On 20.03.2018, Ms Meenakshi Arora resumed her arguments in this case before the five-judge bench. Her key arguments were on the danger of surveillance, and the resulting assault on dignity, inherent in the design of the Aadhaar Act, the disproportionality of the Act and its effect on fundamental rights.
Ms Arora began by arguing that the indiscriminate collection of data under the Aadhaar Act is akin to a general warrant issued without probable cause or suspicion. This is not permissible unless the State could show that there was an emergency situation that required this information. She listed various alarming and chilling consequences of retaining personal and personal transactional data. The Court of Justice of the European Union in Sverige AB v. Post-och telestyrelsen and Szabó and Vissy v. Hungary had ruled that long periods of data retention violated privacy rights. She referred to the UN GA Resolution of 16/11/2016, which warns of the perils of aggregating metadata. The affidavit filed by the Union of India on 9th March 2018 admits that aggregation of data can lead to surveillance. Ms Arora insisted that this could not be allowed to happen in a state which runs on rule of law.
Next, Ms Arora started her argument on proportionality. She argued that the collection, aggregation, and retention of data has no specific purpose. Thus, it violates the principles of purpose limitation and proportionality. In District Registrar & Collector v. Canara Bank (2005) it has been held that even if the possibility of abuse was remote, it is a constitutional issue if the Act enables abuse. Unfettered executive discretion could not be granted or assumed by simply invoking national security. In matters affecting fundamental rights, such power would be contrary to the rule of law, one of the basic principles of a democratic society. The law must indicate the scope of any executive discretion and sufficiently clarify the manner in which it was to be exercised. In doing so, the law must be mindful of the legitimate aim and must give the individual adequate protection against arbitrary interference. At the very least, there must be provisions for periodic deletion of data. Additionally, there is no specific purpose for Aadhaar and no scope for judicial review under the architecture of the Aadhaar Act.
Ms Arora referred to Michael Foucault and Jeremy Bentham to drive home her point on surveillance. Bentham conceptualized the ideal or model security institution, known as the Panopticon. It is an architectural creation, within which constant and round-the-clock watch can be kept on the inmates. The characteristic feature of this arrangement is a complete asymmetry of knowledge, and hence power. The guards in the central tower can see into any of the cells at any given time, but the inmates can neither see the guards nor know if they are being watched at any specific moment. Ms Arora drew a parallel to Aadhaar. She argued that it is a panopticon that reduces the citizens to mere subjects. The stated purpose of Aadhaar might be to reform, but its impact was that of suppression. The State could not be allowed to make the right to fundamental rights subject to a license (i.e. Aadhaar card/number) which is probabilistic. This deprived individuals of control over their identity and violated dignity.
Ms Arora's also argued that Aadhaar violates the rights of the child. The notifications issued under the Act results in discrimination of children without Aadhar Numbers. They would be denied free education under the Sarva Shiksha Abhijan; access to food under the Mid-Day Meal Scheme; the right to female child education incentives; benefits from education related scholarship schemes setup for students with disabilities; and the Integrated Child Protection Services. She concluded that the Aadhaar Act is unconstitutional, as it fundamentally alters the relationship between the State and Citizen and reduces the citizen to mere subjects.
Next, Mr Sajan Poovayya began his arguments with a warning on the perils of technology. He argued that while a legislation may pass the test of proportionality and of minimal intrusion in the brick and mortar world, it may not pass the muster in the world of technology - especially information technology. He agreed that the compelling state interest to have the Aadhaar Act was to identify beneficiaries precisely so imposters did not benefit. However, this had to be achieved using the least restrictive option. For instance, like credit cards, the least intrusive use of biometrics is to store them on the card itself. When a person goes to get their ration, the authentication will be from actual fingerprint to the fingerprint stored on the card. This is a less intrusive way of achieving the same goal as it takes away the need for a central database. Mass collection and aggregation of biometrics is bad in law as it violates informational self-determination. Having the data only the card allows people to control their own data. In fact, Mr Poovayya argued, this will be more accurate as the system will not be made to match data in a database of 1.3 billion people. This means, there is a lesser chance of exclusion. What makes the Aadhaar Act bad is the open-ended definition of 'biometric information'. Not only is it open-ended, but the government can add to it through regulations. Mr Poovayya clarified that this is not about the possibility of misuse, but the possibility of use. The definition allows for vastly expanded use, which can subsequently include DNA and even plasma.
