Guest Post: The Legality of Aadhaar Seeding for Social Security Purposes

[This is a guest post by Yajat Kumar.]

A Circular (“The June Circular”) issued by the Employees Provident Fund Organisation (“EPFO”) dated 1st June, 2021 mandated the seeding of Aadhaar with the Universal Account Number (“UAN”) which is generated under The Employees Provident Fund and Miscellaneous Provisions Act, 1952 (“The EPF Act”). Whenever contributions, under the EPF Act are made in respect of the employees an Electronic Challan-Cum-Receipt (“ECR”) is generated which serves as a proof of deposit of the Provident Fund in their accounts. If the said ECR is not generated, then the employers have to suffer the consequences of non-deposit of dues in the form of damages. So, the onus, directly or indirectly, is upon the employer to make sure their employees’ UAN is seeded with Aadhaar and to further file the ECR for the UAN. The June Circular was issued in pursuance to a notification by the EPFO dated 30th April, 2021 which put into force section 142 of the Code on Social Security,2020 (“The Code”). While the four Labour Codes are unlikely to be implemented before the next fiscal year, the reasons cited by the EPFO in implementing the section in an isolated manner were “to collect Aadhaar details for the database of beneficiaries under various social security schemes” and the “creation of social security fund for providing comprehensive social security to the unorganized sector.”

The June Circular, however, read along with section 142 of the Code, in using the term “mandatory” for seeding Aadhaar with UAN seems to go contra tothe judgement of K.S. Puttaswamy (Retd) & Anr. v. Union of India & Ors (“Aadhaar 5J”). To this end, I shall be probing the following two questions in this piece- 1) Whether Section 142 can be implemented independent of the Code, and can it inter alia form the basis of seeding of the UAN with Aadhaar? And, 2) Whether the June Circular issued by the EPFO (read along with section 142) is constitutionally valid with respect to the Aadhaar 5J judgement?.

Maintainability of Independent Application of Section 142 of CoSS, 2020

Section 142 of the Code reads as follows-

“142. (1) An employee or unorganised worker or any other person, as the case may be, for— (a) registration as member or beneficiary; or

(b) seeking benefit whether in kind, cash or medical sickness benefit or pension, gratuity or maternity benefit or any other benefit or for withdrawal of fund; or

(c) availing services of career centre; or

(d) receiving any payment or medical attendance as Insured Person himself or for his dependants,

 under this Code or rules, regulations or schemes made or framed thereunder, shall establish his identity or, as the case may be, the identity of his family members or dependants through Aadhaar number and for such purpose the expression “Aadhaar” shall have the meaning as defined in clause (a) of section 2 of the Aadhaar (The Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016:

Provided that any foreigner employee shall obtain and submit Aadhaar number for establishing his identity, as soon as possible, on becoming resident within the meaning of clause (v) of section 2 of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016.

(2) For the purposes of sub-section (1), the Aadhaar number issued to an individual shall be in accordance with the provisions of section 3 of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016.”

At the very outset, a plain reading of the proviso (d) of the subsection 1 of the section, “under this Code or rules, regulations or schemes made or framed thereunder” makes it clear that the section seeks to make Aadhaar imperative to establish the identity of the concerned member and the identity of his/her family members or dependents. This is only possible, under the proviso’s pursuance, once the Code is made applicable on the whole. Also, on applying the Literal Rule of Interpretation, it is pretty much self-explanatory that the term “Under this Code” envisages the provisions of the section to operate only when the Code has been implemented and not independent of it since the section’s very existence depends upon the applicability of the Code.

Secondly, a Gazette notification dated 3rd May, 2021 enumerates that the section has been made effective in pursuance to the provisions under sub-section 3 of section 1 of the Code read along with section 14 of The General Clauses Act, 1897 (“The GCA”). Section 1(3) of the Code provides for bringing into effect different provisions of the Code on different dates while being facilitated, with respect to Section 142, by section 14 of The GCA which, in turn, provides that if a power is conferred by a Central act or regulation, then that power can be exercised from time to time, unless there is a different intention on the part of the legislature. While this provision does seem to offer a plausible explanation for the above lacuna, but the Supreme Court (SC) in the case of Sri Nasiruddin vs State Transport Appellate Tribunal has held that section 14 of The GCA cannot have any application if a different intention, other than the one currently assumed, appears in any other part of the statute. Here, as discussed above, clause (d) of sub-section one envisages the seeding of Aadhaar to be done “under the code or rules, regulations or schemes made or framed thereunder” and not as an excluded provision which would, inextricably, have an application without other interlinked provisions such as section 113 of the Code (in this section, the term “Aadhaar” for the purpose of registration of unorganized, gig or platform workers is derived from section 142 only). This, clearly, does not appear to be the intention of the legislature.

Further, on a simple reading of Section 142, no responsibility is fixed upon the employer to seed the Aadhaar with UAN but rather upon the employees/ beneficiaries for taking benefits under the provisions of the Code, and not under the provisions of the EPF Act. Ergo, while issuing the June Circular, the EPFO has completely misread Section 142 of the Code.

If section 142 is allowed to be constructed vis-à-vis the convoluted language of the aforementioned circular, it would absolutely deflect the purpose of the code. This discrepancy not only makes this section obsolete, but also in contravention to the very objective of “extending social security to all employees and workers either in the organised or unorganised sector”.  Cues, in this case regard, can be taking from the writings of Maxwell who has talked in length about the consonance between the object and the law- “When a law is non-sequitur to its intent, it is liable to be struck down” (Maxwell on Interpretation of Statutes, 11th Edn, p. 221). One can also find a similar obiter in A. Ram Mohan vs State of Madras, “When the language is plain and unambiguous and admits of only one meaning, no question of construction of a statute arises, for the Act speaks for itself”(para 22). Hence, if the section has to be implemented it can only come into force with the Code (much less the rules) and cannot exist in vacuum.

Checking the conduciveness of Mandatory Seeding against the tests laid down under the Aadhar 5J judgement

As argued above, the interim enforcement of section 142 sans the Code would not be maintainable in the court of law, but even if- for argument’s sake the above legal caisson is set aside, there still exists the bigger question of constitutionality of the section (read along with the June Circular) under the Aadhaar 5J judgement. Now, I will look into the validity of mandatory Aadhar seeding with respect to Employees Provident Fund and Pension Scheme. Even though the same UAN number would be used to access both of the aforementioned schemes, but it is necessary to look at both of them through a differential perspective in accordance with the tests laid down under The Aadhaar 5J Judgement.

First Point of Contention

The contours surrounding the applicability of linking of Aadhaar with EPF has seen a sea-change over the years. Initially, in K.S Puttaswamy & Anr. v. UOI & Ors, (2015), The SC had observed that “The Aadhaar card Scheme is purely voluntary and it cannot be made mandatory till the matter is finally decided by this court one way or the other.” In pursuance of this, major modifications were made by the court in Aadhaar 5J. It observed-

“No doubt, the government cannot take umbrage under the aforesaid provision to enlarge the scope of subsidies, services and benefits. ‘Benefits’ should be such which are in the nature of welfare schemes for which resources are to be drawn from the Consolidated Fund of India

We also make it clear that a benefit which is earned by an individual (for example, pension by a government employee) cannot be covered under Section 7 of the Act, as it is the right of the individual to receive such benefit” (paras 321-322)

Now, Section 7 of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 (“The Aadhaar Act”) provides that individuals should produce their Aadhaar card or Aadhaar enrollment number for the purpose of accessing social services, subsidies, benefits etc., the funds of which are drawn from the Consolidated Fund of India. Here, the court examined and clarified the ambit of the term ‘benefits’, along with ‘services’ under section 7 of the Aadhaar Act. It observed that the term ‘Service’ which, ordinarily includes provisions and facilities provided to an individual, should not be constructed in such a manner that a person is denied a benefit on non- production of the Aadhaar which he/she is otherwise entitled to (see para 322). So, ‘Benefits’ should include any, or all social welfare schemes whose funds are extracted from the Consolidated Fund of India (this being read ejusdem generis with ‘subsidies’).

Section 6 of The EPF Act says that the contributions payable by the employee is 12 per cent of basic wages (which is inclusive of dearness and retaining allowances). An equal contribution is remitted by the employer as well. It is essential to note that the expenditure paid thereof is not, in any way, taken from the Consolidated Fund of India or any other governmental purse and is a benefit which is rightfully earned by the employer himself. Likewise, the benefits provided under sub-clauses 1(b) and 1(c) of Section 142 such as pension, gratuity, maternity leave; and any payment or medical attendance for an insured individual or his dependents- are also not covered under the expenses withdrawn/retrieved under The Consolidated Fund.  Hence, the June Circular read with section 142 of the Code for these purposes has flouted the court’s guideline concerning the implementation of the Aadhar Scheme and is squarely violative of not only the principles of natural justice, but also of articles 14, 19(1)(g), 21 and 300A of the Indian Constitution.

It is also pertinent to note that under The Atmanirbhar Bharat Rojgar Yojana (“ABRY”), the Central Government will pay the PF share of employer and employees who lost their jobs due to Covid-19 and were called back to small scale jobs in the formal sector (registered under EPFO) till 2022. While this is a commendable step, it will again, seamlessly require mandatory Aadhaar-UAN linkage. Reference here can be taken under the case of Binoy Viswam vs Union of India and Ors, where the court had to deal with a similar issue of mandatory seeding of Aadhaar with PAN number under section 139AA of the Income Tax Act,1961 for filing income tax returns. While holding up the validity of the same, it observed that since all income tax assesses constitute one class only so they are to be treated alike. The ratio of this case, however, will not be applicable here because the fact remains that a separate nexus cannot be created by the government only for some individuals under a ‘temporary’ scheme while excluding others not eligible under the aforesaid. There cannot be any differential treatment solely on the basis of extending ‘benefits’ to a class of people who will be seeding Aadhaar with their UAN solely because they are a part of a scheme which is due to tentatively expire next year. Article 14 of Indian Constitution forbids class legislation, but does not prohibit reasonable classification for the purpose of legislation. Government cannot create ‘a class-within-a class’ under the garb of denying benefits to the deserving working class. Hence, the government cannot impose Aadhaar on the beneficiaries of ABRY under the ‘consolidated fund’ argument.

Second Point of Contention

The pension which an employee receives under The Employee’s Pension Scheme, 1995 is mostly made up of contributions by the employer and the employee, but some portion (1.16 percent) is also remitted by the central government. While the amount is surely derived from the Consolidated Fund of India and falls in consonance with this line of reasoning (as contained in the judgement), Aadhaar 5J also talks about a much bigger purpose of “plugging the leakages and ensure that fruits of welfare schemes reach the targeted population, for whom such schemes are actually meant” and also highlights that the “Government seems to be sincere in its efforts to ensure that no such exclusion takes place and in those cases where an individual who is rightfully entitled to benefits under the scheme is not denied such a benefit merely because of failure of authentication.”(see para 318)

This was opined because, after all, such laws are social security measures- made primarily for the benefit of workmen. With that said, a huge chunk of workers in our country do not even have an Aadhaar Card because of which many employers are being pressured to not employ them – and this does not even consider the number of migrant workers who are unable to arrange proper documents for the purpose of seeding, or the mismatch between the Aadhaar data and UAN data of the employees which leads to mechanical rejection by the  Unique Identification Authority of India’s(“UIDAI”) software (which does not even generate OTP most of the time!). This may deprive the employees from availing benefits under schemes such as ARBY and insurance linked-aid under Employees’ Deposit-Linked Insurance Scheme, 1976 (EDLI).

Consequently, when the EPF contributions of such members are deposited late, the employer will be penalized for late payment of contribution, and interest and damages will be levied.  Since EPF contribution is not paid in time for such members, employer cannot get necessary tax benefit because of late payment. Imposing arbitrary deadlines and the stringency on part of the EPFO to not create any other means of depositing the dues except the UIDAI portal is, only for the sake of contributing a minute token-sized percentage (1.16%) of contribution in the pension fund, is unwarranted (especially when there not fault on part of both- the employer and the employee). It is therefore, in pursuance to the spirit of Aadhaar 5J, it is imperative on the part of the EPFO to create alternate arrangements for vitiating the hardships faced by the vulnerable workforce during these trying times.


The Delhi High Court(HC) in the case of Association of Industries and Institutions v Union of India has granted extension with regard to the employees whose seeding exercise is yet to begin till 30th November, 2021 and has directed that no coercive action is to be taken against the employees with respect to employment and benefits under ABRY and against the employers with respect to sections 14B(damages) and 7Q(interest) under The EPF Act. The Delhi HC is yet to decide the validity of the June circular against the Aadhar 5J judgement. Whatever be the final judgement of the court, it is surely set to alter the contours of UIDAI verification and social security jurisprudence of India.

Revisiting the Aadhaar Judgment

[Editorial Note: Justice is an indivisible concept. We cannot, therefore, discuss contemporary Supreme Court judgments without also acknowledging the Court’s failure – at an institutional level – to do justice in the case involving sexual harassment allegations against the Chief Justice. This editorial caveat will remain in place for all future posts on this blog dealing with the Supreme Court, until there is a material change in circumstances.]

It has been more than a year since the Supreme Court’s judgment in  K.S. Puttaswamy v Union of India (II) [“the Aadhaar Judgment”], which was delivered on September 26, 2019. The intervening period has seen some legislative developments – for example, resurrecting the use of the Aadhaar database by private parties, which had been struck down by the Court. It has seen the promise of fresh laws (such as the Data Protection Act, which – it is rumoured – will be placed before Parliament in the winter session). It has also seen the proposed extension of the Aadhaar programme (for example, mandatory linking of voter IDs), as well as other legislative proposals involving the collection and use of personal data (facial recognition systems, DNA profiling, and so on).

It is therefore important to revisit the Aadhaar Judgment, and determine what, precisely, the Supreme Court held in that case. While the judgment is widely known for having upheld the constitutionality of the Aadhaar programme while also limiting its scope in certain important respects, it was also the first time the Supreme Court dealt with the intersection of contemporary data collection, storage, and use practices, and fundamental rights. The principles that emerge out of that discussion, therefore, have a significance that goes beyond the specific holding in that case.


