(3) does say that the speaker is the final authority on what constitutes a money bill. But it was always assumed that the speaker would make this determination in light of the definition of money bills laid down in the article. To arbitrarily declare something a money bill is to subvert the spirit of the Constitution. This bill will set a horrendous precedent for ways of bypassing the Rajya Sabha. The solution to legislative logjam cannot be subversion of the representative scheme bequeathed to us. Many politicians are privately salivating at the prospect of rendering the Rajya Sabha powerless. The Aadhaar bill has been born in this constitutional perfidy.

Share This Article
Related Article

The second value is privacy, a key concern. In an age of technology, this is a tricky issue, with complicated risks and tradeoffs. It is precisely for this reason that this should not have been a money bill. A short oped is not a place to settle institutional issues but the responses of the defenders of Aadhaar to the privacy question have not been reassuring. They argue that this bill is an improvement on the UPA’s bill. That is true. But it is hardly reassuring to be told that a hole through which you might fall has gotten marginally smaller if there is a high probability that you can still fall through it. The question is whether the bill demonstrates a good-faith attempt to address as many privacy concerns as it reasonably can.

On that score, the bill is an exercise in bad faith. The first reason is architectural. The national security exceptions in the bill are too broad. It negates all protections the bill seemingly provides. But, more importantly, let us say you do want a national security exception. Should the determination of this be left entirely to the bureaucracy and executive when they themselves will not be under any system of accountability? Admittedly, even our current safeguards are very weak. But as the risks of surveillance grow, we need to strengthen them rather than rely on specious arguments about the past. But as PRS Legislative Research pointed out, the term “national security” is much wider than public emergency or public safety, the traditional grounds on which the state got tapping authority. But the most important point is that there is no effective independent, credible mechanism for holding accountable those who will be making determinations on this exception. Essentially, a small group of bureaucrats can render your privacy irrelevant. Privacy may not be absolute, as the finance minister says, but that is no reason to make bureaucratic power nearly absolute, as this bill does.

Second, the real issue with Aadhaar is not only going to be the privacy of the information with the UIDAI itself. If lots of different agencies link their information to Aadhaar numbers, what will be the protocols governing the sharing of that information? What will be the norms governing data mining? Will we have agency-specific protocols on what information can be shared with whom and under what conditions? Aadhaar will give the ability to link different databases biometrically. As Partha Mukhopadhyay had argued, “To protect privacy, each such database will need additional locks. Linking databases should need consent from multiple key-holders subject to legislative oversight and judicial redress.” This is, in principle, a problem that could be addressed. But it is why Aadhaar required embedding in the context of a comprehensive privacy legislation, not a perfunctory exercise as is carried out in this bill. This bill has no meaningful protection against abuse.

But the broader ideological mystification around privacy should be resisted. This government, like the previous one, is consistently mendacious on the right to privacy, outright denying it on some occasions. Then there is the canard of the “private sector”. Since we freely give in to Google and Facebook, what is wrong in giving in to the state? There are two responses. This argument may actually be a case for regulating big private companies more, rather than lowering protection standards in the state. But, most importantly, it elides an important distinction: The state can use coercive power in a way in which private entities cannot. Private entities are not inconsequential in the exercise of power, but that power operates differently. The reason we worry about the state is that it can coerce you, imprison you, deprive you of your rights. So the standards of accountability have to be correspondingly adjusted.

States have also used a generalised state of insecurity to make surveillance normal. Our fears trump our quest for autonomy. This is a Faustian bargain we have struck with the state. But the political sustainability of this bargain depends upon trust in the state. A good-faith attempt to give as many safeguards as possible should not be seen as coming in the way of the state. It rather enhances its ability to exercise power when it truly matters. But a state that rides roughshod over privacy from the start will not be a state that will elicit trust. What is at stake is not just a right to privacy but the building of a trustworthy state.

Finally, we are in an age where we live in what the Columbia legal theorist, Bernard Harcourt, has in his book, Exposed: Desire and Disobedience in the Digital Age, called the “expository society”. We not only crave exposure but the better satisfaction of our desires requires us to give up privacy. But even the craving for the satisfaction of our desires should not make us immune from worrying about how power is exercised over us. In its crude instrumentalism about constitutional propriety and privacy, the Aadhaar bill is a demonstration of just how easily state power can become arbitrary. Even though the bill has been passed, it is important to keep up the pressure so that we can frame better regulations and seek judicial protection.

