Certain provisions in the Aadhaar Act featured prominently in the litigation, they may do so again in the judgment to be pronounced on Wednesday.
Section 3(2)
The Bench had kept questioning the Unique Identification Authority of India (UIDAI) and the government on the strict implementation of this provision while collecting personal data.
The provision mandates that an enrolling agency shall, at the time of enrolment, inform the individual the manner in which the information shall be used; the nature of recipients with whom the information is intended to be shared during authentication; the existence of a right to access information, the procedure for making requests for such access and details of the person or department in-charge to whom such requests can be made.
Section 7
This section has been the focal point of the Aadhaar litigation. It mandates that individuals should either produce Aadhaar or his Aadhaar enrollment number to access social services, subsidy, benefits, etc, whose funds are drawn from the Consolidated Fund of India. The government had issued 139 notifications, all under challenge, requiring Aadhaar for getting services.
Section 28
A major source of concern with the court was the issue of protection of information collected through Aadhaar.
Section 28 (1) mandates that the authority shall ensure the security of identity information and authentication records of individuals.
They shall ensure confidentiality of identity information and authentication records of individuals. The Act mandates the authority to take all necessary measures to ensure that the information in the possession or control of it, including information stored in the Central Identities Data Repository, is secured and protected against access, use or disclosure even if it is accidental or intentional loss, destruction or damage.
Section 29
Finally, Section 29 (1) puts the onus on the UIDAI that no core biometric information, collected or created under the Act, shall be shared with anyone for any reason whatsoever; used for any purpose other than generation of Aadhaar numbers and authentication under this Act.
Other identity information, other than core biometrics, collected or created under this Act may be shared only in accordance with the provisions of the statute.
The court had reflected on Section 29 (3) which requires that no identity information available with a requesting entity shall be used for any purpose, other than that specified to the individual.
Section 57
State, body corporate or person can request for Aadhaar, but in consonance with a law or to a contract to that effect. It is this provision that gives statutory support to mobile companies, private service providers to seek individuals' Aadhaar card for identification purposes.
