Defender of your Digital Freedom

All Posts | Apr 13,2018

Updates on Aadhaar Final Hearing: Day 26

On Day 26 of the final Aadhaar hearing, Attorney General, Mr. K.K Venugopal resumed his submissions for the State. He began by explaining retrospective saving of Acts/statutes and cited cases to show that past actions can be validated by a subsequent Act. He stated that Section 59 of the Aadhaar Act provided retrospective application of the Act.

Mr. Venugopal, next read out the third version of the Aadhaar enrolment form and asserted that enrolment is free and voluntary and the form has provisions to take informed consent. Justice Chandrachud interjected and said that the first two forms did not have any reference to biometrics and that it was only inserted in the third form, to which Mr. Venugopal replied that the first two forms were hardly used because in the initial phase of enrolment, the government had only mandated enroling one crore individuals. He also stated that the Central Bureau of Investigation (CBI) had gone to Bombay High Court to obtain biomterics from the Aadhaar database in connection of a rape case since UIDAI had refused to part with biometric information of individuals without their consent.

Thereafter, Mr. Venugopal read out Justice Chandrachud’s part of the K.S Puttaswamy judgment about “reasonable expectation of privacy” and emphasized that the State has no interest in collection of biometrics except for the benefit of the individual himself.

Mr. Venugopal contended that before the right to privacy was recognized by the Supreme Court, the government acted in a bonafide manner when they launched the Aadhaar project and such action cannot be said to be void by retrospective action. Justice Chandrachud at this point highlighted that the question of privacy was irrelevant in M.P Sharma as the case concerned Article 20(3). Only the first part of Kharak Singh affirmed the right to privacy and the subsequent judgments that recognized privacy relied on this first part. Mr. Venugopal disagreed with this interpretation. He finished his arguments with a brief discussion on what would constitute as “excessive delegation.” Justice Chandrachud remarked that Section 2(g) of the Aadhaar Act that defines ‘biological attributes’ is not so much a question of delegation of legislative power but proportionality.

Additional Solicitor General, Tushar Mehta, began his arguments on behalf of Unique Identification Authority of India (UIDAI). He mentioned that his contentions would comprise of:

1. Challenge to S. 139AA of the Income Tax Act (IT Act) from the right to privacy angle.

2. How Aadhaar helps in prevent money laundering, black money and tax evasion.

3. Aadhaar- Mobile number linking

4. Scope of judicial review in the area of technology

He submitted that in the case of Binoy Viswam v. Union of India wherein Section 139AA of the Income Tax Act was challenged, the court had examined all aspects of Aadhaar apart from the test of right to privacy. He stated that all nine judges in the case of Puttaswamy affirmed that the right to privacy is not absolute. Mr. Mehta pointed out that a legislation has to pass the three tests laid down under Puttaswamy and also the test of manifest arbitrariness laid down in the Shayara Bano v. Union of India judgment. All four tests were examined in Binoy Viswam although in the context of Article 19, he stated. According to Mr. Mehta, all the demographic information that is required under Aadhaar was already being taken under Section 139A of the Income Tax Act for obtaining PAN along with the left hand thumb impression of individuals who cannot sign. Justice Chandrachud commented that there was no collection of biometrics and there was no authentication taking place. Mr. Mehta remarked that those who have obtained PAN previously do not have any legitimate interest in withholding information that they have already provided.

Mr. Mehta submitted that 11.3 lakh cases of duplicate PAN were found and that PAN can be misused for the purpose of tax evasion, black money, setting up shell companies, among other things. Aadhaar will ensure that one person has only one PAN by interconnecting the PAN-Aadhaar database as recommended by the Shah Committee SIT on black money. He mentioned that even companies require PAN cards and the documents used for obtaining PAN can easily be forged. Biometrics, he stated will prevent that. Mr. Mehta emphasized that India is a largely tax non-compliant country and the burden of people who evade taxes falls on honest tax paying citizens. He also stated that the tax collection is very low with respect to our GDP ratio.

Lastly, Mr. Mehta talked about India’s international obligations under Foreign Account Tax Compliance Act (FATCA) and Common Reporting Standard (CRS). He concluded by saying that Section 139AA has already been tested on the basis of the four tests mentioned earlier, to which Justice Bhushan commented that the Sate will have to prove that there is no violation of privacy under Aadhaar.

All Posts | Apr 09,2018

Updates on Aadhaar Final Hearing: Day 25

On day 25 of the final Aadhaar hearing, Attorney General, Mr. Venugopal continued reading from a note on biometrics (Thom v. New York Stock Exchange). The full note is available here. Justice Chandrachud expressed doubt on whether Aadhaar meets the test of proportionality as Section 2(g) of the Aadhaar Act is open ended and the administrative authority has the power to define “biological attributes.” While reading the note, Mr. Venugopal also remarked that finger imaging technology is 99.9% accurate.

Next, Mr. Venugopal read out excerpts from an article on finger imaging published in the Fordham Urban Law Journal. The full article can be accessed here. Concluding his argument on fingerprinting technology, he submitted that biometrics technology is a safe and secure way to combat issues such as money laundering, bank frauds, income tax evasion and providing direct subsidies to beneficiaries. Justice Sikri refuted Mr. Venugopal’s argument that bank frauds are caused because of multiple identities. Justice Chandrachud intejected and said that Aadhaar will not prevent bank frauds and can at the most be useful in providing benefits under Section 7. Mere legitimate state interest does not ensure proportionality, he commented. Mr. Venugopal remarked that Aadhaar will help reducing income disparity and elimination of poverty, to which Justice Sikri pointed out that the income gap is widening and more than seventy percent income is in the hands of one percent of the population. Justice Chandrachud reiterated that proportionality is key and the question that should be asked is how far can the State cast the net of Aadhaar. Justice Sikri observed that the State cannot assume that the entire population consists of defaulters and violaters and there is no logic in the State asking for everyone to link their SIM cards to Aadhaar. Mr. Venugopal replied that the purpose of that is to prevent terrorism. Justice Chandrachud expressed his disbelief at the Attorney General’s statement and remarked that terrorists do not apply to get SIM cards.

