On an auspicious day of Tuesday, 21 August, Delhi High Court (HC) had issued notice to world’s largest biometric ID system — Aadhaar’s issuing body Unique Identification Authority of India (UIDAI) as well as the central government of India on a petition alleging that the fundamental right to privacy of all Indians with an Aadhaar card has been violated because of Aadhaar data breaches that occurred on numerous occasion. And, with this the petition accepted by Delhi HC becomes India’s first ever data privacy suit.
The petition filed alleged a violation of the fundamental right to privacy as guaranteed under Article 21 of the Constitution and, as affirmed in one of earlier court case, due to Aadhaar data breaches.
A bench of justices S Ravindra Bhat and Anu Malhotra issued notice and sought reply of the authorities on the plea which also urged the court to direct the Centre to either allow people to opt out of the system or delete the entire existing UIDAI data in view of the security breaches.
The bench has instructed — the UIDAI, Union of India, National Informatics Centre, and Ministry of Communications and IT — to submit their response within the next six weeks.
The bench listed the matter for further hearing on November 19.
Although there were numerous occasion when it was evidently proved that Aadhaar biometric system is not at all safe and nor maintained securely by its statutory authority UIDAI or Ministry of Electronics and Information Technology (MeitY), govt. of India. But because of embedded journalism, neither mainstream media nor common citizen had so far filed a petition for consistent privacy breach hapenning through over-glorified Aadhaar cards issued to 1.05 billion people till September 2016.
What Does the Petition Asks –
The petition asks the Delhi High Court to do the following:
- Direct the authorities to reveal the number of data breaches since the inception of the Aadhaar programme, along with details of how Basheer’s own data has been compromised.
- Appoint an independent investigative/audit committee to investigate all breaches.
- Appoint a neutral ombudsman/verification authority for addressing complaints relating to Aadhaar or other data breaches as well.
- Direct the authorities to provide the option of opting out of the Aadhaar system.
- Award exemplary damages for the failure to adhere to security practices, so as to deter the government and authorities like the UIDAI from being negligent with the rights of citizens again
- In the alternative, direct the Centre to delete all existing Aadhaar numbers.
The petitioner who filed the suit is a Kerala-based lawyer named – Shamnad Basheer, who’s a quite an influential man even before filing the petition else no common men have that much of courage to stand against stubborn and “pro-lynching” government of India the country has today. Besides being an an Indian lawyer, Shamnad Basheer was also a Ministry of Human Resource Development Chaired Professor of Intellectual Property Law at the West Bengal National University of Juridical Sciences, Kolkata, and the Frank H. Marks Visiting Associate Professor of Intellectual Property Law at the George Washington University Law School.
Speaking to The Quint, Basheer said that the court’s decision was a very welcome one, since the judges had rejected the UIDAI’s attempt to conflate this case with the challenge before the Supreme Court, recognising that redressal of security breaches is important.
Basheer also the founder of SpicyIP blog, which is one of India’s leading blogs on intellectual property (IP) and innovation law/policy.
[Top Featured Image – arvin febry]