To understand clearly what is at issue, let us begin with certain conceptual distinctions. The Aadhaar Judgment involved three levels of analyses: (i) an analysis of facts involving the Aadhaar programme; (ii) an analysis of applicable legal and conceptual standards; (iii) and an application of those standards to the facts (in order to determine whether and to what extent the Aadhaar programme passed constitutional muster). On this blog, in the aftermath of the judgment, a group of us analysed (i) and (iii) in some detail, and criticised the Court on both counts. The Court’s decision to uphold the Aadhaar programme, we argued, was premised on a wrong understanding of facts, and a wrong application of legal standards to those wrongly-determined facts. In this post, I intend to bracket those two questions, and complete the analysis be examining issue (ii) in some detail: i.e., the legal standards themselves.

I will argue that if we read the Aadhaar Judgment along with the nine-judge bench decision that upheld privacy as a fundamental right in K.S. Puttaswamy v Union of India (I) [“the Privacy Judgment”], certain important principles emerge (and on these principles, both the majority and Chandrachud J.’s dissenting opinion were in broad agreement). In summary, the Supreme Court held that (i) the collection, storage, and use of data in a manner that enables profiling is unconstitutional, (ii) data minimization, purpose limitation, and limited data retention are integral to any legislation or executive act involving data collection; (iii) use by private parties of the Aadhaar database is forbidden; and (iv) in testing the constitutionality of any specific measure that infringes the right to privacy/involves data collection and processing, the proportionality standard is applicable. This standard places an evidentiary burden upon the government to justify both the rationality of the measure, as well as its necessity (i.e., no alternative measures that infringe rights to a lesser degree are available).

The Role of Facts and Law

To understand the holding of the Supreme Court in the Aadhaar Judgment, it is important to begin with the main grounds of challenge. As indicated above, the Aadhaar challenge involved a set of legal claims, based upon a set of factual assertions. Relevant for our purposes here were the contentions that (i) Aadhaar enabled a surveillance State by allowing the government to track individual transactions through the authentication mechanism, (ii) Aadhaar enabled profiling by allowing the merging of data silos, (iii) the data collection was excessive and breached the right to privacy, (iv) Section 57, which private parties’ access to the database, breached the principle of purpose limitation, and also enabled commercial surveillance.

It is of vital importance to note that the Aadhaar Judgment rejected none of the petitioners’ legal claims; rather, to the extent that the Court found against the Petitioners, it did so because it disagreed with their factual arguments, while agreeing with the legal claims (and it was those findings that we criticised last year on this blog). In other words (to take one example), the Court found that the Aadhaar programme did not allow for the merging of data silos; however, it becomes clear from a reading of the judgment that had it been the case that the merging of data silos was allowed, the Court’s conclusion would also have been different.


So: on the first contention (surveillance), the Court found on facts that, among other factors, the legal prohibitions upon the sharing and disclosure of core biometric data, sharing of e-KYC data only with user consent, no transmission of identity information back to the Requesting Entity, and the retention of authentication logs only for a short period, precluded the possibility of State surveillance. In addition, the Court found on facts that the merging of data silos was prohibited, the data collection at the time of enrollment was minimal (fingerprints and iris), and the Authority was purpose blind. Consequently, the Court specifically held that we are of the view that it is very difficult to create profile of a person simply on the basis of biometric and demographic information stored in CIDR.”

Data Protection and Privacy: Principles of Data Minimisation, Purpose Limitation, and Safeguards

On the issue of data protection and privacy, the Court specifically observed that “the crucial requirements, which are indicative of the principles for data protection that India adheres to, inter alia include… information collected shall be used for the purpose for which it has been collected [“purpose limitation”]… Body corporate or any person on its behalf shall, prior to the collection of information, including sensitive personal data or information, provide an option to the provider of the information to not to provide the data or information sought to be collected … Disclosure of sensitive personal data or information by body corporate to any third party shall require prior permission from the provider of such information, who has provided such information under lawful contract or otherwise, unless such disclosure has been agreed to in the contract between the body corporate and provider of information, or where the disclosure is necessary for compliance of a legal obligation.” (paragraph 166)

In this context, the Court’s discussion of case law from the European Union was particularly illuminating. The Court discussed judgments such as Marper, where the storage of DNA profiles had been struck down because of their “blanket and indiscriminate nature” (paragraph 178) (in particular, failing to distinguish between suspects and convicts); Digital Ireland, where an EU Directive that enabled profiling without any temporal or spatial limits; Tele2, where metadata collection was struck down because it violated the data protection principles referred to above (again, it was indiscriminate in nature, and affected individuals without any probable cause of suspicion). The Court concluded by noting that “it is evident from various case laws cited above, that data collection, usage and storage (including biometric data) in Europe requires adherence to the principles of consent, purpose and storage limitation, data differentiation, data exception, data minimization, substantive and procedural fairness and safeguards, transparency, data protection and security. Only by such strict observance of the above principles can the State successfully discharge the burden of proportionality while affecting the privacy rights of its citizens.” (paragraph 187) It will be noted that these are the exact principles that the Court held operated in India as well; European case-law, thus, is heavily persuasive authority on this issue.

The Court then went on to specifically analyse the provisions of the Aadhaar Act on the touchstone of these principles. It held that “data minimization” was satisfied because the information collected was minimal, and the nature of the transaction or the individual’s location was not revealed during authentication; at the same time, the Court invalidated the storage of any form of metadata other than “process metadata”, in order to meet the requirements of data minimization; it also held that “purpose limitation” was satisfied because certain definitional provisions had been read down – and – critically – Section 57, which allowed private parties to use the database under cover of any “law or contract” had been struck down (as would be done later in the judgment); on data retention, the Court restricted the time period for which the data could be stored to six months.

On both counts, the petitioners made a specific argument that there were insufficient safeguards under the framework of the Act with respect to data sharing, as – in particular – the police could gain access to the database. The Court answered this by holding that these concerns were assuaged by (a) reducing the period of data retention to six months, (b) requiring that if through a judicial order any individual’s information was to be shared, that person would have to be given a hearing (under S. 33 of the Act); in particular, and crucially, the Court noted that “there is a reasonable presumption that the said court shall take into consideration relevant law including Article 20(3) of the Constitution as well as privacy rights or other rights of that person before passing such an order.” (c) sharing of information that did not go through a judicial process (such as in cases of national security under S. 33(2)) was invalid, and a judicial member would have to be added to the decision-making authority; and that Section 57 had been struck down (paragraph 220).

Data Silos

Thirdly, on the aspect of the integration of data silos, the Aadhaar Judgment noted that in the Privacy Judgment, it had clearly been held that isolated information silos, when aggregated, could enable profiling (paragraph 232); as indicated above, the Court found that as a matter of law silos remained integrated, and were not permitted to be aggregated.

As an overall point, the Court held additionally – while addressing the privacy claim – that as part of the balancing process, the expectation of privacy in biometrics and irises was relatively low (as opposed to, for example, medical data); thus, overall, data collection remained “minimal”, and that this helped tip the balance of rights in favour of Aadhaar. (paragraphs 295 – 297, 308)


Fourthly, moving on to specific challenges beyond the Aadhaar Act, the Court upheld the mandatory linking of Aadhaar with PAN, but struck down linking with bank accounts and SIM cards. In each case, the Court’s rationale was founded on the question of whether the government had managed to discharge its evidentiary burden under the proportionality standard (i.e., demonstrating a legitimate State aim, a rational connection between the measure and the aim, that the measure was least restrictive with respect to fundamental rights as compared to all other alternatives, and finally, that on balance, it was proportionate). On the issue of PAN Cards, it held that the government had demonstrated with “empirical data” that as Aadhaar was a unique identifier, it could deal with the problem of bogus or duplicate PAN cards (paragraph 421, 423); on the other hand, as far as bank accounts were concerned, the Court specifically held that “that it does not meet the test of proportionality and is also violative of right to privacy of a person which extends to banking details.” (paragraph 429); importantly: “under the garb of prevention of money laundering or black money, there cannot be such a sweeping provision which targets every resident of the country as a suspicious person. Presumption of criminality is treated as disproportionate and arbitrary.”

The Court went on to hold that the State had not even demonstrated how mandatory linking would solve the problem of black money, and why alternative methods of KYC were insufficient; mere “ritual incantation” of black money would not suffice under the proportionality standard (paragraph 434), in a world in which maintaining a bank account had become “almost a necessity” (paragraph 435); rather, “there should have been a proper study about the methods adopted by persons who indulge in money laundering, kinds of bank accounts which such persons maintain and target those bank accounts for the purpose of Aadhaar. It has not been done.”

And the Court returned a similar finding on the issue of SIM cards, noting that “for the misuse of such SIM cards by a handful of persons, the entire population cannot be subjected to intrusion into their private lives. It also impinges upon the voluntary nature of the Aadhaar scheme. We find it to be disproportionate and unreasonable state compulsion.” (paragraph 442)

The Legal Standards

In summary, therefore, the Aadhaar judgment proceeded in this way: the Supreme Court accepted the Petitioners’ constitutional tests for adjudicating the validity of the Aadhaar programme. It found that parts of the Aadhaar programme were compliant with these tests, and parts of it were not. At some places, the Court found that compliance was possible if certain provisions were read down, or interpreted narrowly. At other places, it found that it was not possible – and those provisions were struck down. When we read this holistically, and in view of the Privacy Judgment, the following principles (as indicated above) emerge:

  • Profiling is unconstitutional. Consequently, aggregation of data silos that enables profiling is also unconstitutional. The “360 degree view” of citizens that certain states and police departments have proclaimed as a matter of pride, is not permitted under law.
    • As a corollary, collection and storage of metadata that enables profiling is also unconstitutional.
  • Purpose limitation is mandatory for data collection. In other words, if law enables data collection for “x” purpose, it cannot then be stored/used for any purpose other than X.
    • Two important corollaries follow from (a) and (b). First, the Aadhaar database cannot be accessed by other bodies (for example, the police). Not only would this breach both (a) and (b), it would also – in this specific case – breach the right against self-incrimination (it is for this precise reason that the Court insisted that sharing of information could only be done through a specific and individual judicial order, or an order involving a judicial member).
    • Secondly, laws for data collection cannot be framed in generic or open-ended terms. They must categorically specify the purpose for which data is collected (and will be stored and used), and their constitutionality will be judged on that count.
  • Private parties are not authorised to access the Aadhaar database. This becomes important in light of the fact that after the judgment, an ordinance – and then a law – was passed just to allow this. This law is unconstitutional. It may be argued that there are parts of the judgment that suggest that the only part struck down in Section 57 was the part that allowed access even through a “contract.” This argument cannot succeed. The Aadhaar Judgment is clear on more than one occasion that the part involving body corporates is the one that is struck down – law or contract notwithstanding. There are three further reasons why this interpretation is correct: first, the fact that clearly the database should not be made accessible purely through a contract was not the only reason why the Court found Section 57 unconstitutional. Section 57 was also struck down because it violated purpose limitation – and the distinction between law and contract is agnostic in that regard; secondly, the Court upheld the Aadhaar Act as a money bill on the basis (inter alia) that it had already struck down Section 57 (and that the rest of the Act was substantially a money bill). Obviously, this could not have been the case if only a part of Section 57 had been struck down – the procedural flaw would have remained in that case; and thirdly, the Court struck down Section 57 because it enabled commercial surveillance – another point that is agnostic about the difference between law and contract.
  • Any law requiring data collection must satisfy the principle of proportionality. This principle requires the government to demonstrate the necessity of the collection, through concrete evidence. (for example, if the government wants to mandatorily link Aadhaar with Voter IDs, it must demonstrate the factual necessity for it, and also that alternative methods of “de-duplication” are insufficient). Crucially, data collection cannot be blanket – that is, if the goal is to identify a specific instance of wrong-doing or prevent crime (in policing), the State cannot achieve that by blanket and indiscriminate data collection, that fails to distinguish between those against whom there is probable cause of suspicion, and against whom there is not. In other words, data collection statutes must be specific and targeted.
    • The period of data retention also speaks to the proportionality of the measure. Retaining data for an excessive period renders the measure disproportionate.
  • The greater the reasonable expectation of privacy in the data in question, the higher the burden of justification upon the State. In the Aadhaar Judgment, the Court held that the expectation of privacy in biometric details and iris scans was low. However, for any other species of data, (for example, DNA), the analysis will have to be undertaken afresh.


As we pointed out at the time of the judgment, there are some serious doubts over the Court’s analysis of facts, and application of law to the facts, throughout the course of the verdict. Those doubts remain. However, while issues of that kind are specific to the judgment – and to the constitutionality of Aadhaar – the interface between technology and fundamental rights obviously is not. It is here that the legal standards evolved by the Court in the Aadhaar Judgment are important, because is they – and not the concrete, fact-specific holding on the constitutionality of Aadhaar – that will provide the constitutional framework within which future disputes will be litigated. In this post, I have attempted to show that on that question, the Supreme Court articulated – and accepted – a rigorous and privacy-protective set of legal standards. A correct application of those standards would invalidate – or at least, throw into serious doubt – the government’s plans for open-ended data collection (under the guise of anodyne terms such as “data is the new oil), facial recognition tenders, and indiscriminate DNA profiling; most importantly, these standards provide a crucial yardstick from which to judge the adequacy of the Data Protection Act that is eventually passed by Parliament. Any such legislation – it hardly needs reminding – must comply with these standards, as they are grounded within the Constitution. In other words, the soon-to-come statutory landscape of data protection in India must adhere to the constitutional framework that has been traced out above.

