“Personhood under the Indian Constitution flows from being alive, and not from registering oneself in a central database” –Shyam Divan
The Supreme Court on Thursday resumed hearing in the Aadhaar case. Here is the summary of arguments from Senior Advocate Shyam Divan, who is appearing for the petitioners in the Aadhaar case…
Existence of a person
Mr Divan told the five-judge Bench headed by Chief Justice Dipak Misra, that if a person exists in flesh and blood, then there should be no question of denying her anything. “This is at the core of Article 21 and the relationship between the individual and the State. In a liberal democratic culture, can the State say that I will choose to recognise you only in this manner, otherwise you cease to exist?
“There is no concept of eminent domain as far as the body is concerned. The body cannot be used as a marker for every service. The State has a legitimate interest in identifying a person, and so there could be a set of limited, narrowly tailored circumstances where you are required to give up fingerprints, such as for a passport or a driving license,” he said.
Mr Divan, who completed his arguments before lunch summed his contention in four points, personal autonomy, constitutional trust, rule of law and surveillance and privacy. He said, “What is at stake here? First, personal autonomy is at stake. Are we going to cede complete control of the body to the State? In a digital world, personal autonomy extends to protecting biometrics.”
“The second point is constitutional trust. We have created the State, and now the State trusts us as unworthy unless we cede our biometerics. The Aadhaar program treats the entire nation as presumptively criminal. The third point is the rule of law. Look at how this project has been rolled out. And the fourth point is surveillance and privacy,” he said.
“If this (Aadhaar) program is allowed to roll on unimpeded, think of the domination the State will have over the individual,” the senior counsel warned.
Deaths caused by Aadhaar exclusion
Earlier, Mr Divan read affidavits related with starvation deaths in Jharkhand due to failure of Aadhaar linking. He said, “The issues here pertain to exclusion, death, and dignity. The reports are about extreme situations. The basic point is that in a democracy, there has to be an element of choice. There cannot be just one method of identification imposed.”
Justice Dhananjaya Y Chandrachud said one thing the Court needs to look at is the level of internet penetration in the country.
Mr Divan replied saying, "The point of sales (PoS) machine has a memory, so if the internet fails, the machine is often taken to another place where there is connectivity. However, all Aadhaar can do is stop a very limited kind of misuse (identity fraud), and there are other ways to weed out leakages."
Observing that the affidavit seems to show that even after Aadhaar, the citizen remains dependant on the dealer of public distribution scheme (PDS), Justice Chandrachud said, while such argument may not furnish a constitutional ground, but the argument that Aadhaar itself is causing exclusion may furnish a ground under Article 14.
Mr Divan pointed out how persons who cannot authenticate are treated as "ghosts", and as mere statistics, which cannot meet the tests under Articles 14, 19, and 21. “This is especially so because the system is coercive,” he added.
The senior counsel then highlighted how there is no way for anyone to opt out of Aadhaar. He said, “This is crucial from an informational self-determination point of view. There must be a right to opt out.”
He then read out affidavits filed by people who have asked to be opt-out from Aadhaar as they were not provided genuine information about consent at the time of enrolment. When Mr Divan read out collective affidavit from people, who wanted to opt-out from Aadhaar in Meghalaya, Justice Chandrachud asked about the position of Aadhaar in North-East. Mr Divan said, there are places where the Aadhaar roll out is low and they have been exempted.
Security Audit highlights risks of hacking
Dr Rakesh Mohan Goel, a computer industry expert, and an occasional writer for Moneylife who has audited enrolment centres of Aadhaar had filed an affidavit in the Court. Reading out this affidavit, Mr Divan said, he (Dr Goel) found out that those people at enrolment centres were retaining and storing biometric data and the UIDAI had no way of knowing.
He said, “Dr Goel's affidavit says that the biometrics of Indians are available to private entities, can be and are being stored in logs. The affidavit says that because of the architecture of Aadhaar, UIDAI has very little control over this. Dr Goel has annexed a paper to the affidavit, based on 25 audits, that talks about six ways of hacking. The affidavit says that there is no way of knowing, after an audit, whether the storage is continuing or has stopped.”
“When you part with something as precious as biometrics, there has to be a fiduciary relationship between you and the person taking it. How can you trust a system like this?" the senior counsel contended.
Mr Divan, replying to a query from Justice Chandrachud, said while the UIDAI has technical specification about the authentication machines, the purchase is private.
Citing an example of credit card frauds, Justice Chandrachud wanted to know if this could be possible with Aadhaar. Mr Divan said, it is possible to hack into these systems, which are not as secure than the CIDR.
He then read out Dr Goel’s academic article that explains six ways of hacking.
The senior counsel then argued on bodily integrity and the right to control one's information about oneself. He said, “Basic point is that this is a reason why people do not want to be on Aadhaar, and why they should not be mandated to get into the system. While some of these leaks can be plugged, but the basic design is faulty.”
He cited the recent incident from Surat where the police arrested two owners of fair price shops for using a software that contained ration card numbers, Aadhaar card numbers and biometric thumb impressions of PDS beneficiaries for creating fake records of food grain sale. The software, with bulk data of beneficiaries, was available for Rs15,000.
Mr Divan then took the Court through mechanism of producing artificial fingerprints. “The operator's fingerprints are cloned. When UIDAI found this out, they added iris authentication. However, the hackers then found a way to bypass that as well. First point is that cloning of fingerprints is easy and it is possible, and is being done. What is the integrity of such system, and why should anyone trust this? This is a question of my right to protect my body and my identity. If the system is so insecure, why am I being mandated to authenticate through fingerprints for every transaction?” he contended.
The senior counsel pointed to a reply received under Right to Information (RTI) in 2017 that says that 6.23 crore biometric enrolments have been rejected because of duplicates. This is larger than the population of Gujarat. He says, “More the database expands, given that this is a probabilistic system, the more times you will have a match. This is indicative of exclusion, and that the system is saturated, leading to unjustified rejections.”
Mr Divan then read out an affidavit filed by Dr Reetika Khera, who is an economist at IIT Delhi, and works on the NREGA. The affidavit shows biometric authentication failure at a tribal school, where those whose fingerprints were not recognised by Aadhaar, were not marked present. “These (students) are not ghosts in the system. They are flesh and blood girls attending the school, and Aadhaar is not recognising them. Secondly, you are creating records for an entire lifetime, starting from school. Is this not a surveillance society? Thirdly, there is no statutory sanction,” he said.
Justice AK Sikri that in fact later, the teachers may be hauled up for inflating numbers.
Mr Divan said, personhood under the Indian Constitution flows from being alive, and not from registering oneself in a central database. "This degrades free individuals".
Mr Divan and his office has been with the Aadhaar challenge since its origins in 2012, and have appeared in every hearing for the last six years.
Based on live tweets of @gautambhatia88, who is representing one of the petitioners and @prasanna_s.