Aadhaar

Final hearing of Aadhaar in Supreme Court – Day 2

Jan: Day 1 (17/1/18) This post is essentially a compilation of tweets from Gautam Bhatia, Prasanna and SFLC to understand how the...

· 8 min read >

This post is essentially a compilation of tweets from Gautam Bhatia, Prasanna and SFLC to understand how the Aadhaar hearing happened in the Supreme court.


Day 2:

Shyam Divan, Senior Advocate and counsel for petitioners arguing.

  • Bench assembles.
  • P.Chidambaram and Kapil Sibal among senior counsel on the side for petitioners. K Sibal mentions his petition for West Bengal challenging Aadhaar. That petition is ordered to be heard along with this.
  • Shyam Divan resumes submissions. Clarifies a bit on the deterministic v probabalistic distinction he made yesterday with a couple of HD images. Shows the Court diagrams showing the distinction between deterministic and probabilistic methods of identification.
    • The diagrams show the moments of enrollment and the moments of authentication.
    • Says that the machine used at the time of authentication is of a lower quality.
    • At the time of authentication, the data captured is not of the same resolution as that at the time of enrolment.
  • Justice Chandrachud says that for a manual labourers, it might even be unreadable. That is also the case with ageing.
  • Shyam Divan says “absolutely.”
    • Says that he will finish the technical presentation ( integrity of the process of UIDAI), take the Court through the 9-judge bench privacy judgment, and then the specific provisions of the Aadhaar Act.
    • Says that there are three problems:
      • the integrity of the process,
      • the integrity of the information, and
      • a pervasive violation of fundamental rights.
    • Says that he will address three issues pertaining to fundamental rights: privacy, autonomy, and compelled speech.
    • Shows the Court the Aadhaar enrolment form (as it existed earlier). Says that there is nothing in the form that discloses that it is voluntary. Secondly, just as with the resolution constituting UIDAI, there is no mention of biometrics. Thirdly, there is no declaration or verification. All this speaks to the lack of integrity of the process. There is nothing in the form that shows the basis on which its information has been gathered. There’s no signature. There is no manner of counseling. This raises the question: is there informed consent?
    • Yesterday, Justice Chandrachud asked whether we have objections if the information is used only for specific purposes. The point is that this project is, by design, a general purpose vehicle.
    • In a welfare state, can the State roll back rights and announce a barter system: that you only have rights if you give your fingerprints and subject to being tracked for the rest of your life.
  • Justice Chandrachud asks whether there is an opt-out.
  • Shaym Divan says that we have an affidavit from a person who had to get an Aadhaar while getting married, and was told by the operator that he could not opt out. Forced to give consent for sharing of data across the board because of how the software is programmed.
    • How can the State compel me to part with any of this information to another private person?
    • It’s one thing to say that the State sets up an administrative scheme and asks for information. But where is the question of compelling me to give it to another private person? The scheme is by design defective.
  • Justice Chandrachud asks whether it would make a difference if the private party is an agency of the State.
  • Shyam Divan says that there is no question of trustee or fiduciary delegating such a core sovereign function to any private agency. He points out the absurdity of state compelling citizens to give all personal sensitive data to random players.
    • Part B of the form requires disclosure of mobile numbers and bank account numbers.
    • Refers to a sting operation in Delhi NCR where a television channel (Mail Today) went to three enrollment agencies, and each agency quoted a figure for revealing demographic information of the people who had enrolled with them.
    • Everything about this process from beginning to end is unconstitutional.
    • Reads the next version of the form.Specifically refers to the “no objection (no objection for UIDAI to share data further)” fields. Reads the absurd clause titled “Consent” but actually just a declaration by the enrollee that the information he has furnished is correct. “There is no counseling even at this stage.”
    • Points out that Union has not come out with the answer as to how many said No for further sharing of information.
    • There is a complete lack of integrity. UIDAI has no contractual relationship with the enrolment entity.
    • Discusses the verification procedures in the pre-Act from, including the introducer requirement.
    • The first use of the word biometrics comes in at the end.
    • Points to the forms of ID required to enroll. Citizen asked to give documents like bank statements and passbook copies to private parties. (This discussion is about the enrollment form that existed before the Aadhaar Act came into force)
    • At the time of verification, photocopies of these documents are retained.