The Afterlife of the Aadhaar Dissent: The Jamaican Supreme Court Strikes Down a National Biometric Identification System

Justice Charles Evan Hughes’ famous aphorism, that a dissent is an “appeal to the brooding spirit of the law, to the intelligence of a future day”, has passed into legend. It was famously invoked by Justice H.R. Khanna, while concluding his dissent in the Habeas Corpus case. But sometimes, a dissent is not limited to a footnote in the judicial lore of a nation, waiting for the years to pass by until the “intelligence of a future day” dawns. Sometimes, like the swallow flying south, a dissent becomes part of the global migration of ideas. It finds fertile soil far from home, there to bloom into the full richness that it has been denied in its own native environment.

Earlier this week, the Supreme Court of Jamaica struck down the Jamaican National Identification and Registration Act [“NIRA“]. The NIRA was a law that mandated the collection of biometric information from all Jamaican residents, and its storage in a centralised database. The similarities with Aadhaar are immediate and clear, and indeed, a substantial part of the judgment(s) were focused on comparisons between NIRA and the Aadhaar Act, and the Indian Supreme Court’s judgment in Puttaswamy. And what is striking about the judgments of Chief Justice Sykes and Justice Batts is that, after a detailed and painstaking engagement with Puttaswamy, both judges held that, on multiple counts – on the application of the proportionality standard, on the articulation of freedom and privacy, on the dangers of centralised databases, and on the shape and design of data protection frameworks, it was Chandrachud J.’s dissenting opinion that was persuasive, and deserved to be followed. The NIRA, accordingly, was struck down as unconstitutional.

NIRA: Similarities and Differences with Aadhaar

As the sketchy description outlined above indicates, NIRA and Aadhaar bear substantial similarities. Indeed, these similarities went beyond the collection and storage of biometric information, and extended to the design of the enactments: like Aadhaar, NIRA established a centralised database [“NCID“], a centralised authority to deal with collection and storage, contained provisions for private party access, had provisions for when data could be accessed, and so on. Furthermore, the justifications offered by the State were remarkably similar: preventing and eliminating crime, preventing corruption (FATCA was cited as well!), streamlining delivery of benefits, facilitating ease of identification, and so on.

At the same time, however, there were some substantial formal differences between NIRA and Aadhaar (why I use the word “formal” will become evident immediately hereafter, to anyone familiar with how Aadhaar actually works in practice). First, enrolment under the NIRA was legally mandatory, on pain of criminal sanctions; secondly, information collected under NIRA was substantially more than that collected under Aadhaar (it included blood samples, for example); and thirdly, third parties had formal access to the database under NIRA.

The judgment(s) of the Jamaican Supreme Court made much of these differences between NIRA and Aadhaar to argue that criminalising non-compliance was disproportionate, that the information taken did not comply with the principle of data minimalism, and that the access of third parties raised constitutional concerns of the privacy and security of the data. What is remarkable, however, is that despite finding these substantial formal differences, and despite finding that the Indian Supreme Court had read down the Aadhaar Act in significant ways (for example, by holding that in case of an authentication failure, an individual was entitled to present an alternative identification), the Jamaican judges still went on to follow, in granular detail, the judgment and reasoning of Chandrachud J.

Justice Batts and the Primacy of Choice

I begin with Batts J.’s judgment, because of its focus on one straightforward and clear principle, which was also at the heart of Chandrachud J.’s dissent: the primacy of individual choice in a constitutional democracy, and how meaningful choice is at the heart of any understanding of human freedom. The “choice”, in this case of course, involves the right of the individual to choose how to identify herself to the State, from among a range of reasonable alternatives.

After summarising the holding of the Aadhaar Majority, Batts J. cited some of the opening words of Chandrachud J.’s dissent, about how technology was reshaping the relationship between citizens of the State. He then went on to cite the core of Chandrachud J.’s reasoning in great detail, because: “his decision is sufficiently important, and so reflective of my own views, that I will outline the details.” (para 337) In particular, Batts J. cited Chandrachud J.’s views on private party usage, the failure of the State to demonstrate that less intrusive means would not work, the merging of data silos, the doctrine of unconstitutional conditions (paragraph 339), and the general presumption of criminality that entailed nationwide biometric collection (paragraph 340). In closing, he noted that:

In words, which I respectfully wish to adopt as my own, the learned Judge [i.e., Chandrachud J.] summarised the overall constitutional failings of the Aadhaar scheme thus … ‘the technology deployed in the Aadhaar scheme reduces different constitutional identities into a single identity of a 12-digit number and infringes the right of an individual to identify herself or himself through a chosen means. Aadhaar is about identification and is an instrument which facilitates a proof of identity. It must not be allowed to obliterate constitutional identity.'” (paragraph 341)

On this basis, Batts J. therefore held that:

The [NIRA] Act proposes to compel persons to divulge information personal to them. It is the right to choose, whether or not to share personal information, which individual liberty in a free and democratic state jealously guards. The mandatory nature of the requirement as well as the breadth of its scope, and the absence of a right to opt out, are not justified or justifiable in a free and democratic society. If it is intended to prevent corruption or fraud, then it is premised on the assumption that all Jamaicans are involved with corruption and fraud. The danger of abuse by the state or its agencies, and the removal of personal choice, outweigh any conceivable benefit to be had by the community or state. (paragraph 349)

This, it will be noted, is squarely applicable to Aadhaar, which has long been mandatory for all practical effects and purposes.

The Chief Justice, Proportionality, and the Surveillance State

The judgment of the Chief Justice was substantially longer (around 250 pages to Batts J.’s 50), and covered more ground. The Chief Justice began with a detailed analysis of the standard of constitutional review under the Jamaican Charter. His discussion is fascinating in its own right, but for our purposes here, the Chief Justice accepted that the relevant standard was that of proportionality, as articulated by the Canadian Supreme Court in Oakes, and of course, the Indian Supreme Court in Puttaswamy. Crucially, however, the Learned Chief Justice noted that:

I am of the view that this approach provides a proper conceptual framework within which to examine NIRA in order to see whether the provisions in that statute meet the standards indicated by the majority in Puttaswamy (September 26, 2018). I must also say that in the application of the standard I prefer the reasoning of Dr Chandrachud J to that of the majority. (paragraph 151)

(For the multiple errors that the Majority made in applying the proportionality standard, see here).

This, the Chief Justice held, was because:

… I am of the view that the strict application of Oakes is the best way to preserve fundamental rights and freedoms. The majority [i.e., in Puttaswamy] appeared to have taken a more relaxed view. The strict Oakes test makes a more granular scrutiny possible by saying that the court must take account of any deleterious effect of the measure being relied on to meet the objective. Thus the greater the severity of the effect the more important the objective must be, furthermore the measure chosen needs to be shown to be the least harmful means of achieving the objective. (paragraph 177)

With these words, the Chief Justice got to the heart of the deficient legal analysis in the Aadhaar Majority. As I have noted previously, the Aadhaar Majority treated the “least restrictive alternative” element of the proportionality standard in an utterly cavalier fashion, refusing to consider relevant facts, and presenting no analysis of the legal burdens involved. For the Chief Justice, on the other hand (and also for Chandrachud J.), it was a critical element of the test, with the burden lying upon the State (especially because relevant information lay with the State). And, in particular:

In the event that the court is of the view that there is a tie then the claimant must prevail for the reason that in constitutional litigation the attitude of the court must be that the right or freedom prevails unless the violation is clearly justified. This approach ensures that the guarantee given by the Charter is maintained. (paragraph 203)

In this context, the Chief Justice went on to find that the State had provided no evidence that mandatory enrolment with criminal sanctions was the least intrusive way of achieving its goal (the Chief Justice distinguished this from Indian Supreme Court proceedings, where the evidence was litigated in some detail). Noting that there was no real evidence about the scale of the existing problems that necessitated this measure, the Chief Justice therefore held that it failed the test of proportionality. (paragraph 228)

After this, the Chief Justice turned to the nature of biometric systems. Here, he began his analysis with the following observation:

For that [i.e., the analysis of biometric systems] I rely on the judgment of Dr Dhananajaya Chandrachud J in Puttaswamy (delivered September 26, 2018). From reading the judgments in this case Dr Chandrachud J, in my respectful view, demonstrated a greater sensitivity to the issues of privacy and freedom that is not as evident in the judgments of the majority or the other judges who delivered concurring judgments. His Lordship had a clear-eyed view of the dangers of a state or anyone having control over one’s personal information and generally I preferred his approach to the issue over that of the other judges. (paragraph 230)

This, of course, is a very polite and respectful way of saying to the Aadhaar Majority, “you just didn’t get it, did you?” And what was it that the Aadhaar Majority didn’t get? Citing paragraphs 120 to 126 of Chandrachud J.’s dissent, the Chief Justice then observed that:

… his Lordship’s major point was that it is one thing to collect biometric data in the context of a criminal investigation and prosecution but quite another to have extensive biometric data collection outside of that context. The reason is that generally there is extensive and detailed provision regarding the collection and use of biometric information in the criminal law context. So far, in the context of general collection of biometric data outside of the criminal law context, it is likely to result in violations of fundamental rights unless there are very strict and rigorous safeguards because once there is a breach of the database the information taken is unlikely to be recovered in full. (paragraph 234)

Even more importantly, the Chief Justice then cited paragraphs 128 to 131 of Chandrachud J.’s judgment, dealing with identification systems, to observe that:

This passage is highlighting the risk of the combined effect of technology with control over data. Unlike the majority in Puttaswamy (September 26, 2018) who seemed to have taken a rather benign view of this aspect of the matter Dr Chandrachud J destroyed the notion that merely because similar or identical information is already in the possession of the state that in and of itself makes taking of such information again legitimate. His Lordship clearly understood the implication of collecting biographical information, combining it with biometric then automating the process with supporting algorithms. Add to that the possibility of profiling. This scenario translates into great power over the lives of persons especially when that data and technology are in the hands of the state and powerful private actors as in Google, Amazon and the like. Of course, with the latter, the engagement is consensual or at the very least the person can opt out after sometime. What NIRA is proposing is control over vast amounts of data, no opt out and linking the data held in different silos by a unique identification number, thereby reducing anonymity even further and increasing the possibility of profiling and generating new information about the data subject. (paragraph 237)

What the Chief Justice understood – and what Chandrachud J. had understood in his dissent – was, of course, the existential peril posed to freedom and privacy that stemmed from merging silos of information, and the ways in which that could be used to generate entirely new sets of information, as well as facilitate profiling. As the Chief Justice observed, devastatingly, “respectfully, the majority in Puttaswamy (September 26, 2018) did not seem to have a full understanding of this and its implications in the say that has been demonstrated by Dr Chandrachud J.” (paragraph 238) On the basis of this bedrock of analysis, then, the Chief Justice went on to hold that NIRA unjustifiably and disproportionately impacted privacy. And in the course of his analysis, he also echoed Batts J., noting – crucially for our purposes – that “the most remarkable thing is that no submission was made to indicate how, for example, a voluntary scheme would prevent the state from providing reliable, safe and secure identification to its citizens or ordinary residents who wish to be part of the scheme.”

Lastly, the Chief Justice also found that Chandrachud J.’s dissenting opinion better articulated the shape and design of a data protection authority that could pass constitutional muster:

I adopt the following paragraph from his Lordship’s judgment at paragraph 236 and apply with such modifications are necessary for application to NIRA. His Lordship stated: An independent and autonomous authority is needed to monitor the compliance of the provisions of any statute, which infringes the privacy of an individual. (paragraph 247(88)).

The absence of any such authority was, therefore, another reason to hold the statute unconstitutional.


The Chief Justice set out his conclusions from paragraphs 245 to 254, striking down substantial portions of the Act, and then holding that they could not be severed – and therefore, the statute as a whole had to fail. Like the judgment of Batts J., the Chief Justice’s judgment is a fascinating study in its own right – in particular, in its assessment of the specific details of the NIRA system, in how it deals with the probabilistic character of biometric identification, the articulations of standards and burdens, the discussion of proportionality and the rebuttal of the State’s arguments that the Court must stay out of policy domains, and – very interestingly – in its disagreement with Bhushan J.’s concurring opinion on Aadhaar, on whether “national security” could be a ground to divulge personal information. Refreshingly, the Chief Justice held that the use of such terms was nothing more than a “Trojan Horse”, which would make the entire point of protecting fundamental rights illusory.

As the above discussion illustrates, however, for us, the most fascinating aspect of this judgment is the in-depth dialogue it undertakes with both the Majority and the Dissent in Aadhaar, on their own terms – and the rigorous and detailed reasons it gives for choosing to follow the Dissent over the Majority.

To end with Hughes again. His full quote reads:

A dissent in a court of last resort is an appeal to the brooding spirit of law, to the intelligence of a future day when a later decision may possibly correct the error into which the dissenting justice believes the court to have been betrayed.


But there are some occasions in history when the betrayal into error is recognised not within, but without. Sometimes, we need friends and colleagues in other parts of the world to hold up the mirror that we are unwilling or unable to look into. Perhaps it is the fate of the Aadhaar Dissent to travel around the world, a light in dark places, long before it is recognised by the brooding spirit of law in its homeland, and the error is corrected at last.

One can but hope.

(Disclaimer: The author was involved on the side of the Petitioners in the Aadhaar challenge.)

The Aadhaar Judgment: A Round-Up

Here is a round-up of the ICLP blog’s coverage of the Aadhaar judgment. The arrangement of the posts tracks our suggested order of reading them. After that, some other critiques of the judgment have been provided as well. Filter, as always, for bias.

This page is meant to serve as a resource going forward. The Aadhaar judgment is not the end, but merely the first round in an increasingly crucial debate on the intersection between technology and the Constitution. Our aim is to work towards a legal and constitutional provision where technology is harnessed to expand human freedom, and not constrain it in service of the State (or of private corporations). As a great man once said, “it always seems impossible – until it is done.”


  1. “Take me as I am – subject to Aadhaar-Based Biometric Authentication”: An Overview of the Aadhaar Judgment.
  2. The Aadhaar Judgment: A Dissent for the Ages.

