Aadhaar logo

What has been changed in the Aadhaar Amendment Bill?

On Wednesday, 02 January 2019, we got our first look at The Aadhaar and Other Laws (Amendment) Bill, 2018. On Friday, 04 January 2019, this Bill was passed by the Lok Sabha. We compared this Bill with the existing provisions under The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 and the Supreme Court’s judgment in Justice K.S. Puttaswamy (Retd.) & Anr. vs Union of India & Ors. [W.P. (C) 494/2012], better known as the Aadhaar case.

The word ‘Regulation’ below refers to the Aadhaar (Authentication) Regulation, 2016.

 

Issue

Supreme Court’s Observations in 

Law before SC’s Judgment

Change proposed in the Amendment

Our Comments

Alternate means of establishing identity

To avoid exclusion of deserving beneficiaries, the Court recommended that suitable provisions be made in concerned regulations for establishing identity by alternate means.

Section 2(a) “Aadhaar number” means an identification number issued to an individual under sub-section (3) of section 3;”

 

The proviso to Section 7 reads as “Provided that if an Aadhaar number is not assigned to an individual, the individual shall be offered alternate and viable means of identification for delivery of the subsidy, benefit or service.”

Amendment to Section 2(a):

Alternative virtual identity included under definition of Aadhaar number.

 

Amendment to Section 3:

Virtual identity will be an alternative to actual Aadhar number.

“The Proviso to Section 7 has been interpreted in the past by the Executive to apply to only those people who have applied for an Aadhaar number but have not yet been assigned a number by UIDAI.

The changes to Sections 2(a) and Section 3 do not solve the issue of deserving beneficiaries being excluded. This is not an alternate means to establish identity. This method still requires the person whose identity needs to be established to be registered in the Aadhaar database. In order to comply with the Supreme Court’s judgment, other forms of ID must be made acceptable as an alternative to an Aadhaar number.”

Enrolment of children

1. Consent of parents/guardian is essential for enrolment of children under the Aadhaar Act.

2. Enrolled children shall be given the right to exit from Aadhar upon attaining the age of majority.

3. No Child shall be deprived of benefits if Aadhaar number is not produced. In this case verification on identity can be done on the basis of any other documents.

There was no such provision in the earlier law.

Section 3A inserted:

1. Consent of parent/ guardian of child for enrollment will be essential.

2. Application for cancellation of Aadhar number can be made by a child within a period of six months of attaining eighteen years of age.

3. No denial of subsidy or service to any child if Aadhar not produced.

Six month period for exiting the Aadhaar ecosystem is too short. In case where a person misses the six month limitation period there is no option to exit.

Authentication records

Regulation 26(c) of Aadhaar (Authentication) Regulation, 2016 has been struck down as it pertains to authentication transaction related to metadata.

Regulation 26 of 2016 Regulation requires that Authority shall store and maintain authentication transaction data, which shall inter alia contain information on meta-data related to transaction.

 

 

Residents and illegal immigrants

State directed to take suitable measures to ensure illegal immigrants do not avail benefits.

No such provision in the earlier law.

 

Action on this is awaited.

No change has been introduced by the Amendment.

Data retention

Data retention beyond six months is impermissible.

Regulation 27 of Aadhar (Authentication) Regulations, 2016 providing data retention for 5 years stuck down.

Regulation 27: Duration of storage:

(1) Authentication transaction data shall be retained by the Authority for a period of 6 months, and thereafter archived for a period of five years.

(2) Upon expiry of the period of five years specified in sub-regulation (1), the authentication transaction data shall be deleted except when such authentication transaction data are required to be maintained by a court or in connection with any pending dispute.

 

Updated regulation awaited.

Restriction on sharing of information

Presently, Aadhaar (Sharing of Information) Regulations, 2016 has no provision which impinges privacy rights of Aadhar card holders. (Section 29)

 

 

 

Disclosure of information

Read down Section 33(1):

A. Individual whose information is sought to be released to be given an opportunity of hearing.

B.Individual to be given the right to challenge disclosure of his/her information.

Sec 33(2) struck down with liberty to enact a suitable provision:

Determining if information disclosure is in the interest of national security will be done by-

a.Officer higher than rank of Joint Secretary

b.Application of judicial mind. (Judicial Officer/preferably sitting judge of High Court)

Section 33(1): Nothing contained in sub-section (2) or sub-section (5) of section 28 or sub-section (2) of section 29 shall apply in respect of any disclosure of information, including identity information or authentication records, made pursuant to an order of a court not inferior to that of a District Judge:

Provided that no order by the court under this sub-section shall be made without giving an opportunity of hearing to the Authority.