In his next submission, Mr. Venugopal submitted that the court, in the present case, needs to balance two competing rights: right to live a life of dignity which includes right to food, employment and medical care and the right to privacy. He questioned whether right to privacy can be invoked to deprive other sections of the society and mentioned that the invasion of privacy in the case of Aadhaar is so minimal that it cannot even be considered an invasion. Mr. Venugopal cited X v. Hospital Z wherein the appellant was suffering from HIV and had the right to non disclosure of this fact. However, the court had held that his fiance had the right to know about this information. Justice Sikri disagreed and said that the State cannot give a person food in exchange of their privacy. Mr. Venugopal explained that the bare requirements for identification of an individual is alone taken and to the extent that the technology permits. He asked “Should people have the basic right to life under Article 21? Can it ever be challenged on the ground that individuals have a right to privacy?” To this Justice Bhushan remarked that minimal invasion is subjective. What might be minimal for someone might not be minimal for someone else.

Justice Chandrachud pointed out that three things have to be looked at in Aadhaar: informed consent, purpose limitation and security. He also mentioned that we have to look at what proportionality means since it has not been defined in the Puttaswamy judgment. Mr. Venugopal stated that without the minimal information that is collected, the architecture of Aadhaar could not have been framed and sections 29(a) and (b) contain the required purpose limitation. He also asserted that Aadhaar was voluntary when it was rolled out, and therefore no question of coercion arises, as informed consent was implied. Justice Chandrachud observed that the State’s argument to save the validity of the Act does not take into account what happened before the Act was passed. There was no protection for citizens’ at that time and the Aadhaar Act does not have any retrospective effect. Senior Counsel, Rakesh Dwivedi interjected and said that a proof of concept study was conducted in rural areas before Aadhaar was decided upon. He also mentioned that the Information Technology Act, after the 2009 amendment empowered the use of Aadhaar for the purpose of e-commerce.

Lastly, Justice Khanwilkar asked whether biometrics locking option is available for individuals who do not want to use Aadhaar. Mr. Divan interjected and said that there is no way to opt out of the Aadhaar system even though the facility to lock your biometrics is available.

The next hearing will take place on Tuesday, April 10, 2018.

All Posts | Apr 08,2018

Updates on Aadhaar Final Hearing: Day 24

On Day 24 of the final Aadhaar hearing, Attorney General, Mr. K.K Venugopal resumed his arguments from the previous day. He reiterated that in the digital era, Aadhaar is the best way to prevent money laundering, curb black money and deliver subsidies and benefits to the targeted beneficiaries. He highlighted that Aadhaar is approved by the United Nations and World Bank and its technology and security will be updated as and when required.

Mr. Venugopal restated that policy decisions taken by the government and approved by experts are not subject to judicial review. He gave the example of Unified Access Service License and said that the three organs of the State should have mutual respect for each other in a democracy. Mr. Venugopal was of the view that judicial review of every administrative action will lead to slowing down of development and that the courts should only restrict their duty to expounding the language of statutes instead of interfering so far as technical expertise is concerned.

At this point, Justice Bhushan interjected and said that the court is not concerned with policy decision but the legality of the Aadhaar Act and the accompanying regulations. Justice Sikri remarked that the State has to prove that Aadhaar meets the test of proportionality. Mr. Venugopal pointed out that there is no question with regard to privacy in the present case and the actual challenge is whether Aadhaar is safe and secure, which, according to him has already been proved.

Further, Mr. Venugopal explained that the generation of virtual ID is an excellent safety measure. Justice Chandrachud asked whether the onus to generate a virtual ID lies on the individual, to which, Mr. Venugopal replied in the affirmative. Justice Chandrachud opined that the virtual ID measure should be applicable to everyone without the individual having to generate it. He was also of the view that apart from legitimate state interest, Aadhaar has to pass the test of proportionality.

Next, Justice Chandrachud, on the point of Section 2(g) of the Aadhaar Act that contains the definition of “biological attributes”, remarked that the definition is open ended and the power to collect biometrics and the method of collection has to meet the test of proportionality. Mr. Venugopal stated that blood, urine and DNA can be added later but it will be subject to examination by the courts. Also, he added that Section 55 of the Aadhaar Act provides that the Parliament will act as an oversight body with respect to the rules and regulations made under the Act. J. Chandrachud remarked that the initial power to make rules/regulations lies with UIDAI which might be a case of excessive delegation, and the Parliament only has the power to disapprove of it.

Next, Mr. Venugopal read out India’s statement at the 20th session of UN commission on science and technology for development on the theme: New innovation approaches to support the implementation of sustainable development goal. The whole statement is available here.

He then read out a note on biometrics, especially fingerprinting technology and commented that the State has a vital interest in collection of biometrics. J. Chandrachud seemed to disagree with him and remarked that pervasive use of fingerprints beyond a specific purpose breaches the doctrine of proportionality. Limited use such as in the case of prisoner identification or for the purpose of traveling abroad is permitted.

Mr. Venugopal stated that curbing black money and providing direct benefits are specific purposes and legitimate state interests. Mr. Venugopal also denied that fingerprints can be used for surveillance and said that no governement has conducted surveillance in the last seventy years.

He then quoted a few American judgments: Whalen v. Roe ( SCOTUS said that the state need not show that state action was necessary to solve a particular problem and there's no reason for assuming that state security provisions would be improperly administered.), People v. Stuller and Buchanan v. Wing.

Mr. Venugopal concluded his submissions for the day by drawing parallels between the American Social Security Number and Aadhaar and pointed out that SSN collects more information than Aadhaar does. J. Candrachud disagreed with him and stated that SSN does not collect biometrics.

The hearing will resume on Thursday, 5th April, 2017.

All Posts | Apr 06,2018

Updates on Aadhaar Final Hearing: Day 23

On Day 23 of the final Aadhaar hearing, the Attorney General answered questions put forth by the petitioners on the basis of the presentation made by Dr. Ajay Bhushan Pandey, CEO of Unique Identification Authority of India (UIDAI).

The complete list of questions along with UIDAI’s answers is available here.

Justice Chandrachud and Justice Sikri expressed some skepticism about the measures taken by the government to ensure that the provisions under the Aadhaar Act are effectively implemented. They emphasized that the government will eventually have to answers questions related to implementation, since UIDAI is only responsible for the architecture of Aadhaar and therefore cannot guarantee if there has been denial of services. On being asked whether the Aadhaar project has an option to opt out of the system, the Attorney General confirmed that Aadhaar has no such option, even for children.

