The apex court said that the deadline to link Aadhaar with mobile or bank

accounts has been extended until the disposal of Aadhaar case. ‘SC extends
March 31 deadline for Aadhaar linkages till the constitution bench delivers
judgement on the matter,’ PTI reported. Earlier, the deadline to link Aadhaar with
various services was set for March 31, 2018. However, the order will not apply to
the deadline for subsidies and benefits under Section 7. This effectively means
that the order will not apply in cases where subsidies are given by the
government.

Section 7 of Aadhaar Act relates to the targeted delivery of subsidies, benefits

and services, the expenditure for which is incurred from the Consolidated Fund of
India.

In another significant order, the apex court ruled that Aadhaar cannot be made
mandatory for issuing Tatkal passport. The order was passed by the Constitution
Bench of the top court comprising Chief Justice Dipak Misra and Justices AK
Sikri, AM Khanwilkar, DY Chandrachud and Ashok Bhushan.

The Supreme Court had in 2013 prevented the government from forcing people
to submit their Aadhaar number to access welfare schemes. However, the BJP-
led NDA government managed to get around this hurdle by getting parliamentary
approval for a new law in 2016.

Aadhaar, a Congress project, was originally launched in 2009-10 under the UPA
dispensation.

IS PRIVACY AN INTEGRAL RIGHT OR A VAGUE NOTION? The nine-judge

Constitution bench's decision will impact everyday lives. It will define the
relationship between government and the citizen and will shape the
fundamental rights are understood for decades to come.
* The bench will decide whether a fundamental right to privacy exists under
the Indian Constitution.
* This bench will not decide the fate of Aadhaar, only the nature and status of
the right to privacy under the constitution.
* The petitioners want Supreme Court to recognize, among other things,
a fundamental right to privacy under the Constitution.
WHAT PETITIONERS SAY
PRECEDENTS
* And eight-judge bench ruled in the MP Sharma case (1954) there was no
right to privacy under a specific Article, but it did not extinguish a general
fundamental right to privacy.
* A six-judge bench in Kharak Singh case (1962) that right to privacy is not
fundamental, no longer good law.
* In an unbroken chain of judgments, starting from Gobind vs State of Madhya
Pradesh and leading up to National Legal Services Authority (NALSA) vs
Union of India (on the rights of transgender persons), the Supreme Court has
recognised the fundamental right to privacy.
* Privacy is associated with and is the bulwark of other rights. It is located in
the golden trinity of Articles 14,19, and 21 (right to liberty and equality).
* There can be no dignity without privacy, and dignity is part of the Preamble,
part of the basic structure of the Constitution.

WHAT RESPONDENTS SAY

* Cite Kharak Singh and MP Sharma to argue right to privacy is not
fundamental.
* Privacy is a vague concept, and vague concepts cannot be made
fundamental rights.
* Framers of Constitution debated but discarded privacy as fundamental right.
* Right to life of others, including right to food, is more important than right to
privacy.
* Internationally, in most jurisdictions, right to privacy has not been recognized
explicitly.

THE PETITIONERS
Former Karnataka HC judge, KS Puttaswamy, now 91, filed the PIL in 2012
challenging the Aadhaar scheme, saying it violates fundamental rights to
privacy and equality. SC has linked all the 20+ Aadhaar cases to this main
case. Petitioners include activists Bezwada Wilson, Aruna Roy and Nikhil Dey.
For Puttaswamy, this was reportedly the first time he felt need to petition the
courts in any matter.
THE BENCH
The high profile bench that will decide the question of privacy. Here are the
judges:
1. JS Khehar
2. J Chlameswar
3. SA Bobde
4. RK Agarwal
5. RF Nariman
6. AM Sapre
7. DY Chandrachud
8. SK Kaul

9.S Abdul Nazeer

THE VERDICT

In a landmark decision that will affect the lives of all Indians, the Supreme
Court unanimously declared that right to privacy was a Fundamental right
under the Constitution. A nine-judge Constitution bench headed by Chief
Justice JS Khehar ruled that "right to privacy is an intrinsic part of Right to Life
and Personal Liberty under Article 21 and entire Part III of the Constitution".
On 24 August 2017, a nine judge bench of the Supreme Court of India handed down its decision in the
important constititutional case of Puttaswamy v Union of India [pdf]. In a remarkable and wide ranging 547 page
judgment the Court ruled unanimously that privacy is a constitutionally protected right in India. This is landmark
case which is likely to lead to constitutional challenges to a wide range of Indian legislation.

Background

The case arose out of a challenge to a constitutional challenge to the Aadhaar project, which aims to build a
database of personal identity and biometric information covering every Indian. More than a billion Indians have
so far been registered in the Aadhaar programme, which sees citizens issued with a 12-digit number that aligns
to specific biometric data such as eye scans and fingerprints. Registration is now become mandatory for filing
tax returns, opening bank accounts, securing loans, buying and selling property or even making purchases of
50,000 rupees (£610) and above.

In 2012, Justice K.S. Puttaswamy (Retired) filed a petition in the Supreme Court challenging the constitutionality
of Aadhaar on the grounds that it violates the right to privacy.
The Government argued that there was no constitutional right of privacy in view of a unanimous decision of
eight judges in M.P. Sharma v. Satish Chandra ([1954] SCR 1077) and a decision by a majority of four judges
in Kharak Singh v. State of Uttar Pradesh ([1964] 1 SCR 332).

The case came before a three judge Bench of the Court which, on 11 August 2015, ordered that the matter
should be referred to a larger Bench of the Court. On 18 July 2017, a five judge Constitution Bench ordered the
matter to be heard by a nine judge Bench. While it awaited clarification on the right to privacy, the bench
hearing the constitutional challenge to Aadhaar passed an interim order restricting compulsory linking of
Aadhaar for benefits delivery

Judgment

The nine judges of the Court gave six separate opinions, producing what must be a contender for the longest
reasoned judgment ever produced by a court. These judgments defy short summary and only a few key themes
can be picked out.

The leading judgment is a tour de force, given on behalf of four judges by Dr D Y Chandrachud J in 266 pages. It
deals, in detail, with the Indian domestic case law on privacy and the nature of constitutional rights. It also
considers Comparative Law on Privacy (from England, the US, South Africa, Canada, the European Court of
Human Rights and the Inter-American Court of Human Rights). Various criticisms of the privacy doctrine – from
Bork, Posner and feminist critics – are addressed.

The problem for the Petitioners was that the Indian Constitution [pdf] does not contain an explicit privacy right.
Nevertheless, the Indian Constitution is a living instrument. The Courts have sought to give effect to the
“values” which the Constitution it contains by interpreting express fundamental rights protections as containing
a wide range of other rights. The crucial provision for this purpose is Article 21 which provides that

“No person shall be deprived of his life or personal liberty except according to procedure established by law”

Chandrachud J points out that this provision has been interpreted as containing, inter alia, the rights to a speedy
trial, legal aid, shelter, a healthy environment, frredom from torture, reputation and to earn a livelihood (for a
list see [150]). Privacy is an incident of fundamental freedom or liberty.

