On the 4th day, Mr. Shyam Divan had started his argument on the capability of surveillance by the State using the Aadhaar architecture. Today, he continued his arguments by referring to ECHR cases where surveillance programmes or directives were struck down by the European Court of Human Rights. He referred to Zakharov v Russia, a case about interception of telecommunication in Russia. The ECHR held that such interception violates Article 8 of the European Convention on Human Rights. Relying on Zakharov, Mr Divan argued that for a system of surveillance like Aadhaar, without effective remedies and checks, an individual does not have to prove that he is under specific surveillance. The existence of legislations which makes surveillance a possibility is enough to constitute violation of privacy. He submitted that ‘in views of the risks that surveillance has in undermining democracy, its necessity must be demonstrated’.
Mr Divan then cited Digital Rights Ireland v Minister for Communications, which dealt with the European Directive 2006/24 that allowed retention of electronic communication data of all users. The ECHR held that the data retention directive exceeded proportionality, and highlighted that the user data should not be stored for any amount of time than necessary for the purpose. Thus, even when data retention is justified in the larger interest of prevention of crimes, a court must scrutinise it carefully. Alluding to the Aadhaar, he argued that data aggregation in the program is too widespread and disproportionate to the social goals sought to be achieved by it.
Mr Divan then read out excerpts from the counter-affidavit filed by the UIDAI, where it claimed that the architecture of Aadhaar precludes any possibility of tracking and profiling of individuals. The Counter Affidavit states that neither the UIDAI nor any agency or department will be able to use Aadhar to track or watch those enrolled. It is further stated that the Government or the Agency will only have information pertaining to its own domain, and there will be no 360-degree profile of any individual. However, Mr Divan drew the court’s attention to the State Resident Data Hubs (SRDH) scheme, under which resident data is collected through various documents by different states. Mr Divan read out UIDAI’s document titled ‘State Resident Data Hub: Institutional Framework’ which enables the establishment of the SRDHs. Giving the illustration of Madhya Pradesh, Odisha, Haryana and Telangana SRDHs, Mr. Divan argued that even though UIDAI specifically denies 360-degree profiling, the SRDH with Aadhaar data enables that.
At this juncture, Justice D.Y. Chandrachud observed that the SRDHs use the data to enable dispersal of social security schemes to the rightful beneficiaries, and not for surveillance. He continued that comparing this with Europe is unfair, as Europe does not have schemes like MGNREGA. He agreed that the State cannot profile citizens based on political ideologies, views, and actions. Mr. Divan responded that nothing justifies the level of data aggregation being carried out under Aadhaar. Justice Chandrachud agreed that a line should be drawn between broad aggregation of all data of an individual and the data required for efficient dispersal of Social Security Schemes.
Mr Divan pointed out, using the illustration of the Telangana SRDH, that the architecture enables the State to access citizen names, location and Aadhar numbers. He attacked the SRDH on three grounds: first, there is no authority of law backing the SRDH; second, the data collation enables religious, caste-based, and community-based profiling and has real likelihood of privacy violations of individuals; third, as held by Justice Chandrachud in para 300 of the Puttaswamycase, aggregation of such wide data violates the right to privacy.
In the Post-lunch session, Mr Divan submitted that Aadhaar allows real-time mass surveillance, with examples of people whose location could be projected on google maps after trying to get themselves authenticated and failing several times. Justice Chandrachud interjected that there is no surveillance aspect in ensuring that somebody gets their pension. Mr. Divan responded that though that may be true, the possibility of surveillance through tracking the movement of an individual is possible. Justice Bhushan pointed out that the use of an ATM card also allows such tracking. How is Aadhar scheme different? Mr. Divan responded that in case of ATMs, only the bank has the data. However, under Aadhar, there are 139 schemes and information given under one scheme is made available to all others. Moreover, Section 57 of the Aadhaar Act has the potential of full electronic tracking from morning to evening even by the private sector. Mr. Divan remarked that the Aadhaar program would be the envy of North Korea, given its mass surveillance capabilities. Justice Chandrachud pointed out that the scheme is actually the envy of the World Bank and the London Economist, for being the first citizen-centric social security system at such a scale.
Mr. Divan then began his arguments on Limited Government, Constitutionalism, and Rule of Law. The principle of limited government flows from the Preamble. Thus, the State, which is created by the people, cannot expand to overshadow and dominate the people. Can the State compel me to identify myself in a particular manner (through biometrics, for instance)? The Aadhaar program violates individual and collective dignity by making entitlements under social security schemes conditional upon forced authentication through biometrics.
Mr Divan will continue his arguments on this issue in the next hearing.
The bench rose for the day and the matter will be heard on 01.02.2018. (Thursday)