Firstpost: New Delhi: Thursday, February 08, 2018.
On Day 7 of
the Aadhaar hearings, Shyam Divan concluded his arguments for the petitioners,
arguing on the unconstitutionality of exclusion via Aadhaar, and the violation
of the right to bodily integrity through the use of biometric data. Thereafter,
Kapil Sibal commenced his arguments for the petitioners, equating the Aadhaar
Act to an RTI Act for the state, giving the state unfettered access to people’s
data, and violating people’s constitutional right against self-incrimination.
Unconstitutionality
of Aadhaar-based exclusion
First, the
petitioners continued their argument from the previous session that with
Aadhaar, the people don’t have an option to authenticate. This choice, they
argued, is a basic requirement in a democracy. Several examples were cited
pointing to exclusion via Aadhaar, including diversion of pension based on the
wrong Aadhaar being linked to accounts, denial of rations which have led to
starvation deaths like the case of Santoshi, and even cases where school
children were denied attendance because their fingerprints didn’t match. The
petitioners argued that this was a question of exclusion, death and dignity of
the people.
The Bench
observed that this exclusion caused by Aadhaar is a ground for violation of
Article 14, the right to equality, indicating grounds for its
unconstitutionality.
The Bench
also pointed here to the lack of internet penetration in the country, and the
issues created thereby. The argument was concluded that people were treated as
‘ghosts’ simply due to their inability to authenticate, which was a violation
of Articles 14, 19, and 21 of the Constitution. This is only amplified by the
fact that the Aadhaar system is coercive.
People want
to opt-out from Aadhaar
The
petitioners went on to argue against the lack of an opt-out from the Aadhaar
system, submitting affidavits from people who wanted to do so. Aadhaar
enrollment also is particularly low in the north-east, leading to a demand for
an opt-out from there as well.
Biometrics
and the violation of bodily integrity
Turning to
the use of biometrics and its constitutionality, the petitioners presented an
affidavit by a technical expert, who had conducted a cybersecurity audit of
enrolment centres. This affidavit pointed to how these centres were illegally
retaining and storing biometric data, a fact that neither the people nor UIDAI
was aware of. They attributed this lack of control over such entities to the
very architecture of Aadhaar. Moreover, there was no way of knowing if, even
after the audit, this practice was continued or stopped.
Arguing
further on the risks to this data, the affidavit enumerated 6 ways of hacking.
This, the petitioners argued, impacted people’s right to control information on
themselves, and violated their right to bodily integrity.
The recent
example of the scam in Surat was also cited in support of the
compromise-ability and misuse of biometric data. Pointing to the ease with
which fingerprints can be cloned and faked, and on the bypassing of iris
authentication by reverse engineering, the petitioners argued on why people
were being forced to authenticate through biometrics via such an insecure
system. Attention was also drawn to the 49,000 operators that were blacklisted.
6 crore
enrolments rejected as duplicates
Again
pointing to the insecurities of biometric data, an RTI reply from 2017 was
cited which stated that 6 crores, 27 lakh enrolments were rejected as
duplicates. The petitioners argued that it isn’t possible that such a large
number of people queued up to defraud the nation. This example was used to draw
attention to the issue of false positives, which leads to unjustified
rejections. This again points to the probabilistic nature of biometric
authentication.
The key
question asked by the petitioners was that in the digital world, how does one
exercise control over their body? This question is particularly relevant taking
into account the fact that this system puts people’s fingerprints and other
biometric data into the digital world.
Can the
government choose only one authentication method?
Lastly, the
petitioners questioned the government’s right to choose to recognise people via
one method only. They argued that the body cannot be used as a marker for every
service. The State may have a legitimate interest in identifying a person via
fingerprints, but for a limited purpose like passports or a criminal
investigation. They argued that personhood follows from being alive, and not
from registering oneself with a central database.
Aadhaar an
RTI Act for the State
After this,
Kapil Sibal commenced his arguments for the petitioners, arguing that Aadhaar
is the equivalent of the Right to Information Act for the State for information
on the citizens. It was argued that any statement that the technology was safe
is false, since all technology is unsafe. Moreover, this technology transfers
the power of information to the State, emphasising its impact on current and
future generations. To emphasise the importance of this power, the Bench was
asked to reflect on why powerful corporations like Google and Uber had few
other assets apart from information.
Returning to
the lack of choice, it was argued that Article 21 has choice at its heart, and
this was violated by not giving people a choice of the means of identification.
It was argued that people’s thumbprint was their property, and could they be
forced to part with it without reciprocal safeguards.
Violation
of the right against self-incrimination
It was argued
that the Aadhaar system violated not only Articles 14 (equality), 19 (freedom),
and 21 (right to life and liberty), but also 20(3), which is the right against
self-incrimination, or a person’s right not to provide evidence against
himself. A note was also made of the storage of metadata with the CIDR, data
which is most revelatory of a person. It was argued that when the Aadhaar
system extracted all of a person’s information, this nullified this right.
Summing up on
the risks, it was further argued that the move from an information economy to
information polity has far-reaching effects on rights that are constitutionally
protected. Information is the market now, and Aadhaar is seeking the
behavioural patterns and preference of 1 billion Indians on a platter. It was
argued that normally, a warrant was required to get information from an entity
like Google, and this was bypassed by the Aadhaar system.
At this
point, the Bench, yet again, drew notice to the fact that an Act cannot be
questioned on its potential for misuse. To this, the petitioners argued that
the issue was with the amount of information being given up to the state. In
the digital age, they argued, this was not a mere possibility anymore, but a
reality.
After this,
discussion on various sections of the Aadhaar Act and rules commenced,
including on Section 57 and Section 7 of the Aadhaar Act.
.JPG)
.JPG)
