Insurance Sector: The Latest In The Function Creep Of Aadhaar
While developing an identification system of the magnitude of Aadhaar, security concerns relating to the data of 1.2 billion citizens ought to be addressed.
Justice Chandrachud had pointed this out in his dissenting judgment in the 2018 Aadhaar case. In saying so, he had struck down the section which allowed for commercial exploitation of Aadhaar by private entities.
But this was the minority opinion. The majority one was less clear, or so it seems considering the government and Aadhaar activists have opposite views on it.
To recap, the apex court had partly struck down Section 57 which permitted the use of Aadhaar number for establishing identity for any purpose, by any corporate or person, pursuant to any law or contract. In doing, the majority opinion said:
- The section is susceptible to misuse because it can be used for establishing the identity of an individual “for any purpose”. This purpose has to be backed by law which is absent today. And if such a law is made, it would be subject to judicial scrutiny.
- To the extent the section permitted commercial exploitation by private entities on the basis on a contract with individuals, it is unconstitutional.
At the time, several Aadhaar activists had interpreted this to mean that since the court struck down commercial exploitation of Aadhaar by private entities as unconstitutional, a law to that effect could not be made. But the government didn’t agree with this interpretation.
In July last year, the parliament approved certain amendments, proposed by the government to the Prevention of Money Laundering Act and the Telegraph Act, that made way for voluntary use of Aadhaar by private entities.
The Aadhaar and Other Laws (Amendment) Act, 2019, allowed the UIDAI to notify private entities, compliant with privacy standards, that could use the Aadhaar number to establish the identify of an individual. Necessary amendments were made to allow banking and financial institutions to verify client identity using Aadhaar authentication.
Soon after, these amendments were challenged on grounds that they created a backdoor for private entities to access the Aadhaar ecosystem. Pointing to the apex court’s majority opinion, the petitioners said:
The first red line is that no private entity or corporation can use Aadhaar authentication for any purpose, irrespective of whether such use is voluntary. A second red line with regard to privacy rights of individuals is that Aadhaar cannot form a basis for commercial exploitation. A third red line is that Aadhaar may be used only for limited designated purposes backed by statute and that too only by the State.Petition Challenging 2019 Amendments
Even as this challenge is pending before the Supreme Court, the government has permitted 24 insurers, including private ones, to use Aadhaar for identifying individuals.
The worry obviously is that even though the amendment allows for voluntary use of Aadhaar for e-KYC purposes, but recent history of its usage shows that it has never been voluntary in the sense of consent being truly informed and free, advocate Prasanna S, who is involved in the challenge before the apex court, told BloombergQuint.
“This is why the Supreme Court struck down even nominally ‘voluntary’ use of Aadhaar by private entities under the now repealed Section 57 of the Aadhaar Act,” he said.
In the 2019 amendments, an enabling avenue was created so that reporting entities other than banking companies can be considered and allowed Aadhaar authentication under the Aadhaar Act, Supratim Chakraborty, data privacy partner at Khaitan & Co., pointed out.
On ground, we’ve seen a pseudo-push from private entities such that people are driven to a situation where they agree to an Aadhaar-based KYC. The present situation can be attributed to lack of clarity in the 2018 judgment on certain aspects such as the use of Aadhaar by private entities, which is leading each side to take an interpretation that suits their narrative.Supratim Chakraborty, Partner, Khaitan & Co.
As voiced in their petition, activists challenging the 2019 amendments believe that the Aadhaar database is a Trojan horse i.e. it lacks integrity since the underlying data basis which Aadhaar numbers are issued isn’t verified at the time of enrollment. And that permitting it to be linked to existing databases maintained under the PMLA and Telegraph Act will compromise their integrity as well.