Factual analysis (A four-part series by Anand Venkat)

  1. The Aadhaar Judgment and Reality – I: On Uniqueness.
  2. The Aadhaar Judgment and Reality – II: On Fallibility.
  3. The Aadhaar Judgment and Reality – III: On Surveillance.
  4. The Aadhaar Judgment and Reality – IV: On Data.

Legal Analysis

  1. The Aadhaar Judgment and the Constitution – I: Doctrinal Inconsistencies and a Constitutionalism of Convenience.
  2. The Aadhaar Judgment and the Constitution – II: On Proportionality (by Mariyam Kamil).
  3. The Aadhaar Judgment and the Constitution – III: On the Money Bill (by Suhrith Parthasarathy).


  1. The Aadhaar Judgment: Telecom Operators and the Legal Standing of Chandrachud J.’s “Dissenting” Opinion (by Prasanna S.).

In addition, here are links to pieces elsewhere, on related topics.


  1. Methods of Interpretation. (Apar Gupta)
  2. Aadhaar Verdict No Reason to Celebrate for the Government (Prasanna S.)
  3. Aadhaar valid, but restricted, and still a problem (Vrinda Bhandari).
  4. Aadhaar verdict: SC Majority Judgments Lacks Consistency in Logic and Reasoning, and Turns Constitutional Analysis on its Head (Malavika Prasad).
  5. Aadhaar verdict: Dissenting Judge D.Y. Chandrachud Feels Money Bill Tag may be Misused to Escape Rajya Sabha Scrutiny. (Malavika Prasad).

Money Bill

  1. The Perils of Taking the Money Bill Route (Prasanna S.)

Section 57 (use by private parties)

  1. Section 57: Why Aadhaar can’t be used as authentication by private companies (Prasanna S.)
  2. In Striking Down Section 57, SC has Curtailed the Function Creep and Financial Future of Aadhaar (Vrinda Bhandari and Rahul Narayan).


  1. Aadhaar Judgment Sets a Legislative Agenda (Apar Gupta).


The Aadhaar Judgment and Reality – IV: On Data (Guest Post)

(This is the fourth and concluding part of Anand Venkat’s guest post series interrogating the factual foundations of the Aadhaar judgment. It is also the concluding essay in this blog’s coverage of the Aadhaar judgment (for now). We will be putting up a round-up shortly).

In this final part on the analysis of the Aadhaar judgement, we touch upon how the Majority judgement handled the arguments on data security in relation to the Aadhaar data, and contrast it with the minority opinion of Chandrachud J.

Data leaks

Are data leaks harmful for the people involved? The SC did not want to consider this question at all, and punted it to the currently pending case in Delhi HC (Page 250, footnote):

A challenge to the Aadhaar project for violation of IT Act and Rules has been filed in the Delhi High Court in the matter of Shamnad Basheer v UIDAI and Ors. Therefore, we are not dealing with this aspect, nor does it arise for consideration in these proceedings.

Data minimization

It was argued extensively before the court that the data collected during Aadhaar enrolment includes not just demographic data and biometrics, but also additional information, such as religion and caste, which was explicitly forbidden by the Aadhaar Act; and furthermore, this additional information was sent to the various State Resident Data Hubs (SRDHs). 

However the Majority did not engage with the evidence, and instead merely cited the Aadhaar Act. It neither declared the collection of additional information in variance with the Aadhaar Act as illegal, nor did it want to deal with the information stored in SRDHs, obtained during enrollment (Page 274, Para 193).

Section 2(k) specifically provides that Regulations cannot include race, religion, caste, tribe, ethnicity, language, records of entitlement, income or medical history. Thus, sensitive information specifically stand [sic] excluded.

It also concluded that as per the powerpoint presentation by the UIDAI CEO, which is not part of the affidavit, that location information was not collected (page 541):

We have recorded in detail the powerpoint presentation that was given by Dr. Ajay Bhushan Pandey, CEO of the Authority, which brings out the following salient features: (i) During the enrolment process, minimal biometric data in the form of iris and fingerprints is collected. The Authority does not collect purpose, location or details of transaction.

By doing so, it chose to ignore the affidavits filed by Manindra Agarwal on UIDAI’s behalf, that breach of verification logs will result in the leakage of location data. The minority opinion however, explicitly refers to the affidavit and declares that: (page 886).

The report indicates that it is possible through the Aadhaar database to track the location of an individual. The Aadhaar database is different from other databases such as PAN Card or driving license. The Aadhaar database is universal and contains the biometrics of an individual. The threshold to scrutinize the effects of this database is therefore much higher as compared to that of other databases.

And once all the contradictions were resolved by selectively ignoring the factual claims made by the petitioners (and also supported by affidavits filed in support of UIDAI), the Majority then proceeded to declare that (page 274, para 194):

We find that Section 32 (3) of the Aadhaar Act specifically prohibits the authority from collecting, storing or maintaining, either directly or indirectly any information about the purpose of authentication. The proviso to Regulation 26 of Authentication Regulations is also to the same effect. Thus, the principle of data minimization is largely followed.

Data classification

An important question in cyberspace is how to classify personal data as sensitive or non-sensitive. It must be noted a priori that this classification depends upon the context. For instance, my true name might reveal my religion, which could be used to harm me in a conflict zone, but would be entirely harmless elsewhere. Similarly, fingerprint and facial scans, freely obtainable through photography, could be harmless if shared without associated identity information, but could be deadly for public anonymity in authoritarian regimes.

Once again, the Majority is oblivious to this basic distinction, when it proclaims that (page 273, para 193):

Demographic information, both mandatory and optional, and photographs does [sic] not raise a reasonable expectation of privacy.

On the other hand, Chandrachud J.’s minority judgement correctly notes that (page 778, para 148):

Section 29(1) of the Aadhaar Act expressly states that ‘core biometric information can never be shared with anyone for any reason whatsoever or be used for any purpose other than generation of Aadhaar numbers and authentication under this Act’. However, this provision which seemingly protects an individual’s core biometric information from being shared is contradicted by Section 29(4)253 of the Act, the proviso to which grants UIDAI the power to publish, display or post core biometric information of an individual for purposes specified by the regulations. The language of this section is overbroad and which could lead to transgressions and abuse of power. Moreover, sub-sections 29(1) and (2), in effect, create distinction between two classes of information (core biometric information and identity information), which are integral to individual identity. Identity information requires equal protection as provided to core biometric information.


While the UIDAI made the claim that all biometric data is encrypted, the Majority went further and made the astonishing claim that the encrypted data was also sent to the CIDR immediately. The offline enrolment client, however, does not do that, in order  to facilitate enrollments done in places where internet connectivity is non-existent. 

Furthermore, the UIDAI also claimed that the entire Aadhaar enrolment eco-system is foolproof, because within few seconds of the biometrics having been collected by the enrolling agency, the said information would transmitted the Authorities/CIDR (in an encrypted form), and go beyond of the reach of the enrolling agency.

Chandrachud J.’s minority judgement, however notes correctly that encryption was not even mandated in the initial stages (page 772)

In the ‘Aadhaar Handbook for Registrars 2013’ (“2013 Handbook”), it was stated that “UIDAI has defined security guidelines for the storage of biometric data”. While it is indicated in the handbook that guidelines for storage were defined by UIDAI, it is evident that this took place only after 2010 before which the registrars were functioning without guidelines mandating how the biometric data was to be kept secure.

Hacking and Hope

During the course of the hearing, the counsel for the petitioners, Mr. Divan, pointed out various attacks on the CIDR. And one of them was the UP Aadhaar hack case, which was not only part of the oral record, but related FIRs around these attacks were part of the written submissions by Mr. Grover as well. This is how the Court responded: 

It may, however, be mentioned that of late certain reports have appeared in newspapers to the effect that some people could hack the website of CIDR, though it is emphatically denied by the UIDAI. Since there are only newspapers reports to this effect which appeared after the conclusion of hearing in these cases and, therefore, parties could not be heard on this aspect, we leave this aspect of the matter at that with a hope that CIDR would find out the ways and means to curb any such tendency.


It is possible to argue that the above paragraph refers not to the petitioners’ submissions, but to a later HuffPost article on data breaches. However it does not change the reality that the Majority did not engage with materials provided by the petitioners through affidavits, written submissions and also police first investigation reports filed by the police themselves.


How do you analyze the impact of a technological regime on the Constitution? That was the heart of the question in the Aadhaar challenge. There are always unknown positives and unknown negatives when a new technology is rolled out. The court was asked to make a comparative analysis between the two, and come up with a decision.

The typical process used is a cost-benefit analysis (which, under constitutional review, is further refined and made more rigorous by taking into account rights violations, as part of the proportionality standard). However until today, the State has not even engaged in such a exercise, for it would instantly show that the costs far outweigh the benefits, on all – economic, technological and data security – angles. Instead, the State denied the very existence of costs, and stated and the benefits were immense, without a shred of evidence.

The Majority opinion, however has done something even more astonishing. It has refused to engage with factual claims on these aspects made by the Petitioners, and then went to declare that Aadhaar is unhackable and foolproof, based on the submissions of the State. By doing so, it also set the template for future litigations.  All the state has to do, henceforth, when it rolls out technological regimes that are untested and have huge implications to the population, is to ensure that it

  • Rolls them out at scale.
  • Uses any means necessary to ensure the roll out.
  • Ignores any previous court orders barring it from the roll out.
  • Denies all harmful effects of the technology on the ground.
  • Makes up evidence about the benefits.
  • And also makes a powerpoint presentation to the court, when challenged on these aspects.

The Majority opinion on Aadhaar showed that this strategy might well succeed. However, the dissenting opinion by Chandrachud J indicates that there might yet be hope for a future Court to have an intelligent factual debate about the intersection of technology, freedom and state.

In the interim, people can continue to die, crucified on “the unproven plea of exclusion of some”, submitted as evidence or in affidavits. After all, the dead don’t speak, and even if they do, the court won’t listen.

The Aadhaar Judgment: Telecom Operators and the legal standing of Chandrachud J.’s “dissenting” opinion

(A stand-alone essay in our ongoing series on the Aadhaar judgment, this is a guest post by Prasanna S.).

Justice DY Chandrachud’s celebrated judgment in the Aadhaar case has been described as, broadly speaking, a ‘dissent’. Just before he pronounced the judgment, he had himself announced in open court that it was a partial dissent. However, there is nothing in the judgment to indicate he had read the other two judgments or if any of the other two had read his judgment. There is neither an expression of dissent nor concurrence in the judgments. The extent of disagreement between the ‘Majority’ opinion led by Justice Sikri and the ‘Minority’ opinion of Justice Chandrachud’s is to be analysed and understood. The opinion of Justice Bhushan who broadly concurred with Justice Sikri (barring on the issue of Bank Account-Aadhaar linking) is, for simplicity, not discussed here.

A selection of key issues and the indication of broad agreement/disagreements in the judgments is as follows.

Concurrent findings of the Majority and the Minority:

  1. The decision of the Speaker on the certification of a Bill as a Money Bill is not immune from judicial review. (I understand that the Majority has equivocated on whether this needs to be decided at all in this case. Be that as it may.)
  2. Use of Aadhaar by private parties is unconstitutional (Section 57).
  3. The PMLA Rule that provided for mandatory Aadhaar-Bank Account linking is unconstitutional.
  4. The DoT circular that mandated Mobile-Aadhaar linking is unconstitutional.

Divergence between the Majority and the Minority:

  1. The Minority held that the entire Aadhaar Act and the Aadhaar project are unconstitutional. The Majority upheld the Act.
  2. Section 59 of the Act that purported to save the Aadhaar scheme prior to the passage of the Aadhaar Act was struck down as unconstitutional by the Minority. It was upheld by the Majority.
  3. Section 57 as a whole was struck down by the Minority. On the other hand, Section 57 was read down only partially by the Majority.

The focus of this article is the issue of the decision on the Mobile-Aadhaar linking under the 23.03.2016 DoT circular. As seen above, both the Majority and the Minority quashed the circular as unconstitutional. The Minority however went on to direct that the Union of India and TRAI should immediately direct the telecom operators to delete Aadhaar and biometric data of subscribers within two weeks (Para 285, internal page 394 of the Minority judgment). This article argues that such a direction, although present only in the Minority opinion, is binding law and the Union of India and TRAI are required to comply with it, unlike what some seem to think. The author did a brief twitter thread on the issue. This article attempts to somewhat exposit it.

Reading separate opinions

When there are separate opinions delivered by the Supreme Court, the exercise extracting the ratio or the ‘law declared’ by the Court is not always straightforward. Sometimes, there is a summary of the judgment signed as the ‘View of the Court’ (or ‘View by the Majority’), which may be of help – as was the case in Puttaswamy(I) (the privacy judgment). Such a summary arrived at by the bench interpreting their own judgments without hearing all the parties as to the reading of each of the judgments has at times created controversy (such as in Kesavananda Bharati).

It is a common practice to analyse the opinions on an issue-by-issue basis and find the bench strength that has supported a particular view in regard to each issue, as this blog did for Puttaswamy(I) on the question of limitations of the fundamental right to privacy. (Incidentally, the author of that post Gautam Bhatia has concluded that the law of the land as to the test of constitutionality for a law impacting the right to privacy is to be found in Justice Kaul’s opinion, which was a separate concurring opinion which was written only for himself, and clearly in the ‘minority.’)  This approach of trying to extract or mine ratio from minority opinions (which may be, broadly speaking, ‘concurring’, ‘dissenting’, or partly ‘concurring’) is not plucked out of thin air. It has not only been part of the common law legal tradition (on the principle that there is a presumption that each of the judgments has been read by everyone on the bench and a lack of dissent on any of the points in the judgment should be taken as a concurrence on that point), but also anchored in the text of India’s constitution.

Distinction between a ‘judgment’ and ‘law declared’ – Can a ‘dissenting judgment’ be a source of law?

The law on this mining exercise is governed by Articles 141 and 145(5) of the Constitution.

Article 141 of the Constitution says,

The law declared by the Supreme Court shall be binding on all courts within the territory of India.

