#Aadhaar (Day 29) hearing will begin shortly.
Senior advocate Rakesh Dwivedi resumes his submissions. Says it's better to tighten the nuts and bolts of Aadhaar rather than demolishing it completely.
RD cites Section 8 of the Aadhaar act. Says information is strictly confined to the purpose of authentication. Interplay of section 8 and 29 say that core biometrics are not shared.
RD says that data shared under section 29 is non biometric data.
J. Chandrachud: the requesting entity will have the purpose of the authentication even if UIDAI doesn't have it. RD denies.
J. Chandrachud: the requesting entity will have the purpose of the authentication even if UIDAI doesn't have it. RD denies.
J. Chandrachud: Section 8(3) combined with section 29(3) means that the requesting entity will know the purpose of the authentication.
RD says if the bench is unsure whether requesting agencies collect information that they are not supposed to then the bench should read down sections 8(3) and 29(3) to make sure that REs do not know the purpose of the authentication or collect any information.
J. chandrachud: A hospital may have data on an individual based on the number of times the individual has requested authentication. This can be helpful information for pharmaceutical or insurance companies.
RD vehemently denies
RD vehemently denies
RD says GDPR provides no curative measures.
Says Aadhaar act provides enough data protection to citizens.
RD: No data protection law can provide hundred percent protection. The test should be " reasonable, fair and just" protection.
Says Aadhaar act provides enough data protection to citizens.
RD: No data protection law can provide hundred percent protection. The test should be " reasonable, fair and just" protection.
RD: Aggregation, analysis or transfer of data is not allowed by the Aadhaar Act.
J.chandrachud: What use the REs are making of the data, we don't know right now.
J.chandrachud: What use the REs are making of the data, we don't know right now.
RD says we can only tackle real apprehensions.
J. chandrachud: real apprehension is that elections are swayed using data analytics. These problems are symptomatic of the world we live in.
RD: can't compare this to Cambridge analytica. We don't have algorithms that Google has.
J. chandrachud: real apprehension is that elections are swayed using data analytics. These problems are symptomatic of the world we live in.
RD: can't compare this to Cambridge analytica. We don't have algorithms that Google has.
J. Chandrachud: we can't have a blinkered view of reality.
RD reiterates that UIDAI does not have learning algorithms. Aadhaar Act does not authorize it. We have simple matching algorithms, he emphasizes.
RD reiterates that UIDAI does not have learning algorithms. Aadhaar Act does not authorize it. We have simple matching algorithms, he emphasizes.
RD asks the bench to not give in to the hyper phobia that the petitioners have created.
Emphasizes that Aadhaar data cannot be subject to analysis.
RD: we have a powerful media and competitive interests to check any misuse of data.
Emphasizes that Aadhaar data cannot be subject to analysis.
RD: we have a powerful media and competitive interests to check any misuse of data.
RD: Keep aside your apprehensions related to Cambridge Analytica kind mishaps.
J. Chandrachud: Interface of Aadhaar with the world outside is the area of concern.
Rd: examine the design of the Act. We don't want any scare mongering. We want people of India to trust us.
J. Chandrachud: Interface of Aadhaar with the world outside is the area of concern.
Rd: examine the design of the Act. We don't want any scare mongering. We want people of India to trust us.
RD: Section 28 of the Act also provides protection of information. The information will be in the control of UIDAI and will be kept secure in CIDR.
Section 57 does not allow just anyone to become a requesting entity. It's a limited exercise. UIDAI will not approve anyone to...
Section 57 does not allow just anyone to become a requesting entity. It's a limited exercise. UIDAI will not approve anyone to...
become an RE unless it is satisfied that the particular entity needs to use the facility of authentication.
J. chandrachud: why are words "body corporate or any person" used in section 57. That breaks the nexus of the Act with the consolidated fund of India.
J. chandrachud: why are words "body corporate or any person" used in section 57. That breaks the nexus of the Act with the consolidated fund of India.
RD says he'll respond to that later.
J. Chandrachud asks what is the point of involving private parties in the Aadhaar infrastructure.
RD says private players are not exempt from constitutional norms. And the divide between public and private sector is narrowing.
RD says private players are not exempt from constitutional norms. And the divide between public and private sector is narrowing.
RD: two submissions of the petitioners have to be responded to:
1. We are numbering human beings. This is what Hitler did.
The history of nos. according to the petitioners began with Hitler. Imagine the state of our society if there were no numbers. Quotes a book by George Ifra
1. We are numbering human beings. This is what Hitler did.
The history of nos. according to the petitioners began with Hitler. Imagine the state of our society if there were no numbers. Quotes a book by George Ifra
RD:Origin of 1-10 began in india at the time of bramhagupta.
J. Sikri: nobody is saying there should not be nos.why assign it to individuals?
RD:Proximity card, airline tickets (PNR), credit cards etc are all nos.assigned to individuals.Quotes God made integers by Stephen Hawking
J. Sikri: nobody is saying there should not be nos.why assign it to individuals?
RD:Proximity card, airline tickets (PNR), credit cards etc are all nos.assigned to individuals.Quotes God made integers by Stephen Hawking
RD: Numbers are beautiful. They are fascinating. We as human beings are not numbered just because a number is assigned to us.