The writer is president, Centre for Policy Research, Delhi, and contributing editor, ‘The Indian Express’

For all the latest Opinion News, download Indian Express App

  1. B
    Bharat Varma
    Mar 28, 2017 at 10:39 am
    Some fundamental questions -lt;br/gt;lt;br/gt;1. How are the biometrics stored? Are they encrypted or not? If yes, who all have the encryption keys?lt;br/gt;lt;br/gt;2. Who is legally responsible and liable for misuse of the biometrics that we are being forced to give?lt;br/gt;lt;br/gt;3. There is no verification of physical addresses or the email address. Process and timeline for rectification. Who is responsible for rectification and in the absence of timely rectification, for the misuse and consequent damages? (The present rectification process does not work from my experience of the last 6 months).lt;br/gt;lt;br/gt;4. What is the practical (and technological) protection against the so called biometric "replay" attacks? Stored biometrics were used for authentication. This means that anyone with aadhaar (and consequently surrendered biometrics) can be impersonated and his/her transactions authenticated without the knowledge (or even the presence) of the;br/gt;lt;br/gt;5. IF your biometrics do not match (authentication failure is a statistically significant percentage), then what happens to your ideny? You are no longer a person. WHAT IS THE BACKUP?lt;br/gt;lt;br/gt;These are only some of the questions.
    1. S
      subba rao
      Mar 27, 2017 at 3:24 pm
      Rajya Sabha is full of MPs who are obstructing any legislation / bill brought there without rhyme or reason. Hence this is the only to push the govt's agenda. Regarding Aadhar a coomon man need not worry about govt's survillence even if it is true. Only law breakers and antinational need to worry.
      1. I
        IML sood
        Mar 26, 2016 at 10:56 am
        These are few people who are devoid of any moral and always try to run down any good work of the Govt. to satisfy thie own ego.Does he not suppoters his masters to express illogical views which are not only absurd but irrational alsoShame on such comments.
        1. R
          Mar 26, 2016 at 8:03 am
          PB Mehta as we all know is a congress licker. He should tell us about the shah bano case and giving muslims special rights under democratic set up of India by congress govt. He should also tell us didn't his idol rajiv hi p the juvelline bill as money bill? what a hypocricy these guys cry out writing such articles....congress knows aadhar bill will change India for good and lot of middle men will be affected. they wanted it to go to parl. committie and get extension of 2 years at least so they can show during 2019 elections. dont do cheap talks pb mehta.
          1. N
            Mar 26, 2016 at 12:04 pm
            Even in the Great U.Sof A where fundamental rights are well protected by various laws and consution , there is hue and cry against eavesdrop of private telephone conversations. Privacy is most important thing and it should be protected. The same BJP government when the UPA rule was there objected to Aadhar lt;br/gt;Vehemently and now they are the saviour of Aadhar. Now it is the duty of the Supreme Court to interfere and suggest measures so that privacy of individual is not compromised.
            1. A
              Abhishek Kalekar
              Mar 26, 2016 at 4:03 pm
              A suitable mechanism,as has been told by the head of Aadhar itself, for auditing the operations of Aadhar to track when and for what purpose it's data are shared with others need to be placed. And, 'National security' exceptions' portended arbitrary usage can be prevented by seeking judicial protection making the concerned authorities;br/gt; After all,Aadhar, a near panacea for preventing the leakages plaguing the implementation of welfare schemes shouldn't be let embroiled in the debate over 'privacy concerns' for long.
              1. A
                Mar 26, 2016 at 3:40 am
                Good thoughts.It is our right to protect our privacy
                1. N
                  NAVIN ASTI
                  Mar 26, 2016 at 2:23 pm
                  Mr Mehta seems to believe that even though no bills are made to p for the benefit of poor and the Nation,no problem.But the rope should be in Congress-hands.That is the real National servicedian public doesn't agree to his atude.Congress,misusing its majority in RS.stalling every bill to the dead wall.Just to show that Modi did not work and as a penalty to Indians for not voting it to power for a looting business through frauds and scams.This is a good lesson to Puppy and Maino bent upon not allowing public interest to get through.We request BJP to follow such ways to get the work done.Rogues must be kicked at the buttocks and that is what BJP has kicked.
                  1. Load More Comments