Aadhaar unacceptably intrusive

Gopal Krishna

AHEAD of the hearing in the Supreme Court today (October 30) amidst the push for biometric gnawing concerns about privacy, the issue of Aadhaar's realistic chances of survival and its acceptance as fait accompli after the imminent verdict in Aadhaar case has assumed huge significance in our national life. If one draws on Justice DY Chandrachud's 266-page order as part of the 547-page right to privacy verdict of the nine-judge Bench in the case related to 12-digit biometric Unique Identification (UID)/Aadhaar numbers being fed into Central Identities Data Repository (CIDR), it emerges that a right to privacy bill is pending. 

But so far, no agency, including the judiciary, has bothered to ensure that it gets enacted as law.  The order, authored by Justice Chandrachud with approval from Justice Jagdish Singh Khehar and Justices RK Agrawal and S Abdul Nazeer, appears to be the weakest because it puts all its faith in the proposal of a “draft data protection bill” committee. Justice Chandrachud concludes his order, saying, "Since the Union government has informed the Court that it has constituted a Committee chaired by Hon'ble Shri Justice BN Srikrishna, former Judge of this Court, for that purpose, the matter shall be dealt with  appropriately by the Union government having due regard to what has been set out in this judgment." 

The proceedings on record make it clear that the office memorandum dated July 31, 2017 was issued under the signature of Group Coordinator, Cyber Law and Unique Identification Authority of India (UIDAI), Ministry of Electronics and Information Technology (MeitY) ahead of the court's verdict as part of the government's argument underlining that right to privacy is not a fundamental right.

The order of Justice Dr Chandrachud takes cognisance of the fact that it was only during the course of the hearing of the case that the central government brought to light an office memorandum by which it constituted a committee to "suggest a draft data protection bill." He observes, "We expect that the Union government shall follow up on its decision by taking all necessary and proper steps."

He makes this observation despite recording that "the Privacy Bill, 2011 to provide for the right to privacy to citizens of India and to regulate the collection, maintenance and dissemination of their personal information and for penalisation for violation of such rights and matters connected therewith, is pending." He did not take the government to task for failing to enact the right to privacy law before enacting the Aadhaar Act and implementing the UID/Aadhaar scheme. 

The proposal of "draft data protection bill" is part of grossly procedural, formalistic and insincere manoeuvres of the government. The proposal of "draft data protection bill" at this stage is akin to putting the cart before the horse. It is akin to putting a Trojan horse of the Battle of Troy mentioned in Homer's epic Odyssey before the Court. Homer alludes thrice to the Trojan horse even in Iliad towards the end. The court's order missed the opportunity of looking at the composition of the "draft data protection bill" committee, which has given birth to gnawing misgivings. Trojan horses appear harmless, but are, in fact, malicious and deeply destructive.  

The ToR of this committee pertains to "study of various issues relating to data protection in India" and to make specific suggestions for consideration of the Central Government on principles to be considered for data protection in India and suggest a draft data protection bill" after personal sensitive data of the residents of India has contractually been handed over to foreign transnational companies such as Accenture, Mongo DB, Safran Group and Ernst & Young for up to seven years only as per information gained through the RTI.  

It is significant that such revelations have found mention in the verdict of the Court as part of Justice SK Kaul's order saying, "Edward Snowden shocked the world with his disclosures about global surveillance." It is equally significant that the Parliamentary Standing Committee on Information Technology asked about the surveillance by the National Security Agency (NSA) of the US in its Twenty-seventh Report. 

It is apparent that the government is attempting to change the goalpost now by talking about the proposal of the "draft data protection bill" to ignore the existing right to privacy bill. 

It is noteworthy that government has admitted before the Parliamentary Standing Committee on Finance that examined the issue of UID/Aadhaar numbers observed, "there is no law at present on privacy, and data protection". The government told the committee that "Collection of information without a privacy law in place does not violate the right to privacy of the individual." The committee recommended that legislation on UID/Aadhaar would be appropriate "only after passing the legislation on privacy, and data protection so as to ensure that there is no conflict between these laws." 

For how long can a government hide behind Trojan horses? In the light of the findings of the LSE and our parliamentary reports which are quite valid for the UID/Aadhaar project, its realistic chances of survival post the Justice Puttaswamy verdict after November 2017 is quite remote.

The writer is convener, Citizens Forum for Civil Liberties. He had appeared before the Parliamentary Standing Committee on Finance that examined the UID Bill