#Aadhaar hearing continues. Sr. Adv Rakesh Dwivedi continues his submissions on behalf of UIDAI. Thread.
RD: Under Section 8, the collected identity information can only be used for authentication.
RD continues to emphasise how core biometric is never shared.
DYC J in discussion with RD on the requesting entity and the kind of data it collects or uses in view of Section 8 (3) and 29 (3) and says RE will anyway have the purpose of authentication.
DYC J is not sure about RE not collecting purpose etc.
DYC J cites an example of how the fact that someone visited apollo hospital is valuable data for insurance providers, employers etc. Aadhaar aggravates it.
DYC J cites an example of how the fact that someone visited apollo hospital is valuable data for insurance providers, employers etc. Aadhaar aggravates it.
RD: privacy protection under Aadhaar Act is better than EU GDPR.
Says he will show how and EU itself is about flow of data across different countries borders.
Says he will show how and EU itself is about flow of data across different countries borders.
RD: But 100% assurance cannot be given in any case. Not even during travelling everyday to work is a 100% guarantee that you will reach the destination alive or healthy. Nor can aadhaar.
DYC J says may be we can cut and paste 8 (3) to 29 (3) in respect of sharing.
RD agrees to the Court using any tool at his disposal including reading down, clarifying the provision etc although its not required in his opinion.
RD agrees to the Court using any tool at his disposal including reading down, clarifying the provision etc although its not required in his opinion.
Sikri J says its about apprehensions of misuse.
RD: These are not real misapprehensions.
DYC J: these are absolutely real apprehensions. Including using personal information to rig elections!
RD: These are not real misapprehensions.
DYC J: these are absolutely real apprehensions. Including using personal information to rig elections!
RD: Your Lordships should not bring Cambridge Analytica into this.
DYC J: Aadhaar does not exist in an isolated world. We cannot treat it that way.
RD: I did not know about algorithms before this matter. I bought 50000 rupees worth of books through different kinds...
DYC J: Aadhaar does not exist in an isolated world. We cannot treat it that way.
RD: I did not know about algorithms before this matter. I bought 50000 rupees worth of books through different kinds...
...of algorithms. None of our algorithms are learning algorithms. These are not AI algorithms. Our biometric match algorithms are simple and simplistic. No analysis done. Petitioners have equated everything with everything else.
DYC J: Our limitation of knowledge should not...
DYC J: Our limitation of knowledge should not...
...make us look at the issue with blinkers, when we are laying down the law for posterity.
RD: Agrees to that. That is exactly what I want. He says Smartcard companies have a vested interest in Aadhaar failing ...similarly Google also wants aadhaar to fail.
RD: Agrees to that. That is exactly what I want. He says Smartcard companies have a vested interest in Aadhaar failing ...similarly Google also wants aadhaar to fail.
DYC J: Controlling UIDAI is least of our problems, they are always amenable to 32. But worried about the world outside. We will have to take a careful view.
RD: Says there is value in allowing personal information flow even to pvt players. When people know what I eat, after all it popularises the dish.
RD: we must understand that we have only biometric matching algorithms..not learning algorithms.
RD: we must understand that we have only biometric matching algorithms..not learning algorithms.
RD: Reads Section 28 (3).
Sikri J still asks about how this will control AUAs REs etc.
RD says UIDAI, AUAs etc are all belong to the same scheme or structure under the Act.
RD refers to Section 57 says use has to be pursuant to law or contract. Cannot be open ended.
Sikri J still asks about how this will control AUAs REs etc.
RD says UIDAI, AUAs etc are all belong to the same scheme or structure under the Act.
RD refers to Section 57 says use has to be pursuant to law or contract. Cannot be open ended.
RD: A pizza vendor or paanwala or a chaaiwala cannot ask for Aadhaar. Not so open ended.
DYC J: What is the nexus of Section 57 with consolidated fund of india?
RD: Money bill point to be dealt with by A-G later.