  • Justice Chandrachud says that you are always giving private information to private players, such as giving address proof etc to other private entities for insurance, credit card company etc.
  • Shyam Divan says that there is no problem per se with an individual parting private information. The point is here that you are being asked to part with information to someone you do not know and have no contractual relation with.
    • The point is that the private party is so much outside the control of the UIDAI that they can use it for their own commercial purposes. The problem is the process is compromised – that is what distinguishes it for example the Census Act.
  • Justice Chandrachud asks “what were the nature of safeguards to ensure that the information was not purloined?” Gives the example of Dhoni where his card details have been leaked.
  • Shyam Divan now comes to the State of Kerala’s “KYR+” form (Know Your Resident Plus)
    • Says that information in the KYR+ form, meant to be in different silos, can be aggregated, which builds a complete picture of an individual.
  • Justice Chandrachud asks a question about differential enrollment rates and access to public services in the North-East. Brings up the lack of coverage of Aadhaar in states like Meghalaya based on Economic Survey.
  • Shyam Divan says that they are exempted at the moment and shares his concerns.
    • Takes the Court through the affidavit of Nachiket Udupa and Ankita Anand, who was required to enroll in Aadhaar to get married.
    • The affidavit says that the software refused to enroll them unless they stated that they were consenting.
    • Affidavit details how the then SC orders were violated with impunity by state authorities such as the SDM and the ADM.
    • The affidavit says UIDAI should allow cancellation of enrollment for those who want to opt out.
    • Now comes to the statutory (post Act) form. “This form says that enrolling in Aadhaar is free and voluntary.”
    • Says that this becomes completely academic if you’re going to have to have it for the purposes of a bank account, PAN Card, government scholarships.
    • Moves to explain the role of Registrars. But before that wants to make points about the introducer system. The introducer system was used when there was no other form of identity. An RTI reply dated 28.4.2015 revealed that the number of Aadhaar cards generated through the introducer system is 2 lakhs 19 thousand. This is 0.03%. So a very small percentage of people did not already have a pre-existing ID.
    • Returns to the issue of enrolling agencies. “Sagar Foods” is an example of an enrolling agency.”Chirag Constructions.”
  • Bench rises for lunch.
  • Post lunch break, Justice Sikri tells Shyam Divan that they don’t need to go through the list of private enrollers and they get the point.
  • Shyam Divan says that the point about the integrity of the process is substantiated by a Rajya Sabha statement that in six years, 34000 operators were blacklisted.
    • “These operators tried to pollute the system or make fake Aadhaar cards.” Says that this was 10th April. The updated figure from 12th September, carried in the ToI and ET, is 49000.
    • Moves on to the issue of Registrars. Invites attention to The Registrar handbook 2013. Says that the Registrars have been empowered to collect demographic and biometric data, as well as KYR+ information. (This discussion is still in the context of the pre-statutory regime, based on a UIDAI document)
    • Says that according to the UIDAI document, registrars are empowered to retain the data, subject to fiduciary responsibilities. Also cites how UIDAI is taking a contrary statement on affidavit and in public statements of late that no biometrics are ever retained.
    • Takes the Court through the UIDAI FAQs to explain the position of registrars.
    • Explains the concept of a “verifier”: “The verifier is supposed to be appointed by the registrars and verify enrollment documents. It is recommended to use government officials for this.”
    • Services of an outsourced vendor can also be used. The list of verified may be notified.
    • This model obviously didn’t work, given that 49000 enrollment centers have been blacklisted.
    • Explains the terms enrolment agency, operator, supervisor.
      • Explains the concept of an “introducer”, and who can be an introducer.
      • Enrolment Agencies are hired by the Registrars.
      • The person interacting with the resident is the “Operator.” An operator is employed by the enrolment agencies to carry out enrolment. He must be 18 years and above, +2 pass, and comfortable with computers. A supervisor is employed to manage the enrolment agencies. 18+, preferably a graduate, preferable to have prior experience working at an Aadhaar enrolment centre.
    • Takes the Court through an MOU between the UIDAI and the Delhi Govt, from 2010, for implementation of the UIDAI programme.
    • Under this MoU, it says that UIDAI has the mandate to issue identification based on demographic and biometric information. The word “biometric” is seen for the first time in these MoUs.
    • “The UIDAI will be conducting proof of concept and pilot programmes.” “UIDAI shall develop prescribed standards for the biometric fields.”