Further, the Attorney General reiterated that Aadhaar was adopted to ensure that there are no fake identities, and the architecture is designed so as to prevent de-duplication. He also mentioned that Aadhaar is an evolving technology and all other alternatives were considered for a period of more than five years before the project was finally decided upon. Mr. Venugopal said that the Aadhaar Act can be amended and rectified according to the changing time and lauded the project for being recognized all over the world. He pointed out that the project was the result of a policy decision taken at the highest level of the government, and therefore it was out of the scope of judicial review.

The Attorney General cited the three prong test laid down in the Puttaswamy judgment to validate an invasion of privacy:

  1. Legality, which postulates the existence of a law.,
  2. Need, defined in terms of a legitimate state aim,
  3. Proportionality, which ensures a rational nexus between the objects and the means adopted to achieve them.

The Attorney General insisted that Aadhaar satisfies all three conditions, and invades privacy as little as possible. He mentioned that there could not have been a lesser intrusive law. Also, curbing black money, providing subsidies, benefits and services are legitimate state interests.The relevant excerpts from the Puttaswamy judgment were read out by Mr. Venugopal. He also mentioned that the Sri Krishna Expert Committee on Data Protection will submit its report by May 15.

On the point of right to privacy, the Attorney General maintained that the right is not absolute and the State can always enforce reasonable restrictions to protect legitimate state interests. Apart from giving the examples of national security, and investigation of criminal offences, he gave the example of right to information as being a reasonable exception to privacy in the context of larger public interest. Mr. Venugopal also emphasized that Aadhaar passes the just, fair and reasonable test on account of it being the least intrusive tecs not possible with CIDR as silos are not merged. Surveillance is possible by smart cards by merging databases. Mhnology.

He concluded his submissions for the day by saying that the right to live a life of dignity trumps the right to privacy.

The hearing will continue on Wednesday, 4th April, 2018.

All Posts | Mar 27,2018

Updates on Aadhaar Final Hearing: Day 21

On day 21 of the final Aadhaar hearing, the judges agreed to hold the PowerPoint presentation prepared by the Unique Identification Authority of India (UIDAI) in the second half of the day.

Attorney General, K.K Venugopal began his submissions by reading out excerpts from World Bank’s Identification for Development (ID4D) Integration Approach Study, and pointed out that the goal is to have legal unique identity for all by 2030. Thereafter, Mr. Venugopal took the bench through the history of the Aadhaar program, and highlighted that various committees and groups of the Government have been working on it since 2006, therefore, Aadhaar is a well thought out venture and was only adopted after considering all other possible alternatives.

Mr. Ajay Bhushan Pandey, CEO of UIDAI, commenced his presentation on Aadhaar with four agenda points: Introduction, Technology of Aadhaar, Privacy Safeguards and contrast with Smart Cards, Security of Aadhaar. He started with explaining how people in India do not have a nationally acceptable ID. For instance, children cannot get Voter IDs, and procuring a ration card is also tedious because it requires furnishing other ID proofs. He also stated that voter ID and ration cards are region-specific, and are not nationally verifiable, unlike Aadhaar, which is a nationally verifiable digital ID, enrolment and updation for which can happen in any part of the country.

Mr. Pandey highlighted how Aadhaar is a completely random number, and once issued, it is never issued again, even if the Aadhaar holder dies. Also, Aadhaar was purposely not linked with citizenship and included transgenders and children as well. He also stated that exemptions have been made under the Aadhaar Act for people who cannot provide their biometrics. He pointed out that data sharing without consent is not allowed under the Act, except during narrowly tailored circumstances, such as national security, and on the instructions of a district judge.

Further, Mr. Pandey, described the process of enrolment, and remarked that even information such as father’s name is not collected. He, then, elucidated on the types of authentication mechanisms available under the Act, and mentioned that the ecosystem comprises of decentralized enrolment and centralized storage of data. The type of encryption that is used is 2048-but and the traceability of all actors in the enrolment process is ensured through audit trail. On being asked why so many enrolment agencies were blacklisted, Mr. Bhushan clarified that it was mostly due to corruption and failure of some operators to enter individuals’ data correctly. Justice Sikri did not seem convinced and commented that it was incomprehensible that forty nine thousand agencies were de-registered. Mr. Pandey reiterated that UIDAI has strict quality control standards.

Mr. Pandey then moved on to explain childrens’ enrolment, and said that, infants are enrolled at the time of birth, but only their photograph is taken, instead of biometrics. Biometrics is later collected twice, at ages 5 and 15. At this point, Justice Chandrachud enquired about the process of updation in case a person’s biomterics change, and also about how people will come to know if their biometrics have changed. Mr. Pandey answered that in such circumstances, a person will experience authentication failure, and an error code will be sent to UIDAI. Thereafter, the individual is asked to update her biometrics.

Justice Chandrachud remarked that such a method would lead to exclusion and denial of services. On the point of de-duplication, Mr. Pandey mentioned that every Aadhaar card has a QR code, which on scanning shows the Aadhaar card holder’s photograph, therefore, there is no question of de-duplication. Justice Chandrachud remarked that authentication failures are recorded by UIDAI but there is no way to ascertain whether authentication failure was followed by denial of service. To this, Mr. Pandey, replied that entities working with Aadhaar are asked to make exception handling measures. Speaking about the scale of Aadhaar enrolment, Mr. Pandey highlighted that enrolment centres will be expanded and cover more banks and post offices. He also mentioned that the cost of an Aadhaar card is less than one dollar.

Mr. Pandey began his next agenda by discussing the software of Aadhaar. Justice Khanwilkar enquired whether the software is designed in India, to which, Mr. Pandey, highlighted that only the biometris-matching software has been taken under a license from foreign companies, but the six thousand servers that are used are owned by UIDAI. He also asserted that registered devices are used for authentication, and the same use UIDAI’s key for encrypting the data captured on the device. Mr. Pandey concluded his presentation for the day by emphasizing that the authentication records remain in separate silos and their merging is prohibited.

The hearing will continue on Tuesday, 27th March, 2018.