In an important section of the joint judgment headed “Essential Nature of Privacy”, Chandrachud J analyses the
concept of privacy as being founded on autonomy and as an essential aspect of dignity ([168] to [169]):

“Dignity cannot exist without privacy. Both reside within the inalienable values of life, liberty and freedom
which the Constitution has recognised. Privacy is the ultimate expression of the sanctity of the individual. It is a
constitutional value which straddles across the spectrum of fundamental rights and protects for the individual a
zone of choice and self-determination” [169]

In the next section of the judgment Chandrachud J considers “Informational Privacy”, referring to a range of
academic writing. In particular, the judgment includes an infographic from an article by Bert-Jaap Koops et al.,
“A Typology of Privacy” to illustrate the fundamental notions of privacy:
The judgment refers with approval to the 2012 Report of the Expert Group on Privacy[pdf] – which sets out nine
principles (which have much in common with the EU data protection principles).

The conclusions are set out at pages 260-265 of the joint judgment. It is held that privacy is a constitutionally
protected right which emerges, primarily, from Article 21 of the Constitution. This is not an absolute right but
an interference must meet the threefold requirement of (ii) Legality; (ii) the need for a legitimate aim and (iii)
proportionality (p.264). It is also noted that, as informational privacy is a facet of the right to privacy the
Government will need to put in place a robust regime for data protection.

Two other important points are dealt with in the joint judgment.

Firstly, it emphasises the fact that sexual orientation is an essential attribute of privacy thus casting doubt on
the case of Suresh Kumar Koushal v. Naz Foundation (2014) which upheld section 377 of the Indian Penal Code,
which effectively criminalizes same-sex relationships between consenting adults. A reconsideration of Suresh
Koushal is pending before a constitution bench of the Supreme Court.

Secondly, Chandrachud J overturns the judgment of his father (Chandrachud CJ) in the notorious case of ADM
Jabalpur v Shivakant Shukla (1976) which held that fundamental rights could be suspended during the
Emergency ([121]). Though the ADM Jabalpur judgment was nullified by 44th constitutional amendment it has
now finally been put to rest. In his concurring judgment Sanjay Kishan Kaul J commented

“the ADM Jabalpur case … was an aberration in the constitutional jurisprudence of our country and the
desirability of burying the majority opinion ten fathom deep, with no chance of resurrection”

R F Nariman J gave a judgment of 122 pages and four other judges gave substantive concurring judgments.

By its order the Court ruled that the right to privacy is protected as part of the right to life and fundamental
liberty under Article 21. The case was referred back to the original bench three judges for decision on the
merits.

Comment

This decision has been recognised as being of great legal and political significance. The Opposition Congress
party leader said that it “will rank among the most important judgments delivered by the Supreme Court since
the advent of the constitution of India.” The Hindustan Times commented that “The country could not have got
a better gift from the judiciary for its 70th year of independence” . The case has been seen as a major setback
for the Modi Government.

A striking feature of the joint judgment is the detailed treatment of issues of digital privacy which are of
increasing important both in India and internationally.

The future of the Aadhaar programme has been placed in doubt and, in the light of the comments of the
majority there is a strong possibility that the Supreme Court will now strike down legislation criminalising same-
sex relationships. The joint judgment makes it clear that the Indian Government is now under an obligation to
establish a data protection regime to protect the privacy of the individual.

The constitutional right to privacy can now be used to challenge to bans on beef and alcohol consumption in
many Indian states. BJP-dominated governments around the country implemented the bans as part of their
efforts to enshrine Hindu religious practices into the law.

The decision has been welcomed by Indian and international commentators, it puts the right to privacy at the
heart of constitutional debate in the world’s largest democracy and is likely to provide assistance and inspiration
for privacy campaigners around the world.

Hugh Tomlinson QC is a specialist in media and information law at Matrix Chambers and an editor of
Inforrm.

The nine-judge bench of the Supreme Court has unanimously

delivered its judgment in Justice K.S. Puttaswamy (Retd.) v.
Union of India holding that privacy is a constitutionally
protected right which not only emerges from the guarantee of
life and personal liberty in Article 21 of the constitution, but
also arises in varying contexts from the other facets of
freedom and dignity recognised and guaranteed by the
fundamental rights contained in Part III of the Indian
constitution.

The bench has overruled its decisions in M.P. Sharma v Satish

Chandra, District Magistrate, Delhi (1954), rendered by a
bench of eight judges and, in Kharak Singh v State of Uttar
Pradesh (1962), rendered by a bench of six judges, which
contained observations that the Indian constitution does not
specifically protect the right to privacy.

Justice D.Y. Chandrachud, while delivering the main judgment,

on behalf of the Chief Justice J.S. Khehar, Justice R.K. Agarwal,
himself and Justice S. Abdul Nazeer has held that privacy is
intrinsic to life, liberty, freedom and dignity and therefore, is
an inalienable natural right. Justices Chelameswar, Bobde,
Sapre and Kaul have also agreed with Justice Chandrachud’s
judgment.

The judgment says:

“Life and personal liberty are inalienable rights. These are

rights which are inseparable from a dignified human
existence. The dignity of the individual, equality between
human beings and the quest for liberty are the foundational
pillars of the Indian constitution…

Life and personal liberty are not creations of the constitution.

These rights are recognised by the constitution as inhering in
each individual as an intrinsic and inseparable part of the
human element which dwells within.”

Tracing the evolution of privacy in various cases and writings,

the judgment concludes that:

“Privacy includes at its core the preservation of personal

intimacies, the sanctity of family life, marriage, procreation,
the home and sexual orientation. Privacy also connotes a
right to be left alone. Privacy safeguards individual autonomy
and recognises the ability of the individual to control vital
aspects of his or her life. Personal choices governing a way of
life are intrinsic to privacy. Privacy protects heterogeneity and
recognises the plurality and diversity of our culture. While the
legitimate expectation of privacy may vary from the intimate
zone to the private zone and from the private to the public
arenas, it is important to underscore that privacy is not lost or
surrendered merely because the individual is in a public place.
Privacy attaches to the person since it is an essential facet of
the dignity of the human being.”

The judgment contradicts all the arguments raised against the

concept of privacy. While countering the submission that the
constitution makers had rejected the concept of privacy, it has
been held that:

“To live is to live with dignity. The draftsmen of the

constitution defined their vision of the society in which
constitutional values would be attained by emphasising,
among other freedoms, liberty and dignity… Dignity is the
core which unites the fundamental rights because the
fundamental rights seek to achieve for each individual the
dignity of existence. Privacy with its attendant values assures
dignity to the individual and it is only when life can be enjoyed
with dignity can liberty be of true substance… The draftsmen
of the constitution had a sense of history− both global and
domestic– as they attempted to translate their vision of
freedom into guarantees against authoritarian behaviour…
The backdrop of human suffering furnished a reason to
preserve a regime of governance based on the rule of law
which would be subject to democratic accountability against a
violation of fundamental freedoms… Hence, it would be an
injustice both to the draftsmen of the constitution as well as to
the document which they sanctified by constricting its
interpretation to an originalist interpretation.”

The judgment makes it clear that privacy is “not an elitist

construct”. The judgment has rejected the argument of the
attorney general that right to privacy must be forsaken in the
interest of welfare entitlements provided by the state. The
judgment says:

“The refrain that the poor need no civil and political rights and
are concerned only with economic well-being has been utilised
though history to wreak the most egregious violations of
human rights. Above all, it must be realised that it is the right
to question, the right to scrutinise and the right to dissent
which enables an informed citizenry to scrutinise the actions
of government. Those who are governed are entitled to
question those who govern, about the discharge of their
constitutional duties including in the provision of socio-
economic welfare benefits. The theory that civil and political
rights are subservient to socio-economic rights has been
urged in the past and has been categorically rejected in the
course of constitutional adjudication by this court.”

