The UID debate
The National Identification Authority of India (NIAI) Bill, 2010, which has been referred by the Lok Sabha to the Parliamentary Standing Committee on Finance headed by Mr. Yashwant Sinha, has been in the eye of controversy ever since it was released into the public domain last year. The Bill and the UID project that it seeks to implement have been attacked as both financially unviable and overly intrusive. Privacy activists fear that this project is just the first step of an elaborate surveillance program by the State. The Planning Commission on the other hand has been waxing eloquent on the benefits of the UID project, such as greater governmental efficiency in delivering welfare subsidies to legitimate parties by reducing scope of duplication and pilferage. The truth as always is somewhere in-between.
In our latest report, at the Pre-Legislative Briefing Service (PLBS), titled ‘A Briefing Document on The National Identification Authority of India (NIAI) Bill, 2010: Questions of Constitutionality & Legislative Options Open to Parliament’ (available over here) we have concentrated on examining the legality and constitutionality of only certain provisions in the Bill from the perspective of ‘separation of powers’, ‘privacy safeguards’ & a possible conflict with other legislations such as the Information Technology Act, 2001.
(i)‘Privacy Safeguards’: One of the most controversial aspects of the proposed UID project is that it will severely compromise the privacy of individual citizens since the State will now have the means to track every transaction made using the UID card.
In our opinion the terms of the privacy debate need to be framed in the context of which arm of the state should be vested with the responsibility of authorizing access to stored information. The predominant approach in Indian Parliamentary legislation is to vest such powers in the hands of the Executive. This is the case with the surveillance of telephones, the internet and even search and seizure by officials of the Income Tax department. The People’s Union of Civil Liberties (PUCL) attempted to challenge this position before the Supreme Court, in the context of Section 5 of the Telegraph Act, 1885. PUCL had argued for the reading down of Section 5 which authorized officers of the Central Government to authorize phone-taps. PUCL wanted Section 5 to be read in a manner which required prior authorization from the judiciary since privacy was a fundamental right. The Supreme Court however disagreed and did not read down Section 5.
In this context, Clause 33 of the proposed Bill actually envisages stronger safeguards, in that it allows for certain ‘authentication records’ to be accessed only on the authorization of the judiciary. The only problems with the provision is that firstly it fails to specify the grounds on which a court may order such surveillance and secondly it fails to specify the hierarchy of courts which can order the same. It simply uses the word ‘competent court’. We believe that such vague drafting may lead the provision to be held unconstitutional on the grounds of excessive delegation and arbitrariness. An additional problem with this provision is that ‘identity information’ however can still be accessed by officers of the Executive after prior authorization of the Minister-in-Charge. The only recommendation in this regard is that Parliament transfer even this power to only the judiciary in order to have a robust system of checks and balances.
(ii) ‘Excessive delegation’: A disturbing trend in contemporary Indian Parliamentary legislative practices is the delegation of vast powers to the Executive. The reason for this is the members of the Executive are the ones drafting the legislations that are aimed at regulating themselves. The present Bill is a case in point. Clause 53 of the proposed Bill delegates at least 25 functions to the proposed Authority. While several of the delegations are routine in nature, the Bill does delegate some crucial legislative functions. For example the definitions of ‘demographic information’ & ‘biometric information’, which determine the nature of information to be collected by the proposed authority for issuing the aadhar number, are left onto the Authority itself. Both these definitions are bound to have a profound impact on the ‘identity’ & ‘privacy’ of a person and have to be defined by Parliament itself. Delegating such a function to the Executive could result it in being struck down as unconstitutional because the legislation does not provide any guidance whatsoever on the legislative policy that is required to be followed by the Executive while defining the boundaries of the definitions. Crucially the Bill also delegates to the Authority the power to decide the time frame for which ‘authentication records’ can be stored by the Authority. Once again the Bill fails to provide any legislative guidance on the factors that are required to influence the determination of the time period and thus the same runs the risk of being deemed unconstitutional.
(iii) The conflict with the Information Technology Act, 2001: Several of the offences detailed under the proposed Bill deal with primarily offences pertaining to the misuse of information on the computer networks managed by the Authority. Given the over-lap with the subject matter of the Information Technology Act, 2001 there are a few issues which need to be ironed out because under the present scheme it is possible for a person to be prosecuted under two different mechanisms proposed under the two different legislations. We therefore propose that the Bill be amended to ensure a consistency in both proceedings so as to ensure that resources are not wasted by prosecuting a person under two different mechanisms.
(iv) A dispute resolution mechanism: The Bill delegates the process of creating a dispute resolution mechanism to the Authority itself. Given the importance of the UID to the future of welfare subsidies it is absolutely necessary that Parliament ensures a mechanism that ensures that citizens are delivered their UIDs in a fast and efficient manner and most importantly provide for a dispute redressal mechanism that will efficiently take care of any grievances that a citizen may have with the issuance of his UID. It is a known fact that Executive institutions are loathe to create institutions which increase accountability and in this backdrop we think it is crucial that the Bill itself provide for a grievance redressal mechanism.