The Parliament has passed an amendment bill which allows voluntary use of Aadhaar as proof of identity for users to open bank accounts and get mobile phone connections.
The Aadhaar and Other Laws (Amendment) Bill, 2019 was passed in Rajya Sabha by a voice vote, although many parties including the Trinamool Congress and DMK opposed it citing various reasons, including apprehensions data theft.
The amendment bill, which also provides for a stiff Rs one crore penalty and a jail term for private entities for violating provisions on Aadhaar data, was earlier passed by Lok Sabha on July 4. It was introduced on June 24 to replace an ordinance issued in March 2019.
The amendments provide for use of Aadhaar number for KYC authentication on voluntary basis under the Telegraph Act, 1885, and the Prevention of Money Laundering Act, 2002.
It means it will allow voluntary use of Aadhaar number for authentication and identity proof in opening bank accounts and procuring mobile phone connections.
It also gives option to children to exit from the biometric ID programme on attaining 18 years of age, while stipulating stiff penalties for violation of norms set for the use of Aadhaar and violation of privacy.
Replying to a debate on the matter, Information Technology Minister Ravi Shankar Prasad said Aadhaar was a foolproof system and over 123 crore people were currently using it in the country.
Allaying fears of Opposition on data leakages, he said the Aadhaar system had enough safeguards to ensure privacy of the card holder. Displaying his personal Aadhaar card in the House, the Minister said it only discloses his name, father's name, date of birth, residential address and does not give out any information on medical records or details of caste, religion and community.
Aadhaar data can only be shared when there is a threat to national security or there is court order, he added. "For banks, it needs 256-bit inscription and for Aadhaar data it is 2,048 bit encryption, which is safe and secure and would not be breached," Mr Prasad said.
He added that the government has saved Rs 1.41 lakh crore due to Aadhaar and removed 4.23 crore and 2.98 crore bogus LPG connection and ration cards respectively.
The government has cancelled licences of around 50,000 Aadhaar centre operators out of the total strength of six lakh for various violations, Mr Prasad said.
Taking a dig at the Congress, he said :"Aapka Aadhaar Niradhar tha, bina kisi kanoon ke (Your Aadhaar had no foundation as it was without any legal backing). The first thing, we have done is that we have provided legal sanctity to Aadhaar."
Replying to Opposition charges that the bill was brought to circumvent an SC order on the Aadhaar issue, Mr Prasad said the Parliament has the full right to formulate a new law.
"This house and that house (Rajya Sabha and Lok Sabha) has powers to undo a judgement by removing the basis of the judgement," he added.
On bringing the data protection law, he added that "it is a work in progress".
"We want to bring a comprehensive law. We have the Justice Srikrishna Committee report...we are further doing some consultation with stakeholders in this regard," he added.
Justice Srikrishna panel had submitted its report in July 2018.
Opposing the bill, TKS Elangovan (DMK) alleged it has been "brought just to supersede the Supreme Court judgement. It is out of anger that the government has brought the bill."
V Vijaysai Reddy (YSRCP) pointed out various "loopholes" in the bill but said his party is supporting the bill "out of compulsion".
Binoy Viswam (CPI) opposed the bill saying the data from Aadhaar would eventually reach the corporates. "We opposed it during the UPA rule and we are still opposed to it," he said.
Congress leader Abhishek Manu Singhvi questioned the government's seriousness in bringing a law on data protection. Mr Singhvi said Aadhaar collected the most sensitive data and the government failed to come up with a legislation to protect the data and instead wanted to just amend the Aadhaar.
Charging the government with avoiding the data protection legislation, he said it was a "sinister" plan. Mr Singhvi said: "Aadhaar is not one country one identity, Aadhaar is not exlusive card, it is not a certificate of truth, it is not a tool of exclusion, it is not a data collection tool and not a tool of controlled surveillance or snooping."
He said the Supreme Court has said several times that it is only for service, benefit and subsidy and people below poverty line, who are beneficiary of many subsidy schemes, can also opt out from Aadhaar.
"The government is avoiding data protection Act," he alleged and said even the European Union has taken up protection of their data seriously.
Despite the Srikrishna Committee recommendations, which match the provisions of the EU, the government has not taken them up, he said.
Mr Singhvi said there are several rights under the Data Protection Act that include the person sharing the data must know where his data is being used. The person must also have right to data portability, right to object and right to erase, he said. The Congress leader said without these rights, Aadhaar is vulnerable.
Rajeev Chandrashekhar (BJP), who was one of the petitioners in the Supreme Court on data protection, said it was a larger issue and must not be seen through the narrow prism of Aadhaar. Attacking the Congress, he said Aadhaar was not a cart before a horse as said by Mr Singhvi but horse before the cart, made possible by the efforts of Prime Minister Narendra Modi who chose not to waste public money spent on Aadhaar infrastructure.
He said it has resulted in checking corruption and pointed out that even the NYAY mentioned in Congress manifesto spoke of using Aadhaar.
Ravi Prakash Verma of Samajwadi Party expressed concern over the safety mechanism of Aadhaar saying what if a hacker shuts down a
user's Aadhaar. "What will the government do to avoid such a scenario? When banks and companies merge, data may be shared between parties," he questioned.
S Muthukaruppan (AIADMK) supported the bill.
Opposing the bill, Sukendu Sekhar Ray (AITC) expressed concern that it has been brought without scrutiny by any Parliamentary panel and said it "circumvents" the Supreme Court order of September 2018.
"It has become a tradition to bring ordinance. Six ordinances were brought and this is the seventh ordinance. The bill (which replaced ordinance) is not scrutinised by any parliamentary standing committees. This is the way government is treating Parliament and this is the way the government is denigrating Parliament day by day," he said.
Observing that there is no authority to "clarify or verify" Aadhaar data, Mr Ray said the bill does not talk about setting up of a data protection authority despite the top court directing the government on the same.
"In 2017, 130 million Aadhaar numbers were hacked and there is no mention of which authority will protect the data. The UIDAI does not certify or verify biometric and demographic data of Aadhaar cardholders," he added.
"The objective of the bill is not for benefit of common man but for the benefit of private players. That's why Parliamentary standing committees have been avoided," Mr Ray said, adding that even amendments which AITC wanted to move have not been accepted on technical grounds.
Mr Ray alleged there is rising "authoritarianism" in the government because of its brute majority and urged the Opposition members "not to accept" it.
Congress leader Jairam Ramesh said his party filed a petition in the Supreme Court not to oppose the Aadhaar bill but for bringing it as a money bill in 2016. "The fact that it came as a money bill is a permanent blot on the Constitution. This has not gone through scrutiny by Parliamentary panels," he said.