Aadhaar hearing: Senior counsel calls surveillance possibilities as mere rhetoric, says fingerprint data is only relevant for palmistry

Senior counsel Rakesh Dwivedi commenced his arguments, arguing that the surveillance possibilities discussed by the petitioners were ridiculous and mere rhetoric.

Editor's Note: This copy was published on 13 April, 2018. It is being republished in light of the Supreme Court's verdict on the constitutionality of Aadhaar likely being pronounced tomorrow.

On Day 28 of the Aadhaar hearing, Additional Solicitor General Tushar Mehta concluded his arguments on the Aadhaar-PAN and the Aadhaar-Bank account linkages. The Bench also questioned the counsels extensively on the justification of these linkages, noting that the freezing of accounts thereby was a deprivation of the constitutional right to property.

Aadhaar hearing: Senior counsel calls surveillance possibilities as mere rhetoric, says fingerprint data is only relevant for palmistry

Representational image. Reuters

Senior counsel Rakesh Dwivedi then commenced his arguments, arguing that the surveillance possibilities discussed by the petitioners were ridiculous and mere rhetoric. The purpose of Aadhaar, he argued, was authentication alone.

Aadhaar as a compulsory document for bank accounts

First, the Additional Solicitor General continued his arguments, that the amendments to the Prevention of Money Laundering (Maintenance of Records) Rules (PML), on Aadhaar-bank account linkage were for the benefit of the public. These rules, he stated were neither ultra vires the Aadhaar Act nor the RBI Rules.

The Bench, here, first observed that the challenge to the PMLA Rules was proportionality and on why there was a need to make Aadhaar compulsory when the RBI KYC Master Directions recognised six forms of Officially Valid Documents. To this, it was argued that the purpose was to prevent impersonation. Aadhaar, further, is one of the most robust IDs which cannot be faked, unlike others which are not based on biometrics.

On rendering bank accounts non-operational

The Bench, here, asked the Additional Solicitor General to specifically address Arvind Datar’s arguments for the petitioners, that the PMLA Rules are ultra vires the PML Act, and that no provision of the PMLA allowed validly opened bank accounts to be rendered non-operational. Further, the rationale behind linking with insurance as well as mutual funds was questioned.

To this, it was argued that the freezing of accounts in this manner was not permanent. The Bench, here, further observed that such freezing of accounts could amount to a violation of Article 300A of the Constitution, or the constitutional right to property. To this, it was argued that the freezing would only amount to a reasonable restriction on this right.

Is freezing of accounts a valid, penal consequence?

The Bench, further questioned if the penal consequence of freezing accounts was authorised by the PML Act. The Act, they said, only discussed the verification of bank accounts. To this, it was argued first that this was not a penalty but a mere consequence. Secondly, the rules were part of the Act.

The Bench, however, did not agree with this, observing that the prescription of penalties via rule-making powers had not been sanctioned by the Aadhaar Act. Further, freezing of accounts did amount to a penalty, since it amounted to a deprivation of property under Article 300A. The Bench further stated that their question was on whether the freezing of accounts was authorised under the law, or was it a case of judicial overreach.

Can penal consequences be prescribed via rule-making power

The Bench directed the Additional Solicitor General to show how rules may prescribe such drastic consequences when the Act did not allow it. The Additional Solicitor General cited judgments that rules once issued are effectively part of the Act. The Bench, however, observed that this cannot apply to rules made outside of rule-making power.

Senior counsel Rakesh Dwivedi, arguing for the State, intervened here, arguing that Aadhaar was a just a condition for opening and continuing a bank account, to meet the need to re-verify bank accounts. The Bench here, again questioned how a validly opened bank account could be frozen under the PMLA.

The Additional Solicitor General then summed up his arguments, discussing the threat from terror financing and also of cross-border offences. He argued that the purpose behind the PMLA Rules is threefold: zero tolerance to money laundering, curbing black money and reaching beneficiaries.

The Bench stated that the poor had an equal right to privacy. Reuters.

The Bench stated that the poor had an equal right to privacy. Reuters.

Petitioners are using rhetoric to rubbish Aadhaar

Senior counsel Rakesh Dwivedi then commenced his arguments for the State, arguing that he never felt that he was under surveillance while using Aadhaar, and further, that Aadhaar was voluntary. He argued that it was ridiculous to consider that the government would surveil people like a farmer and that the government had ample means of conducting surveillance if it needed to, without the need for Aadhaar. The petitioners, he argued, were using rhetoric to rubbish Aadhaar.

Technology as an enabler of mass surveillance

The Bench, here, observed that technology was a very powerful enabler of mass surveillance, with even elections being swayed using it. To this, it was argued that the technology in use by Facebook and Google could not be compared to that in use by the UIDAI. For instance, there were no learning algorithms in use by the UIDAI.