 

Section 33(2): Nothing contained in sub-section (2) or sub-section (5) of section 28 and clause (b) of sub-section (1), sub-section (2) or sub-section (3) of section 29 shall apply in respect of any disclosure of information, including identity information or authentication records, made in the interest of national security in pursuance of a direction of an officer not below the rank of Joint Secretary to the Government of India specially authorised in this behalf by an order of the Central Government:

Provided that every direction issued under this sub-section, shall be reviewed by an Oversight Committee consisting of the Cabinet Secretary and the Secretaries to the Government of India in the Department of Legal Affairs and the Department of Electronics and Information Technology, before it takes effect:

Provided further that any direction issued under this sub-section shall be valid for a period of three months from the date of its issue, which may be extended for a further period of three months after the review by the Oversight Committee.

Amendments made to Section 33:

A.Under Section 33(1)(b) provides opportunity of hearing to the Aadhar holder.

B. Under Section 33B an aggrieved individual can appeal to TDSAT within a period of 45 days from the date of receipt of order.

C. Officer not below the rank of a Secretary will determine whether disclosure is in national interest.

D. Section 33A provides for civil penalties in case of in case of failure to comply with provisions of the Act/rules/regulations and directions.

E. Under Section 33B an officer not below the rank of a Joint Secretary shall be the adjudicating officer for holding inquiry.

The court had directed that a higher official in association with application of judicial mind determine the grounds of disclosure under Section 33(2).The Amendment did take cognizance of the judgment and prescribed for officer not below the rank of Joint Secretary. However as directed by the Court, the amendment finds no mention of determination by a judicial authority/officer.

Despite being criticized by the Majority judgment in the Aadhaar matter, the amendment fails to address the issue with respect to concentration of powers that lie with the Executive and lack of accountability.

The proposed amendment inserted a new provision on civil penalties. Even this change does not prescribe for application of judicial mind for the purpose of adjudication in event of failure to comply with the provision of the Act.

Thus, the amendment is not in consonance with the Aadhaar judgment.

Cognizance of complaints

Modification of Section 47: Include provision for filing complaints by an individual/victims.

Section 47:

(1) No court shall take cognizance of any offence punishable under this Act, save on a complaint made by the Authority or any officer or person authorised by it.

(2) No court inferior to that of a Chief Metropolitan Magistrate or a Chief Judicial Magistrate shall try any offence punishable under this Act.

Proviso has been inserted in Section 47. It enables the court to take cognizance of a complaint made by the Aadhar holder.

Until now, the court could take cognizance of an offence on a complaint made by only the UIDAI or an officer or a person authorised by it. The proviso also empowers an aggrieved individual to file complaints.

Establishing identity of individual for any purpose

There are two aspects to the Court’s judgment on Section 57.

 

One part of the Section has been read down:

The provision is susceptible to misuse as it can be used to establish identity of an individual ‘for any purpose’.

A. The ‘purpose’ in this Section has been read down to mean a purpose backed by law.

B. Any law made on this would need to be subjected to judicial scrutiny.

 

Another part of Section 57 has been held to be unconstitutional:

The part of this Section enabling body corporate and individuals to seek authentication is unconstitutional as:

A. Establishing identity for a purpose pursuant to any contract is impermissible as it is not backed by law and therefore does not meet test of proportionality.

B. Authentication services based on contract between individual and body corporate or person would:

B1. Enable commercial exploitation of individual biometric and demographic information by private entities.

B2. Impinge on right to privacy of individual.

Section 57:

Nothing contained in this Act shall prevent the use of Aadhaar number for establishing the identity of an individual for any purpose, whether by the State or any body corporate or person, pursuant to any law, for the time being in force, or any contract to this effect:

Provided that the use of Aadhaar number under this section shall be subject to the procedure and obligations under section 8 and Chapter VI.

Section 57 has been omitted.

However, the Act now provides for voluntary use of Aadhaar number for authentication or offline verification.

To enable this, Section 4 (Properties of Aadhaar number) of the Act has been amended to allow verification of the Aadhaar number on voluntary basis with informed consent of the Aadhar number holder.

To facilitate this, the Amendment Bill seeks to amend Section 4 of Telegraph Act, 1885 and insert a new section 11A under PMLA.

The Bill removes section 57 from the Aadhaar Act. This omission is in compliance with the Aadhaar judgment.

However, the prescribed amendments to the PMLA Rules and Telegraph Act are contrary to the ratio of the majority judgement in Justice K.S. Puttaswamy (Retd.) v. Union of India & Ors. [W.P. (C) 494/2012].

In the Aadhaar judgment, J.Sikri in his majority judgment stated that apart from authorising the State, even ‘any body corporate or person’ is authorised to avail authentication services. This can be on the basis of purported agreement between an individual and such body corporate or person. Even if we presume that the legislature did not intend so, the impact of the aforesaid features would be to enable commercial exploitation of individual biometric and demographic information by the private entities.

The part of Section 57 that allowed for people to voluntarily provide their Aadhaar number to body corporates and individuals, especially on the basis of a contract between the person providing the Aadhaar number and the person acquiring / authenticating the Aadhaar number, has been held to be unconstitutional by the Supreme Court of India. The amendment to Section 4 of the Act would re-implement a clause that has already been ruled to be unconstitutional. This would raise the likelihood of fresh litigation on an aspect of law that has already been settled.

 

 

Related Posts