On the 5th day of arguments, Mr. Shyam Divan had assailed the Aadhaar programme for creating an architecture capable of citizen surveillance. He had referred to various ECHR decisions which had struck down similar programmes which collated and stored data, making the State capable of carrying out surveillance.
Today, Mr. Shyam Divan continued his argument on surveillance. To drive home the point of pinpointing capabilities of the system, he discussed the aspect of Registered Device IDs and the IP addresses of these devices that are recorded at every instance of authentication. He handed a note to the bench that illustrated this, using his own IP address. He submitted that there is a strong surveillance possibility with Aadhaar due to such end-to-end traceability, and urged the court to strike down the project.
At this point, Justice Chandrachud pointed out that there are multiple interactions between the State and an individual – for instance when an individual pays his water bill, electricity bill, income tax etc. online, each of these can be tracked down with the IP. He enquired how the Aadhaar architecture is different from these interactions. Justice Chandrachud asked if Mr Divan’s main concern is with the centralisation of data under Aadhaar. Mr Divan agreed that the capability of centralisation of data under Aadhaar is dangerous. On Justice Chandrachud’s point about the interactions, he responded that these are silos of information with discrete data, which may be alright, but where the Aadhaar becomes problematic is the centralisation of data which enables a 360-degree profiling and tracking of individuals.
At this juncture, Mr Divan also points out that the strategy of the State has been to make the Aadhaar a humongous project, such that the Court might be forced to allow it to continue based on its scale alone. He stated his trust in the Court’s ability to uphold human rights, dignity, and fundamental rights without regard to the number of enrolments in the Aadhaar programme.
Justice Chandrachud then asked Mr Divan to consider the fact that even Banks, having access to consumer data such as purchase history, is also capable of profiling its consumers. What then, is the qualitative difference between this and the State collecting data using Aadhaar? He observed that in a world where people are willingly surrendering their identity for convenience such as banking, then can the State be subjected to such norms for fear of surveillance? Mr Divan responded that in case of Banks, consumers have the option of choice: whether to use a credit card (which may track what is being purchased) or a debit card (which does not track what is purchased), which Bank to go to, etc. Besides, Banking Secrecy laws are in place which can prevent profiling of the consumers. The freedom of choice is not present under the Aadhaar. Moreover, the absence of Aadhaar is stopping individuals from living their lives fully despite having alternative modes of identification.
Mr Divan then continued to read out his arguments on limited government, constitutionalism and rule of law. He read excerpts from K.T. Plantation, Keshvanand Bharti, and President Kovind’s speech on Constitutional Day 2017, to drive home the point that social and economic revolution has to be achieved while safeguarding civil and political rights, and that a relationship of trust between the State and its citizens is at the heart of constitutional governance. Aadhaar exemplifies the breakdown of this constitutional trust. The State seems to trust only those citizens who have an Aadhaar number.
Mr Divan then assailed the Aadhaar programme for violating ‘Rule of Law’. The 2009 Aadhaar notification constituting UIDAI had no mention of biometrics or fingerprints collection. Despite statutes such as the Prisoners Act, the Bombay Habitual Offenders Act, etc. backing the act of fingerprint collection for identification of prisoners, the UIDAI began biometric data collection, fingerprint collection and iris scanning without any statutory backing. Secondly, the UIDAI ignored numerous Supreme Court judgments since 1975 that have upheld that privacy cannot be curtailed in absence of a law. The UIDAI authority completely ignored the 2013 Parliamentary Committee report which pointed out problems in the Aadhaar programme. The UIDAI carried out the State Resident Data Hub (SRDH) programme without any statutory backing. The UIDAI carried out Aadhaar enrollment process with an air of compulsion and coercion. UIDAI also resumed no responsibility for the safety of the data. The Data was collected on the basis of MoUs which have no legal backing, and not contracts with the enrollers.
Before the Court rose for lunch, Mr. Divan summarised his arguments-
Post lunch, Mr. Divan resumed his arguments by pointing out the elements of ‘limited government’. First, there must be a shared enterprise between the people and the government; second is that individual autonomy cannot be encroached upon by the State; third, that the citizens must have a choice of how they want to be identified in their interactions with the State and with private parties; and finally, that there is no dichotomy between welfare and the rights of people.
Mr. Divan then pointed out that the State has given two justifications for Aadhaar – that it provides an identity to ‘millions’ of Indians, and that it enables huge amounts of savings for the State by plugging ‘leakages’ in the dispersal of entitlements under social security schemes. However, Mr Divan continued, both these claims are invalid, false and are undermined by the State’s own documents. He supported his argument with the following points:
The bench rose for the day and the matter will resume on Tuesday (06.02.2018)