In doing so, the judgment invokes the writings of Nobel

laureate Prof. Amartya Sen. For instance, the judgment relies
upon Sen’s classic The Idea of Justice (Penguin Books, 2009) in
holding:

“In the Indian context, Sen points out that the Bengal famine
of 1943 “was made viable not only by the lack of democracy
in colonial India but also by severe restrictions on reporting
and criticism imposed on the Indian press, and the voluntary
practice of ‘silence’ on the famine that the British-owned
media chose to follow”. Political liberties and democratic
rights are hence regarded as ‘constituent components’ of
development.”

The judgment, while holding that there is an intrinsic

relationship between development and freedom, quotes from
Sen’s writings in The Country of Young Boys (Oxford University
Press, 2015) as follows:

“…development cannot really be seen merely as the process

of increasing inanimate objects of convenience, such as
raising the GNP per head, or promoting industrialization or
technological advance or social modernization. These
accomplishments are, of course, valuable – often crucially
important – but their value must depend on what they do to
the lives and freedoms of the people involved. For adult
human beings, with responsibility for choice, the focus must
ultimately be on whether they have the freedom to do what
they have reason to value. In this sense, development consists
of expansion of people’s freedom.”

The judgment also rejected the submission that privacy is a

privilege for the few. It was held:
“[I]t is privacy which is a powerful guarantee if the state were
to introduce compulsory drug trials of non-consenting men or
women. The sanctity of marriage, the liberty of procreation,
the choice of a family life and the dignity of being are matters
which concern every individual irrespective of social strata or
economic well being. The pursuit of happiness is founded
upon autonomy and dignity. Both are essential attributes of
privacy which makes no distinction between the birth marks of
individuals.”

The judgment, apart from dealing with privacy, has also dealt
with a number of aspects. The judgment authored by Justice
Chandrachud rectifies the mistakes committed by the
Supreme Court in the past. Justice Chandrachud hits two
masterstrokes which no one could have expected. Firstly, the
judgment authored by him, comes down heavily on Justice
Singhvi’s judgment in Suresh Kumar Koushal v. Naz
Foundation (2014), thereby upholding the spirit of LGBT rights.
To quote from the judgment:

“The test of popular acceptance does not furnish a valid basis

to disregard rights which are conferred with the sanctity of
constitutional protection. Discrete and insular minorities face
grave dangers of discrimination for the simple reason that
their views, beliefs or way of life does not accord with the
‘mainstream’. Yet in a democratic constitution founded on the
rule of law, their rights are as sacred as those conferred on
other citizens to protect their freedoms and liberties. Sexual
orientation is an essential attribute of privacy. Discrimination
against an individual on the basis of sexual orientation is
deeply offensive to the dignity and self-worth of the
individual. Equality demands that the sexual orientation of
each individual in society must be protected on an even
platform. The right to privacy and the protection of sexual
orientation lie at the core of the fundamental rights
guaranteed by Articles 14, 15 and 21 of the constitution…
[LGBT] rights are not so-called but are real rights founded on
sound constitutional doctrine. They inhere in the right to life.
They dwell in privacy and dignity. They constitute the essence
of liberty and freedom. Sexual orientation is an essential
component of identity. Equal protection demands protection of
the identity of every individual without discrimination.”

The reference of correctness of Suresh Koushal is pending

before a constitution bench. Justice Sanjay Kishan Kaul, while
writing his concurring opinion, has expressly agreed with
Justice Chandrachud’s view on Suresh Koushal, thereby
making it a view of five judges. Further, the other judges have
not dissented on this aspect, which implies that this view
on Suresh Koushal will be counted as coming from a nine-
judge bench. It is now only a matter of procedure that the
view of the division bench in Suresh Koushal will be overruled.

Secondly, Justice D.Y. Chandrachud overturns his father’s

(Justice Y.V. Chandrachud’s) judgment in ADM Jabalpur v
Shivakant Shukla (1976), who had concurred with the majority
in holding that citizens’ fundamental rights could be
suspended during the Emergency. Perhaps, Justice D.Y.
Chandrachud becomes the first judge in history to have
overturned his father’s judgment/mistake. Further, Justice
Chandrachud and also the other judges in their concurring
opinions have upheld the dissent of Justice H.R. Khanna
in ADM Jabalpur. Justice Khanna had emphatically held that
the suspension of the right to move any court for the
enforcement of the right under Article 21, upon a proclamation
of emergency, would not affect the enforcement of the basic
right to life and liberty. The constitution was not the sole
repository of the right to life and liberty. Upholding the dissent
of Justice Khanna, it has been written by Justice D.Y.
Chandrachud that:

“Justice Khanna was clearly right in holding that the

recognition of the right to life and personal liberty under the
constitution does not denude the existence of that right, apart
from it nor can there be a fatuous assumption that in adopting
the constitution, the people of India surrendered the most
precious aspect of the human persona, namely, life, liberty
and freedom to the state on whose mercy these rights would
depend. Such a construct is contrary to the basic foundation
of the rule of law which imposes restraints upon the powers
vested in the modern state when it deals with the liberties of
the individual. The power of the court to issue a Writ of
Habeas Corpus is a precious and undeniable feature of the
rule of law… A constitutional democracy can survive when
citizens have an undiluted assurance that the rule of law will
protect their rights and liberties against any invasion by the
state and that judicial remedies would be available to ask
searching questions and expect answers when a citizen has
been deprived of these, most precious rights. The view taken
by Justice Khanna must be accepted, and accepted in
reverence for the strength of its thoughts and the courage of
its convictions.”

Though the ADM Jabalpur judgment was nullified by

44th constitutional amendment, it, however, remained a blot
in the face of Supreme Court in the backdrop of gross human
rights violations during Emergency. The right to privacy
judgment has washed away the ‘self-inflicted’ wound.
The New Times had hailed Justice Khanna for his dissent in
following words: “If India ever finds its way back to the
freedom and democracy that were proud hallmarks of its first
eighteen years as an independent nation, someone will surely
erect a monument to Justice H.R. Khanna of the Supreme
Court”. Upholding Justice Khanna’s dissent, is the greatest
tribute to him.

The right to privacy judgment is one of the most landmark

judgments of independent India. It not only learns from the
past, but also sets the wheel of liberty and freedom for future.
The Supreme Court of India has once again emerged as the
sole guardian of the Indian constitution.

THIS ARTICLE WAS WRITTEN BY RAJ KRISHNA, A

STUDENT OF CNLU.
Court: Supreme Court of India

Citation: Writ Petition (Civil) No. 494 of 2012.

Bench: CJI Khehar, J. Chelameswar, J. S A Bobde, J. Rohinton Fali Nariman, J. Dr. D Y

Chandrachud, J. Abhay Manohar Sapre, J. Sanjay Kishan Kaul, J. R K Agrawal, J. S Abdul Nazeer.