Article 145(5) of the Constitution says,

No judgment and no such opinion shall be delivered by the Supreme Court save with the concurrence of a majority of the Judges present at the hearing of the case, but nothing in this clause shall be deemed to prevent a Judge who does not concur from delivering a dissenting judgment or opinion.

One of the earliest cases that decided the question of whether the judgment in Article 145(5) means the same as ‘law declared’ under Article 141 was Mahendra Thakar v. S.P. Pande AIR 1964 Bombay 170. Therein, a division bench of the Bombay High Court held that:

“There does not appear to be any warrant for reading the provision of Article 145(5) into the provisions of Article 141, and we do not think that the “law declared” can be approximated to the judgment delivered by the Supreme Court. On the other hand, having regard to the provisions of Article 145(5) that a Judge who does not concur may also deliver a judgment, it is clear that the law declared may as well be in a dissenting judgment as in a majority judgment. The argument, therefore, that the three Judges whose decision resulted in the allowing of the appeal in Purshottam’s case did not form a majority of those holding that Article 14 applied to the second proviso to Section 34(3) does not make that the law declared.”

Prem Prakash Gupta v. Union Of India AIR 1977 All 482 held that:

The majority opinion did not express any opinion on this issue but the minority opinion, as expressed by Mahajan J., did examine this issue and answered it in the negative. In my view, in a situation where the majority of the Judges of the Supreme Court expressly chose not to examine a particular issue and decided the suit on certain other grounds, then the expression by the minority on such an issue can be said to have a binding force on the courts in India. In this view of the matter, I think the observations made by Mahajan J., are binding on me.

A similar approach has been followed in or has been laid down in a number of other High Court decisions, including the 2009 decision in Narinder Batra v. Union of India, where the current Union minister for finance, Arun Jaitley argued and won on that proposition.


It must be said that the aforementioned high court judgments have neither been overturned nor reaffirmed by the Supreme Court. There have been atleast two instances where the question has been argued. However, in both those instances, the supreme court did not venture an opinion on that as it was found that the majority judgments cited in the cases had in fact disagreed with the reasoning given by the minority opinion sought to be relied upon by the counsel.

Do directions contained in an opinion not expressly endorsed by the majority have the binding force of ‘law’?

However, in Ashok Kumar Gupta v. State of Uttar Pradesh (1997) 5 SCC 201, the Supreme Court dealt with the question of whether a direction by a plurality of judges led by Justice Jeevan Reddy in the Mandal Case (Indra Sawhney v Union of India) is binding given that the plurality was one-judge short of the majority of the judges in the bench.  The Court relied on Sawant J’s separate opinion, concurring on that relevant conclusion and held that the direction by Justice Jeevan Reddy had binding force.

Both these propositions on binding law and binding directions also appeal to common sense. If there is a judicial opinion by a judge or set of judges sitting in the highest constitutional court of the land, it should normally be binding unless strong and compelling reasons exist to suggest otherwise – namely either a clear expression of disagreement with that opinion by a majority of judges of that bench, or a later supreme court decision of a larger bench having overruled it or disagreed with that opinion.


In the instant case, on the telecom circular issue, both the Majority and the Minority judgments in the Aadhaar case had agreed on both the conclusion and the reasons for its unconstitutionality. The Majority expressed no opinion on the deletion of the data, but the Minority directed such deletion. It must be presumed that the Majority impliedly concurred with that direction. The directions contained in the Minority opinion of Justice Chandrachud’s to the Union of India and TRAI relating to the deletion of telecom subscriber Aadhaar data is binding and has the force of law.

(Credit: The author is thankful for the inputs provided by Goutham Shivshankar.)

(Disclosure: The author assisted the petitioners in the Aadhaar case before the Supreme Court)

The Aadhaar Judgment and Reality – III: On Surveillance (Guest Post)

(This is the third and penultimate essay in Anand Venkat’s four-part series examining the factual foundations of the Aadhaar judgment.)

In our attempt to further decode the factual errors in the Aadhaar judgement, it is worth asking an important question: why is genuine engagement with contradictory facts very hard? Charlie Munger wrote about 24 causes of misjudgement in 1995 and, not surprisingly, simple psychological denial comes up as number 2 in that list.

In this post, we will argue that simple denial alone can’t explain the Majority’s inability to deal with aspects of the petitioners’ challenge. Technological illiteracy is a factor as well.


What is surveillance? If a policewoman tags along a person, at all times, then it fits the definition of surveillance, because she knows all about the person. Now what if, instead of a policewoman, a recording device is always present? That too fits the definition. So surveillance is not simply someone knowing about a person, but having the capability to know all about her, and actively using that capability.

How is it possible for someone to have the capability to know all about a person ? The answer is “Body Tagging”. If every activity that the person ever does in her life can be reliably attached to her body, a detailed profile can be built about the person, which enables surveillance. Put simply, profiling is surveillance.

Body tagging a person’s life across multiple activities can be easily done, if the “body” is given a unique number, and the unique number is attached to every activity. Thus, if a technological means called “Aadhaar” can produce perfect “unique numbers” that are attached to a body, as the Majority judgement states in paragraph 55 – “when it comes to obtaining Aadhaar card, there is no possibility of obtaining duplicate card” – then mass  surveillance is a logical corollary, if it is attached to other databases.

Surveillance: The absence of factual engagement

The Majority, however, chooses not to engage with the petitioners’ submissions about how the body tagging of persons, across multiple databases, is surveillance. It was brought to the court’s notice that many states have built “State Resident Data Hubs [“SRDHs”], which have body tagged sensitive personal details of their residents, available in multiple silos, and have merged them into one “golden” record. For instance, the state of Andhra has gone further than most and built star-trek dashboards, that display the intimate personal details of 43 million of the state’s 50 million residents: GPS coordinates of their homes, the medicines they use, the food rations they eat, what they say about the Chief Minister on their social media accounts, real-time feeds of thousands of security cameras (with some cameras inside people’s homes – voluntarily, of course), their castes and sub-castes, their religion, their student scholarships and old-age pensions, their movement in every state ambulance, and of course — their Aadhaar numbers.

The Majority avoids engaging with the argument because if it did, it would result in arriving at the same conclusion that Chandrachud J arrives at, in his dissenting opinion, that the technological design of the project actually subverts the Aadhaar Act – actually enabling profiling through surveillance – and hence cannot stand: 

When Aadhaar is seeded into every database, it becomes a bridge across discreet data silos, which allows anyone with access to this information to reconstruct a profile of an individual’s life. It must be noted while Section 2(k) of the Aadhaar Act excludes storage of individual information related to race, religion, caste, tribe, ethnicity, language, income or medical history into CIDR, the mandatory linking of Aadhaar with various schemes allows the same result in effect. For instance, when an individual from a particular caste engaged in manual scavenging is rescued and in order to take benefit of rehabilitation schemes, she/he has to link the Aadhaar number with the scheme, the effect is that a profile as that of a person engaged in manual scavenging is created in the scheme database. The stigma of being a manual scavenger gets permanently fixed to her/his identity. What the Aadhaar Act seeks to exclude specifically is done in effect by the mandatory linking of Aadhaar numbers with different databases, under cover of the delivery of benefits and services. (Chandrachud J., dissenting, paragraph 274)

Surveillance: Internal contradictions

Instead of focussing on body tagging across various databases, the Majority instead focuses only on the surveillance potential of the “Metadata” stored in the CIDR. This leads to logically contradictory observations.

For instance, if Facebook and Google, can know the places where one has shopped and also know the movies that one watched, they already have “data.” But the Majority then went on to make the very bizarre claim that in Para 160 that “data” can turn into “meta-data”! All this data is there with the companies in respect of its users which may even turn into metadata.”

In the very same paragraph, it makes the further astonishing claim that OTPs are sensitive personal information in the same manner as biometrics:

Every transaction on a digital platform is linked with some form of sensitive personal information. It can be an individual’s user name, password, account number, PAN number, biometric details, e-mail ID, debit/credit card number, CVV number and transaction OTP etc.

The Majority’s inability to understand technology also becomes clear from its discussion on “Authentication log retention”, in paragraph 260.

We do not find any reason for archiving the authentication transaction data for a period of five years. Retention of this data for a period of six months is more than sufficient after which it needs to be deleted except when such authentication transaction data are required to be maintained by a Court or in connection with any pending dispute. Regulations 26 and 27 shall, therefore, be amended accordingly. (paragraph 260)

Let us deconstruct the ruling here carefully. The judgement says that

  1. Authentication transaction data needs to be deleted after six months.
  2. But not if there is any pending dispute or ordered by a court.

By doing so, it restricts the time frame, in which a dispute could arise to “only six months”. This has ramifications for biometric fraud disputes such as Gujarat biometric data trade, where biometrics of legislators was sold en-masse for 7 lakh rupees and the Airtel LPG routing scam, as these scams went on for months before detection. But the Majority, through its ignorance of technology, ensures instead that it would not be possible for law enforcement to investigate such cases, through limiting the retention of metadata.

And here’s the contradiction: after all, if surveillance is indeed impossible and far fetched as was stated in para 197 (“… therefore, the threat to real-time surveillance and profiling may be far-fetched...”), why would long term retention of authentication logs would be an issue at all? The reading-down is both inexplicable and logically incoherent.

Addendum: Direct Benefit Transfer

There are three important pillars in Direct Benefit Transfer (DBT).

  1. The Aadhaar number
  2. Mobile
  3. Bank Account

In the earlier rollout of DBT, the various schemes’ databases merely collected the bank account numbers or the post office savings bank account numbers of the beneficiaries. There was simply no need for either Aadhaar numbers or mobile numbers. However, once mandatory biometric authentication was introduced as a pre-condition for DBT, the situation changed drastically.

Biometric authentications are always fallible and the Majority’s refusal to engage with that simple technological fact, does not change the reality. Hence the only recourse is OTP authentication via the linked mobile phone. However, UIDAI does not verify the phone, during enrolment, which makes OTPs ineffective. The only “technological hack” then available for UIDAI to avoid biometric exclusion is Mobile linking.

Ever since National Payment Corporation of India (NPCI) introduced the Aadhaar mapper, which links bank accounts to Aadhaar numbers, central and state departments no longer collect beneficiary bank accounts, and instead use the NPCI Mapper to do Direct Benefit Transfers. Hence, for DBT via NPCI to work, seeding Aadhaar numbers into bank accounts was essential.

The court does not engage with the technological aspect of this ecosystem, when it rules that both Mobile and Bank linking are unconstitutional, and strikes them down. So in effect, without perhaps intending to, it has also brought the current Aadhaar-based DBT ecosystem, where NPCI and banks are important players, to a grinding halt. Further, it  has only worsened the exclusion problem caused by fallible biometric authentication, by removing the OTP option.


The factual and logical contradictions outlined so far, lead one to conclude that the Majority has not understood that technological progress is making the law irrelevant. As Lawrence Lessig pointed out:

Every age has its potential regulator, its threat to liberty. Our founders feared a newly empowered federal government; the Constitution is written against that fear. John Stuart Mill worried about the regulation by social norms in nineteenth-century England; his book On Liberty is written against that regulation. Many of the progressives in the twentieth century worried about the injustices of the market. The reforms of the market, and the safety nets that surround it, were erected in response.

When faced with a civil liberties case, that is second longest in the history of the court, the least that the Majority could have done was to engage with the facts and the new emerging technological domain of cyberspace, and how it could make constitutional rights irrelevant. As Lawrence Lessig again points out:

Cyberspace will change from a place that protects anonymity, free speech, and individual control, to a place that makes anonymity harder, speech less free, and individual control the province of individual experts only.

By obstinately refusing to engage with the factual and technological aspects of the Aadhaar project, and how the architecture of the project nullifies the very Aadhaar Act that it upheld, the Majority has only demonstrated its own ignorance of technology, and has probably accelerated the Supreme Court’s own irrelevance, as Lessig had proclaimed so boldly.

The Aadhaar Judgment and the Constitution – III: On the Money Bill (Guest Post)

(In this, the concluding essay in our series analysing the legal foundations of the Aadhaar judgment, Suhrith Parthasarathy examines the issue of the money bill.)

The Supreme Court’s judgment in the Aadhaar case is troubling at many different levels. As Gautam Bhatia’s post highlights, the majority’s opinion, authored by Justice AK Sikri, on behalf of himself, Chief Justice Dipak Misra and Justice AM Khanwilkar, is riddled with doctrinal inconsistencies and fails to so much as a maintain a sense of internal logic. This makes criticism of the judgment an especially demanding task. Not only are the court’s chosen standards of review questionable, its application of those flawed choices is often equally unsatisfactory. These fallacies are, perhaps, best exemplified by the majority’s approach to the questions concerning the enactment of the Aadhaar Act as a money bill. The court’s decision in this regard is productive of consequences that are likely to have a deep bearing on India’s democracy.

The Background

When the Aadhaar scheme was originally introduced in 2009, the government thought it unnecessary to enact a suitable legislation. In what represented a blatantly illegal move, it thought an executive notification would suffice for the purpose. Eventually, when the draft of a statute was presented in December 2010, to purportedly validate the scheme, it was introduced in the Rajya Sabha as an ordinary bill. This meant that the bill, like most other laws in India, required the assent of both houses of Parliament to turn into law. As it happened, the draft bill was sent to a Parliamentary Standing Committee even before it could secure the Upper House’s clearance. After substantial concerns were raised by the committee, the government, now under a different dispensation, withdrew the bill from consideration in March 2016, and introduced, in its place, a new draft legislation, titled the Aadhaar (Targeted Delivery of Financial & Other Subsidies, Benefits & Services) Bill, 2016. But this time the draft statute was introduced in the Lok Sabha with an added certificate from the speaker of the House classifying the proposed legislation as a money bill. This meant that all that the bill needed to turn into law was the Lok Sabha’s affirmation, which the bill secured within days of its introduction. And with that, the Aadhaar Act came to be enacted.

