In this post, we shall discuss how integration
of multiple databases through the Aadhaar number severely compromises privacy - by making it possible to profile and surveil the activities of a person.
In 2009, the Aadhaar project commenced
after the Union Government set-up the Unique Identification Authority of India
(UIDAI) through an executive notification. Under the Aadhaar project, a
resident is required to submit his name, date of birth and place of residence,
along with his biometric information – which includes fingerprints and iris
scans. The individual would then obtain a twelve-digit unique identity number,
which could be printed as an Aadhaar card, and used for establishing one’s
identity while availing government services and welfare schemes.
After enrolling for Aadhaar an receiving
their unique identity number, an individual could ‘authenticate’ his Aadhaar
details to establish his identity for availing welfare schemes and services.
While Aadhaar was initially intended to be voluntary mechanism for establishing
one’s identity, attempts were made to make enrolling for Aadhaar a mandatory
precondition to avail certain subsides and benefits. These attempts were shot
down by the Supreme Court in 2013. Subsequently, the Aadhaar Act, 2016 was enacted, and the Union Government created a statutory
framework that authorized the collection of identity and biometric information.
The passing of the Aadhaar Act, 2016
Under Section 7 of the Aadhaar Act,
Aadhaar-based authentication can be used to establish the identity of an
individual, while receiving ‘subsidies, benefits and services, whose
expenditure is incurred from the Consolidated Fund of India. Section 2(c) of
the Act defines the term ‘authentication’ as the process by which the Aadhaar
number of an individual along with his/her biometric and demographic
information is submitted to the centralized Aadhaar database (known as the
Central Identities Data Repository) for verifying the individual’s identity.
The Preamble to the Act mentions that it’s
purpose is to ensure efficient and targeted delivery of subsidies, benefits and
services. The Union Government has accordingly contended that Aadhaar helps
eliminate identity fraud, and also eliminates fake and duplicate beneficiaries
of welfare schemes.
The expansion of the use of Aadhaar
After the coming into force of the Aadhaar
Act, having an Aadhaar number was made a mandatory condition precedent for
accessing a wide variety of welfare schemes, subsidies and services. The range
of schemes and services for which Aadhaar has been made mandatory include – the
bonded labour rehabilitation scheme, for persons rescued from manual scavenging
to avail rehabilitation schemes, midday-meal scheme, for availing MGNREGA
payments, for availing scholarships, appearing in entrance exams etc.
Hence, the scope and ambit of Aadhaar has
expanded manifold from what it was originally envisaged for – which was for
better targeting of government subsidies that were prone to leakage and
corruption. Usha Ramanathan has described this expansion of the use of Aadhaar
as a ‘function creep’ - a scenario where
technology that was created for a specific purpose is expanded beyond it’s
original objective.
The seeding of multiple databases through
the Aadhaar number, and its perils
The expansion of Aadhaar has resulted in a
situation where the Aadhaar number of an individual is being ‘seeded’ or linked
across multiple databases. This can be illustrated by referring to the
following illustration. When an individual who has been rescued from manual
scavenging seeks to take the benefit of rehabilitation schemes, he has to link
his Aadhaar number with the rehabilitation scheme database.
The same individual may also use his
Aadhaar number for availing subsidized foodgrains from the Public Distribution
System ( PDS). His Aadhaar number may then get linked to the PDS database. The
seeding of the Aadhaar number makes it a common identifier across multiple
databases. This seeding of the Aadhaar number also creates a single point of
failure – where even if one database is compromised through a data breach or a
data theft, then all the other Aadhaar-linked databases become susceptible.
Privacy concerns associated with seeding
of multiple databases with Aadhaar as the common identifier
The manner in which the seeding of the
Aadhaar number across multiple databases violates the right to privacy was
highlighted by Chandrachud, J in his dissenting opinion in the K.S.
Puttuswamy II case, where the constitutionality of the Aadhaar project was
adjudicated upon. Chandrachud, J pointed out that the seeding of the Aadhaar
number across different databases makes the Aadhaar number the ‘central
unifying feature’ which may connect information that would usually be
unconnected. It could also be used to profile individuals by creating
co-relation between human lives, and was capable of influencing the behavioral
patterns of individuals, in a manner that would affect their privacy and
liberty. He further goes on to state that if traces of the Aadhaar number are
‘left in every facet of human life’, the result shall be a loss of privacy.