All Posts | Aug 01,2017

Nine-judge Constitution Bench of Supreme Court hears arguments on right to privacy: Updates from day 5

A historic nine-judge Constitution Bench of the Supreme Court of India has been hearing arguments for and against the right to privacy in the matter of K.S Puttaswamy v. Union of India for four days. On the first two days of the hearing (July 19 and July 20), the petitioners presented their arguments in favour of a right to privacy in India. On the third day (July 25) Senior Advocate Kapil Sibal took a pro-privacy stance on behalf of the State Governments of Karnataka, West Bengal, Punjab and Puducherry. A brief submission was made by the Counsel for the State of Himachal Pradesh, while the Attorney General of India (K. K. Venugopal), on behalf of the Government of India initiated arguments against the right to privacy being a fundamental right. On day four (July 26), the Attorney General continued his arguments and Senior Advocate C.A. Sundaram began his submission for the State of Maharashtra.

Today, Senior Advocate C.A. Sundaram continued his submissions before the Court, followed by submissions from Additional Solicitor General Tushar Mehta on behalf of the State of Madhya Pradesh and Unique Identity Authority of India (UIDAI), and Senior Counsel Rakesh Dwivedi for the State of Gujarat.

Mr. Sundaram stated that the framers of our Constitution had expressly left out the right to privacy from the ambit of fundamental rights, and only the Parliament had the power to introduce it through a constitutional amendment, if they deem it necessary to have such a right. Privacy can only be protected by way of statutes and legislation, he said, and cannot be elevated to the level of fundamental right. Also, it was pointed out by him that privacy can be protected under other rights like right to property, freedom from intrusion, etc. J. Chandrachud disagreed with this interpretation, stating that many aspects of privacy are manifestations of liberty, and that Mr. Sundaram’s interpretation of the Constituent Assembly debates is narrow. He pointed out that the Constituent Assembly only discussed the aspects of secrecy of correspondence and privacy in one’s own home. They did not discuss the wider question of right to privacy.

Mr. Sundaram was of the view that data should be protected under Article 300A (right to property) of the Constitution. He mentioned that various aspects of privacy are already covered under Article 21, and there is no need to give it specific recognition. Mr. Sundaram gave the example of freedom of press not being a separate fundamental right, as it was already covered under freedom of expression. He maintained that the intention of the framers of the Constitution is satisfied by the existence of sufficient statutory protection of privacy. Further, he contended that people may choose subsidised food over protecting their private information, to which J. Chandrachud vehemently disagreed.

According to Senior Advocate C.A. Sundaram, personal liberty is different from civil liberty. He emphasized that personal liberty deals with only physical aspects of the person such as protecting their life and physical body, and does not include protection of mind. Other aspects, he argued, are covered under other fundamental rights. Justice Nariman asked Mr. Sunadaram about the judgement in the case of RC Cooper in which it was said that Fundamental Rights have to be read together, to which Mr. Sundaram replied that fundamental rights can stand alone and do not necessarily have to be read together. J. Nariman, shocked at this pre-1970s proposition, asked how such an argument could even be made today. He stated that even if we assume that privacy is not in our Constitution, it still has to be read in the fundamental rights because India is a signatory to the Universal Declaration of Human Rights (UDHR) and International Covenant on Civil and Political Rights (ICCPR). Mr. Sundaram disagreed, saying that in England, the House of Lords had repeatedly insisted that international conventions do not necessarily have to be read into domestic law. He accepted that with advancements in technology, intrusions into privacy may arise, but the solution for that is to devise suitable regulatory methods, instead of redefining Article 21.

Furthermore, Mr. Sundaram mentioned that the majority judgement in the case of Kharak Singh talked about three points: (1) pigeon hole theory; (2) privacy per se is not a fundamental right; and (3) ordered liberty is a part of personal liberty. He stated that theManeka Gandhi judgement overruled only the first aspect, while the other two aspects still stand. He reiterated that data protection can be traced to Article 300A and that it doesn’t fall under Part III of the Constitution. On being asked by J. Chelameswar about how data can come under the ambit of ‘property’, he said that if data is commercially valuable, it can be included under property by way of a wide interpretation of the term ‘property’.

Lastly, J. Chandrachud pointed out that Article 51, contained in the Directive Principles of State Policy, states that international conventions have to be respected. Mr. Sundaram argued that this has to be done statutorily; there is no need to include it in Part III of the Constitution. J. Nariman stated that the NALSA judgement specifically said that treaties have to be read into municipal law.

Next, Mr. Tushar Mehta began his submissions on behalf of State of Madhya Pradesh and UIDAI. He started his arguments by citing the case of Kharak Singh. He argued that privacy is vague and subjective and that something so ambiguous cannot be made a fundamental right. He contended that one person’s concept of privacy can be diametrically opposite someone else’s notion of privacy. Mr. Mehta accepted that privacy is a valuable right and therefore it has already been recognized by the Parliament through various statutes. He pointed out that the legislature, in its wisdom has enacted several subject specific legislations to protect various aspects of privacy.

J. Bobde opined that the problem arises when legislature denies protection of privacy. Mr. Mehta gave the example of Right to Information Act, 2000 and stated that even though transparency is essential, the legislature understands the importance of protecting privacy. Pointing out that the term “unwarranted” is vague in the RTI Act, J. Nariman asked how it can be challenged if there is no right to privacy? Mr. Mehta said that it can be protected as a common law right. At this point, J. Bobde interjected and said that state actions can only be challenged for infringement of fundamental rights, not a common law right. J. Nariman asked: “If dignity is violated, where will you ground it? It is not expressly stated as a right.” To this, Mr. Mehta cited a list of Indian statutes that protect individual privacy.

Further, on Aadhaar, J. Chandrachud asked what the remedy is for citizens if Aadhaar gets repealed. Mr. Mehta, in response, wanted to read out some provisions to show that the Aadhaar Act’s protection of privacy is exemplary. He also gave an example of the Information Technology Act, stating that it protects informational privacy. Mr. Mehta stated that various jurisdictions like New Zealand, Australia, Israel, Japan, Brazil, Saudi Arabia, China, etc. have individual statutory rights for protection of privacy. To this, J. Nariman quipped “It was shown to us that Pakistan has a fundamental right to privacy.” Making the point that our cultural ethos is different from other countries, Mr. Mehta mentioned that in America, the right to divulge the name of a rape victim is a fundamental right under freedom of speech and expression. On being asked by J. Bobde whether all of the countries mentioned by Mr. Mehta had fundamental rights under their Constitution, the latter replied that most of them do. He emphasized that it is up to the State to decide if it wants to guarantee constitutional or statutory right to privacy, but it has to be subject specific. J. Bobde also asked: “What are the factors that elevate a right to the level of fundamental right?” Mr. Mehta answered that the right has to come under the ambit of one of the stated fundamental rights. J. Nariman interjected at this point and highlighted that fundamental rights need to be interpreted according to changing needs of the time and that the Constitution cannot be interpreted literally. J. Chandrachud added by saying that privacy is at the heart of liberty in a modern state.

