Yesterday, the Supreme Court delivered its first verdict in a series of legal challenges that have been made against the Aadhaar project.[1] In the present matter, the court was examining whether a provision of the Finance Act, 2017 that made Aadhaar mandatory for filing of income tax returns and applying for Permanent Account Number (PAN) cards was constitutionally valid. The court has upheld the validity of this provision, subject to a few qualifications. Below, we discuss the background of the Aadhaar project, why the courts have stepped in to examine its legality, and some aspects of the recent judgement.
What is Aadhaar about, and how is it being used?
Earlier, various identity proofs were required for access to governments benefits, subsidies and services, such as a ration card, driving license or voter id. However, as these proofs could be easily duplicated or forged, there was leakage of benefits and subsidies to ineligible beneficiaries. The Aadhaar project was initiated in 2009 to address these problems. It was envisaged as a biometric-based unique identity number that could help identify eligible persons. It was thought to be a more reliable identity proof, because it sought to authenticate a person’s identity based on their unique biometrics, like fingerprints and iris scans.1
In 2016, Parliament enacted the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 to provide legislative backing to the project. This Act allowed Aadhaar to be used for authentication purposes by the central and state government, as well as by private bodies and persons.[2]
Under its provisions, government has been issuing various notifications making Aadhaar mandatory for government projects, such as LPG subsidies and Mid-Day Meal scheme.[3] In addition, in 2017, Parliament passed the Finance Act to amend the Income Tax Act, 1961, and made Aadhaar mandatory for filing of income tax returns, and applying for PAN.[4]
What is the information collected under Aadhaar?
To obtain an Aadhaar number, a person is required to submit their : (i) biometric information (photograph, 10 fingerprints, scans of both irises), and (ii) demographic information (name, date of birth, gender, residential address) to the Unique Identification Authority of India (UIDAI).[5] The Aadhaar number, the demographic and biometric information (called identity information) is together stored in the Central Identities Data Repository. In addition, every time a person’s identity is authenticated using Aadhaar, information related to the authentication request is recorded as well.
How is this information protected?
While India does not have a comprehensive law on privacy and data security, the Aadhaar Act, 2016 has some protections. For example, it prohibits UIDAI and its officers from sharing a person’s identity information and authentication records with anyone. It also forbids a person authenticating another person’s identity from collecting or using their information without their consent. Other protections include prohibitions against publicly displaying a person’s Aadhaar number and sharing of a person’s fingerprints and iris scans with anyone. Note that there are penalties prescribed for violation of these provisions as well.[6]
However, the Act permits information be disclosed in the interest of national security and on the order of a court.[7]
The UIDAI authority has been made responsible for the operation and maintenance of the Aadhaar database, and for laying down the security protocols for its protection.[8]
Why did the courts step in?
Even as Aadhaar is being rolled out, with about 111 crore of the 125 crore population already on the database, there are several important constitutional and legal questions around the unique identity project.[9][10] While yesterday’s judgement addresses one of these issues, other questions remain unresolved. A description of the key legal questions is provided below.
Privacy: It has been argued that the collection of identity data without adequate safeguards interferes with the fundamental right to privacy protected under Article 21 of the Constitution. Article 21 guarantees right to life and personal liberty. In August 2015, a three judge bench of the Supreme Court passed an order stating that a larger bench must be formed to decide the questions of: (i) whether right to privacy is a fundamental right, and (ii) whether Aadhaar violates this right.[11] However, the court has not set up a larger bench to hear these petitions till June 2017.[12]
Mandatory vs voluntary: Another question before the court is whether Aadhaar can be made mandatory for those government benefits and services, that citizens are entitled to under law. In 2015, the Supreme Court passed some interim orders stating that: (i) Aadhaar cannot be made mandatory for providing citizens with benefits and entitlements, and (ii) it can only be used for seven schemes including PDS distribution of foodgrains and kerosene, LPG distribution scheme, MGNREGA wage payments, and Prime Minister’s Jan Dhan Yojana.11
Subsequently, Parliament enacted the Aadhaar Act, 2016, and the government has been issuing notifications under it to make Aadhaar mandatory for various schemes.3 In light of this, more petitions have been filed challenging these notifications.[13] Judgements on these petitions are awaited as well.
Linking Aadhaar with PAN: In 2017, after Parliament made Aadhaar mandatory for filing of tax returns and applying for PAN under the Income Tax Act, 1961, fresh petitions were filed in the Supreme Court. The new provision stated that if a person failed to link their PAN with the Aadhaar number by a date notified by the central government, their PAN will be invalidated. The government said this will decrease the problem of multiple PAN cards obtained under fictitious names and consequent tax fraud and tax evasion, because Aadhaar will ensure proper identification.1,[14] However, the petitioners argued that this may interfere with a person’s fundamental rights, such as their right to practice any profession, trade or business and right to equality. It is this question that has been addressed in the new judgement.1
Money Bill: The fourth question is related to the manner in which the Aadhaar Act, 2016 was passed by Parliament. The Act was passed as a Money Bill. A Money Bill only needs to be passed by Lok Sabha, while Rajya Sabha may make non-binding recommendations on it. In case of the Aadhaar Act, Rajya Sabha made some recommendations that were rejected by Lok Sabha. It has been argued before the courts that the Aadhaar Act does not qualify as a Money Bill because it contains provisions unrelated to government taxation and expenditure.13,[15]
What has the judgement held?
