Divan points out technical faults, lack of legal framework and the sheer unconstitutionality of Aadhaar

796
Aadhaar linkages case: Venugopal says “we entirely deny data leakage”

Photo: Anil Shakya

The Aadhaar hearings continued for the second day before the Supreme Court constitution bench of Chief Justice Dipak Misra and Justices A M Khanwilkar, Adarsh Kumar Sikri, D Y Chandrachud and Ashok Bhushan.

On the second day, senior advocate Shyam Divan appearing for some appellants, again insisted on the total unconstitutionality of the entire Aadhaar programme. He pointed out technical errors that arise out of faulty machines used to gather biometric data in the first place and also pointed out that strange and private operators have been appointed to collect such data. These people neither have any substantial training nor are in any way attached the UIDAI, the nodal authority.

He said that while gathering such sensitive data from the public, the government has neither done any large scale counselling, nor bothered to enter into any legal contract with the public. That leaves the people with a situation where they (the public) has nowhere to lodge their complaint if anything goes wrong.

The case started immediately after the CJI finished his dealing with the film Padmavat ban issue.

The following were the arguments:

12.16 pm: Divan said that at the time of authentication the devices used to capture fingerprints are not of good quality.

He also said the operator is required to be above 18 and his/her educational qualification should be 10+2. In the UIDAI form there is no mention of a biometrics form, he said.

He said that neither is there any indication as to the source of information. No signature of enroller is taken, neither any consent declaration. In order to avail facilities one has to submit himself to being tracked for the rest of his life. “The software is so programmed that you will have to share the sensitive and personal info,” he said.

Then he asked the critical question. “Who is this information given to? Not to any authentic official but to a private entity – the biggest drawback.”

12.22 pm: “Having the nature of this information, authority cannot be delegated to a private entity. It can be treated as sovereign supremacy and infringement of democratic rights as by this way (Aadhaar) an individual is made to submit all the details.

“No government officer is present at the time of enrolment to verify the information being filled in the form. Everything about the process is unconstitutional. Private individuals can take advantage to someone’s valuable info and can use the same for his or others’ benefit.”

12.25 pm: He continued: “In its pre-statute form Aadhar enrolment was free and voluntary. Admittedly, no counselling has been done before making individuals before they enter into such a complicated process.

“There is no privacy to the contact by way of enrolment of the entity. So, in case of any dispute, fixing liability will become a difficult task. No statutory rules were required for appointment of private verifier at the time of enrolment. That is a flawed structure.

This thing of bank passbook or bank statement as proof of address, given to a private party means that such information i being shared with someone who is a third party and not even a government employee.”

12.39 pm: At this time Justice Chandrachud asked: “When you apply for a loan or a phone connection people are already giving their details to a third party. Then why do you have an objection when the government is asking, maybe by the third party?”

To this Dvan answered that in those instances there is a contract between an individual and the third party.

12.48 pm: Divan continued: “It is the possible profiling of individual by aggregation of information with one entity which ought not to be happening in a limited democratic government.”

1.00 pm: While reading an affidavit of an individual, it was brought to the notice by Divan that a couple was compelled to enrol for Aadhaar in order to register their marriage. “They did not wish to enrol for Aadhaar in the first place and later asked the court to cancel their enrolment and made a submission to not make Aadhaar mandatory for such issues.”

He again reiterated that Aadhaar was introduced with a scope to provide identity proof for people having no prior documentation pertaining to their identity. He again mentioned that a small 2,19,000 thousand people came under the category where they did not have any prior identity proof. “That is 3 out of 10,000 people,” he said.

Then came the question of the people authorised to carry on the enrolment. “Who are the enrollers?” He read out a small list of names who are among them: “Gautam Educational Society, MKS Enterprises, Patna Sagar Food Mfg, Sharda Systems, Chirag Construction Company…”

He said: “All are enrolment agencies, but have no connection with the UIDAI Act.”

2.49 pm: Divan placed on record a Rajya Sabha statement – discussion 381, 379 — where they have taken action against around 1,000 operators. Rajya Sabha minister’s statement says within six years, action has been taken against 1,000 operators who indulged in making fake Aadhaar cards.

He said that the UIDAI, since its inception, has blacklisted 49,000 operators. Module 4 (a) of the submission states that around 45,000 operators have been blacklisted in respect of Aadhar.

The submission points out that as per a January 2013 UIDAI publication for registrar, Aadhaar will be built with help of registrars who will collect information and biometric data geographically and demographically. Roles and responsibilities of registrars, to ensure accuracy of the data to be set.

It was said that fiduciary duty should be exercised on the registrar for misuse and discrepancy. But this was not the obligation of the UIDAI. It has also been said (Pg 407 of the roles of Registrar) that the registrar may retain the biometric data collected by them.

He also pointed out that there was no legal limitation for being a registrar. Any entity having communication with individuals can be a registrar, such as universities, school etc. he also pointed out that there was no o proper legal framework, statute and contract in respect of Aadhaar.

3:40 pm: Divan said that open-ended power has been given to registrars. He said MoUs are not contracts, hence no legal responsibility or legal framework to deal with the documents of individual if in case documents are misused. He said there was absence of legal sanction at the stage of inception.

He said that there were instances where operators were uploading data on UIDAI database using pirated software.

About the absence of accountability he gave the example of Allahabad where a bank is appointed as a registrar, and it can directly make enrolments or appoint operators who are answerable to the appointing authority, which is a bank. Nowhere is it mentioned that UIDAI was accountable.

He said there have been cases of forgeries and false enrolments, hence a strong security network is also required.

3.55 pm: He said it was the duty of the state to ensure the privacy of its citizens, hence it is the duty of the state to protect the data of individuals too.

The court adjourned till tomorrow.

India Legal Bureau