INTRODUCTION:

‘Every man’s home is his castle’.[1] This famous proverb is self- sufficient to define the importance of
privacy in an individual’s life. In India the importance of this very right has been recognized by the
apex court in the case of K.S Puttaswamy vs Union of India.[2] The Supreme Court in this case
unanimously held that right to privacy is a fundamental right guaranteed under Article 21 of the
Constitution. Thus now Indians too enjoy right to privacy in the same manner as their counter-parts
do in the western countries.

Many ancient philosophers like Aristotle and Plato too considered Privacy important. In modern
times importance of privacy in an individual’s life, has been firstly defined by an American scholar in
the late 19th century.[3] Privacy has been recognized as a basic human right by many developed and
developing countries. However, in India this right was not been given much importance, neither by
the Constituent assembly nor by the Supreme Court of India.

BACKGROUND OF THE CASE

Government of India initiated Aadhaar project, with an objective to build a database of personal
identity and biometric information covering every Indian. More than a billion Indians have so far been
registered in the Aadhaar programme, which sees citizens issued with a 12-digit number that aligns
to specific biometric data such as eye scans and fingerprints. Registration has now been made
mandatory for filing tax returns, opening bank accounts, securing loans, buying and selling property
etc…

In 2012, former judge Justice K.S. Puttaswamy filed a writ petition in the Supreme Court challenging
the constitutionality of Aadhaar Project on the grounds that it violates the right to privacy. The
Government argued that there was no such constitutional right of privacy in view of the decision
given by eight judges in M.P. Sharma v. Satish Chandra[4] and a decision by a four judges in Kharak
Singh v. State of Uttar Pradesh.[5]

The case came before a three judge Bench of the Court which, on 11 August 2015, referred the
matter to a larger Bench of the Court. On 18 July 2017, a five judge Constitution Bench ordered the
matter to be heard by a nine judge Bench. In the meantime however the bench hearing the
constitutional validity to Aadhaar passed an interim order restricting compulsory linking of Aadhaar
for benefits delivery.[6]

ISSUES BEFORE THE COURT:

The apex court decided the case upon following issues:

1. Whether the judgment pronounced by the constitutional bench, in the case of M.P Sharma
and Kharak Singh that there is no right of privacy in the constitution, is correct.

During the hearing of the present case, the court also dealt on various aspect of privacy-

(i) Whether there is a constitutionally protected right to privacy;

(ii) If there is a constitutionally protected right, whether this has the character of an independent
fundamental right or whether it arises from the existing guarantees of protected rights such as life
and personal liberty;

(iii) The doctrinal foundations of the claim to privacy;

(iv) The content of privacy;

(v) The nature of the regulatory power of the state. [7

JUDGMENT:

The court in this case unanimously held that privacy is a constitutionally protected right which
emerges, primarily, from Article 21 of the Constitution. However, this is not an absolute right but
interference must meet the three fold requirement of (i) Legality; (ii) the need for a legitimate aim and
(iii) proportionality. The court also noted that, as informational privacy is a facet of the right to privacy,
the Government will need to put in place a robust regime for data protection.

The judgment can be summarized as follows:

1. Decision in MP Sharma has been overruled.

2. Decision in Kharak Singh, to the extent it says Right to Privacy is not part of Right to Life, is
also over ruled.

3. Right to Privacy is an intrinsic part of life and personal liberty under Article 21.

4. Decisions subsequent to Kharak Singh which held privacy as part of right to life are correct.
[8]

AN APPRAISAL:

The decision given by the apex court in the case of K.S Putaswamy vs Union of India has opened
new doors for the people of India. This very judgment will highly affect the Indian policy making. The
change can be called a positive change as now more importance will be given to the individuality
and personal liberty of an individual. The interest of individual will now be given equal importance as
to the interest of state, and now the individuals can decide, whether they want to share their
personal data to the state or not. They have a right of making choice.

This judgment will also affect the court’s decision with respect to section 377 of I.P.C, as now
homosexuality comes under the ambit of private matter. Thus the state should not interfere in this
very matter. However, the judges have made it clear that the ruling does not deal with the matter of
decriminalizing homosexuality directly as a separate bench is dealing that very particular case.

Hence Puttaswamy judgment can be considered as one of the most landmark judgments of
independent India. It not only learns from the past, but also sets the wheel of liberty and freedom for
future. The Supreme Court of India has once again emerged as the sole guardian of the Indian
constitution.[9]

[1] Gregory Y. Titelman, Random House Dictionary of Popular Proverbs and Sayings, at 229
(1stedition 1996).

[2] K.S Puttaswamy vs Union of India, Writ Petition (Civil) No. 494 of 2012.

[3] Daniel J. Solove, Understanding Privacy (1st edition, Harvard University Press 2008).
[4] M.P. Sharma v. Satish Chandra [1954] SCR 1077.

[5] Kharak Singh v. State of Uttar Pradesh [1964] 1 SCR 332.

[6] Hugh Tomlinson, ‘Puttaswamy v Union of India: Supreme Court recognises a constitutional right
to privacy in a landmark judgment’, (Inform’s Blog, September 4, 2017)

7] K.S Puttaswamy vs Union of India, Writ Petition (Civil) No. 494 of 2012.

[8] K.S Puttaswamy vs Union of India, Writ Petition (Civil) No. 494 of 2012.

[9] Anurag Bhaskar, ‘Key Highlights of Justice Chandrachud’s Judgment in the Right to Privacy
Case,’ (The Wire, 27 August, 2017) < https://thewire.in/171325/justice-chandrachud-judgment-right-
to-privacy/ > accessed 4th January, 2018.

“Supreme Court must grant

exemplary damages and
compensation to those who lost
lives or otherwise excluded due to
Aadhaar’’ - Gopal Subramanium
The Supreme Court on Thursday resumed hearing in the
Aadhaar case. Here is the summary of arguments from Senior
Advocate Gopal Subramanium, who is appearing for the
petitioners in the Aadhaar case…

The senior counsel told the five Judge Bench as to how

everyone including the government have violated interim
orders passed by the apex court on Aadhaar. "There is an
uncertainty associated with biometric systems. They are
probabilistic in nature. There is a risk of error. Biometrics are
untrusted systems resulting in exclusions. In Jharkhand,
exclusion is as high as 49%. Now in 2018 we have starvation
deaths due to failure of Aadhaar authentication. The Court must
grant exemplary damages and compensation to those who lost
lives or otherwise excluded," Mr Subramanium contended.

Pointing out the disparities in the Aadhaar Act and how it

deprives entitlements to citizens, the senior counsel said,
"Section 7 of the Aadhaar Act impose a condition for claiming
entitlements with the wordings used- require, undergo, furnish
proof. However, the same Section does not actually prescribe
that there must be real recipient of the benefits. In case
(Aadhaar) authentication fails, the entitlements may be
annulled, resulting in permanent disablement."

He said, "The moment there is an authentication failure, there

is an assumption that the biometrics were captured validly at
the time of enrolment and now the person is trying to duplicate.
This leads to de-activation of Aadhaar number for the holder.
There is no procedural or substantive reasonableness being
followed by the Authority (UIDAI) for deactivating a number.
The individual will not be given opportunity of hearing, instead
the Authority will be given the opportunity for this."
Referring to enrolment regulations, Mr Subramanium said, "The
burden of updating the information in CIDR is on the
individuals."

