Aadhaar does not create surveillance state: SC

Last Updated 28 September 2018, 09:33 IST

Rejecting contentions that the Aadhaar architecture creates a "cradle to grave surveillance state”, the Supreme Court on Wednesday said it was "very difficult" to create a profile of a person simply on the basis of biometric and demographic information stored in the database.

While four of the five judges felt that Aadhaar is not intrusive, the lone dissenting judge Justice D Y Chandrachud said its architecture poses a "risk of potential surveillance" activities through the database.

The judgement by Chief Justice Dipak Mishra, Justice A K Sikri and Justice A M Khanwilkar said, "the architecture of Aadhaar, as well as the provisions of the Aadhaar Act, do not tend to create a surveillance state. This is ensured by the manner in which the Aadhaar project operates."

In a separate but concurring judgement, Justice Ashok Bhushan said, "present is not a case where it can be said that Aadhaar infrastructure is designed in a manner as to put a surveillance on Aadhaar-number holder... Aadhaar Act does not create an architecture for pervasive surveillance."

Writing for the chief justice and Justice Khanwilkar, Sikri said they were given a presentation by UIDAI CEO Ajay Bhushan Pandey who claimed during the enrolment process, minimal biometric data in the form of iris and fingerprints is collected and it does not collect purpose, location or details of transaction.

"Thus, it is purpose blind. The information collected, as aforesaid, remains in silos. Merging of silos is prohibited. The requesting agency is provided answer only in ‘Yes’ or ‘No’ about the authentication of the person concerned. The authentication process is not exposed to the Internet world," the court said quoting Pandey's presentation.

"After going through the Aadhaar structure, as demonstrated by the respondents in the power-point presentation from the provisions of the Aadhaar Act and the machinery which the authority has created for data protection, we are of the view that it is very difficult to create profile of a person simply on the basis of biometric and demographic information stored in CIDR," Sikri said.

However, Chandrachud differed and said from the verification log, it is possible to locate the places of transactions by an individual in the past five years.

"It is also possible through the Aadhaar database to track the current location of an individual, even without the verification log. The architecture of Aadhaar poses a risk of potential surveillance activities through the Aadhaar database. Any leakage in the verification log poses an additional risk of an individual’s biometric data being vulnerable to unauthorised exploitation by third parties," he said.

"When Aadhaar is seeded into every database, it becomes a bridge across discreet data silos, which allows anyone with access to this information to re-construct a profile of an individual’s life. This is contrary to the right to privacy and poses severe threats due to potential surveillance," he said.

(Published 26 September 2018, 05:55 IST)

Follow us on