DYC J: What is the nexus of Section 57 with consolidated fund of india?
RD: Money bill point to be dealt with by A-G later.
DYC J: Not just money bill..even on the point of nexus for compelling state interest. Why open up Aadhaar platform for pvt use?
RD: Public private divide is actually now jading away. Many private players performing public function.
RD: Public private divide is actually now jading away. Many private players performing public function.
RD: If they are performing public function they are amenable to writ jurisdiction under 226 and 32. In another case SC has to consider that.
Sikri J: in many cases, public sector entities are handicapped because of the strict vigil whereas pvt sector has more freedom.
Sikri J: in many cases, public sector entities are handicapped because of the strict vigil whereas pvt sector has more freedom.
RD agrees and says that may be another reason why we may want to control pvt sector corporations to a higher degree.
(Me thinks: hello all you libertarian supporters of this regime...)
RD now comes to Petitioners' submission on numbering people.
RD: Petitioners argued as if Hitler was the first to use numbers and was never used afterwards.
RD: for everything we use numbers, PNR numbers, proximity card to SC...all of them.
RD: Petitioners argued as if Hitler was the first to use numbers and was never used afterwards.
RD: for everything we use numbers, PNR numbers, proximity card to SC...all of them.
RD: But for these numbers and but for the mathematicians, world would have made no progress. Numbers are beautiful.
Sikri J: Their arguments was about reducing personhood to a mere number.
RD: continues to beauty of numbers line.
RD: continues to beauty of numbers line.
DYC J asks the question of about Section 3 making the number an entitlement but being made mandatory linkage elsewhere.
RD: UIDAI cannot make aadhaar mandatory. Under Section 7 govt will make mandatory. This Court can look at each notification and test its validity.
RD: UIDAI cannot make aadhaar mandatory. Under Section 7 govt will make mandatory. This Court can look at each notification and test its validity.
RD: Aadhaar for PDS may be good, under PMLa may be bad. The privacy tests will have to be applied also to each notification. Not for the Act!
RD: Knocking down this Act because some notifications are impermissible invasion would be destroying a great infrastructure that has been created for aadhaar.
RD: Aadhaar Act is a UIDAI centeres design plus Section 7.
Bench rises for lunch.
Bench has reassembled. Hearing continues.
DYC J asks RD if he is correct in understanding that with Section 7 plus Section 57 cover the entire gamut of uses of aadhaar.
RD: Section 57 is a limitation, not an expansion. If 57 was not there anyone could be an RE. There has to be a prior law or contract.
RD: Section 57 is a limitation, not an expansion. If 57 was not there anyone could be an RE. There has to be a prior law or contract.
RD: There is no guarantee that UIDAI will accept the AUA application of a paanwala, beediwala or a chaaiwala.
Ashok Bhushan J is not so sure.
RD repeats that proviso is the safeguard. The pvt person have to first apply and only UIDAI can approve the AUA application.
RD repeats that proviso is the safeguard. The pvt person have to first apply and only UIDAI can approve the AUA application.
DYC J is not so sure...Section 57 does not contemplate any such power to UIDAI to refuse. Bhushan J says 57 does not even refer to UIDAI.
DYC J asks RD not to always refer to Paanwala but take the example of an insurance provider. "Can you refuse their application?," he asks.
DYC J asks RD not to always refer to Paanwala but take the example of an insurance provider. "Can you refuse their application?," he asks.
RD: The critical expression in Section 57 is "pursuant to"..which means prior contract..in other words, someone can become an RE only by showing a prior contract.
Khankwilkar J is not so sure. For an RE, interface with UIDAI comes first...the contract with user comes later. RD says, not so for 57.
RD says as long as security is concerned, both safeguards under this Act as well as safeguards under IT Act will apply vide Section 30.
RD reads Section 66B and 66C and 66E of the Information Technology Act, 2007.
RD refers to Section 72, 72A and 76 of the Act and how they fortify the security of the Aadhaar eco system.