On this, Justice Dhananjaya Chandrachud commented that the

government cannot be expected to keep a track of all changes
in CIDR. Replying to this, Mr Subramanium said, "Demographic
is another thing, but how will an individual get to know that she
is due for biometric updation? And if biometric has changed
what does one do?" Justice Khanvilkar mentioned that in case of
an authentication failure, the person can go for updation. Mr
Subramanium, however, informed the Bench that an
authentication failure is viewed as the person being a ghost,
fake nowadays. "In case the biometric info is lost or changes
subsequently, the individual will have to request UIDAI to make
alterations in his records, he added.
Earlier, referring to the Selvi vs State of Karnataka case that
stated that taking of fingerprints was invasion, Mr
Subramanium said, "Sans criminality or any offence being
committed, people cannot be asked to give their biometrics.
Biometric authentication was considered only in the case of
commission of crime."

Referring to the launching of 'purification' of electoral rolls by

linking it with Aadhaar, the senior counsel said a three Judge
Bench of the apex court had issued a note, after which the
programme was suspended. Mr Subramanium contended that
while the government is making linking of bank accounts with
Aadhaar for curbing money laundering, the NPCI is making all
its database available to private parties. "Anyone can get a
profile of an individual from the State Resident Data Hubs
(SRDHs). And there is no limitation on what info can be stored
in SRDH."

Reacting on this Rakesh Dwivedi, representing Gujarat

government contended that SRDHs were established under a
memorandum of understanding under the United Progressive
Alliance (UPA) regime. He claimed, that once the Aadhaar Act
was enacted, the data in SRDHs was destroyed.

Mr Subramanium then read out affidavits filed by Digital

Lenders Association and Khosla Labs, which want Aadhaar
project because if this project is struck down their business will
be affected.

Justice Chandrachud then asked for credible documents to show

to what extent private parties had access to the Aadhaar
database. "Can private parties gain access to the biometric
information. As Section 57 of the Aadhaar Act does not provide
provision for the same," Justice Chandrachud asked.

Replying to this Mr Subramanium said, "Authentication agents

are not government agents. They are private players. Aadhaar
bridge is an invitation to business which would be done through
this agent."

Pointing out to Section 57 of the Aadhaar Act, which allows only

authentication by private parties, Justice Chandrachud wanted
to know how they can get access to the database.

Mr Subramanium said, "Due to seeding of Aadhaar with

multiple databases, the entity can gain access to the profile of
the individuals."

The senior counsel also highlighted data retention by every

agency associated with the UIDAI and how in the absence of a
data protection law, injury or vulnerability is heightened. He
said, "Data retention should also follow reasonable and
substantive reasonableness. It cannot be for all the people.
That is very broad. With big data, we can get the details of the
individuals, especially if combined with other data sets. It can
even give geographical data of the individuals."

"In addition, the algorithms are unpredictable in nature. Since

UIDAI is not the algorithm writer, what guarantees do we have
then?" Mr Subramanium asked.

During the hearing there was a discussion between the senior

counsel and Chief Justice Dipak Misra on the origin of the
phrase, 'Yato Dharmastato Jaya", which is inscribed in the logo
of the apex court. Mr Subramanium says there are a number of
place that the saying comes. Recalling how this was referred to
how justice is the essence of all virtue and a purely technical
decision on a complex question of identity, the senior counsel
said, "...without human application of mind and without
recourse to justice is grotesque, unjust."

Next hearing will take place on 6 March 2018 with senior

counsel Arvind Datar commencing his arguments covering
seven basic points. Chief Justice Dipak Misra had recommended
Mr Datar to submit a note on his points and then elaborate it
during next hearing.

Dr Goyal exposes vulnerabilities in

Aadhaar architecture and ecosystem
before the Supreme Court- Part1
Dr Rakesh Mohan Goyal, a computer industry expert, and an
occasional writer for Moneylife who has audited authentication
centres of Aadhaar had filed an affidavit in the Supreme Court.
Dr Goyal told the apex court that people at enrolment centres
were retaining and storing biometric data and the Identification
Authority of India (UIDAI) has no way of knowing.

According to the affidavit, biometrics of Indians are available to

private entities, can be and are being stored in logs. This is that
because of the architecture of Aadhaar, UIDAI has very little
control over this, it says.

Dr Goyal also submitted a paper, based on 25 audits, that talks

about six ways of hacking. The affidavit says that there is no
way of knowing, after an audit, whether the storage is
continuing or has stopped.

The computer security expert, who filed the affidavit, says he

want bring to the attention of the Supreme Court, “Inherent
design faults in the Aadhaar project that severely compromise
the safety and security of citizens' biometric data; and to my
knowledge and in the course of my audit work I have found that
biometrics captured in the Aadhaar authentication process are
being stored by entities other than UIDAI and Central
Identification Data Repository (CIDR).

“In other words, the biometrics of Indians are available to

private entities were bring / can be stored by them in logs,
cache, temp variables, etc. The purpose of this affidavit to bring
to notice the potential high risk to the biometric information,
which is being stored and can be stored or shared, in the
Aadhaar authentication eco-system. It is relevant to point out
that because of the architecture and applicable processes of
the Aadhaar authentication system, even the UIDAI has very
little control over this issue, as of today. It is of great concern
that the biometric information is being and/or easily can be
stored or shared or reused by the third party requesting
entities, i.e. the Authentication User Agencies / KYC User
Agency (AUAs/KUAs) during the authentication process under
the Aadhaar scheme,” Dr Goyal says in the affidavit.

He says, UIDAI and CIDR holds all Aadhaar related data.

Aadhaar data repository has two types of consumer data in it.
Apart from Aadhaar holder’s data, the CIDR must be storing
authentication transaction data, log data, financial data and
access control and other master or parameter data. There are
two types of Aadhaar holder’s data, one demographic data,
including name, address, gender, date of birth, mobile number
and email address and other biometric data like photo,
fingerprints and iris scan data.

(An image from UIDAI website showing types of Aadhaar data)

As per The Aadhaar (Targeted Delivery of Financial and Other

Subsidies, Benefits And Services) Act, 2016 (or say Aadhaar
Act) and rules u/s 43A of Information Technology Act 2000
(amended in 2008), biometric information is Sensitive Personal
Data and Information (SPDI).

As per section 29 of the Aadhaar act, Core biometric data

(fingerprint and iris scan) (a) mustnot be shared with anyone
and (b) used only for generation of Aadhaar number and
authentication.
According to the affidavit, in the Aadhaar authentication eco-
system, as it exist today, high risk exist that core biometric
data is either stored and shared and UIDAI has very little control
over it.

Dr Goyal says, “After UIDAI discovered a serious security

incident and took action against eSuvidha, eMudra and Axis
Bank in February 2017, it issued an order to get all AUAs, KUAs,
ASAs and KSAs re-audited by CERT-In empanelled IT Security
auditors. My company is one of CERT-In empanelled IT Security
auditors. We have audited 25 AUAs and KUAs after that. I
personally was involved in 15 of these audits hands-on and was
supervising auditor in other 10 audits.”