Further, Mr. Mehta quoted paragraphs from the judgments of Malone v. Metropolitan Police Commissioner and United States v. Graham. He gave the example of Electronic Communications Act in the United States that protects privacy of data, in support of his argument that privacy should be guaranteed nothing more than statutory protection. Further, it was contended that the even the apex court of Singapore and many other countries have not imposed the status of fundamental right on privacy. Mr. Mehta also revealed to the bench that the Government has constituted a committee headed by former Justice B.N Krishna to evolve principles related to data protection and the Ministry of Electronics and Information Technology is in the process of drafting a data protection bill. Mr. Mehta reiterated that vague concepts cannot be given the status of fundamental right and cited AK Roy v. Union of India and Shreya Singhal v. Union of India to support his viewpoint. He contended that there are dangers in expanding the scope of Part III of the Constitution, and public interest and good governance will be seriously harmed if privacy is made a fundamental right, without defining its boundaries. Mr. Mehta defended Aadhaar by stating that its repeal will cause irreparable damage. He also argued that the Supreme Court had endorsed biometric identification in the case of PUCL v. Union of India. Lastly, Mr. Mehta requested the court to not rely on American judgments while deciding the issue as the notion of privacy in America is different than what it is in India.

Counsel for Gujarat, Senior Advocate Rakesh Dwivedi began his arguments by submitting that every aspect of privacy has to be tested separately to decide if it can be elevated to the level of fundamental right. Mr. Dwivedi was of the view that life and personal liberty is enhanced when information is made public. The context is important when the question of breach of privacy arises, he stated. Justice Chandrachud pointed out that the right to privacy should be balanced with spread of knowledge and propagation of innovation. Further, Mr. Dwivedi mentioned that, even though privacy as a whole cannot be a fundamental right, but if the court thinks that certain aspects of it satisfies the reasonable expectations of society, then those aspects can be read into Article 21. At this point, Justice Chandrachud asked Mr. Mehta how much autonomy should an individual have or only the nature of privacy claim should be looked into. To this, Mr. Mehta replied saying that right to choice does not need the cloak of privacy. Decisional autonomy is already covered under Article 21 of the Constitution. Lastly, Justice Chandrachud and Justice Nariman discussed the right of limited use of data and emphasized that the usage of data should be limited to the purpose for which it is collected.

With this, arguments for the day concluded. The State will wrap up its arguments tomorrow, and the petitioners will wrap up theirs post lunch.

All Posts | Jul 27,2017

Nine-judge Constitution Bench of Supreme Court hears arguments on right to privacy: Updates from day 4

Arguments before the nine-judge Constitution Bench of the Supreme Court on right to privacy (in the matter of K.S. Puttaswamy v. Union of India) ran into its fourth day today.

Attorney General Mr. K.K. Venugopal resumed arguments on behalf of the Centre, and began by contending that the M.P. Sharma and Kharak Singh judgments that refused to read privacy as a fundamental right are sound in law. After reading out excerpts from the majority opinion in these decisions, Mr. Venugopal reiterated the Centre’s stance that the Indian Constitution does not guarantee a fundamental right to privacy, even assuming privacy can be linked to the right to personal liberty guaranteed under Article 21. Informational privacy in particular, he said, is not a fundamental right and cited the US Supreme Court’s decision in NASA v. Nelson in support of his argument. Justice Nariman however pointed out that in NASA v. Nelson, the view that informational privacy is not a right was in fact a dissenting opinion by Justice Scalia, and that Justice Alito had assumed informational privacy to be a part of privacy, but distinguished its application when the State acts as an employer. Justice Chandrachud added that informational privacy has always been a part of the American jurisprudential due process guarantee. Mr. Venugopal read out a few more US decisions in support of his contention, and said that the US is jurisprudentially the most advanced country. Justice Chandrachud disagreed with this statement, and pointed out that when it comes to informational privacy, the US is actually far behind the European Union. Mr. Venugopal argued in response that the social and cultural landscapes of a country are important when speaking of the right to privacy, and said that there are a large number of American decisions that refused to consider decisions from the EU as it was felt that the socio-cultural landscapes of both regions were vastly different. He argued further that the American due process guarantee protects those rights that are rooted in national history and culture, and said that India should do the same. He then read out portions of the decision in US v. Miller, though Justice Nariman intervened once again to point out that this judgment was heavily criticized by Justice Lahoti in the Indian Supreme Court’s decision in District Collector v. Canara Bank.

Mr. Venugopal contended next that the makers of India’s Constitution had purposely omitted privacy from the ambit of fundamental rights, and reiterated that informational privacy, which is just one of the many facets of privacy, cannot be elevated to a fundamental right. Justice Chandrachud observed at this point that there needs to be a principle to determine the kinds of data/information that should be protected on grounds of privacy, to which Mr. Venugopal said that the determination should be made on the basis of the State’s interest in the data/information in question. Justice Chandrachud asked what kind of State interest Mr. Venugopal was referring to (compelling or legitimate), and Mr. Venugopal clarified that he meant legitimate State interest. Justice Chelameshwar expressed his disagreement to this view, but Mr. Venugopal persisted, pointing out as he did yesterday that many kinds of personal information are already requested by and provided to the State in connection to census surveys, passport, voter registration etc. Justice Nariman remarked that it becomes even more important to have a privacy legislation that protects the dissemination of such information as parting with the information is not voluntary. As Mr. Venugopal contended that no one had challenged the census or voter registration processes (unlike with Aadhaar), Justice Chelameshwar observed that the Census Act in fact imposes heavy penalties for disclosing census data, making it very difficult for private parties to acquire census data from the Government. Justice Bobde enquired if there is a similar provision under the Aadhaar Act, which Mr. Venugopal answered in the affirmative, citing Section 29 of the Aadhaar Act. After reading Section 29, Justice Chandrachud asked for an explanation as to why mobile numbers are not protected under the Act, and why medical history is not considered part of “demographic information”. The State may have a legitimate interest with respect to Aadhaar, said Justice Chandrachud, but there has to be a robust mechanism to ensure security of data collected. While he has no problem sharing his email ID or phone number with the State, he said he nevertheless has concerns about this information being shared with private parties who build their products and services using Aadhaar data. Additional Solicitor General Tushar Mehta intervened to submit that Section 29(2) of the Aadhaar Act read with the Aadhaar (Sharing of Information) Regulations lays down safeguards to oversee the sharing of Aadhaar data. Pointing out how the Aadhaar Act has a whole chapter on privacy interests, and how privacy also finds mention in the statement of objects and reasons, Justice Nariman asked why this should not be considered a legislative recognition of privacy. Mr. Venugopal opted to not answer the question, choosing instead to deal with it later on in his arguments. He nevertheless assured the Bench that the Aadhaar Act protects privacy and confidentiality of data, and argued that the very existence of a legislation protecting privacy implies that there is no fundamental right to privacy.