  • Justice Chandrachud asks whether registrars can only be government agencies.
  • Shyam Divan says that there is no such limitation – registrars can be private bodies as well- includes govts but also other entities such as PSUs Banks Private Companies etc.
    • Points to Article 299 of the Constitution.
    • There was absolutely no legal framework to support the UIDAI. MoUs are no enforceable mechanism and not even an enforceable contract between competent parties. The MoUs are not even contracts in the eye of Article 299.
    • No protection to citizen at all where absolutely no legal framework governs. No law. The notification does not even mention biometrics. All data is sucked up from the entire citizenry with absolutely no legal sanction or protection.
    • This is the palpable lack of integrity in this project for all these years. This denuded the rule of law and erodes governance. That is why you now have a situation where 34000 operators have been blacklisted.
  • Justice Khanwilker says that Section 59 of Aadhaar Act retrospectively validates all this.
  • Shyam Divan says that you cannot have a retrospective validation of the violation of fundamental rights, and he will address that point in detail later which is under challenge in this case.
    • Takes the Court through a MoU between Allahabad Bank and UIDAI.
  • Justice Chandrachud asks how the registrars were paid.
  • Shyam Divan says that he will make a note on the fund flow and submit it to the court.
    • Reads the latest statement on the per-enrolment fee that agencies are paid. Explains to the court how the iris scan system was bypassed through a patch, in Uttar Pradesh, and how fingerprints were masked.
    • Takes the Court through some diagrams on how authentications happen through multiple transactions throughout the day. Takes the Court through diagrams on how authentications happen through multiple transactions throughout an individual’s life. (enables round the clock surveillance; cradle to grave ubiquity of Aadhaar)
    • Takes the Court through diagrams on the issue of convergence – the linking of various databases to UID and what such homogenised access would entail.
    • Begins with the privacy judgment.
    • Reads the beginning of the 9 judge privacy judgment (paragraph 2), which lays out the background of how the privacy case came about. Reads out paragraph 23 of Justice Chandrachud’s judgment, which explains the scope of the “right to personal liberty.”
    • The procedure for deprivation of these rights must be “just, fair, and reasonable.”
    • Reads para 35, which discussed the classic 1899 article on privacy by Warren and Brandeis. The article discussed how, in the modern world, the scope of infringement of privacy was consistently magnified.
    • Explains how the right to privacy judgment grounds privacy in ideas of dignity, autonomy, and identify, which pervades the entire Constitution.
    • Explains how the privacy judgment made the preamble to the Indian Constitution central to the concept of fundamental rights.
    • Points to the part of the privacy judgment that says that it is only through the realisation of individual liberties and freedoms that the public welfare is sustained.
    • One of our contentions is that in a digitised world, the government has to be an ally of citizens, not its adversary. The State must ensure that privacy interests are protected against, say, corporations.
    • Points to the part of the privacy judgment that articulates the right to personal autonomy, and says that decisions affecting an individual’s life are best left to the individual.
    • “A constitutional democracy survives when citizens have confidence that the rule of law will prevail.” (from the privacy judgment)
    • refers to the part of the privacy judgment that referred to the American SC case of US v Jones, which dealt with putting a GPS system on a car.
    • Points to Justice Sotomayor’s concurring opinion in US v Jones, which observed how you no longer need physical interference to violate privacy. Information about a person’s transactions is enough to give a complete profile about an individual’s life.
    • Points to the privacy judgment’s articulation of the right to informational self-determination and informational privacy.
    • He refers to Helen Nissenbaum’s work, a sample of which you can read here.
    • Points to the part of the privacy judgment that located fundamental rights in the transformation from colonial rule to a Democratic Republic.
    • Points to the part of the privacy judgment that talks about how civil/political rights and socio-economic rights are complementary, and not at odds.
    • Points to the part of the privacy judgment that emphasizes that privacy is not just a privilege of the elite.
    • Points to the part of the privacy judgment that stresses the importance of judicial review in order to protect individual right.
  • Chief Justice asks Shyam Divan to read the paragraph on privacy and the age of information (306). This paragraph deals with issues of data mining and data profiling, especially of metadata.
  • Bench rises. Day 2 over.

Aadhaar – The Conclusion

in Aadhaar
  ·   7 min read

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.