“This exercise was a great learning exercise and gave me an

insight into the security practices followed by AUAs and KUAs,
to acquire, use and secure biometric and demographic data.
Many of these practices were, or can be, used to store or reuse
or share core biometric data. Further, I believe that I have an
inclination to identify or pick potential vulnerabilities and mis-
use as per the Murphy’s law; in IT systems, management
processes and techno-legal processes. With my observations of
security practices at AUA and KUA and inclination to identify
potential vulnerabilities, I have discussed some potential ways
to store or reuse or share core biometric data by AUA and KUAs.
This is by no means an exhaustive list as there may exist some
better vulnerabilities identifier than me,” Dr Goyal added

He then explained data flow and system flow at UIDAI regarding

Aadhaar, including data acquisition, storage and authentication.
In data acquisition, the resident register for new Aadhaar
number by providing demographic and biometric data or
amends both these types of data. In second stage, data
acquired by residents is stored in CIDR or UIDAI at its data
centres. In last stage, an Aadhaar holder is authenticated for
various services. These services may include, services as per
the Aadhaar act, that is “Targeted Delivery Of Financial And
Other Subsidies, Benefits And Services” or other services such
as linking Aadhaar with income tax PAN and/or bank account
and/or mobile phone.

Authentication can be either using one time password (OTP) on

registered mobile number or using biometric scanning devices
to scan core biometric and authenticate the Aadhaar holder.

According to the affidavit submitted by Dr Goyal there are two

types of authentication. One where CIDR responses in plan yes
or no and second where CIDR provides demographic data to
verifier like a bank or telecom company or an intermediatory to
populate their database with name, address, gender, date of
birth, email and mobile number as provided by UIDAI. The
authentication in case of OTP is authentication of registered
mobile phone and not of real person.

Dr Goyal admitted that he has no idea of security of CIDR and

related infrastructure, except normal vulnerabilities exist in
devices, operating system, database, servers and other
components of infrastructure.

Existing controls by UIDAI on AUA/KUA security

Currently UIDAI has an AUA Audit Compliance Checklist created

on 17 May 2013, against which the security validation or audit
is done. It has some mandatory security requirements and
some recommended security requirements. The general
mandatory controls are seven and mandatory controls for
devices are four. These are also defined on UIDAI website as
below -

Mandatory Security Requirements

1. Aadhaar number should be never used as a domain specific
identifier.
2. In the case of operator assisted devices, operators should be
authenticated using mechanisms such as password, Aadhaar
authentication, etc.
3. Personal Identity Data (PID) block captured for Aadhaar
authentication should be encrypted during capture and should
never be sent in the clear over a network.
4. The encrypted PID block should not be stored unless it is for
buffered authentication for a short period, currently configured
as 24 hours.
5. Biometric and OTP data captured for the purposes of
Aadhaar authentication should not be stored on any permanent
storage or database.
6. The meta data and the responses should be logged for audit
purposes.
7. Network between AUA and ASA should be secure.

Mandatory Security Requirements

1. PID block captured for Aadhaar authentication should be
encrypted during capture and should never be sent in the clear
over a network.
2. The encrypted PID block should not be stored unless it is for
buffered authentication for a short period of time.
3. Biometric and OTP data captured for the purposes of
Aadhaar authentication should not be stored on any permanent
storage or database.
4. In the case of operator assisted devices, operators should be
authenticated using mechanisms such as password, Aadhaar
authentication, etc.

In the checklist, there are further eight recommendatory

controls, which are not mandatory for on-boarding as AUA.
Apart from above controls, eight standards and APIs are
defined. Thus, this is 28-point check-list. The whole AUA and
KUA IS security is covered using these controls only, the
affidavit says.

According to Dr Goyal, the AUA Audit Compliance Checklist

appears to be made at least three-four years back. “The
properties of pdf file show creation date as 17 May 2013. It
appears that the creator(s) of checklist have either no or very
limited exposure to AUA security ground realities. Further,
considering security challenges encountered and dynamic
evolution of security vulnerabilities during last three-four years,
the checklist is still same vintage,” he added.
Dr Goyal reveals 6 vulnerabilities in
Aadhaar authentication ecosystem –
Part2
Dr Rakesh Mohan Goyal, a computer industry expert, and an
occasional writer for Moneylife, in his affidavit before the
Supreme Court had described six vulnerabilities that exists in
the Aadhaar authentication ecosystem that can lean or steal or
store or share cored biometrics of Aadhaar holder.

Here are the six vulnerabilities as described in the affidavit by

Dr Goyal

1. Biometric data stealing from fingerprinting device – as

per requirement, all the biometric devices must be
Standardisation Testing and Quality Certification (STQC)
approved as these must capture fingerprints as per standards
and application programming interface (API) defined by UIDAI,
so there is no incompatibility. Normally, these devices are
smaller than a mouse and are attached to the PC or laptop or
mobile phone via USB port. As the Aadhaar user puts the finger
on the device, the fingerprint is scanned and the raw image is
sent to the PC or laptop or mobile phone for further processing.
But, this raw biometric image stays in the device RAM till either
next scanning is done or device is disconnected or PC or laptop
or mobile phone is turned off. This raw image can be hacked
from device RAM, if a hacker accesses the PC or laptop or
mobile phone. This is possible either by using a malware or bot.
The mobile phone is one of the most unsecure devices. Almost
all mobile apps steal various types of data, stored in mobile,
which may include biometric data. There are methods to
mitigate this risk but UIDAI has not defined the same in its audit
checklist and any processes.

2. Biometric data stealing from Iris scanner device – all

Iris scanner devices also must be STQC approved as these must
capture iris image as per standards and API defined by UIDAI,
so there is no incompatibility. These devices are not as small as
fingerprint scanners. Seven such devices are approved by STQC
as on date. One of the popular devices for authentication
capture is Samsung pad. These are also attached to the PC or
laptop via USB port or Wi-Fi or mobile data internet connectivity.
As the Aadhaar user iris is scanned on the device, the raw
image is sent to the PC or laptop for further processing. The raw
image stays in the device RAM till either next scanning is done
or device power is off. This raw image can be hacked from
device RAM, as most of android based mobile devices are open
system and most unsecure devices. Most of the apps steal all
the data. There are methods to mitigate this risk but UIDAI has
not defined the same in its audit checklist and any processes.

3. Biometric data stealing from PC or laptop – After the

raw biometric image is transferred to PC or laptop, it is stored in
a temporary data variable. From this variable it is further
processed into PID, which is another data variable. Then it is
encrypted, which sits in third data variable. Then it is digitally
signed, which goes into fourth data variable. After that, it is
sent to ASA, KSA and ESP to further forward to UIDAI for
authentication. Further, the data is also written in cache
memory.

In audit checklist, UIDAI specify, “The encrypted PID block

should not be stored unless it is for buffered authentication for
a short period of time and after transmission, it should be
deleted“.

However, according to the affidavit, UIDAI do not specify any

treatment for intermediate variables and they contain the
biometric data till either next biometric comes or power is off.
“Again, a hacker can steal biometric from these variables or
cache. The short period is not defined in checklist but defined
at website as 24 hours. This is a huge time for a hacker. There
are methods to mitigate this risk but UIDAI has not defined the
same in its audit checklist and any processes,” Dr Goyal says.

4. Storage of biometric data in temporary storage - In

audit checklist, UIDAI specify that “Biometric and OTP data
captured for the purposes of Aadhaar authentication should not
be stored on any permanent storage or database“.

“I have seen situations, where the AUA argued that UIDAI has
barred to store biometric and OTP on permanent storage and
not on temporary storage. And the limit of temporary storage
and/or period is not defined. This temporary period can span
from few milliseconds to months. This so-called temporary
storage is potential source for biometric data to be leaked or
stolen or stored or shared. There are methods to mitigate this
risk but UIDAI has not defined the same in its audit checklist
and any processes,” Dr Goyal says.

