On Wednesday, a five-judge bench of the Supreme Court delivered its much awaited verdict in the Aadhaar case, examining the constitutional validity of India’s biometric-linked unique identity project. As with the public debate surrounding Aadhaar, the court’s verdict was also sharply divided. The majority judgement delivered by Justice Sikri, on behalf of himself, Chief Justice Misra and Justice Khanwilkar, upheld the validity of the Aadhaar Act while striking down some of its provisions. This was supported by a concurring opinion by Justice Bhushan. In a powerful dissent, Justice Chandrachud held the entire Aadhaar Act to be unconstitutional on grounds of procedural irregularities in the passage of the law, as well as serious violations of the right to privacy.
Questions about the privacy implications of Aadhaar and its potential for surveillance have been at the heart of the Aadhaar litigation. In fact, it was in the context of the Aadhaar case, that a nine judge bench of the Supreme Court confirmed the fundamental right to privacy in August, 2017 in Justice KS Puttaswamy vs Union of India case. While the decision was hailed universally for its broad and progressive reading of privacy rights, it was widely acknowledged that its true test would lie in its application by future courts. We saw this taking shape with the Aadhaar verdict.
To take a step back, the Supreme Court had held that while privacy constitutes a fundamental right, it is not an absolute right and can be overridden by the state, subject to satisfying a three-fold test. As per Justice Chandrachud (on behalf of himself and three other judges) and supported by Justice Kaul, the tests were
- Legality – existence of a law
- Legitimate state aim – a guarantee against arbitrary state actions
- Proportionality – a rational nexus between the objectives and means to achieve them.
The majority view in Aadhaar builds on the above principles, particularly by adding more nuance to how “proportionality” is to be interpreted. Justice Sikri does this by relying on the four sub-tests of proportionality adopted by him in a 2016 decision, in Modern Dental College and Research Centre v. State of Madhya Pradesh. The tests require:
- The interference must have a legitimate goal (legitimacy stage)
- It must constitute a suitable mean of achieving the goal (suitability stage)
- There must not be any less restrictive but equally effective alternative (necessity stage)
- The measure must not have a disproportionate impact on the right holder (balancing stage).
We now move to examining how these tests were applied by the court in its Aadhaar judgement.
First, on the issue of legality, the majority held that since the Aadhaar project is backed by legislation, it meets this test. The linking of Aadhaar with other non-statutory schemes, such as its use for identification purposes by the Central Board of Secondary Education and University Grants Commission, was however found invalid as it lacked legal backing. Similarly, a circular issued by the Department of Telecommunications mandating Aadhaar-based Know Your Customers or KYC authentication for mobile connections was also held to be illegal and unconstitutional.
One of the contentions of the petitioners was that the Aadhaar Act was passed only in 2016 although Aadhaar enrolments and use had been going on since much earlier. Relying on Section 59 of the Aadhaar Act (which confers retrospective statutory authority), the judges upheld the legitimacy of actions undertaken between 2009-2016. Justice Chandrachud, however disagreed, holding that the collection of biometric information in this period and use of private entities in the Aadhaar system were not backed by a law and therefore unconstitutional.
Legitimate state aims
Secondly, the court examined whether Aadhaar satisfies the test of legitimate state aims. Relying on the preamble and objects of the Aadhaar Act, the majority held that the purpose of the Act was to ensure the proper targeting of social benefit schemes, empower marginalised sections of the community and ensure social justice, which qualify as legitimate state aims. The majority also found this test to be satisfied in case of amendment to the Income Tax Act to link Permanent Account Number or PAN cards with Aadhaar – eliminating duplicate PANs from the system aids in preventing tax evasion, which the court noted to be a legitimate state aim.
Moving from “legitimate aim” to the other tests of proportionality the majority found that Aadhaar also satisfies the requirement of “necessity” – it offers a unique biometric-based identity, which does not have any “less restrictive but equally effective alternative”. Next, they assessed the question of balancing interests – was there a disproportionate impact on privacy? Relying rather heavily on the government’s submissions on the limited information being collected, nature of the information, and the privacy protections put in place, the majority placed their trust in Aadhaar’s “minimal” inroads into privacy rights. They then tried to balance the “two facets of dignity” – that of privacy and autonomy, on one hand, and the ability to live a dignified life with adequate means, on the other. Based on the minimal inroads argument, the judges found this balance to be tipped in favour of Aadhaar.
Looking at proportionality in the context of the surveillance potential of Aadhaar, the majority once again relied on claims about the data protection and safety systems governing Aadhaar data. The judges concluded that Aadhaar could not be held unconstitutional on this ground, although they did bring some important changes in the legal framework. Critically, the judges struck down Section 33(2), which allowed disclosure of Aadhaar data based on an order of a Joint Secretary and called for mandating a judicial authorisation. Equally importantly, the court decided to reduce the time period for storing authorisation/transaction data and put limitations on use of meta-data, thus reducing the scope for profiling of individuals.
Justice Chandrachud’s dissent, however, goes much beyond the incremental changes adopted by the other judges. He found that not only does the Aadhaar system collect and store more data than strictly required, this data can be used to profile and surveil individuals, including by tracking their location. Crucially, Chandrachud observed that the government could in fact adopt alternative, less intrusive mechanisms to achieve its legitimate aims instead of using Aadhaar “as the sole repository of identification”. He also pointed to the conflicts of interest in the Unique Identification Authority of India being both administrator and adjudicating party with respect to Aadhaar and the absence of appropriate procedural safeguards concerning monitoring and oversight.
The fact that the judges differed so significantly in their factual understanding of Aadhaar, the safeguards against its misuse and the availability of less intrusive alternatives, is worrying to say the least. These differences illustrate that despite the admittedly big steps taken by the Puttaswamy case, not least in laying down standard tests to evaluate the scope of restrictions on the right to privacy, the application of these tests remains difficult. Particularly so when it comes to complex technology. Not only is it difficult to draw out consistent legal principles to apply the various tests, evaluating the impact of new technology and applying alternative measures are also daunting tasks for the judiciary. More research, openness and collaboration in the early stages of developing and testing the Aadhaar system could perhaps have saved us from this judicially-induced technological determinism.
Rishab Bailey and Smriti Parsheera are technology policy researchers at the National Institute of Public Finance & Policy. The views are personal.