Privacy, a right essential to sovereignty of an individual and also the protection of human dignity.1 Privacy authorizes individual to make barriers around and to manage boundaries, protecting themselves from unwarranted interference in the lives, and allows people to be who they are exactly and the way they would like to interact with the world around them. Privacy helps people to create boundaries around them to restrict who has access to their body, places and things, as well as the communications and information. And State being the duty bearers for the protection of privacy.2 Therefore, the role of the state is to strike a balance between freedom and protection, rights and responsibilities. In 2001 a meeting of ministers headed by
L.K. Advani presented its report in May and acknowledged proposal for an id card, Aadhaar an identification card having 12- digit number.3 It was then issued by the government of India to each individual residing in the country. However, it has come across some privacy issues from different sections of society. Issuance of unique identification number with an aim to provide its every individual with different schemes like gas subsidy, MGNREGA, Jan Dhan yojna like benefits but it clubbed with breaching the privacy of an individual, moreover the informational privacy of the people.4 This article attempts to explore the security and privacy concerns from the perspective of people, legal and Government on Mera Aadhar, meri pehchan thereby trying to settle whether there is an infringement of the privacy or not?
AADHAAR, A BRIEF INTRODUCTION:
The conception of idea about Aadhar card came into existence in 2004 with the amendment of citizenship act by the then ruling Indian National Congress (INC) led UPA government to make a way for the National Population Register (NPR)5, a database record of all the residents of India preserved by the Census Commissioner of India and Register General. With the administrative approval for the project, Unique ID for Below Poverty Line (BPL) families by the ministry of Communication and Information Technology, the first work regarding issuing Unique IDs to BPL residents of India truly started in the year, 2008.6 It saw the amalgamation of National Population Register (NPR) under the Citizenship Act, 1955 with the UID project to comprehend Aadhaar card.7 While discussing the legal viewpoint, some jurists in their verdicts have dealt with diverse facets of privacy with regards to Aadhar and its linking, concerning the security and privacy threats.8 The judgments concerning privacy issues would be going to help as a brick for development of the idea of protection of privacy for the people of India. With these judgements and recommendations, the safe, secure, socially and politically justified legal framework can be created protecting privacy.
The perspective according to government is that it contends that the fundamental right status does not make privacy the absolute right and hence is archaic by other major apprehensions of the nation state that is to say national security of its people, frauds and fake registrations of people.
The Supreme Court in its judgment of K.s Puttaswamy9 has overruled verdicts given in the Kharak Singh case and the M.P. Sharma case, both of which said that the right to privacy is not protected under the constitution of India. On 27 March 2017, the supreme Court directed that Aadhaar card mandatory for availing benefits under welfare schemes and it cannot be done without aadhaar number. Though government tried to check every possibility of making it compulsory for other purposes such as income tax filings, bank accounts, sim card purpose etc. In April 2017, a constitution Bench of the supreme court taking into consideration the legality of Aadhar on the ground of right to privacy. A nine-judge bench of the Supreme Court has given verdict that citizens of India enjoy a fundamental right to privacy that it is intrinsic to life and liberty and covered under Article 21 of the constitution of India.10 Regarding privacy issue the Supreme court directed concerned government authorities not to share personal information of Aadhar card holders with any private or unauthorized sources.
Analysing the judgement of Justice K.S. Puttaswamy (Retd) vs Union of India and Ors., 2017 & 2018 pertaining privacy issues:
In the year 2017, a nine-judge bench of the Supreme Court of India in Justice K.S. Puttaswamy vs Union of India11 passed a landmark judgment upholding the constitutional right to privacy. It acknowledged privacy, an essential component of the Constitution of India under Part III of it, which lays down the fundamental rights, ranging from rights concerning to equality, freedom of speech and expression, freedom of movement, protection of life and personal liberty etc. These rights which are fundamental in nature cannot be given or taken away by law, and all laws and administrative actions must stand by these fundamental rights. The Supreme Court proclaimed that the government must cautiously balance individual privacy and the legitimate concerns of the state, even if national security is at stake. The Court also declared that any incursion on privacy must satisfy the triple test, established i.e.,
1. Need12, legitimate state concern is necessary. The law should seek to achieve a legitimate aim of the state.
2. Proportionality13, in least invasive manner. There should be a balanced relationship between the objects and the means adopted to achieve them. The degree of interference must be proportional to the need and;
3. Legality14, backed by law. The existence of a Law.
The judgement of K.s Puttaswamy which has been signed by all nine judges, holds: The decision in M P Sharma15 and Kharak Singh16 both stands over-ruled and uphold that the right to privacy considered as an intrinsic part of the right to life & personal liberty under Article 21, Part III of the Constitution of India. This verdict has re-shaped the domain of fundamental rights in the constitutional history of India. It has given the government of India an opportunity to re-think its data protection mechanism, both in light of individual privacy and the welfares of the state.
While analysing the “Justice KS Puttaswamy (Retd) and Another versus Union of India and Others,2018” also called as Aadhaar judgement17, and applying the above triple test proposed in previous judgement to the Aadhar scheme, A five-judge constitution bench test the validity of Aadhaar from the aspect of privacy as a Fundamental Right held that Aadhaar would remain obligatory for filing of Income Tax returns(ITR) and applying for allotment of Permanent Account Number (PAN), and it would not be mandatory to link Aadhaar to bank accounts and the telecom service providers cannot demand for Aadhar number for the purpose of its linking for mobile connections.18
The judges of supreme court in this case also held that there is a need to introduce a data protection regime in India. The Judges conferred the right to privacy with respect to the protection of informational privacy and the right to preserve individual reputation.19 Also held that privacy is one of the most important rights to be protected both against both State and non- State actors and be recognized as a fundamental right subjected to some restrictions like national security. Also, the decision makes it clear that the Indian Government is now concerned to establish an online data protection regime for the protection of the privacy of every people which is need of the hour and also as India is lagging behind in online data privacy regime i.e., proper laws and regulations regarding collection, preservation, and compliance of personal data and related enforcement mechanisms.
The population who are being asked to link their personal documents, identity and information to their Aadhar Card have to decide between two conflicting options of Advantages to the Society in general of which they are a part, and loss of their personal privacy. It is considered as a trade-off without monetary benefits.
CONCLUSION
It is well known fact that India does not have a law on privacy till now. In fact, then chairman of UIDAI, Nandan Nilekani, penned to the Prime Minister in May 2010 recommending the need of a data protection and privacy law in India.20 Therefore, the privacy bill should be the primary action towards the issues of breach in privacy. Correspondingly, people should be educated on the risk involved with ID thefts and fraud happening in digital world. IT laws should be strengthened and the liability should be bounded on companies handling data to escape the mishap from data mishandling. Some of the recommendations which I believe is important are, First, Aadhar should focus and incorporate privacy by design itself, the technology and process towards collecting privet information should be protected parallelly. Second, there is a need of collecting minimum set of data that would be sufficient from residents, like name, age, address of resident and thumb impression. Third, Prohibiting the extensive use of Aadhar number for every authentication or Proof of document. Use of Aadhar number should be only for required purpose like linking with direct subsidy and welfare schemes from central or state government example: Gas subsidy, BPL subsidy schemes etc.