Unless the Aadhaar number holder authorises, the information will not be revealed or shared with anyone
Aadhaar is mandatory. That’s what the Aadhaar (targeted delivery of financial and other subsidies, benefits and services) Bill, 2016, tabled in the parliament on Thursday, says. The bill maintains the earlier position of the government that it is not an evidence of citizenship or domicile.
READ: Money bill is latest in Modi’s governance model
“The central government or, as the case may be, the state government may, for the purpose of establishing identity of an individual as a condition for receipt of a subsidy, benefit or service… require that such individual undergo authentication, or furnish proof of possession of Aadhaar number or in the case of an individual to whom no Aadhaar number has been assigned, such individual makes an application for enrolment,” the bill clearly states.
The draft legislation, however, says that if an Aadhaar number is not assigned to an individual, the individual “shall be offered alternate and viable means of identification for delivery of the subsidy, benefit or service”.
Here are eight points that you need to know about the Aadhaar Bill.
Mandatory: Aadhaar is now mandatory for availing government subsidy, benefit or service for which “the expenditure is incurred from, or the receipt there from forms part of, the consolidated fund of India”.
Administration: The draft law states that the unique identification authority of India (UIDAI) will have a chairperson, appointed on part-time or full-time basis, two part-time members, a chief executive officer (CEO) who “shall be member- secretary of the authority”, appointed by the government.
Information security and confidentiality: It provides for the authority to ensure confidentiality of identity information and authentication records of individuals.
The sub section 3 of the section 28 of chapter 6 states, “The authority shall take all necessary measures to ensure that the information in the possession or control of the Authority, including information stored in the Central Identities Data Repository, is secured and protected against access, use or disclosure not permitted under this Act or regulations made there under, and against accidental or intentional destruction, loss or damage.”
Compliance by consultants, external agencies: All agencies, consultants, advisors or “other persons” working with the UIDAI would also come under the ambit of the Aadhaar legislation, and hence would have to ensure information security and confidentiality.
Restriction on information sharing: Unless the Aadhaar number holder authorises, the information will not be revealed or shared by anyone. The bill also bars UIDAI from sharing core biometric information (the bill defines it as finger prints and iris scan) with “anyone for any reason whatsoever” or “used for any purpose other than generation of Aadhaar numbers and authentication under this Act”.
The section 57 of chapter 8 states that the legislation doesn’t prevent use of Aadhaar number for other purposes under the law, provided that the use of Aadhaar number is subject to procedure and obligations under section 8 of chapter 6.
Penalty for impersonation: The proposed law provides for imprisonment up to three years or a fine which may extend to ten thousand rupees or with both for impersonating or attempting to impersonate another person, “whether dead or alive, real or imaginary, by providing any false demographic information or biometric information”.
It would also apply on people who would “intentionally disclose, transmit, copy or otherwise disseminate any identity information collected in the course of enrolment or authentication to any person not authorised under this Act or regulations made there under or in contravention of any agreement or arrangement entered into pursuant to the provisions of this Act”. (Section 37, chapter 7 - offences and penalties)
The section 38 provides for penalty for unauthorized access to the central identities data repository (CIDR).
Access to own information: The Authority would maintain authentication records in ‘such manner and for such period as may be specified by regulations’ (subsection 1 of section 32). It doesn’t elaborate further on the nature of regulations for the given purpose. The section 32 entitles Aadhaar number holders to access her or his authentication record. It also bars the authority to collect, keep or maintain information about the purpose of authentication.
Disclosure of information: In case of national security, the Aadhaar Bill empowers an official, as authorized by the central government and not below the rank of joint secretary to the central government, to issue a direction for disclosure of information, including identity information or authentication records. Under the law identity information includes Aadhaar number, biometric and demographic information.
The law also provides for disclosure of information to courts in case of a direction from a court “not inferior to that of a district magistrate”. Sections 28 and Sections 29 (pertaining to security and confidentiality of information and restriction on sharing information respectively) have been exempted in both of these cases.