Aadhaar linking must to prevent impersonation, UIDAI tells SC by Shelley Chandler | April 14, 2018 | 15:59
The court said there might be a need for safeguards to ensure data is held safely by "requesting entities" (the place where one is undergoing Aadhaar authentication) seeking to use Aadhaar for authentication and asked the Centre to detail statutory and proposed steps to prevent UID centres from sharing demographic details of persons enrolled in the system.
Appearing before a Constitution Bench led by Chief Justice Dipak Misra, the UIDAI countered the allegation raised by petitioners, and later taken up by the court, that insistence on Aadhaar for all stigmatises people. The remarks came when Dwivedi said that Aadhaar was not required for the government if it really wanted to do surveillance and that it would employ other means. "As of today, we do not have a robust data protection regime". "The Act does not preclude you (UIDAI) from employing such a technology", the bench said. "Purloining of data... for the goal of influencing elections in some of the most powerful nations... is an issue", Justice DY Chandrachud said, referring to the recent controversy surrounding Cambridge Analytica. "UIDAI neither has the tools to track users nor is it empowered by the law to do so", he said, and referred to provisions in the Aadhaar Act that make sharing of personal information of users a punishable offence. "We can not even tamper with the servers", Dwivedi told Justice Chandrachud, who was far from happy with the explanations.
Now that Cambridge Analytica issue has been linked with Aadhaar, what new turn the SC hearings will take in the near term, will be worth watching. The bench also referred to the testimony of Facebook CEO Mark Zuckerberg before the US Congress and said "you open the newspapers every day and see reports of how elections in even some of the most powerful nations were influenced". However, counsel Diwedi dispelled the apprehension that the data is being shared by the collecting entities and said these information can not be shared. Justice Chandrachud pointed out that the law says information can be further shared on prior consent. People invariably give this consent, which is in the form of a contract. Counsel said individual data by itself has no value, unless the data of all the persons are aggregated. Justice Chandrachud observed, "Today all information in Whatsapp or Facebook are commercially sensitive". Why should somebody intrude on my privacy and keep a tab over the conversation when I share a message with my wife? "Our concern is it will affect a vast number of populations and the future generation and how are we going to lay down a law". The bench gave the example that even judges in an African country can get the access to his or her chamber by using his finger prints, which are used only for the objective of the entry and the problem was that such data was being stored at a central repository. Giving fingerprints for entry into the courtroom or getting access to something is per se not wrong. Answering questions on why UIDAI was storing metadata of users, he said "it was only limited data exclusively for the goal of authentication". "Then it is liable for sharing by the collecting entities". The CJI asked Dwivedi to explain on April 17 how the Aadhar data will be protected.
10ThousandCouple http://10thousandcouples.com/2018/04/aadhaar-linking-must-to-prevent-impersonation-uidai-tells-sc/