Aadhaar Bill Conterversy

Introduction
The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Bill, 2016, better known as Aadhaar Bill. It intends to provide for targeted delivery of subsidies and services to individuals residing in India by assigning them unique identity numbers.

Nine issues to debate on Aadhaar Bill

Parliament is debating on the certain portions of the Bill, which may need clarification or amendments:

1. Allowing private agencies to use Aadhaar contradicts statement of objects and reasons of the Bill: The Statement of Objects and Reasons of the Bill states that identification of targeted beneficiaries for delivery of various government subsidies and services has become a challenge for the government. At the time of the introduction of the Bill, the government stated that “the Bill confines itself only to governmental expenditure.” However, the Bill also allows private persons to use Aadhaar as a proof of identity for any purpose.
2. Issues with sharing information collected under Aadhaar: The provisions in the Bill with regard to protection of identity information and authentication records may be affected by an ongoing writ petition in the Supreme Court. The petition claims that Aadhaar may be in violation of right to privacy. 
3. Disclosure of information to intelligence or law enforcement agencies: The provisions regulating disclosure of private information under the Bill differ from guidelines specified under another law — the Indian Telegraph Act, 1885. The Bill differs from the guidelines for phone tapping in two ways. First, the Bill permits sharing in the interest of ‘national security’ rather than for public emergency or public safety. Second, the order can be issued by an officer of the rank of Joint Secretary, instead of a Home Secretary.
4. Potential to profile individuals: The Bill does not specifically prohibit law enforcement and intelligence agencies from using the Aadhaar number as a link (key) across various datasets (such as telephone records, air travel records, etc.) in order to recognise patterns of behaviour. Techniques such as running computer programmes across datasets for pattern recognition can be used for various purposes such as detecting potential illegal activities. However, these can also lead to harassment of innocent individuals who get identified incorrectly as potential threats.
5. UID authority’s exclusive power to make complaints: A provision says, “Courts cannot take cognizance of any offence punishable under the Act, unless a complaint is made by the UID authority, or a person authorised by it.” This may present a conflict of interest as under the Bill the UID authority is responsible for the security and confidentiality of identity information and authentication records. There may be situations in which members or employees of the UID authority are responsible for a security breach.
6. Discretionary powers of UIDAI: The Bill empowers the UID authority to specify demographic information that may be collected. The only restriction imposed on the authority is that it shall not record information pertaining to race, religion, caste, language, records of entitlements, income or health of the individual. This power will allow the authority to collect additional personal information, without prior approval from Parliament.
7. Collection of personal information: The enrolment form currently being used contains fields for capturing information such as the National Population Register (NPR) receipt number, mobile number, and bank account number. Though these fields are labelled ‘optional’, it is unclear why this additional information is being recorded.
8. Ambiguity in specifying biometric information: The Bill specifies biometric information to include the photograph, fingerprints, and iris scans. Further, it empowers the UID authority to specify other biological information that may be collected. Therefore, the Bill does not prevent the UID authority from requiring the collection of biometric information such as DNA.
9. The time period for maintaining authentication records: The Bill does not specify the maximum duration for which authentication records may be stored by the UID authority. Instead, it allows the UID authority to specify this through regulations. Maintaining authentication records over a long time period may be misused for activities such as profiling an individual’s behaviour.

Conclusion

The Aadhaar Bill has been passed with no public consultation about the privacy safeguards necessary for such a database and no provision for public or independent oversight. The rights to liberty and freedom of expression cannot survive if the right to privacy is compromised.

References
The Hindu
InsightIAS