J. Chandrachud: Section 3 says Aadhaar is ann entitlement. How did it become mandatory?
RD: It was made mandatory by other Acts.
J. Chandrachud: Section 3 says Aadhaar is ann entitlement. How did it become mandatory?
RD: It was made mandatory by other Acts.
RD: Aadhaar Act has nothing to do with other linkages of Aadhaar except Section 7. UIDAI is mandate-neutral.
The government is making it mandatory under other Acts. The bench can look at these Acts separately. Under the Aadhaar act, obtaining Aadhaar is voluntary.
The government is making it mandatory under other Acts. The bench can look at these Acts separately. Under the Aadhaar act, obtaining Aadhaar is voluntary.
RD: Entire uidai infrastructure including enrollment has been built from the consolidated fund of India.
Bench rises for lunch.
Senior Counsel Rakesh Dwivedi resumes his submissions after lunch.
J. Chandrachud: Aadhaar can be made mandatory under a law or through a contract under section 57.
RD: object of section 57 is not to expand but to limit. Backing of contract is needed.
J. Chandrachud: Aadhaar can be made mandatory under a law or through a contract under section 57.
RD: object of section 57 is not to expand but to limit. Backing of contract is needed.
RD: Any paanwalla or chaiwalla cannot become a requesting entity. It has to be pursuant to a contract. UIDAI may still refuse an entity from becoming a requesting entity.
J. Chandrachud:how is need for authentication decided?For e.g a taxi service or software app.
RD: There has to be a prior contract and then uidai is approached for request.
J. Sikri: Where is the guideline for what will be considered a "need" for authentication and what won't be
RD: There has to be a prior contract and then uidai is approached for request.
J. Sikri: Where is the guideline for what will be considered a "need" for authentication and what won't be
J. Khanwilkar questions the fact that the prior contract comes before permission from UIDAI is taken. Says that Schedule A of the Act that outlines who call can be REs is very wide.
RD: The rules of IT Act 2000 and the punitive provisions of the Act are also applicable to Aadhaar data under Section 30 of the Aadhaar Act. This is further security.
RD then reads out the relevant provisions of the IT Act.
RD then reads out the relevant provisions of the IT Act.
RD: Anyone who attempts to gain unauthorized access to CIDR will be imprisoned for ten years.
RD mentions Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009 and Information Technology (Reasonable Security Practices And Procedures And Sensitive Personal Data Or Information) Rules, 2011
RD: CIDR comes under critical information infrastructure. Shows the notification that says that.
RD : Six attributes of biometrics:They are not genetic data; They are not intrusive; Mode of identification even without the use digital technology;
Instantaneous digital authentication;
Other biometrics can be added only if it enhances accuracy.
Instantaneous digital authentication;
Other biometrics can be added only if it enhances accuracy.
RD: Aadhaar is not just an exercise to provide benefits and weed out fakes but also to bring the service providers face to face with the beneficiaries. That's the revolutionary aspect of Aadhaar.
RD: None of the other identification cards are universally held in the country. These cards are only for initial identity and address proof. Nobody will give their wrong name or address when biometrics are involved.
RD: Aadhaar is not the panacea for all evils but the problems that were occuring on account of fake identity documents will be solved.
RD: Petitioners were arguing that there's no legal mandate to store information in CIDR. RD quotes section 10 in this regard.
RD: Petitioners argued that we have hired foreign suppliers. Only software is used by UIDAI as licensee. The hard disks and servers belong to UIDAI. Even technicians are given access to CIDR only when there's a problem in the process of UIDAI officials.
RD explains the process of extraction once a data packet is received by CIDR.
RD: Another argument that was raised was that Aadhaar is probabilistic. It is not probabilistic, but deterministic.
J. Sikri: You have to give a proper response to that. Argument was from the exclusion angle.
RD: Probability governs us everywhere. Nothing is certain.
J. Sikri: You have to give a proper response to that. Argument was from the exclusion angle.
RD: Probability governs us everywhere. Nothing is certain.
RD: Just because it is probabilistic, it cannot be discarded.
J. Chandrachud: If the probability leads to deprivation of fundamental rights, then there should be safeguards in place to ensure that this deprivation doesn't happen.
J. Chandrachud: If the probability leads to deprivation of fundamental rights, then there should be safeguards in place to ensure that this deprivation doesn't happen.
J. Chandrachud: there should be an administrative machinery in place to ensure no genuine beneficiary is deprived.
RD: I agree that nobody should be denied benefits due to authentication failure. Our submission is inclusion.
RD: I agree that nobody should be denied benefits due to authentication failure. Our submission is inclusion.
RD: Section 7 itself provides a fall back mechanism if authentication failure happens. We have to look at effective implementation.
Bench rises. RD says he will be able to finish tomorrow.