A number of the petitions challenging the Aadhaar programme in the Supreme Court explicitly questioned the introduction and enactment of the law as a money bill. The petitioners in these cases argued that the court possessed the power to judicially review the speaker’s decision, and, what’s more, his decision to certify the law as a money bill was patently unconstitutional.

Money Bills and the Constitutional Framework

Now, generally, under India’s Constitution, for a bill to be enacted into law it requires approval by both the Lok Sabha and the Rajya Sabha. The only exception to this rule is contained in Article 110(1), which defines a “money bill” in the following terms:

(1) For the purposes of this Chapter, a Bill shall be deemed to be a Money Bill if it contains only provisions dealing with all or any of the following matters, namely

(a) the imposition, abolition, remission, alteration or regulation of any tax;

(b) the regulation of the borrowing of money or the giving of any guarantee by the Government of India, or the amendment of the law with respect to any financial obligations undertaken or to be undertaken by the Government of India;

(c) the custody of the consolidated Fund or the Contingency Fund of India, the payment of moneys into or the withdrawal of moneys from any such Fund;

(d) the appropriation of moneys out of the consolidated Fund of India;

(e) the declaring of any expenditure to be expenditure charged on the Consolidated Fund of India or the increasing of the amount of any such expenditure;

(f) the receipt of money on account of the Consolidated Fund of India or the public account of India or the custody or issue of such money or the audit of the accounts of the Union or of a State; or

(g) any matter incidental to any of the matters specified in sub clause (a) to (f). (Emphasis Supplied)

Critically, Article 110(3) adds that in cases where a dispute arises over whether a bill is a money bill or not, the Lok Sabha Speaker’s decision on the issue shall be considered final. It was this provision that the government placed particular emphasis on in its defence. The Union of India argued that the speaker’s decision was altogether immune from judicial review. In any event, according to it, the categorisation made in this case was in conformity with clause 1 of Article 110.

The Majority Approach: Judicial Review 

In deciding the case, common logic ought to have dictated that the court considered the question of whether the Aadhaar Act was a validly enacted legislation first. After all, if the court were to find that it had the power to review the speaker’s decision and if it found that the decision made in this case was unconstitutional, the entire legislation would have been rendered null and void, effectively making every other argument advanced in the case moot. Yet, the court chose a different path. For reasons best known to the majority, it chose to frame the question concerning the validity of the Aadhaar Bill’s categorisation as the sixth issue for consideration. Bizarrely, issues that preceded this included questions over whether the Aadhaar Act created a surveillance state, whether the Act violated the right to privacy, and whether children could be brought within the sweep of the programme. Thus, the majority chose to decide what ought to have been a preliminary question only once it gave its imprimatur to the general architecture of the Aadhaar programme. This approach, it must be said, runs counter to the most fundamental principles of judicial decision-making.

Making matters worse, the court’s ultimate approach in deciding the issue was just as illogical. Quite opposed to addressing, at the outset, the government’s objection that the speaker’s certification was beyond judicial review, the court first chose to consider whether the bill, in fact, met the requirements of Article 110(1). Once it did this, and once it found that the bill fell within the categories prescribed in Article 110(1), the court altogether brushed aside the question of whether a speaker’s decision is judicially reviewable or not. Now, it’s difficult to understand whether we can presume from the fact that the court conducted an examination on the provisions of the bill to conclude that it was a money bill that the majority did believe the speaker’s decision to be reviewable. The majority offers no clear and precise answer for this.

But, given that the government’s argument wasn’t entirely meritless, in that it was backed by at least one decision of a 3-judge bench of the Supreme Court, in Mohd. Saeed Siddiqui v. State of UP (2014), in the present post we shall endeavour to consider the issue by first answering the question of whether a speaker’s decision under Article 110 is judicially reviewable or not.

In Siddiqui, the question before the court concerned a categorisation made under Article 199 of the Constitution, which defines a money bill for the purposes of state legislatures. The provision is in pari materia with Article 110, and, as such, any decision made interpreting Article 199 ought to apply directly to Article 110 too. There, the Supreme Court had ruled that a Speaker’s decision to classify a draft statute as a money bill was not judicially reviewable, even if the classification was incorrect, since the speaker’s mistake constituted nothing more than a mere procedural irregularity. The court arrived at its decision, as Justice DY Chandrachud’s dissenting opinion in the Aadhaar case correctly points out, on a misunderstanding of a constitution bench judgment in Mangalore Ganesh Beedi Works vs. State of Mysore (1963).

In Mangalore Ganesh Beedi Works, the court had found that the Indian Coinage (Amendment) Act, which introduced a new system of coinage, was not a taxing measure. The petitioners had argued that through the substitution of 2 naya paisas in place of 3 pies as tax, there was a change in the tax imposed by the Mysore Sales Tax Act, which could only have been done by passing a Money Bill under Articles 198, 199 and 207 of the Constitution. Since no money bill had been introduced, the Act itself, the petitioners argued was illegal and invalid. It was in those circumstances, having found that a substitution of coinage did not result in an enhancement of tax, that the court ruled that Article 199 was simply not attracted. The further observation made by the court that the “the validity of an Act cannot be challenged on the ground that it offends Articles 197 to 199 and the procedure laid down in Article 202” ought to therefore be viewed in light of the ratio decidendi of the judgment.

Yet, in Siddiqui the court proceeded on the grossly mistaken premise that the decision in Mangalore Ganesh Beedi Works was somehow an authority for the proposition that a speaker’s decision to categorise a draft law as a money bill was beyond judicial review. Once again, as Justice Chandrachud’s dissenting opinion in the Aadhaar case points out, there is a consistent thread that emerges from the court’s judgments in (a) In re Special Reference No. of 1964, (b) Ramdas Athawale v. Union of India, and (c) Raja Ram Pal v. Hon’ble Speaker, Lok Sabha, which makes it clear that the validity of proceedings in Parliament or a State Legislature can be subject to the rigours of judicial review on the ground that there is a constitutional violation. Considering the trend of these judgments, and considering the grave consequences that emanate out of a certification of a draft law as a money bill the majority in the Aadhaar case ought to have at the least tested the continuing applicability of the court’s verdict in Siddiqui. For, as Justice Chandrachud writes:

Barring judicial review of the Lok Sabha Speaker’s decision would render a certification of a Bill as a Money Bill immune from scrutiny, even where the Bill does not, objectively speaking, deal only with the provisions set out in Article 110(1).[Paragraph 83]

What’s more, as Justice Chandrachud adds:

The existence of and the role of the Rajya Sabha, as an institution of federal bicameralism in the Indian Parliament, constitutes a part of the basic structure of the Constitution. The decision of the Speaker of the Lok Sabha to certify a Bill as a Money Bill has a direct impact on the role of the Rajya Sabha, since the latter has a limited role in the passing of a Money Bill. A decision of the Speaker of the Lok Sabha to declare an ordinary Bill to be a Money Bill limits the role of the Rajya Sabha. The power of the Speaker cannot be exercised arbitrarily in violation of constitutional norms and values, as it damages the essence of federal bicameralism, which is a part of the basic structure of the Constitution. Judicial review of the Speaker’s decision, on whether a Bill is a Money Bill, is therefore necessary to protect the basic structure of the Constitution. [Paragraph 339(d)]

Interestingly, Justice Bhushan in his separate opinion agrees with Justice Chandrachud that Siddiqui requires explicit overruling. It is unfortunate that despite the length of its opinion the majority has singularly failed to engage with this central point of contention.

The Aadhaar Act as a Money Bill 

What the majority does do, though, (and here Justice Bhushan agrees with it) is to hold, erroneously, that the speaker’s certification of the Aadhaar Bill as a money bill was in conformity with Article 110(1).

The government had argued that since Section 7 of the Aadhaar Act, “which was the heart and soul” of the legislation concerned subsidies, benefits and services, for which the expenditure was to be incurred from the Consolidated Fund of India, the requirements of Article 110(1) were met. It was sufficient, according to the government, if a law, in pith and substance, met the tests laid down in Article 110(1). In other words, so long as a draft legislation broadly concerned itself with one of the elements contained in clauses (a) to (f) of Article 110(1), the speaker was well within his rights to categorise the law as a money bill.

To start with, it needs to be noted that the doctrine of “pith and substance” is applied to adjudicate legislative competence, and has no role to play in examining whether or not the requirements of Article 110 are satisfied. But in any event, without expressing any specific opinion on the argument predicated on the doctrine of pith and substance, the majority in the Aadhaar case agrees with the government to the extent that Section 7 conforms to Article 110(1)(e) (“expenditure charged to the consolidated fund”), that all other provisions of the Act are only incidental to Section 7, and, therefore, fall within the meaning of Article 110(1)(g) (“incidental matters”). As Justice Chandrachud points out in his dissenting judgment this is an extraordinarily fallacious ruling. The majority altogether overlooks the fact that for a bill to be certified as a money bill under Article 110 it must contain “only provisions” that deal with every or any one of the matters contained in Article 110(1). Therefore, a bill, which contains a single item beyond the scope of the subjects enlisted in clauses (a) to (g) of Article 110(1) cannot be introduced as a money bill. Here, as Justice Chandrachud’s meticulous reading of each and every provision of the Aadhaar Act shows us there are a host of clauses that deal with items well beyond the scope of clauses (a) to (g) of Article 110(1). He holds:

The substantive provisions of the Act are, however, not confined to the object specified in the Preamble. Indeed, they travel far beyond the boundaries of a money bill under Article 110(1). The enrolment on the basis of demographic and biometric information, generation of Aadhaar number, obtaining consent of individuals before collecting their individual information, creation of a statutory authority to implement and supervise the process, protection of information collected during the process, disclosure of information in certain circumstances, creation of offences and penalties for disclosure or loss of information, and the use of the Aadhaar number for any purpose lie outside the ambit of Article 110. These themes are also not incidental to any of the matters covered by sub-clauses (a) to (f) of Article 110(1). The provisions of Section 57 which allow the use of an Aadhaar number by bodies corporate or private parties for any purpose do not fall within the ambit of Article 110. The legal framework of the Aadhaar Act creates substantive obligations and liabilities which have the capability of impacting on the fundamental rights of residents. [Paragraph 107].

The majority’s finding, such as it were, can be found in paragraphs 408 to 411 of its judgment, where it holds, inter alia, that since Aadhaar-based authentication is mandated by Section 7 of the Act for the receipt of a subsidy, benefit or service, and since such subsidies, benefits and services accrue out of the Consolidated Fund of India, Section 7 has to be seen as the “core provision of the Aadhaar Act and this provision satisfies the conditions of Article 110 of the Constitution.” Having held thus, in paragraph 411, the majority says:

To facilitate this, UIDAI is established as Authority under the Act which performs various functions including that of a regulator needing funds for staff salary and it’s own expenses. Respondents have rights remarked that the Authority is the performer in chief, the predominant dramatis personae. It appoints Registrars, enrollers, REs and ASAs; it lays down device and software specifications, and develops softwares too; it enrols; it de-duplicates; it establishes CIDR and manages it; it authenticates; it inspects; it prosecutes; it imposes disincentives; etc. And all this it does based on funds obtained by appropriations from Consolidated Fund of India (Section 24).

It’s difficult to understand the majority’s precise point here. But if its intent is to suggest that virtually any governmental activity would fulfil the condition laid down in Article 110(e), given that most government functions would be funded out of the Consolidated Fund of India it can only be a ruling that is predicated on a flagrant misunderstanding of the Constitution. The entire idea behind Article 110(e) is that the law must contain “only provisions” that involve “the declaring of any expenditure to be expenditure charged on the Consolidated Fund of India or the increasing of the amount of any such expenditure.” In other words, under clause (e), a money bill must deal with the declaring of any expenditure to be expenditure charged on the Consolidated Fund of India.

As Justice Chandrachud, once again, correctly holds, not even Section 7 of the Aadhaar Act fulfils this requirement. As he writes in paragraph 110 of the dissent:

What Section 7 does is to enact a provision allowing for Aadhaar to be made mandatory, in the case of services, benefits or subsidies which are charged to the Consolidated Fund. Section 7 does not declare them to be a charge on the Consolidated Fund. It provides that in the case of services, benefits or subsidies which are already charged to the Consolidated Fund, Aadhaar can be made mandatory to avail of them. Section 7, in other words, is a provision for imposing a requirement of authentication and not declaring any expenditure to be a charge on the Consolidated Fund of India. Hence, even Section 7 is not within the ambit of Article 110(1)(e).

The majority’s troubling holding on the money bill issue doesn’t end here. It also holds that by virtue of it striking down Section 57 of the Act, it was unnecessary for it to consider whether the provision was merely incidental to the other provisions, specifically to Section 7. This finding is yet another instance of the judgment’s incoherence. The Aadhaar Act was enacted as a package. Section 57 was very much a part of the bill which was presented for the Lok Sabha’s consideration. So, if Section 57 wasn’t merely incidental to Section 7 (and it would have involved a huge stretch even of the majority’s logic to hold that it was), the draft legislation simply could not have been categorised as a money bill.

In other words, the majority effectively inverts basic judicial reasoning. Instead of considering the Aadhaar Act as a whole, and testing whether it qualifies as a money bill, the majority first examines provisions of the Act for substantive compliance with the Constitution, strikes down Section 57 as unconstitutional, and then turns around and says, “hey, now that Section 57 is gone, the remainder of the Act is a money bill after all.” As explained above, this is simply absurd.



Ultimately, the court’s ruling here creates a dangerous precedent. Now, virtually any legislation can be pushed through as a money bill, by ensuring that the law contains an “element” of one or the other of the clauses contained in Article 110. If the judgment is allowed to stand on this point its impact could be far-reaching. It will give government a carte blanche to enact all manners of laws by-passing the Rajya Sabha altogether.

The majority’s judgment in the Aadhaar case, therefore, requires immediate overruling. It will be interesting to see when the government next amends the Aadhaar Act (as it’s surely likely to do) if it will introduce the draft amendment as a money bill. Any such effort must serve as an opportunity for the court to reverse the majority’s findings here, and to restore, in Justice Chandrachud’s words, “the delicate balance of bicameralism” which lies at the heart of India’s parliamentary democracy.

