Aadhaar: UIDAI Asks Mobile Companies to Submit Plan to Discontinue eKYC
Moneylife Digital Team 01 October 2018
Following the Supreme Court orders, Unique Identification Authority of India (UIDAI) has reportedly asked telecom companies to submit a plan to discontinue use of e-know-your-customer (eKYC) for subscriber authentication. 
 
While the UIDAI talks about discontinue usage of Aadhaar, it is silent on deletion of all the data collected by telecom service providers (TSPs) from subscribers, as ordered by the apex court. The authority is also silent on the cost, be it procuring UIDAI certified devices by telecom companies for Aadhaar e-KYC or payment it received from telcos for Aadhaar authentication service. 
 
UIDAI has issued a circular on this to telcos like Bharti Airtel, Vodafone Idea and Reliance Jio. In a report, PTI, which claims to have seen the circular, says, "...all TSPs are called upon to immediately take actions in order to comply with the judgement dated 26 September 2018. In this regard, TSPs are hereby directed to submit by 15th October 2018 an action plan/exit plan to the authority for closure of use of Aadhaar based authentication systems..."
 
Quoting Ajay Bhushan Pandey, chief executive of UIDAI, the report says, "In order to ensure smooth discontinuation...there are certain requirements which are there under the Aadhaar regulations...so the companies are in the best position to know what exactly is needed and they can submit their plan by 15th October. If any additional requirements are to be done from the UIDAI side, we will tell them after receipt of their plan."
 
This withdrawal of e-KYC will make telecom companies to go back to original means of customer authentication, like permanent account number (PAN) or driving licences. 
 
Last week, the Supreme Court declared Section 57 of the Aadhaar Act as unconstitutional, which means bank account-holders, e-wallet or mobile wallet users and mobile subscribers are no longer required to use their Aadhaar number. 
 
In his minority judgement, Justice DY Chandrachud, had stated, mobile phones have become a ubiquitous feature of the lives of people, and linking of Aadhaar numbers with SIM cards and the requirement of e-KYC authentication of mobile subscribers must necessarily be viewed in this light.
 
"Mobile phones are a storehouse of personal data and reflect upon individual preferences, lifestyle and choices. The conflation of biometric information with SIM cards poses grave threats to individual privacy, liberty and autonomy. Having due regard to the test of proportionality which has been propounded in Justice Puttaswamy (judgement) and as elaborated in this judgment, the decision to link Aadhaar numbers with mobile SIM cards is neither valid nor constitutional. The mere existence of a legitimate state aim will not justify the disproportionate means, which have been adopted in the present case. The biometric information and Aadhaar details collected by TSPs shall be deleted forthwith and no use of the said information or details shall be made by TSPs or any agency or person or their behalf," Justice Chandrachud had said.
 
Here is what the Supreme Court has stated about use of Aadhaar by private entities, in its 26th September judgement on Aadhaar…
 
Page 560-561:
 
(h) Insofar as Section 57 in the present form is concerned, it is susceptible to misuse inasmuch as:
 
a) It can be used for establishing the identity of an individual ‘for any purpose’. We read down this provision to mean that such a purpose has to be backed by law. Further, whenever any such “law” is made, it would be subject to judicial scrutiny. 
 
b) Such purpose is not limited pursuant to any law alone but can be done pursuant to ‘any contract to this effect’ as well. This is clearly impermissible as a contractual provision is not backed by a law and, therefore, first requirement of proportionality test is not met. 
 
c) Apart from authorising the State, even ‘any body corporate or person’ is authorised to avail authentication services, which can be on the basis of purported agreement between an individual and such body corporate or person.
 
Even if we presume that legislature did not intend so, the impact of the aforesaid features would be to enable commercial exploitation of an individual biometric and demographic information by the private entities. 
 
Thus, this part of the provision, which enables body corporate and individuals also to seek authentication, that too on the basis of a contract between the individual and such body corporate or person, would impinge upon the right to privacy of such individuals. This part of the section, thus, is declared unconstitutional. 
 
Earlier in June, expressing concerns over security, UIDAI had restricted access to its Aadhaar database to payment companies or digital wallets. In a letter on 16 May 2018, UIDAI had said only global authentication user agencies (AUAs) will be allowed access to full eKYC with Aadhaar number, while local agencies will have restricted access. 
 
For KYC, banking regulator, the Reserve Bank of India (RBI) considers passport, driving licence, PAN card, Voter's ID card issued by the Election Commission of India, job card issued by NREGA duly signed by an officer of the State Government, and letter issued by the Unique Identification Authority of India (UIDAI) containing details of name, address and Aadhaar number as six officially valid documents (OVDs). Explaining the OVDs, RBI says, customers, at their option, can submit one of the six OVDs for proof of identity and proof of address. 
 
You may also want to read...
 
 
 
 
 
 
 
 
 
 
 
Comments
Free Helpline
Legal Credit
Feedback