Aadhaar authentication plans facing legal challenges

Efforts by private telecom operators to use biometric data collected under India’s Aadhaar programme for authenticating customer identity while issuing SIM cards now face a legal challenge. A public interest litigation has been filed before the High Court of Kerala against allowing the biometric data collection by private citizen Shyam KJ.

The complainant describes himself as a “avid user of Information Technology, and a staunch advocate of enhanced transparency, personal freedom and individual privacy in internet and telecommunications”, reports livelaw.com.

The move follows plans announced by various companies to securely access biometric data collected by Aadhaar for authentication needs. The petitioner, notes that Section 57 of the Aadhaar Act 2016 permits private entities to use only the Aadhaar number for establishing the identity of a person.

Therefore, use of biometric data for such purposes by private entities is not permitted. According to the petitioner, use of biometric data for authentication was grossly unreasonable, unwise and dangerous, as any compromise in data safety could lead to irreversible damage.

Last week, the Unique Identification Authority of India (UIDAI) was forced to insist that its biometrics database of a billion people was safe after the authority suspending Aadhaar authentication services of Axis Bank after a business correspondent sent a large number of authentication requests to the UIDAI.

UIDAI has since had to suspend Aadhaar payments by two other banks, Suvidha Infoserve and eMudhra over fears of misuse of biometric data for Aadhaar-based transactions. eMudhra has since said this was just related to testing.

In a statement, the company said: “these concurrent transactions were captured through biometric device and Aadhar number XX-6506 used belongs to the same developer and were used only for pre prod testing.”

The statement added, “eMudhra is in compliance of all rules and regulations as laid out by the regulatory bodies. The company has also sent all documents proving that there has been no misuse of the Aadhaar systems from eMudhra’s end.”