Mr. Venugopal then went on to speak in support of Aadhaar, citing US judgments that upheld the American social security number system. Noting how the list of information collected for social security numbers is comparable to information collected for Aadhaar, Mr. Venugopal also drew attention to the fact that social security numbers are necessary to procure a host of Government benefits and services, including death certificates. Reiterating yet again that the right to life of others overrides the individual’s right to privacy, he read out the majority opinions in Kharak Singh and M.P. Sharma and contended that none of the rights claimed by the petitioners can in fact be claimed as fundamental rights. He emphasized that both judgments were correctly decided, and concluded his arguments saying that elevating privacy to the level of a fundamental right while other facets of Article 21 like right to think and right to dissent remain non-fundamental rights would be contrary to the Constitution.

Senior Advocate Mr. C.A. Sundaram argued next for the State of Maharashtra. He started by outlining what he said is the sole question at hand i.e. whether the right to privacy is a fundamental right. If we are to read privacy as a fundamental right, he said it will be necessary to read all its manifestations similarly. However, Mr. Sundaram relied on Kharak Singh to argue that privacy per se cannot be a fundamental right, adding that facets of privacy can still be protected if they emanate from other established fundamental rights. He said privacy can never be defined unambiguously as everyone has a different conception of it. On being questioned by Justice Bode about the definition of “life” as it appears in Article 21, Mr. Sundaram said it is the ability to breathe and to have access to basic needs to exist. In other words, life is the antithesis of death. Justice Chandrachud vehemently objected to this definition, and Justice Nariman reminded Mr. Sundaram that the Supreme Court had interpreted the term “life” to mean more than mere animal existence. Chief Justice Khehar also weighed in, pointing out that terms like “dignity” and “liberty” are also undefined, though they are components of Article 21. Mr. Sundaram however persisted with his contention that privacy cannot be elevated to be a part of the right to liberty or any other fundamental right.

It was submitted by Mr. Sundaram that privacy is too ambiguous to be a fundamental right and that the makers of our Constitution had the specific intent to only have notions with exactitude as fundamental rights. Any state action should be tested against existing fundamental rights, he said, but new fundamental rights should not be claimed. Justice Nariman then asked if dignity is not a fundamental right, and Mr. Sundaram responded that it is a part of the right to life. However, dignity is a natural right, whereas privacy is a foreign concept. Justice Nariman said that reading dignity and liberty together may give you privacy, and Justice Bode supplemented this by saying privacy may be a pre-condition of dignity or liberty. Mr. Sundaram nevertheless persisted in his argument that this does not make privacy a fundamental right, and went on to quote Aristotle’s observation “one who doesn’t need society is a beast or a God”, pointing out that the right to be left alone is contrary to this. Stating that seclusion is the antithesis of society, Mr. Sundaram said there would be frivolous privacy claims if privacy were to be made a fundamental right. Privacy includes many expectations, he said, and these expectations must be tested on the basis of other fundamental rights. Contending that privacy and liberty are not interchangeable, he said that protection against unlawful intrusion does not mean there has to be a right to privacy. It was said that Kharak Singh was rightly decided in this regard, but wrongly interpreted by the petitioners. Justice Nariman however informed Mr. Sundaram that his interpretation of Kharak Singh was wrong, as the judgment wrongly treated movement and liberty separately. He said there is an internal contradiction in the majority judgment and that it effectively deals with privacy without saying so. Justice Nariman also said that a man defending his castle is defending his privacy, rather than his liberty as Mr. Sundaram put it. Justice Chandrachud clarified that “castle” here is a metaphor that alludes to the individual’s right to live in solitude.

Mr. Sundaram then argued that privacy must be a tangible right to be protected, which it is not. Justice Nariman disagreed with this view, saying Kharak Singh spoke of tangible infringements in context of Article 19(1)(d) but not Article 21. Mr. Sundaram contended that domiciliary visits were held unconstitutional in Kharak Singh because they related to tangibility of ordered liberty. Surveillance on the other hand was not struck down because it was an intangible infringement. He then reiterated that privacy is not a standalone right – it can be a common law right or a statutory right, but not a fundamental right. Justice Nariman once again posed a question on the inherent contradiction in Kharak Singh, but Mr. Sundaram was adamant that no such contradiction exists. Mr. Sundaram submitted further that Govind v. State of M.P. had not in fact found that there is a fundamental right to privacy, rather it read privacy into ordered liberty. Justice Nariman disagreed, pointing to two paragraphs in the judgment that talk explicitly about privacy as a fundamental right. Mr. Sundaram persisted with his argument that there was no real discussion in the judgment around privacy, and that all subsequent judgments on privacy went by a false assumption to the contrary. He said that this Bench has to decide the matter afresh, and cited a batch of American judgments including Whalen v. RoePaul v. Davis and the Nixon tapes case in support of his arguments.

