Opinion In widening scope of Aadhaar, government is crossing red lines set by Supreme Court

Part of the challenge lay in the fact that in its 2018 judgment, the Supreme Court specifically disallowed the linking of Aadhaar with bank accounts and SIM cards. The Court held that there was no law that permitted this, it did not serve any state purpose and the use of Aadhaar authentication for the purpose cited by the government is unclear (no rational nexus). The majority judgment also limited the use of Aadhaar for welfare services. As many critics have pointed out, limiting the use of Aadhaar for welfare was deeply problematic, as mandatory Aadhaar excluded many who need welfare to survive. Under the Public Distribution System, for example, mandatory Aadhaar has exposed the faulty functioning of the programme, and proved particularly harmful — it’s been linked to increased vulnerability and malnutrition deaths.

Even as the Supreme Court held that Aadhaar could be used for welfare, it recognised a fundamental right to privacy and struck down Section 57 of the Aadhaar Act which specifically enabled private entities to use Aadhaar numbers to establish identity for delivering services.

Despite a clear and categorical ruling of the court, how is the Union government planning to enable the use of Aadhaar by private entities? Scarcely a year after the judgment, the Union Government introduced the Aadhaar and Other Laws (Amendment) Bill, 2019. While responding to the debate on the Bill in the Rajya Sabha, then Minister of Electronics and Information Technology Ravi Shankar Prasad argued that Parliament has the power to undo a Supreme Court judgment by removing the basis of that judgment or addressing its reasoning. The Amendment Act modified Section 4(4) to enable any entity to perform Aadhaar authentication by requesting for it with the minor caveat that the UIDAI will scrutinise such requests and see if permission can be granted. With this, the Union government created a law addressing the first objection of the Supreme Court. Responding to the second objection — the lack of a state purpose — it simply provided “that the purposes for which such authentication can be requested will be prescribed by the Central Government in consultation with UIDAI”. No actual purpose was laid down in the Act. While an Act can only be amended by Parliament, the Union government delegated to itself the power to lay down any such purpose through rules or regulations, without the inconvenient scrutiny of Parliament.

This Amendment Act was immediately challenged. Soon after, during a raging global pandemic, the Aadhaar Authentication for Good Governance (Social Welfare, Innovation, Knowledge) Rules, 2020, were notified without public consultation. The rules enable any government ministry or department to request Aadhaar authentication for purposes such as “ensuring good governance, enablement of innovation, spread of knowledge etc.” None of these terms were defined and no explanation was provided as to how linking any government service to Aadhaar can lead to the spread of knowledge, for instance. Arguably the most important objection of the Supreme Court — the lack of clarity on the connection between the stated objective of the government and the method to achieve the purpose —- remains unaddressed.

Now, the Rules are being amended to enable private entities to request Aadhaar authentication for a new purpose — “promoting ease of living for residents and enabling better access to services for them”. What is “ease of living”? And how will a private entity asking citizens to share their Aadhaar for identification enable better services? None of these have been explained. The Rules and the proposed changes fly in the face of the Supreme Court’s judgment and the unequivocal prohibition on private entities using Aadhaar.

Apart from the apparent legal issues with the Rules, the last few years have shown that the Aadhaar system is creaky and vulnerable to fraud. On its website, the UIDAI claims that having access to someone’s Aadhaar number cannot help them hack into their bank account, but the UIDAI hasn’t kept pace with innovative criminals. Incidents of thumbprints being forged and used to withdraw money using Aadhaar-enabled payment systems have proliferated. Imagine how widespread the problem may become when multiple private entities have access to people’s fingerprints and other sensitive information for authentication. The government would be wise to address issues in the Aadhaar system before attempting to expand its use. Not only is the database riddled with errors, but the system itself also has no functional grievance redressal mechanism.

The writers are lawyers and part of the Article 21 Trust and Rethink Aadhaar campaign