Similarly he says the Resonable Security practices Rules 2011 also applies to all agencies operating under the Aadhaar system.
Refers to how the 2011 Rules refers to all biometrics including voice samples and DNA but our Act only has two biometrics namely fingerprints and iris scans.
Khanwilkar J points out that body corporates under 2011 Rules have a narrow definition in 43A of the IT Act to include only commercial enterprises.
RD comes back to Section 57 and says how contract there is entirely based on consent.
RD: As far as we, UIDAI, are concerned, we do not make it mandatory. It is fully consensual except Section 7. Each Section 7 notification may be examined separately for constitutionality.
RD: As far as we, UIDAI, are concerned, we do not make it mandatory. It is fully consensual except Section 7. Each Section 7 notification may be examined separately for constitutionality.
RD now comes to his next point defending against the excessive delegation charge in definition of biometric 2 (g).
He says 2 (g) has the words "Such other" ... which means only those biological attributes which share characteristis such as fingerprints or iris.
He says 2 (g) has the words "Such other" ... which means only those biological attributes which share characteristis such as fingerprints or iris.
Some of those characteristics:
- non intrusive
- enhances accuracy
- capable of used for instant authentication etc...
DNA cannot come within the definition of 2 (g).
- non intrusive
- enhances accuracy
- capable of used for instant authentication etc...
DNA cannot come within the definition of 2 (g).
RD goes to his next point on how empowering Aadhaar is for welfare purposes.
Earlier many labourers and field workers never went to PDS shops and their share used to be swindled away.
Now, they have to come face to face with the PDS authorities.
Earlier many labourers and field workers never went to PDS shops and their share used to be swindled away.
Now, they have to come face to face with the PDS authorities.
RD: that necessity of coming face to face deepens democracy. Revolutionary. Today there is a change. People are participating more. For example there was a judgment and there were protests following that judgment. There is a palpable change.
(Me thinks: So now "presenceless" is also thrown under the bus)
RD: The fingerprints is a huge safeguard. Which is why other ids cannot be used. No deduplication possible. Petitioners are arguing to do away with deduplication and go on merrily like other.
..RD also says no other id is widely and universally held like Aadhaar.
RD now comes to the BSP point.
RD: UIDAI is only a licensee of BSP software. Entry to server rooms fully under control of UIDAI officers.
RD: UIDAI is only a licensee of BSP software. Entry to server rooms fully under control of UIDAI officers.
RD: Demographic data is not given to ABIS.
RD: The sourcecode or IP is with the BSPs..but that is no source of insecurity. Just like Banks using Oracle/SAP etc.
RD: Next argument about probabilistic v deterministic.
RD: this is also a complex concept for me. The greatest enemy of knowledge is not ignorance but illusion of knowledge. Your lordships should forgive me for proceeding on a mere illusion of knowledge given my limitations.
RD: Probability governs us everywhere. Nothing in this world is deterministic.
(Me thinks: 👇)
(Me thinks: 👇)
DYC J does not like that proposition. He says can we allow an inherently probabilistic system to affect FRs.
Sikri J..you say 95% accuracy, they say its a smaller number.
RD: they are all valid rejections many of them. There are other interests which want Aadhaar to fail which are hyping up aadhaar auth failures.
Almost all affidavits are about auth failures not dedup rejections.
RD: they are all valid rejections many of them. There are other interests which want Aadhaar to fail which are hyping up aadhaar auth failures.
Almost all affidavits are about auth failures not dedup rejections.
DYC J: Reetika Khera has filed affidavits here ...we cannot ignore the facts brought before us. Exclusion is a given. RD also applauds Mr. Divan to have accompanied Prof. Khera on one of her trips to a village trying to see the working of Aadhaar auth.
RD: All of it is an implementation problem which needs to be remedied. But source is not a systemic fault.
Bench rises for the day. RD says he should be able to complete by tomorrow. Or at max Thursday.
Bench rises for the day. RD says he should be able to complete by tomorrow. Or at max Thursday.