Mr. Sundaram argued further that informational privacy can be protected by statutes and regulations even in the absence of a fundamental right. This Court will have to keep interpreting the evolving right to privacy if its contours are not defined, he said. Justice Chelameshwar pointed out that all fundamental rights can evolve, reminding Mr. Sundaram that freedom of press was not initially a part of freedom of speech and expression. Mr. Sundaram then traced the evolution of personal liberty from civil liberty, and said that the former is much narrower in scope. Justice Nariman agreed that personal liberty has a narrow scope, but observed that privacy relates specifically to personal liberty in any case. Mr. Sundaram then spoke about how the makers of our Constitution had omitted privacy despite being aware of the American First Amendment, at which point Justice Nariman reminded that even “due process” was considered for inclusion in the Constitution by its makers and later dropped, though due process was subsequently recognized by Maneka Gandhi v. Union of India. As Mr. Sundaram continued to argue that privacy and personal liberty are different from each other, Justice Chandrachud explained that the qualification of “liberty” in Article 21 by adding “personal” was done so as to avoid overlap with other freedoms such as those already provided for under Article 19. Another reason for this qualification was that in its absence, liberty might be read in an economic sense instead of a political or personal sense, as was done in the US and later corrected.

With this, arguments for the day drew to a close. The hearing will resume next on Tuesday, August 2.

All Posts | Jul 26,2017

Nine-judge Constitution Bench of Supreme Court hears arguments on right to privacy: Updates from day 3

Today was the third day of arguments before a nine-judge Constitution Bench of the Supreme Court in the matter of Justice K.S. Puttaswamy and Ors. v. Union of India and Ors. [W.P.(C). No. 494/2012], regarding the existence of a fundamental right to privacy in India.

Mr. Kapil Sibal, appearing for the states of Karnataka, West Bengal, Punjab and Puducherry and taking a pro privacy stance, made a short submission before the State commenced its arguments. He began his submissions by stating that privacy cannot be an absolute right and that the court has to strike a balance. He emphasized that with the advancement of technology, its nature has become all pervasive and therefore the right to privacy should be enforceable against non state actors as well. Mr. Sibal quoted parts of the judgments of Riley v. California and US vs. Jones. Mr. Sibal was also of the view that the issue of right to privacy has to be considered afresh and not from the standpoint of Kharak Singh and M.P. Sharma. He further contended that the right to privacy is an inalienable natural right that is inherent in everyone, and can manifest under other rights like Article 19 of the Constitution. He gave the example of American, Australian and Canadian Constitutions that do not have an express right to privacy, but manifests itself under other rights. Mr. Sibal discussed various tests formulated by the Supreme Court of the United States, namely the “Katz test” and “Reasonable Expectation of Privacy test”. He also stated that there should be fetters on the discretional powers of the State, and right to privacy can only be breached if there is a legitimate public interest and the authority of law to do so. Lastly, he pointed out that India needs a robust data protection law, especially for protection of data from non state actors.

Counsel for the State of Himachal Pradesh also made a brief submission on how privacy is enshrined in Article 21 of the Constitution.

Attorney General of India, Mr. K.K Venugopal, appearing for the State began his submissions by placing two issues for the court’s consideration: whether the judgments in the cases of Kharak Singh and M.P Sharma hold true today, and whether right to privacy is a fundamental right.

Mr. Venugopal stated that the framers of the Constitution deliberately did not include right to privacy in Part III of the Constitution. He asserted that life and liberty are not absolute and that is the reason why death penalty is legal in India, which in turn means that deprivation of a right is inherent under Article 21. Mr. Venugopal further talked about derivative rights under Article 21 and stated that Right to Life and Personal Liberty are qualified rights and each an every aspect of these rights cannot be elevated to the level of a fundamental right. He further mentioned that each one of these aspects have to be scrutinized in the context of which it is claimed. Mr. Venugopal maintained that privacy is a specie of personal liberty and that privacy itself is not homogeneous and contains many sub species. It is not possible to elevate all these sub species to the level of fundamental right.

Mr. Venugopal’s second point of contention was that personal liberty has to be subordinated by right to life of others. He gave the example of Aadhaar and how it benefits millions of poor in India. To this, Justice Chandrachud said that right to privacy is not an elitist right. It is also for the common masses. He gave the example of women below poverty line suffering from cervical cancer due to multiple childbirths and early marriage. In such a situation, can the State implement a program of mass sterilization. J. Chandrachud pointed out that having the right to privacy becomes important in such a scenario. Mr. Venugopal stated that only some facets of privacy can qualify as fundamental right and not all. He asked the bench, “Right to privacy is a conglomerate of many rights. Will my Lordships evaluate each and every such right before deciding whether privacy is a fundamental right or not?”

Noting how it is unfair to say that Aadhaar will turn India into a totalitarian state, Mr. Venugopal pointed out that India’s census surveys collect considerably more information about residents than Aadhaar. Right to privacy, he said, has more credibility in developed countries that are socially, economically and politically developed, but not in a developing country like India. He reiterated his submission that privacy is not a homogeneous right, and that every aspect of privacy cannot be made a fundamental right.

Justice Bobde reminded Mr. Venugopal that the Bench will only discuss whether privacy is a fundamental right, without going into the various aspects of this right. CJI Khehar concurred with Justice Bobde, and added that questions beyond privacy’s status as a fundamental right will be taken up by other small Benches in time. He also observed that the fact that right to privacy is not absolute does not necessarily mean it cannot be a fundamental right, since other fundamental rights like freedom of movement are also non-absolute.

Justice Nariman then asked Mr. Venugopal how he would substantiate his contention that there are some sub-species of privacy that constitute fundamental rights, if privacy overall is not elevated to a fundamental right. He also outlined two domains of mental activity around which privacy rights exist, namely dissemination of information and the individual’s private choices, and asked Mr. Venugopal to explain how either of these do not fall under Article 21 in his view. Mr. Venugopal said in response that he is merely objecting to the petitioners’ contention that privacy is a homogeneous right, and that the various sub-species of privacy must be tested individually to determine if they qualify as fundamental rights. Noting that privacy is a sociological rather than a legal construct, he reiterated his contention that privacy is a derivative right that is secured by protecting more cognizable rights.

Justice Chandrachud observed at this point that there may be certain aspects of one’s personal life that do not invoke the right to privacy. For instance, while it may be acceptable to ask a woman about her marital status or about the number of children she has, it is certainly not acceptable to ask her about the number of abortions she has had, as this would be considered violative of her privacy. Illustrating further, Justice Chandrachud pointed to a Maharashtrian law that prohibits the third child of a family from contesting elections. In this case, he said a candidate would be required to disclose if he is a third child, and whether he was born out of his parents’ first marriage or otherwise. Justice Chandrachud cited the disclosure of transgender status as yet another example of information disclosure that is not considered a violation of privacy.

