Proposed change to Aadhaar authentication rule raises data privacy issues
A move by the government of India to amend the Aadhaar Authentication for Good Governance (GG) Rules, 2020, is attracting widespread criticism as experts say the plan would violate the Supreme Court’s 2018 ruling which prevents private entities from performing Aadhaar authentication.
This development comes as the government is reporting a jump in figures for digital ID authentication transactions for the month of March, with Aadhaar-powered KYC increasing by 16 percent.
The proposed rule change announced last month is subsequent to a 2019 amendment to the Aadhaar Act which allowed private bodies to access Aadhaar data for authentication if they met certain requirements for data privacy, security and compliance, reports The Economic Times of India.
The latest proposal, whose draft has already been released for public comment till 6 May, seeks to make it possible for more private entities to use Aadhaar authentication under the GG Rules.
Expert say the move contravenes the Supreme Court ruling, and that only an Act of parliament can make an alteration, the publication notes, quoting a former Supreme Court judge BN Srikrishna as saying that “the government cannot issue a rule and overcome a supreme court judgement.”
Critics of the move are concerned that the proposed change will allow more private entities access to personal data which could be handled in a compromising manner, especially given that India’s Digital Personal Data Protection Bill 2022 has been criticized for not going the full length to properly ensure data privacy.
The outlet cites Maansi Verma, member of the think tank Article 21 Trust, as challenging the government to show proof of the fact that allowing private entities to perform Aadhaar authentication is indeed necessary and secure.
The proposal also makes an addition to the rule on purpose for carrying out an Aadhaar authentication, to include the fact that an authentication request can be granted if the reason is to promote the ease of living of users or to enable them access critical services.
Aadhaar authentication on the rise
This development comes as the government has noted that the use of Aadhaar is growing by leaps and bounds with almost 2.31 billion authentications via the digital ID completed in March, up from 2.26 billion transactions in February.
According to a government news release, fingerprint biometrics were the most used aspect of authentication, followed by demographic and OTP authentications.
Digital KYC for banking and other services is also going up with more than 311.8 million transactions done in March, representing an increase of 16.3 percent from that of the month before.
Another issue to note from the release is that Aadhaar saturation among the adult population continues to be near universal as over 21.47 million Aadhaar accounts were updated in March following requests from residents, as against 16.8 million such updates in February.
“Whether it is Aadhaar enabled DBT for direct fund transfer, Aadhaar Enabled Payment System (AePS) for last mile banking, authentications, or e-KYC for identity verification, Aadhaar, the digital infrastructure of good governance, has been playing an important role in supporting the Prime Minister Shri Narendra Modi’s vision of Digital India, and enabling ease of living for residents,” says the government in the release.
In the meantime, India is advancing with its plans of setting up a digital land record dubbed the National Generic Document Registration System, which will also be connected to Aadhaar.
Already adopted by 28 states and union territories, the NGDRS is also aimed at facilitating the sharing of data across platforms through an Application Programming Interface (API), according to MediaNama.
Land owners in 26 Indian jurisdictions can also register for a Unique Land Parcel Identification Number (ULPIN) or ‘Bhu-Aadhaar.’ Seven more states are piloting the credential.
Aadhaar | biometric authentication | commercial applications | data protection | India