The Aadhaar Judgment and the Constitution – II: On proportionality (Guest Post)

(This is the second post of our three-part series on the Aadhaar Majority’s legal reasoning. This is a guest post by Mariyam Kamil.)

The five-judge bench decision of the Indian Supreme Court on the constitutional validity of the Aadhaar scheme was handed down on 26 September 2018. The judgment was split 4:1. Justice Sikri, who wrote the majority judgment on behalf of himself, Chief Justice Misra and Justice Khanwilkar upheld the scheme. Justice Bhushan in a separate opinion concurred and Justice Chandrachud dissented.

This post will focus on one theme from the judgment: the standard of judicial review against which privacy infractions are tested. This issue was at the core of the privacy challenge. It also turned out to be the most critical factor in the Court’s analysis that ultimately upheld the Aadhaar scheme. For now, I will focus on the majority judgment.

The post will proceed as follows. In Part A, I will consider the three ‘standards of review’ that have been discussed in the Indian privacy context. Part B will outline the majority’s adoption of the ‘proportionality’ test. Part C will examine the Court’s application of this test to the Aadhaar card scheme.

Part A: The Three Tests

 Prior to the nine-judge bench decision in Puttaswamy, most Indian privacy cases appeared to oscillate between two standards of judicial review: the traditional reasonableness analysis and the stricter standard of ‘compelling state interest’.

After Puttaswamy, three things became clear as far as standard of review for privacy infractions was concerned. First, the minimum threshold that the State had to satisfy in order to legitimately curtail the right to privacy was the standard of ‘just, fair and reasonable’. Second, penumbral notions of privacy must satisfy the standard of review applicable to the respective constitutional provisions under which the infraction is claimed. Third, there was some support for the view that ‘proportionality’ would be the standard of review applicable to privacy cases going forward.

It is crucial to understand how these three standards differ from each other. What is the conceptual distinction between ‘reasonableness review’, ‘compelling state interest’ and ‘proportionality’? Do they overlap with each other? Are they only distinct in degree or do they also differ in content?

Most authors agree that ‘compelling state interest’ and ‘proportionality’ are more stringent standards of review than traditional ‘reasonableness’ (see, for instance, Dr Tarunabh Khaitan’s work). The Indian Supreme Court has also affirmed this view in the past (see for example, Ashok Kumar Thakur).

Moreover, an exposition of these standards also reveals a variation in scrutiny. The starting point for all the three tests is that the infringing act must have the authority of law. If the impugned State action does not have the authority of ‘law’, the Court will look no further.

If this hurdle is overcome, we then get to the next enquiries. The ‘just, fair and reasonable’ test requires the Court to answer two questions: 1) Is the State pursuing a legitimate state aim or objective? I will call this the ‘objective review’. If the answer to this question is in the affirmative, the Court will ask a second question. 2) Is the State using reasonable means to achieve this State objective? Put differently, is there a rational nexus between the means used and the objective sought to be achieved. I will call this ‘means review’.

The ‘compelling state interest’ test is one part of the two-pronged strict scrutiny standard. As part of strict scrutiny, the Court answers the following two questions: 1) Is the State pursuing a ‘compelling’ State aim? 2) Is the State pursuing the least intrusive means of achieving its compelling objective?

Strict scrutiny is a more rigorous standard of review. However, the difference between reasonableness review and strict scrutiny is mainly one of intensity. The degree of intensity of the ‘objective review’ and ‘means review’ changes, but the enquiries remain largely similar. So, in strict scrutiny, within the ‘objective review’ we ask: is the State pursuing a compelling State interest rather than a legitimate one. Under ‘means review’, we question whether this is the least intrusive manner of achieving the State’s compelling objective rather than a reasonable means of achieving that aim. This limb of strict scrutiny is referred to as ‘narrow-tailoring’.

‘Proportionality’, on the other hand, is qualitatively different from the other two. It varies not only in intensity but also in content. Proportionality consists of four enquiries. First, is the State pursuing a legitimate purpose? Second, is there a rational nexus between that purpose and the infringing act? Third, can another, less intrusive, measure be used to achieve the State’s purpose? Finally, is the infringement of the right too great in comparison to the public purpose?

The first two limbs of proportionality align closely with the ‘objective review’ and ‘means review’ under the traditional reasonableness analysis. The third limb resembles the narrow-tailoring limb of strict scrutiny. However, it is the fourth limb of proportionality that is unique. The fourth limb requires the Court to make a value judgment. It requires the Court to balance the importance of the State interest on the one hand, with the importance of the right or the extent of its intrusion, on the other. For instance, the Court may ask, is the public benefit in pursuing the State interest greater than the extent of infringement of the right? Therefore, a State interest could be legitimate (first limb), rationally connected to its objective (second limb) and narrowly tailored (third limb), yet it could still fail the balancing component under the fourth limb of proportionality.

Many criticise the proportionality standard for this very reason (see, for example, Francisco Urbina’s book). To them, proportionality allows the Court to review legislative choices. However, it is this fourth balancing limb of proportionality which is characteristic of the test. It is what makes the test, on occasion, even more stringent than strict scrutiny.

Part B: The Majority’s Understanding of ‘Proportionality’

 The majority speech in the Aadhaar judgment adopts ‘proportionality’ as the standard of judicial review for testing privacy infractions. Interestingly, the majority adopts a slightly modified version of this test.

The majority begins their consideration of proportionality with a doctrinal and academic analysis leading them to note that ‘some differences about the approach on the application of proportionality doctrine’ exist. For instance, the Judges point out the differences between tests adopted by the German Constitutional Court and the Canadian Supreme Court. They explain the German test as follows:

According to this test, a measure restricting a right must, first, serve a legitimate goal (legitimate goal stage); it must, secondly, be a suitable means of furthering this goal (suitability or rational connection stage); thirdly, there must not be any less restrictive but equally effective alternative (necessity stage); and fourthly, the measure must not have a disproportionate impact on the right-holder (balancing stage). [120]

This appears to be the conventional approach. The majority speech contrasts the German test with the Canadian Oakes test:

In contrast, Canadian Supreme Court… has held that the objective must be ‘of sufficient importance to warrant overriding a constitutionally protected right or freedom’; there must be a rational connection between measure and objective; the means must ‘impair “as little as possible” the right or freedom in question’; and finally, ‘there must be a proportionality between the effects of the measures which are responsible for limiting the Charter right or freedom, and the objective which has been identified as of “sufficient importance”’. [122]

 As the Court points out, there are two main differences between the German approach and the Canadian one. First, the Canadian test requires the State aim to be of ‘sufficient importance’ rather than just legitimate. Second, the German test insists that there must exist no other ‘less restrictive but equally effective alternative’. In contrast, the Canadian formulation only requires that the State impair the right ‘as little as possible’.

The majority speech then turns to the task of deciding the best formulation between these variations of the test for India. It points to two main criticisms levelled against the German test. First, all the moral work in the German test is done at the balancing stage, rendering the first three limbs of the test predominantly useless. Second, “the balancing act at the final stage is often carried out in an impressionistic fashion which seems to be largely unguided by principle and thus opens the door for subjective, arbitrary and unpredictable judgments encroaching on what ought to be the proper domain of the democratic legislature.” [123]

These criticisms are not new to proportionality review. Interestingly, the Court turns to Professor David Bilchitz’s work to answer one of these criticisms. According to Professor Bilchitz, the first concern i.e. that the balancing stage of proportionality doing all the work rendering other limbs useless, can be addressed by focusing on the necessity stage (third limb) instead of the balancing stage (fourth limb). He does this by supplementing the necessity stage in the following way:

First, a range of possible alternatives to the measure employed by the Government must be identified. Secondly, the effectiveness of these measures must be determined individually; the test here is not whether each respective measure realises the governmental objective to the same extent, but rather whether it realises it in a ‘real and substantial manner’. Thirdly, the impact of the respective measures on the right at stake must be determined. Finally, an overall judgment must be made as to whether in light of the findings of the previous steps, there exists an alternative which is preferable; and this judgment will go beyond the strict means ends assessment favoured by… the German version of the proportionality test; it will also require a form of balancing to be carried out at the necessity stage. [123] (emphasis added)

Two points merit attention at this stage. Foremost, is the majority’s uncritical adoption of Professor Bilchitz’s proposition. It has been argued elsewhere on this blog that this choice is questionable. In addition, some aspects of the Bilchitz thesis are themselves open to objection. For example, according to Professor Bilchitz (and the majority) the third limb of proportionality now requires a comparison of different measures all of which achieve the State objective ‘fairly and substantially’. Having identified a range of measures that can ‘fairly and substantially’ achieve the State aim, why is it that, among those objectives, the State is not required to adopt the least intrusive option? Notably, the majority does not require the State to do so. Instead, they say that there is a balancing exercise to be undertaken at this stage of the analysis. However, the majority does not clarify what the content of this balancing is. What are the values that are balanced at this stage?

As for the second criticism levied against the German test—that the fourth balancing stage is carried out in an impressionistic fashion, unguided by principle—the majority holds that it can be overcome by using established ‘bright-line rules’:

Insofar as second problem in German test is concerned, it can be taken care of by avoiding ‘ad-hoc balancing’ and instead proceeding on some ‘bright-line rules’ i.e. by doing the act of balancing on the basis of some established rule or by creating a sound rule. [124] (emphasis added)

This, again, is a controversial claim. What are these bright-line rules? The majority offers no guidance on this. The fourth limb requires the Court to weigh against each other the importance of the public purpose pursued by the State against the intrusion it causes into individual rights. It is difficult to understand how bright line rules can offer an answer to this value-laden process. Indeed, one of the main criticisms of this limb of proportionality has been that it requires weighing up against each other of incommensurable values.

 In sum, the Court adopts the German proportionality test but tempers down intensity of the third limb of narrow-tailoring with Professor Bilchitz’s analysis and qualifies the fourth balancing limb with its own caveats. This the Court refers to as its nuanced proportionality test which is the amalgam between the German and Canadian tests, and this is the test that the Court formulates and adopts for its privacy and Aadhaar analysis.

The next section will attempt to understand the Court’s application of its own test to the facts before it.

Part C: The Majority’s Application of Proportionality

 The majority has propounded a version of proportionality which requires the Court to consider the following enquiries:

  1. Is the State pursuing a legitimate aim?
    1. The State aim must be legitimate, not necessarily compelling.
  1. Are the means used to achieving this aim reasonable or suitable?
  1. Is there a less intrusive way to achieve the State objective? This enquiry includes:
    1. Identifying alternatives to the measure adopted by the State.
    2. Asking how effective each of these alternative measures are. Do they achieve the State objective in a ‘real and substantial manner’?
    3. What is the impact of each of these measures on the infringed right?
    4. The Court will undertake a ‘balancing exercise’ at this stage.
  1. Balancing the State objective on the one hand with the importance of the right and the extent of intrusion on the right on the other.
    1. This balancing is best done by following bright-line rules which are either established or need to be created.

Let us now examine the Court’s application of its own test, particularly with reference to the highly contested third and fourth limbs of proportionality.

On the first limb of proportionality i.e. whether the State is pursuing a legitimate objective, the Court observes that it is.

Section 7 of the Aadhaar Act is aimed at offering subsidies, benefits or services to the marginalised section of the society for whom such welfare schemes have been formulated… [263]

[T]he aim of the Act is to ensure that these benefits actually reach the populace for whom they are meant. This is naturally a legitimate State aim. [266]

The majority speech then proceeds to analyse the Aadhaar scheme based on the second limb of proportionality. The question here is: is there a rational nexus between the means used to achieve the State objective? Here, again, the Court reasons that there is a rational connection between the means i.e. the Aadhaar enrolment scheme and its authentication, and the State objective i.e. providing welfare benefits:

At this point of time, we are discussing the issue as to whether the limitation on the rights of the individuals is rationally connected to the fulfillment of the purpose contained in the Aadhaar Act… Section 7, which provides for necessity of authentication for receipt of certain subsidies, benefits and services has a definite purpose and this authentication is to achieve the objectives for which Aadhaar Act is enacted, namely, to ensure that such subsidies, benefits and services reach only the intended beneficiaries. [278]

These two limbs of proportionality are largely uncontroversial. It is the Court’s application of the third and fourth limbs that creates difficulty.

On the third limb of proportionality—the necessity limb—although the majority endorses Professor Bilchitz’s thesis, as discussed above, it completely fails to engage with it in its own analysis. All that the majority had to say on the third limb is this:

Insofar as third component is concerned, most of it stands answered while in the discussion that has ensued in respect of component No. 1 and 2. The manner in which malpractices have been committed in the past leaves us to hold that apart from the system of unique identity in Aadhaar and authentication of the real beneficiaries, there is no alternative measure with lesser degree of limitation which can achieve the same purpose. In fact, on repeated query by this Court, even the petitioners could not suggest any such method. [280]

This reasoning is, with respect, unfortunate. There is no consideration at all of alternatives to the Aadhaar card scheme. The Court shirks this enquiry on the basis that the petitioners have suggested no such alternates. It has been pointed out elsewhere on this blog that this is factually incorrect. There is no discussion of the effectiveness of these alternate measures either. Further, there is also no assessment of the impact of Aadhaar and other alternate measures on the right to privacy. Importantly, and as a logical corollary, no balancing exercise is in fact carried out at this stage.

The Court had to clarify, through its own four-part enquiry, how it concluded that Aadhaar was the only scheme with no available alternatives to achieve the State purpose. This analysis was certainly not done in the first and second components of the test discussed above. Significantly, it was important for the Court to engage with this analysis because the strongest challenge to the Aadhaar scheme would have come from the third and fourth limbs of proportionality as these are more rigorous in nature than the first two prongs.

