Aadhaar hearing Day 4: Challenges to the Aadhaar Act and its surveillance implications raised before SC

The arguments against Aadhaar before the Supreme Court continued today, with senior counsel Shyam Divan presenting arguments against the Aadhaar system

The arguments against Aadhaar before the Supreme Court continued today, with senior counsel Shyam Divan setting down the five main challenges to the Aadhaar Act, and commencing the surveillance arguments against the Aadhaar system.

On the retrospective validation of Aadhaar

The first argument of the day completed the discussion on the provisions of the Aadhaar Act, 2016, looking at the retrospective validation of the acts of the Central Government before the Act, under Section 59 of the Act. It must be remembered that the Aadhaar system had been launched in 2009, and then given a legal basis through the Act in 2016.

 Aadhaar hearing Day 4: Challenges to the Aadhaar Act and its surveillance implications raised before SC

Representational image

The Puttaswamy judgment, in fact, had laid emphasis on the need for a legal basis for a right to privacy to be invaded legally. In the absence of such a basis in the case of Aadhaar, the Supreme Court noted that the legal basis created in retrospect by the Aadhaar Act was a ‘legal fiction’. This refers to an assumption made for the convenience of law, or for the sake of justice.

The fact that the legal basis of the Aadhaar system prior to 2016 is an assumption, will have a significant impact, as observed by the Court, on any data breaches prior to 2016. A key issue is of consent, and as argued by the petitioners, a factor like informed consent cannot be assumed in retrospect. This will thus have an equal impact on the consent purported to be taken for Aadhaar. A fundamental right like the right to privacy, moreover, similarly cannot be violated, and then validated via an assumption in retrospect.

Five main challenges to the Aadhaar Act

Thereafter, the five main heads of challenges to the Aadhaar Act were presented:
• The first and foremost is surveillance.
• The second is the violation of privacy, due to the lack of law authorizing a privacy invasion prior to 2016, and even after 2016, due to the electronic footprint which is created and reported to the State as a result of Aadhaar.
• The third is the destruction of the constitutional notion of limited government. The Aadhaar system allows the State to dominate an individual by laying down an architecture that enables profiling, and also retains the power to cause the civil death of a person simply by invalidating their Aadhaar number.
• The fourth issue is that Aadhaar is not a money bill.
• The last is that the procedure under the Aadhaar Act violates Articles 14 and 21.

Surveillance and real-time tracking

Arguments on the surveillance implications of Aadhaar were commenced, with attention first being drawn to the possibility of tracking and profiling through the Aadhaar system. For instance, each device has a unique ID, and when used with Aadhaar, the Aadhaar system also assigns a special ID for that device. Together, the electronic footprint created can reveal, for example, the real-time location of the device, as well as the broad nature of the transaction being conducted.

Difference between real-time tracking by the State and Google

A key question raised by the Bench is that if Aadhaar allows real-time tracking, people allow entities like Google to track them the same way and what then is the difference between the two. To this, attention was drawn to the fact that firstly, Google was an optional service, bringing up the issue of consent. Secondly and more importantly, people’s rights are more severely affected by surveillance from the state, as opposed to a private entity like Google.

Surveillance and avoiding a ‘police raj’

Surveillance is a particularly important point, not only from the privacy perspective, but also because the Constitution of India does not permit a Surveillance State. Several judgments on the right to privacy that were upheld in the Puttaswamy judgment, reiterate this point, which statements such as ‘our founding fathers were opposed to a police raj’, and observing the psychological impact of surveillance on people. These cases, along with international cases were also brought to the Court’s notice.

UIDAI’s was told of easy replication of fingerprints?

Another interesting point that came up during the technical discussions of the surveillance possibilities were the affidavits presented in Court of two technical experts, who stated that the ease with which fingerprints can be replicated had been demonstrated to the UIDAI. If true, then clearly, the UIDAI is conscious of the fallibility of biometric data as passwords.

These affidavits also state that the UIDAI infrastructure can enable both real and non-real time tracking of users, and also point to how fingerprint machines can easily be tampered with to capture biometric data prior to encryption, using scammers. It is not clear if these facts were demonstrated as well to the UIDAI or not.

Does the govt have control over the CIDR’s code?

A last point raised by the Bench, is on the ownership of the CIDR’s code. This issue is crucial to ensure that the UIDAI and the government have full control over the CIDR and the data in it. The argument of the petitioners is that the code is proprietary and not with the government or the UIDAI. However, as noted by the petitioners, for national security reasons, information on the CIDR is not in the public domain, making the issues of the extent of the government’s control over it unclear.

Legally, the CIDR has been declared to be a protected system, which also means that the copyright in it vests with the government, as per the judgment of the Kerala High Court in B.N. Firos vs State of Kerala. The issue then is whether, despite legally having ownership over the code behind the CIDR, does the UIDAI have the code in its possession and under its control. Some clarity on this issue may be obtained when the State presents its arguments.

For now, the arguments of the petitioners against Aadhaar will continue on the 30th of January.

Sources of the Arguments: Live Tweeting of the case from the Twitter handles @SFLCin, @prasanna_s and @gautambhatia88

The author is lawyer and author specializing in technology laws. She is also a certified information privacy professional.

Find latest and upcoming tech gadgets online on Tech2 Gadgets. Get technology news, gadgets reviews & ratings. Popular gadgets including laptop, tablet and mobile specifications, features, prices, comparison.