5. Illegal modification in application – As per UIDAI

checklist, the auditor validate whether biometric data is not
stored permanently. Dr Goyal says, “We check the code and if
found any storage, we ask them to change the application
code. But, there is no check and control by UIDAI that the
application code, which is audited and approved, will be used
further and not changed. Unofficially, as per my knowledge and
belief, at least at one AUA, they have modified the code to store
the all user data including biometric data, after audit and store
it at a place, where no one can check easily. They will replace
the audited code when next audit will be due. There are
methods to mitigate this risk but UIDAI has not defined any
mitigation strategy.”

6. Biometric data theft due to not up-to-date technology

and patching – Dr Goyal’s affidavit contends that biometric
data can also be stolen due to usage of old technology or non
application of security patches by the AUA. “Hackers can easily
exploit vulnerabilities in these situations. There are methods to
mitigate this risk but UIDAI has not defined the same in its audit
checklist and any processes,” it added.

Dr Goyal says, he sent a letter to UIDAI on 9 December 2017,

requesting them to define its check-list, methodology, audit-
report format, process with QC and monitoring mechanism. You
must take advantage of this rich and diversified pool of
experience.

“Still after a month, UIDAI is at the same state of rest or motion

as per Newton’s first law of motion. This inertia will break only
when an outside unbalanced force will be applied. This force
may be a security incident and/or government order and/or
judicial order and/or sudden wisdom and/or something else,”
the security expert added in his affidavit.

Supreme Court’s Constitution

bench to hear Aadhaar cases
today
The five-judge Constitution bench of the Supreme Court will seek to
address privacy issues over Aadhaar, its mandatory use and
use/sharing of biometric data
New Delhi: A five-judge Constitution bench of the Supreme Court is set to
hear on Tuesday a challenge to various issues surrounding Aadhaar with the
main focus on privacy issues.

The bench will consider whether Aadhaar violates the right of privacy.

The bench, comprising Chief Justice of India J.S. Khehar, and Justices D.Y.
Chandrachud, J. Chelameswar, S.A. Bobde and Abdul Nazeer, will examine a
plethora of issues arising out of the Centre’s 12-digit biometric identification
number.

A total of 22 cases were tagged by the Supreme Court to be heard by the

constitution bench. They challenge several aspects of Aadhaar and the
use/sharing of data collected under it.

Among these challenges are—making Aadhaar mandatory for social welfare

benefits, infringement of right to privacy, making Aadhaar mandatory for
filing income tax returns (ITRs) as well as for obtaining and retaining PAN.

For the court to delve into the privacy issue in detail, it will first have to take a
call on the strength of the bench and decide whether there is a need to refer
the issue to a larger bench.

To make this decision, the Supreme Court will have to consider legal
precedents and study the scope of privacy under each of them to decide on the
number of judges. The five judges would then either continue to look into the
privacy issue or refer the issue back to the chief justice for the constitution of a
nine-judge bench.

Should the five-judge bench decide to rule on the case itself and not refer it to
a larger bench, it could decide the future of Aadhaar, which has become the
backbone of government welfare programmes, the tax administration network
and online financial transactions.

On 13 July, the Supreme Court had ruled for the setting of a constitution
bench to address the long standing question of whether Indian citizens have
the right to privacy, and if Aadhaar breaches the right.

The centre has maintained its stand that right to privacy is not a fundamental
right. Then attorney general Mukul Rohatgi told the Supreme Court in 2015
that Indian citizens don’t have a fundamental right to privacy under the
Indian Constitution—an argument he repeated subsequently.

The new attorney general K.K. Venugopal has told the court that at least 350
million people were able to access benefits under various government
schemes.

On the other hand, Shyam Divan, counsel for one of the petitioners had
compared the situation to one under a totalitarian regime where people were
being forcefully tagged and tracked by the government.
A look at the list of 22 cases referred to the five-judge constitution bench that
is set for its first hearing focussing on privacy issues surrounding Aadhaar.

1. Justice K.S. Puttaswamy vs Union of India (Lead case): Challenge

to mandatory Aadhaar use for PDS, LPG, MNREGA, Pension scheme, Jan
Dhan Yojna.

2. Aruna Roy, Nikhil Dey vs Union of India: Challenges large-scale

exclusion of people from access to basic welfare services under mandatory
Aadhaar.

3. Shantha Sinha vs Union of India: Challenges the mandatory use of

Aadhaar for the government’s social welfare schemes.

4. S.G. Vombatkere vs Union of India: Challenges mandatory Aadhaar

linking for filing income tax returns.

5. Binoy Vishwam, Bezwada Wilson, S.G Vombatkere vs Union of

India: Challenges infringement of right to privacy guaranteed under Article
21 (right to life) of the constitution.

6. S.G. Vombatkere vs Union of India: Raises privacy concerns involved

in collection of biometric data under Aadhaar.

7. Mathew Thomas vs Union of India: Highlights threat to national

security posed by Aadhaar, particularly in relation to data sharing.

8. S. Raju vs Department of Finance: Highlights implications of the

scheme on the federal structure of the state.

9. Vickram Crishna vs UIDAI: Highlights invasion of privacy under

Aadhaar scheme.

10. Indian Oil Corporation Ltd vs Ashok Kumar Paikaray: Challenges

mandatory nature of Aadhaar.

11. Nagrik Chetna Manch vs Union of India: Says Aadhaar detrimental

to financial service regulation and financial inclusion.

12. Nagrik Chetna Manch vs Pradeep Kumar Sinha: Challenge linking

of Aadhaar for Digital India Program, capital subsidy, ration, school
admissions, voter ID, among others.
 13. UIDAI vs CBI: Challenges denial of entitlements due to not holding
Aadhaar.

14. Mathew Thomas vs Harsh Gupta: Details Not Available

15. Achutanandan vs Reena Ray: Details Not Available

16. Shankar Prasad Dangi vs Bharat Coking Coal: Details Not

Available

17. Indian Oil vs All Orissa Consumer Protection Council: Details Not
Available

18. Union of India vs Sri V. Viswanadham: Details Not Available

19. Mathew Thomas vs Vivek Rae: Details Not Available

20. Indian Oil vs Rajaji Mathew Thomas: Details Not Available

21. Indian Oil vs Baisil Attipetty: Details Not Available

22. S.G. Vombatkere vs Swadheen Kshatriya: Details Not Available

Aadhaar Case In Last Lap,

Supreme Court To Start Hearing
Today: 10 Points
January 17, 2018

Here are the 10 points:

1. In the five years that the Supreme Court has been hearing the initial petition, the
number of people issued Aadhaar numbers have gone up from 20-25 crore in 2012 to
119 crore, which ascribe unique ID numbers, and record fingerprints and iris scans of
each person.
2. The case was held up because the central government contended that the top
court had not always held privacy to be fundamental rights. This led the court to set up a
nine-judge bench to first decide if privacy was a fundamental right or not.
3. Once this verdict came in, Chief Justice Dipak Misra set up this five-judge
constitution bench to decide if any aspect of the Aadhaar programme including the law
violated the fundamental right.