The Supreme Court has held that the new provision of the Income Tax Act that makes Aadhaar mandatory for income tax assessees is not in violation of the fundamental right to equality, or the fundamental right to practice one’s profession or trade. The petitioners had argued that the new provision discriminates between individual and non-individual assessees (e.g. companies or firms), because it only seeks to address tax fraud by individuals. They had also contended that Aadhaar could not address the problem of tax fraud through duplicate PANs because there was evidence to show that people had multiple Aadhaar numbers as well. The court rejected these arguments (as well as arguments related to freedom to carry on business), stating that Aadhaar is perceived as the best method of eliminating duplicate PANs, and therefore there is reasonable rationale behind linking the PAN database with Aadhaar.1
The court decided not to examine questions related to human dignity and privacy, on the ground that issues affecting Article 21 will be examined by a larger bench to be set up by the court. However, it granted relief to people, who have not enrolled for Aadhaar, by stating that their PAN cards cannot be invalidated till the time when the matter is finally decided by such a bench.
This, in effect, means that the debate around constitutionality and legality of the Aadhaar project will remain ongoing till a judgement is finally pronounced on whether Aadhaar is in violation of right to privacy under Article 21.
[1] Binoy Viswam vs Union of India, Supreme Court, Writ Petition (Civil) No. 247 of 2017, http://www.sci.gov.in/pdf/jud/wc24717_Sign.pdf.
[2] Sections 7, 8 and 57, Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016.
[3] Unstarred Question No. 4126, Lok Sabha, March 27, 2017; Unstarred Question No. 1209, Lok Sabha, February 9, 2017; S.O. 371 (E), Ministry of Consumer Affairs, Food and Public Distribution, February 8, 2017, http://dfpd.nic.in/writereaddata/Portal/Magazine/Document/1_211_1_aadhaar-notification.pdf; S.O. 369 (E), Ministry of Agriculture and Farmers Welfare, February 8, 2017, http://www.egazette.nic.in/WriteReadData/2017/174076.pdf.
[4] The Finance Bill, 2017, http://www.prsindia.org/billtrack/the-finance-bill-2017-4681/.
[5] Regulations 3 and 4, Aadhaar (Enrolment and Update) Regulations, 2016.
[6] Sections 28-47, Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016.
[7] Section 33, Section 23, Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016.
[8] Section 23, Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016.
[9] “UIDAI achieves 111 crore mark on Aadhaar generation; Unique identity covers over 99 percent adult residents of India”, Press Information Bureau, January 27, 2017.
[10] Justice K. Puttaswamy (Retd) and Another vs Union of India and Others, Supreme Court, Writ Petition (Civil) No. 494 of 2012; Jairam Ramesh vs Union of India, Writ Petition (Civil) 231 of 2016; S.G. Vombatkere and Another vs Union of India and Others, Supreme Court, Writ Petition (Civil) 797/ 2016; “Aadhaar: What are the pending cases before the Supreme Court”, Indian Express, May 31, 2017, http://indianexpress.com/article/india/aadhaar-what-are-the-pending-cases-before-the-supreme-court/.
[11] Justice K. Puttaswamy (Retd) and Another vs Union of India and Others, Supreme Court, Writ Petition (Civil) No. 494 of 2012, September 23, 2013, August 11, 2015, October 15, 2015.
[12] “The Aadhaar/ PAN Judgement”, Indian Constitutional Law and Philosophy Blog, https://indconlawphil.wordpress.com/2017/06/09/the-aadhaarpan-judgment/.
[13] “Aadhaar: What are the pending cases before the Supreme Court”, Indian Express, May 31, 2017, http://indianexpress.com/article/india/aadhaar-what-are-the-pending-cases-before-the-supreme-court/.
[14] Uncorrected Lok Sabha Debates, March 22, 2017, Pg. 240, http://164.100.47.193/newdebate/16/11/22032017/Fullday.pdf.
On June 6, 2022, the Ministry of Electronics and Information Technology released the draft amendments to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (IT Rules, 2021) for public feedback. The IT Rules were notified on February 25, 2021, under the Information Technology Act, 2000 (IT Act). The Ministry noted that there is a need to amend the Rules to keep up with the challenges and gaps emerging in an expanding digital ecosystem. In this blog post, we give a brief background to the IT Rules, 2021 and explain the key proposed changes to the Rules.
Background to the IT Rules, 2021
The IT Act exempts intermediaries from liability for user-generated content on their platform provided they meet certain due diligence requirements. Intermediaries are entities that store or transmit data on behalf of other persons and include telecom and internet service providers, online marketplaces, search engines, and social media sites. IT Rules specify the due diligence requirements for the intermediaries. These include: (i) informing users about rules and regulations, privacy policy, and terms and conditions for usage of its services, including types of content which are prohibited, (ii) expeditiously taking down content upon an order from the government or courts, (iii) providing a grievance redressal mechanism to resolve complaints from users about violation of Rules, and (iv) enabling identification of the first originator of the information on its platform under certain conditions. It also specifies a framework for content regulation of online publishers of news and current affairs and curated audio-visual content. For an analysis of the IT Rules 2021 please see here.
Key changes proposed to the IT Rules 2021
Key changes proposed by the draft amendments are as follows:
Comments on the draft amendments are invited until July 6, 2022.