The Court’s examination of the fourth limb of proportionality is also intriguing. Interestingly, at this stage the majority introduces a two-part enquiry into its balancing exercise:

  • Whether, ‘legitimate state interest’ ensures ‘reasonable tailoring’?… Here the Act is to be tested on the ground that whether it is found on a balancing test that the social or public interest and the reasonableness of the restrictions outweigh the particular aspect of privacy…
  • There needs to be balancing of two competing fundamental rights, right to privacy on the one hand and right to food, shelter and employment on the other hand. [285]

The first enquiry, although it is not articulated clearly, is the conventional proportionality analysis. It requires the Court to balance against each other the importance of the state objective and the extent of intrusion into the right. The second enquiry, in contrast, balances two fundamental rights against each another. I will consider the majority’s approach to each of these enquiries in turn.

On the first enquiry, the Court instead of balancing the importance of the State purpose against the extent of intrusion into privacy, engages in a detailed evaluation of the ‘reasonable expectation of privacy’ test. Borrowing heavily from the English Court of Appeal’s decision in R Wood v Commissioner, the Court says,

Therefore, when a claim of privacy seeks inclusion in Article 21 of the Constitution of India, the Court needs to apply the reasonable expectation of privacy test. It should, inter alia, see:

  • What is the context in which a privacy claim is set up?
  • Does the claim relate to private or family life, or a confidential relationship?
  • Is the claim a serious one or is it trivial?
  • Is the disclosure likely to result in any serious or significant injury and the nature and extent of disclosure?
  • Is disclosure relates to personal and sensitive information of an identified person?
  • Does disclosure relate to information already disclosed publicly? If so, its implication? [292]

It is imperative to understand what the ‘reasonable expectation of privacy’ really is. It is a test propounded in a 1967 decision of the United States Supreme Court: Katz v United States. This test was generally applied to American Fourth Amendment unreasonable search and seizure claims. The test has a subjective component and an objective component. The subjective component asks whether the person whose right is violated actually expected privacy in such a situation? If the answer is in the affirmative, the Court then asks whether, objectively, the society would find the expectation of privacy unreasonable? The Court’s use of the ‘reasonable expectation of privacy’ test is open to two main objections.

First, as pointed out elsewhere on this blog, the reasonable expectation of privacy test has been discredited in the land of its origin. Further, its application to Indian privacy cases is also disputed. Nariman J, for one, expressly rejected it in Puttaswamy.

Second, the purpose of the reasonable expectation of privacy test is to determine whether the infringement occurred in a sphere where the petitioner has a valid claim to privacy. Consequently, it relates to a stage anterior to proportionality review. If the petitioner had no reasonable expectation of privacy, then there is no breach of the right to privacy to begin with. There is simply no need to engage in the exercise of balancing competing interests.

Curiously, the Court had adopted this understanding of the ‘reasonable expectation of privacy’ test in an earlier part of its reasoning. It said:

Before we proceed to analyse the respective submissions, it has also to be kept in mind that all matters pertaining to an individual do not qualify as being an inherent part of right to privacy. Only those matters over which there would be a reasonable expectation of privacy are protected by Article 21. [260]

Thus, if the petitioner has no reasonable expectation of privacy, she is outside the protective scope of Article 21. It is puzzling, therefore, that while undertaking a balancing exercise under the fourth limb of proportionality, the Court decided to use the ‘reasonable expectation of privacy’ test. With respect, this is conceptually indefensible.

On the second aspect of the balancing enquiry, the Court attempted to balance the right to privacy on the one hand, and the rights to food, livelihood and social welfare benefits on the other, to conclude that the invasion on the right to privacy is minimal. The majority reasoned in the following terms:

Let us advert to the second facet of balancing, namely, balancing of two fundamental rights. As already pointed out above, the Aadhaar Act truly seeks to secure to the poor and deprived persons an opportunity to live their life and exercise their liberty. By ensuring targeted delivery through digital identification, it not only provides them a nationally recognized identity but also attempts to ensure the delivery of benefits, service and subsidies… [298]

In the aforesaid backdrop, this Court is called upon to find out whether Aadhaar Act strikes a fair balance between the two rights… To reiterate some of the important features, it is to be borne in mind that the State is using Aadhaar as an enabler for providing deserving section of the society their right to food, right to livelihood, right to receive pension and other social assistance benefits like scholarships etc. thereby bringing their right to life to fruition. This necessity of Aadhaar has arisen in order to ensure that such benefits are given to only genuine beneficiaries. The Act aims at efficient, transparent and targeted delivery of subsidies, benefits and services. In the process, it wants to achieve the objective of checking the corrupt practices at various levels of distribution system which deprive genuine persons from receiving these benefits… As against the above larger public interest, the invasion into the privacy rights of these beneficiaries is minimal. [307, 308]


To conclude, there are three main takeaways from the judgment on the standard of review applicable to privacy claims.

First, the standard of judicial review is now, unambiguously, proportionality. Second, the majority creates its own version of proportionality for the purposes of Indian privacy jurisprudence. Strikingly, this includes a balancing exercise under the third, necessity limb. Yet, it remains unclear what the content of this commensuration exercise is. Finally, the Court’s application of the proportionality standard to the Aadhaar card scheme is defective in at least two main respects: it fails to engage meaningfully with the less intrusive alternatives and it, wrongly in my view, conflates the fourth limb of proportionality review with the ‘reasonable expectation of privacy’ test.

The Aadhaar Judgment and Reality – II: On Fallibility

(This is the second post in a four part series by Anand Venkat examining the factual claims underlying the Majority judgments in Aadhaar.)

How do we know that a certain technology works as claimed? The steps to ascertain that it does indeed work, as expected, are fairly standard, and are neutral to the technology deployed, as described below:

  1. First a trial or a laboratory exercise is conducted, under pristine or controlled conditions, to see how the technology performs.
  2. It is a given at this stage that this is the best possible condition, which is not representative of the real world, because no small scale experiment can capture the complex reality of the real world in full.
  3. The results are then published, with precise descriptions of the laboratory conditions including an assessment of the assumptions.
  4. Then, extrapolations are  made, based on the conditions necessary to extend it to the real world. These are usually accompanied by error bands or confidence intervals.
  5. The technology is then rolled out slowly, and the predictions are checked against real world measurements. The applicability is  continuously determined
  6. The side effects of deviation from laboratory conditions are then addressed, either through improvements, or, if the deviations are relatively small, then manually.

The description above is essential for the reader to understand a key issue that the Majority in the Aadhaar judgement, dodged — all technology solutions are fallible, but what matters is the deviation from expectations, to determine applicability.

Biometric Fallibility

The Majority points out one key study in its judgement (Page 16), that was submitted by the UIDAI itself, titled “Role of Biometric Technology in Aadhaar Authentication”. The study points out on page 24, the following conclusion:

Finally 1.87% of residents participating in the study were found to have fingerprint Quality not sufficient for fingerprint authentication.

They were not included in the further authentication tests.

In essence, the headline accuracy figures of 99.3%, that the Majority quoted in its judgement, came after excluding those from the study that UIDAI conducted, for whom biometrics does not work at all.

This specific facet was argued by the petitioners in depth, which the Majority chose to ignore. Instead, the judgement specifically used a headline figure of 99.76% (Paragraph 314, Page 384), but this is one that even the UIDAI did not claim, in its own study.

The Authority has claimed that biometric accuracy is 99.76%. It was, however, submitted that where more than 110 crores of persons have enrolled themselves, even 0.232% failure would be a phenomenal figure,  totalling 27.60 lakh people.

It might be possible to argue that this is nitpicking on numbers, but let us deconstruct the basic technology issues here, from elementary probability the kind that is taught in 10th standard schooling. For biometric authentication to work reliably, the following parameters are required.

  1. Fingerprint quality of the resident itself.
  2. Fingerprints/IRIS scans captured at a good quality during enrolment.
  3. Working scanners during authentication.
  4. Internet Connectivity
  5. Various back end servers, configured by the service providers (PDS, MNREGA) that work reliably.

Every one of the above are fallible, and can fail. So, across a wide population, the chances of failure are a sum of (1-5). The UIDAI has already admitted that (1) above is 1.87% at controlled conditions. So it is only natural by the iron law of probability addition, again, one that is taught in primary schools, service denials are embedded in the design and architecture of the project.

The numerous affidavits filed by petitioners are testimonials to the mathematical certainty that form the basis of the challenge. But the way in which the majority dealt with mathematical certainties backed by data is stunning. It pronounced an undying faith on technological improvements, backed without evidence or data.

We understand and appreciate that execution of the Aadhaar scheme, which has otherwise a laudable objective, is a ‘work in progress’. There have been substantial improvements in the system over a period of time from the date of its launch.It was stated by the learned Attorney General as well as Mr. Rakesh Dwivedi, at the Bar, that whenever difficulties in implementation are brought to the notice of the respondents, remedial measures are taken with promptness. Cases of denial of services are specifically looked into which is very much needed in a welfare State and there can be a genuine hope that with the fine tuning of technology, i.e. the mode of advancement at rapid pace, such problems and concerns shall also be completely taken care of.

It is important to understand the implication of the above paragraph. When asked to make difficult decisions on the fallibility of a technological solution, the Majority first refused to engage with the unyielding iron laws of mathematics. It then made up a factually inaccurate claim that there have been improvements since the date of  launch of the project, and then finally hoped that the technology will further improve over time, to address this issue, when the UIDAI’s CEO’s presentation itself showed authentication failures on government schemes increasing over time:

From the Power-Point Presentation submitted by the UIDAI Chairperson in Court

By doing so, the Majority avoided facing questions of fallibility, that were raised strenuously by the petitioners, through hope (and perhaps a prayer).

Witch Doctors and Bleeding

A very significant contribution of modern medical trials is the idea of Randomized Controlled Trial (RCT). A medical intervention that is expected to cure an ailing patient is put through a rigorous evaluation, to ascertain the effectiveness of the medical intervention, and also to identify unwanted side effects. This is important, to distinguish various competing interventions that attempt to cure the patient with the same problem.

While RCT is complex, it is also considered as the gold standard for evidence based policy making. For instance, corruption and leakage in welfare delivery can be thought of as a disease, one that plagues the ailing nation, and various interventions, including Aadhaar, can be thought of as state interventions that aim to cure the problem.

But how many of these interventions are effective? For instance, medieval witch doctors also had a noble intent, the curing of diseases through constant bleeding of the patient. While no one can question the state’s noble intent to remove corruption, the question of effectiveness of various measures still remains.

The state’s preferred method of showcasing the effectiveness of an intervention is “Savings to the Exchequer”. It cited fantastic figures, that always keep increasing over time, but which were refuted in depth by the petitioners, as noted by the Majority, in Para 316, Page 385. The Majority recorded the Petitioners’ following submissions: 

First, it [i.e., the State] has failed to discharge its burden of showing that the purported leakages were exclusively caused due to identity fraud, and that those leakages would not exist if  Aadhaar is implemented. The state has not given any empirical data. Leakages exist due to eligibility frauds, quantity frauds and identity frauds. Studies filed in Petitioner’s affidavits show that eligibility and quantity frauds are the substantial cause for leakages. Assuming that the Aadhaar Act prevents leakages, the biometric identification system can, at best, only cure leakages related to identity fraud. The government’s claims of savings inter alia of Rs. 14,000 crores in the PDS system, due to the deletion of 2.33 crore ration cards is incorrect, inflated, and based on wrong assumptions for the following reasons:

1. It admittedly does not have estimates of leakages in PDS, nor has any study been done to see if POS machines are effective in removing PDS irregularities;

2. It conflates issue of “bogus /ineligible ration cards” (eligibility fraud) with identity fraud

3. The figure of 2.33 crore includes West Bengal, where ration cards are issued to each person, as opposed to each household

4. A large number of these 2.33 crore cards were deleted even before Aadhaar-integration and seeding came into effect;

5. The savings figure includes even those eligible beneficiaries who have been removed from the list due to failure to link Aadhaar properly; and

6. It does not value the cost of loss of privacy. Most importantly, the basis for reaching such savings figure has not been disclosed.

Similarly, incorrect averments have been made in the context of LPG savings, using Aadhaar-enabled Direct Benefit Transfer (‘DBT’) scheme known as PAHAL.

How did the Majority deal with such detailed factual rebuttals? In Page 350, Paragraph 279, it points out that:

There have been cases of duplicate and bogus ration cards, BPL cards, LPG connections etc. Some persons with multiple identities getting those benefits manifold. Aadhaar scheme has been successful, to a great extent, in curbing the aforesaid malpractices.


That is about it. There is no engagement with facts, no weighing contradictory evidence, no engagement with methodology or the lack of it, behind the state’s assertions.


One of the stunning achievements of the human race, that distinguishes us from other organisms, is the fact that we can engage with the physical and material world through complex reasoning Technological progress emerged from such reasoning, and mathematical theory and laws form the bedrock of technology.

Methodological correctness, therefore, is also a side effect of technological progress. For instance, can one claim that one is a billionaire without any assets, jobs or wealth and only with a number written on a piece of paper?

A person who makes such a claim would be laughed out in seconds as delusional, yet the highest constitutional court, allowed the state to make the fantastic claim that Aadhaar helped in curbing malpractices, with no evidence, methodological backing or proof, and get away with it.

Worse still, though, it also endorsed it, and declared it as the truth.

By doing so, it relapsed to argumentum ad verecundiam, where statements made by authority figures, even if they are totally without basis, are held as the ultimate truth.

The Aadhaar case is fundamentally about the intersection of power, technology and freedom as noted by Chandrachud J. in his dissent. In understanding the interface between governance, technology and freedom, this case will set the course for the future.

A factual engagement with technology, mathematics, scientific approach and methodology was essential for the court to understand the issues involved. That it chose to depend on a ‘slideshow’ presentation and that too, only selectively (it ignored the increasing authentication failures in government schemes) to arrive at its conclusions, is disturbing, for more than one reason.

Part 3 of this series will highlight how it incidentally tripped up not only the petitioners, but also caused nightmares to the UIDAI and the state accidentally, because of its technological illiteracy.