4. The other judges in the five-judge bench are Justices AK Sikri, AM Kanwilkar, DY
Chandrachud and Ashok Bhushan.

5. "We are of the considered view that the resolution of the issues raised before the
Court should proceed at the earliest...This will ensure clarity for citizens on the one
hand and for the Union and the state governments and the instrumentalities on the
other hand," the court had observed in December.

6. Critics say the Aadhaar identity enables government and private bodies to link
enough data to allow profiling because it creates a comprehensive profile of a person's
spending habits, friends and acquaintances, property and other such data.

7. Aadhaar was set up to be a secure form of digital identification for citizens, one
that they could use for government services. The project was initially carried out through
executive orders and was voluntary.

8. The Supreme Court in 2013 prevented the government from forcing people to
submit their Aadhaar number to access welfare schemes. The NDA government worked
around this restriction by getting parliamentary approval for the law in 2016 that gave it
wide powers.

9. Aadhaar was launched by the previous UPA in 2009-10 to reduce the

government's subsidy bill and remove duplicates from the home ministry-driven national
population register that was inspired by BJP patriarch LK Advani's identity card project.
After Prime Minister Narendra Modi came to power in 2014, the government put the
population register on hold and put its weight behind Aadhaar.

10. PM Modi also mandated that new-borns too be issued the number, not just
children after they turn five. This would make the number, issued after a person's
fingerprints and iris, a cradle to grave digital identity for every resident.
Aadhaar Isn't Just About Privacy.
There Are 30 Challenges the Govt
Is Facing in Supreme Court
The number of cases against Aadhaar have bloated since 2012. As
hearings begin again before the apex court, a look at what the
cases are:
New Delhi: The Aadhaar case has bloated. Hearings on the
case, that has been on hold since 2015, once again began
in the Supreme Court on Wednesday with the petitioner’s
arguments. With the government finding a way to make
Aadhaar all-encompassing, the Aadhaar case has bloated to
about 30 petitions and six interventions which the government
faces today.

From the first petition, which challenged the Aadhaar

juggernaut in 2012, to the post-privacy period in 2017, the
government of India will now have to defend itself against the
30 challenges which have been submitted to the Supreme
Court on the Aadhaar project on a range of aspects.

In all, the government has issued about 139 notifications

calling for the linking of Aadhaar to various aspects of life.
This figure was presented to the Supreme Court on
Wednesday by Shyam Divan, counsel for some of the
petitioners.

What are the 30 challenges to Aadhaar?

Two of the most major legislative and legal turning points in

the Aadhaar saga were the enactment of the Aadhaar Act in
March 2016, and the privacy judgment in August 2017.
In parliament, the Aadhaar Act was pushed through as
a money bill and thus passed only in the Lok Sabha. Prior to
this, the United Progressive Alliance (UPA) and the National
Democratic Alliance (NDA) governments had been expanding
the Aadhaar for years, just on the basis of executive
government orders with no sanction of parliament.

In the Supreme Court, the right to privacy was upheld

unanimously by a nine-judge bench in 2017. Privacy is one of
the major considerations with regards to the Aadhaar project,
the other being the denial of rights due to Aadhaar.

It makes sense to thus examine the challenges to Aadhaar

with reference to these two major turning points.

The challenges to Aadhaar began six years ago, in 2012. The

programme was first challenged during the Congress
government and newer challenges have been tagged on over
the years, including under the BJP government.

Also read: Who Is Running the ‘Orchestrated Wine And Cheese Campaign’ Against Aadhaar in the

SC?

The first challenge to Aadhaar was filed in 2012 by retired

justice K Puttaswamy, former judge in the Karnataka high
court. Puttaswamy’s name will now forever be associated with
the historic privacy judgment in August 2017.

Then, 2013 was a year of heavy challenges, with eight new

petitions being filed. Four challenges were subsequently filed
in 2014 and five in 2015.

Another 12 challenges have cropped up since the government

passed the Aadhaar Act in 2016. Many of them have
challenged the Act in its entirety.
Other petitions that have gathered interest include the ones
filed by S.G. Vombatkere, Aruna Roy, Shantha Sinha, Kalyani
Menon Sen, Binoy Viswam, Mathew Thomas and interventions
by parliamentarian Rajeev Chandrasekhar and the Centre for
Civil Society.

Five petitions have been filed by Indian Oil Corporation

Limited.

The state of West Bengal has also challenged the government

of India’s Aadhaar Act.

One petition has in fact been filed by the Aadhaar’s governing

body itself – the Unique Identification Authority of India
(UIDAI), challenging a Bombay high court order which directed
the UIDAI to submit biometric information of those accused in
criminal trials to the Central Bureau of Investigation (CBI).

There have also been six interventions admitted by the court.

Rajeev Chandrasekhar, member of parliament from Bangalore,
has filed an intervention in Aruna Roy’s case and the Centre
for Civil Society has filed one for Puttaswamy’s case.

What are these 30 petitions challenging?

Several petitions have challenged the constitutionality of the

entire Act and its associated programme. For example,
Shantha Sinha’s petition has challenged the Act and the tens
of notifications which the government has issued under
section 7 of the Aadhaar Act. These notifications have made
Aadhaar virtually “mandatory” for several government
services.

Others are challenging more specific issues such as Aadhaar

as a tool of surveillance, its interference with federalism and
its role in causing exclusion and denial of rights.
Also read: The Different Ways in Which Aadhaar Infringes on Privacy

Petitions currently before the Supreme Court have also

challenged the seeding of Aadhaar with the National
Population Register , the government circular which made
Aadhaar verification necessary for SIM cards, the recent
amendment in the Income Tax Act which asked for the linking
of PAN cards with Aadhaar, the amendment to the Prevention
of Money Laundering Act which also mandated Aadhaar and
the use of Aadhaar for various ’Know Your Customer’
protocols,

West Bengal is the only state to come forward and challenge

the entire Act as well.

How did we get here?

In 2015, a three-judge bench of the Supreme Court was

hearing a clutch of about 21 petitions challenging different
aspects of the Aadhaar.

It was here that Mukul Rohatgi, the then Attorney General, told
the court that India did not actually have a fundamental right
to privacy and that the law at the time had some amount of
judicial disagreement which would have to be clarified first.

In an interview with The Wire last year, he said, “I did not

mean that – that privacy is nothing.”

But the bench took Rohatgi seriously and referred the matter
of privacy to a rare nine-judge bench of the Supreme Court.

That took nearly two years to form.

The delay turned out to be a bonanza for the government, as,

in the meantime, it managed to ram the Aadhaar Act through
as a money bill in 2016. It was passed only in the Lok Sabha
where the BJP has a majority.
Around this time last year, the government began to
frenetically issue office orders linking Aadhaar to various
rights – entitlements, benefits and subsidies – which are
guaranteed to Indian citizens. The number of notifications
stands at 139, according to the petitioners. This is apart from
several notifications issued by state governments as well.
Private companies such as PayTm, Amazon and Facebook have
also found ways to incorporate Aadhaar data into their
products.

New art
Menon contended that Aadhaar was an “insecure, unreliable, unnecessary and
inappropriate technology project which is being foisted with coercion on the most
vulnerable section of Indians and is threatening their constitutional and legal rights
and en...

Read more at: http://www.livelaw.in/centre-exaggerating-aadhaar-enrolment-

figures-benefits-petitioner-tells-sc-read-rejoinder-affidavit/