Adding to Justice Chandrachud’s observations, Mr. Venugopal questioned the unwillingness to disclose for Aadhaar the same information that is disclosed for election or census survey purposes. He then read out portions of the Representation of People’s Act that mandate public disclosure of information, and also read out judgments that upheld various facets of this mandate. Justice Chelameshwar said elections are not the right example as information disclosure in this case is about balancing constitutional interests.

Mr. Venugopal submitted further that even if the court upholds a right to privacy, it is not an absolute right, but one that would be outweighed by overwhelming public interest among other things. He said he firmly believes that it is difficult to uphold right to privacy in a developing country as there are far graver issues to tackle first, and mentioned human trafficking and starvation as examples. The State, he said, has a legitimate interest to introduce programs like Aadhaar and MGNREGA that seek to help people realize their rights to food, health, employment etc., and once again pointed to the World Bank report that appreciated Aadhaar. Justice Chandrachud said at this point that the existence of a legitimate state interest to introduce Aadhaar does not foreclose the possibility of there being a right to privacy, and pointed to the forced sterilizations of 1975 as one of the worst evils that India has seen.

Mr. Venugopal then contested that while there may be a fundamental right to privacy, it is a qualified right that has many sub-species, all of which will not fall under Article 21. He also contented that something as amorphous as a general right to privacy should not be considered a fundamental right, and requested that the Bench allow him to argue before a smaller Bench that there is no claim of fundamental right involved in the present petition. The Bench reminded Mr. Venugopal that he had earlier insisted on bringing the matter from a five-judge to a nine-judge Bench, as a result of which the present Bench was constituted. Additional Solicitor General Tushar Mehta appearing for UIDAI briefly interjected at this point that he would argue privacy to be an enforceable right, though not a fundamental right. The Bench said will decide on the existence of a fundamental right to privacy in a very detailed judgment for the conceptual clarity of the nation.

This concluded arguments for the day. The hearing will resume tomorrow and the State will continue its submissions.

All Posts | May 03,2017

Supreme Court hears the Aadhaar-PAN case; updates from Day 5

The ongoing challenge in the Supreme Court regarding the linking of Aadhaar for filing of income tax returns, and making it mandatory for PAN, has reached Day 5 when the Union of India continued its arguments. We have been updating details from court proceedings from day 123, and 4 as well.

Day 5 of the hearing began with Dr. Arghya Sengupta laying the following points before the Bench:

  • The doctrine of proportionality is not a facet of Article 14 of the Constitution. It can only be invoked in cases where there is a balancing of rights and restrictions, and Article 14 does not envisage any such balance. Citing the case of K.T. Plantation vs. State of Karnataka, Dr. Sengupta said that the plea of proportionality is subjective by nature and therefore cannot be used to strike down a statute. He further mentioned that proportionality under Article 14 applies only to executive action and not legislative action. A long list of English cases were cited in this regard and to support the argument that in the UK, the doctrine of proportionality is not applied even today. He concluded by saying that the traditional principles of equality followed by Indian judiciary are strong and there is no need to import new principles to this case.

  • There is no absolute right to self determination under Article 21 in India. The state can ask for information from its citizens. Even if we had the right to informational self determination, it cannot be absolute. Further, the conception of privacy prevailing in different parts of the world cannot be incorporated in India. The social and cultural situation has to be assessed before giving meaning to this concept.

  • The safety and security of biometrics as a tool for identification has been studied and analyzed and it has been proven that it is the most fool proof method. He stated that the Aadhaar Act provides privacy protection under Chapter 6 of the Act and under Section 70 of the Information Technology Act, 2000. It was also pointed out that the UIDAI database has never been compromised.

Mr. Zoheb Hossain, Advocate-on-Record, continued the State’s argument. He made the following points:

  • A progressive taxation regime is itself a facet of equality under Article 14. Inclusion of Aadhaar strengthens Article 14 as it eliminates inequality between honest tax payers and individuals avoiding tax and holding multiple bogus PAN cards.

  • Every conduct is not free speech. In the present case, it is speech combined with action and therefore it cannot have protection under Article 19(1)(a). He cited United States vs. David Paul O’Brien to substantiate his argument.

After the state concluded its arguments, Senior Counsel, Mr. Shyam Divan replied from the petitioners’ side. His arguments are as follows:

  • The state has reconciled the voluntary nature of the Aadhaar Act and the mandatory nature of Section 139AA of Income Tax Act to infer that Aadhaar is mandatory. Section 3(1) of the Aadhaar Act uses the word “entitled” and not “obliged”. Section 3(2) says that the enrolling agency shall “inform” enrolling individuals, the manner in which their information shall be used, the nature of recipients with whom the information might be shared, the existence of a right to access information. Section 7 says alternate means of identification is to be provided if Aadhaar is not assigned. Section 8(2)(a) requires consent of an individual before collection of information. Aadhaar enrolment form also states that its free and voluntary. The Aadhaar Authentication Regulation number 6 states that consent of Aadhaar holder is required for authentication. The proviso to Section 57 states that the section is subject to the procedure and obligation under Section 8. The aforementioned sections establish the voluntary nature of Aadhaar as provided in the Act itself. Further, the absence of any sanctions in the Act for non compliance reinforces this fact. Mr. Divan pointed out that the UIDAI website itself claims that Aadhaar is voluntary.

  • Replying to the Attorney General’s argument that Aadhaar act cannot be struck down for lack of legislative competence, Mr. Divan pointed out that there are implied limitations to legislative competence. One of the implied limitations is that the state cannot coerce people to part with their biometric data. We are long past slavery and servitude. He further mentioned that the trajectory of the state’s arguments will create a chilling effect. He emphasized the enormous threat to civil liberties in the present case and prayed to the court to pass interim orders, in case the matter is referred to a larger bench.

Senior Counsel, Mr. Arvind P. Datar continued arguing for the petitioners’ made the following point before the court rose for the day:

  • The Aadhaar Act fails on the aspect of legislative competence. The Supreme Court has passed various orders saying Aadhaar is voluntary and nobody can be forced to enrol under it. The state has repeatedly defied these orders. On the assumption that there’s no Supreme Court order, even then Aadhaar Act and Income Tax Act have to be harmoniously construed, which means that Section 139AA of the IT Act has to be read down.

The hearing in the present matter will be concluded tomorrow with Mr. Datar finishing his final arguments.