Mr Povayya contended that the Aadhaar reduces an individual to an object of information. Moreover, a citizen does not know or have any control over what happens to the Aadhaar data. He drew the distinction between giving biometric information in various forms that is stored locally (such as on a phone) and stored in the centralised database in Aadhaar. Private entities gave their customers much more control over their information, were resticted to use it for commercial purposes and could be sued if they violated the set terms and conditions. He referred to the 6 principles for General Data Protection Regulation to show how the Court must address the question of least intrusive alternative since there is no domestic data protection regime that has strict enforceability.
Post lunch, Mr P. V. Surendran, appearing for Kisan Sabha (intervenors) began his arguments. He argued that the Aadhaar Act is irrational and violates Article 14. He referred to an article which talks about the Brandon Mayfield fingerprints incident where FBI stood exposed on its fingerprint claims. Justice Sikri wondered if they can rely on this article, as the Union will show many that prove the contrary. Mr Surendran replied that it is the duty of the Court to examine both opinions and conclude. He then referred to a study by Dr Hans Varghese Mathews, titled “Flaws in the UIDAI process”, (published in the Economic and Political Weekly, (February 26, 2016, LI No. 9)). This said that at any point the minimum failure rate of deduplication will be 1 in 121. Me. Surendran argued that in view of India's population figures, this is a huge number. This point is enough to render the project irrational. He concluded by pointing to two other features of the Aadhaar Act that aggravate the aspect of irrationality: No opportunity to opt-out, and total absence of control over his/her own data by the citizen.
Next Mr C. U. Singh began arguing on behalf of Beghar Foundation and Nagarik Chetana Manch. He referred to the Article in the Convention on the Rights of the Child that guarantees a child's privacy rights and the POCSO Act that gave this Convention legislative recognition. Relying on the principle of 'fresh start' under the Juvenile Justice Act, he argued, a child has no power or duty to bind herself to anything. Thus, in the absence of compelling state interest, mandating Aadhaar linkages amounts to demanding an unconstitutional waiver of rights. He pointed out the absurdity of taking heel prints of infants. Moreover, the Aadhaar Act makes 21A subject to a legislation subordinate to the Constitution. He concluded by stating that this case deals with personal data jurisprudence. The Act has created an architecture that makes personal data a resource.
Next, Mr Sanjay Hegde began arguing. He represents Mr John Abraham, whose son was denied college admission because he did not have Aadhaar and did not want Aadhaar for religious reasons. Mr Hegde argued that Aadhaar violates Article 25. He read excerpts from the "Book of Revelations" and contended that Mr Abraham cannot enrol for the Aadhaar in good faith. Thus there has to be an exception for conscientious objectors. Article 25 contains two distinct rights - freedom of conscience, and freedom of religion - and both must be protected. He then read excerpts of Justice Vivian Bose in Krishnan v State of Madras to drive home the point on proportionality. He concluded by voicing his hope in the Court that it will decide in favour of the freedom of citizens.
Next, Ms Jayna Kothari began her arguments. She is representing Swatantra, a non-governmental organisation that works for the rights of transgenders and sexual minorities. She argued that the Aadhaar Act discriminates against sexual minorities. With respect to transgenders, demographic information is a major issue. While the issue with biometric information has been argued at length, not much has been argued on demographic information and its implications. Aadhaar is being made mandatory for almost everything, but at the same time, people from the transgender community are not able to get Aadhaar because they do not have gender identity documents that Aadhaar requires. The Aadhaar is unclear on gender identity. The form has an option of 'third gender', but there is no uniformity across the board, and one is required to produce other documents to get an Aadhaar, some of which may not have the option of 'third gender'. Non-recognition leads to denial of benefits. Thus, Aadhaar is both discriminatory as well as a violation of privacy. She cited the Phillippines Supreme Court decision of Ople v. Torres which struck down an administrative order for a biometric identification system.
At the very end of the day, Mr. Prasanth Sugathan pointed out that the authorities are not sensitive to the fact that NRIs are ineligible to get an Aadhaar number. There is no rule of law qua NRIs. Mr Napinnai pointed out that the Aadhaar makes India's cyberspace vulnerable and threatens national security by making digital ghettoisation possible.
With that, the petitioners have concluded their arguments.
The respondents will begin arguments tomorrow 21st March 2018.