The Bench, to this, observed that the Aadhaar Act does not preclude the UIDAI from acquiring that kind of technology, to which Dwivedi responded that this would amount to an offence under Section 33 of the Aadhaar Act.

Authentication metadata reveals very little

Further, he argued that the only purpose behind Aadhaar was authentication, and there was no authorisation under the Aadhaar Act to analyse the data. The Bench questioned the collection of metadata, to which it was argued that the metadata collected was limited to that related to authentication, i.e., of the authentication request, the result, and the time of the authentication. The Bench, here, observed that even this data could reveal a lot about a person.

To this, it was argued that this was not possible unless such data is sought in collusion with the CBI, which is far-fetched. For a specific authentication, it was argued that the authentication request would reveal the place where the request arose from (such as Apollo Hospitals), but not specific location (such as which Apollo hospital).

The Bench here observed that the requesting entity itself may store data, and that surveillance need not be interpreted in the traditional sense only. The prevalence of commercial surveillance, and also the absence of a data protection law to protect the data was also pointed to.

Most people are not concerned with privacy

Dwivedi further argued that individual information is of no value. Further, most people were unconcerned about privacy. The Bench, here stated that the issue was not of whether 1.9 billion people are concerned with privacy. Regarding the information being available, he further argued that fingerprints were only of interest to palmists and for palmistry. To this, the Bench observed that the question was not of fingerprints per se, such as their use for a limited purpose. The issue, instead, was of storing them in a central database, followed by their use for authentication.

To this, it was argued that biometrics are encrypted, and the data is not shared with anyone. It was argued that it was understandable if the people had a problem with the implementation and enforcement of the Aadhaar Act, but there is no issue with the law itself and the technology.

Sharing of data under Aadhaar Act

A discussion then ensued on Section 29 of the Aadhaar Act, which permits the sharing of data. The Bench here observed that Section 29(3)(b) of the Aadhaar Act allowed the sharing of data with requesting entities to third parties. Further, Section 29 read with 57 allowed the information to be shared with third parties even under contracts.

To this, it was argued that this section should be read in context with Section 29(1), which completely bars the sharing of biometric data. The Bench, here, observed that the issue was not only about Section 7 or the UIDAI but goes far beyond that. Further, Section 29(3) uses the word ‘identity information’, which indicates that biometric data can also be transferred. To this, it was suggested that the Court read this provision down to prevent the sharing of biometric data.

The arguments will continue on 17 April.

Sources of arguments include live-tweeting of the case by SFLC.in, Prasanna S, and  Gautam Bhatia.

You can read out coverage of the Aadhaar Supreme Court case below.

Why SC needs to look into technical evidence of Aadhaar’s surveillance capabilities

Will State give citizens rights only if they agree to be tracked forever, asks lawyer Shyam Divan

Coalition for Aadhaar: A collective of private companies wants to ensure that Aadhaar ID and related services continue to be offered

Petitioners argue on centralisation of data and challenge Aadhaar’s claims on savings

Petitioners argue for a voluntary ID card system that does not collect user data

Petitioners argue that receipt of govt benefits cannot be at the cost of compromising fundamental rights

Aadhaar is architecturally unconstitutional, argue the petitioners

Petitioners argue that Aadhaar violates dignity by objectifying and depersonalizing an individual

Petitioners seek compensation for starvation deaths and extension of March 31st deadline

Section 7 exception in Supreme Court’s interim order greatly affects people’s constitutional rights

Entire Aadhaar project is beyond the stated objectives of Aadhaar Act, argue petitioners

Petitioners conclude their arguments on 'the number of the beast' Aadhaar, highlighting various issues

Aadhaar hearing: Political liberties cannot be foregone for economic and social justice, states the Bench

Aadhaar hearing: UIDAI’s presentation discusses Aadhaar enrolment, updation and authentication processes in detail

Aadhaar hearing: Supreme Court expresses concerns with data breaches, Aadhaar security and profiling

Aadhaar hearing: Petitioners question UIDAI on verification of residency requirement, de-duplication rejections and authentication failures

Aadhaar hearing: Attorney General argues that pervasive collection of fingerprints meets proportionality requirements

Aadhaar hearing: Bench criticises the argument that Aadhaar can prevent bank frauds and terrorists from acquiring mobile numbers

Aadhaar hearing: Additional Solicitor General argues Aadhaar-PAN linkage enables deduplication, prevents fraud and widens the tax base

Aadhaar hearing: Not necessary to prove least possible invasion of privacy, argues Additional Solicitor General

The author is a lawyer and author specialising in technology laws. She is also a certified information privacy professional.


also see