Chandrachud, J then mentions that when the
Aadhaar number is seeded in every database, it becomes a ‘bridge across
discreet data silos’. Anyone with access to the seeded databases can construct
a detailed profile of an individual’s life, which was contrary to the right to
privacy. This implies that anyone who has access to the seeded databases can
collate information about various facets of an individual’s life – such as his
religion, economic status, affiliations, medical history etc. He then
highlights how seeding of the Aadhaar number nullifies the restriction placed
on profiling of individuals by Section 2(k) of the Aadhaar Act. Under Section
2(k), the UIDAI cannot collect and store information relating to the race,
religion, caste, tribe, ethnicity, language, records of entitlement, income or
medical history of the individual.
However, when the
Aadhaar number is seeded across multiple databases, the effective result is the
collection of information relating to religion, ethnicity, medical history,
income etc, which nullifies the restriction placed under Section 2(k). This can
be illustrated with an example that Chandrachud, J gives in his opinion. When a
person from a particular caste is rescued from manual scavenging and seeks to
take benefit of rehabilitation schemes, he has to get his Aadhaar number linked
to the rehabilitation scheme database. This effectively results in a situation where a profile of that person, as
someone who has engaged in manual scavenging, gets permanently added to the
scheme database. The stigma of being a manual scavenger in the past gets
permanently fixed to the person’s identity.
The same person
may use his Aadhaar number for availing other benefits, which shall ensure that
his Aadhaar number is seeded across other databases. Anyone accessing these
databases can then generate a detailed profile about that individual, by
collating information relating to categories relating to the race, religion,
ethnicity etc. This can be further illustrated through another example of the
Ujjwala scheme. Under the Ujjwala scheme, rehabilitation services are provided
for victims who have been rescued from trafficking for commercial sexual
exploitation. Even under the Ujjwala scheme, the services can be availed only
if the individual links her Aadhaar number with the scheme database. Hence, one
the victim submits her Aadhaar number, the stigma of being someone who was
trafficked for sexual exploitation gets permanently attached to the victim’s
identity.
The victim may in
future use her Aadhaar number to avail health services under the Ayushman
Bharat Yojana or the National Health Mission. Her Aadhaar number shall then be
seeded with this scheme database, which may also contain other information
regarding her medical records and medical history. The Aadhaar number hence
becomes a central unifying feature across all the linked databases. Anyone who
accesses these databases can use the Aadhaar number to deconstruct a profile of
the victim’s life – by taking note of her stigmatic past as a victim of sexual
exploitation, her medical records, religion etc. The seeding of Aadhaar across
multiple databases may accordingly lead to profiling, and effectively nullifies
the restriction placed by Section 2(k). This, as Chandrachud, J argues, has the
threat of potential surveillance over the activities of the individual, and is
contrary to the right to privacy. This was one of the main reasons for his
ultimate conclusion – which was that the Aadhaar project as a whole was
unconstitutional.
From a reading of
Chandrachud, J’s opinion, it is implicit that he does not consider the seeding
of Aadhaar to be a reasonable restriction on the right to privacy, even if such
seeding is for trying to bring about more efficient delivery of subsidies and
welfare schemes. The majority opinion authored by Sikri, J on the other hand
only struck down the seeding of the Aadhaar number with databases owned up
private parties – such as the seeding of Aadhaar number with bank accounts.
With respect to the use of Aadhaar for government welfare schemes, the majority
took the view that the invasion of privacy through Aadhaar was ‘minimal’, and
that the Aadhaar Act had achieved a fair balance between the right to privacy
and other socio-economic rights, such as the right to food.
The majority also
did not specifically prevent the government from making Aadhaar authentication
a mandatory condition precedent for availing welfare schemes. It only expressed
hope that no benefits shall be denied to a person if there is an authentication
failure, technical error etc. This way, the majority has also impliedly upheld
the seeding of the Aadhaar number across multiple government databases. Hence, while
Chandrachud, J concluded that seeding of the Aadhaar number across multiple
data was not a reasonable or proportionate restriction on privacy, the majority
concluded that the use of Aadhaar achieved a fair balance between privacy and
other socio-economic rights.
Conclusion
While there can be
differing viewpoints on whether this restriction can be considered as
reasonable, what cannot be disputed is that the seeding of the Aadhaar number
can result in profiling of an individual, which severely impinges on his
privacy. Such profiling of information can be then used by different government
departments to surveil upon the activities of a person. Hence, for the reasons
mentioned above, the seeding of the Aadhaar number across multiple databases
leads to a severe compromise of individual privacy. After the constitutionality of the Aadhaar project was upheld by the Supreme Court, the Government effectively has a carte blanche to merge multiple databases with the Aadhaar number as the common identifier. Ergo, we as citizens should continue to be vigilant, and safeguard our fundamental rights.
No comments:
Post a Comment