Aadhaar: Majority judgment dissected

Aadhaar: Majority judgment dissected

Murali Krishnan

The Aadhaar judgment is 1448 pages long. This includes the dissenting judgment by Justice DY Chandrachud and Justice Ashok Bhushan.

This piece explains the judgment in brief.

Justice AK Sikri authored the majority judgment on behalf of himself and CJI Dipak Misra and Justice AM Khanwilkar.

Below are the questions which the majority judgment has sought to answer on Aadhaar, its validity and other ancillary questions that came before it.

1. Whether the Aadhaar Project creates or has a tendency to create a surveillance state and is, thus, unconstitutional on this ground?

In this regard, the Court framed the following incidental Issues:

(a) What is the magnitude of protection that needs to be accorded to collection, storage and usage of biometric data?

(b) Whether the Aadhaar Act and Rules provide such protection, including in respect of data minimisation, purpose limitation, time period for data retention and data protection and security?

On the first question on surveillance, the Court held that the architecture of Aadhaar, as well as the provisions of the Aadhaar Act, do not tend to create a surveillance state. This is ensured by the manner in which the Aadhaar project operates.

During the enrolment process, minimal biometric data in the form of iris and fingerprints is collected. The Authority does not collect purpose, location or details of transaction. Thus, it is purpose blind. The information collected, as aforesaid, remains in silos. Merging of silos is prohibited. The requesting agency is provided answer only in ‘Yes’ or ‘No’ about the authentication of the person concerned. The authentication process is not exposed to the Internet world. Security measures, as per the provisions of Section 29(3) read with Section 38(g) as well as Regulation 17(1)(d) of the Authentication Regulations, are strictly followed and adhered to.”

Further, the court held that there are sufficient authentication security measures taken as well. During authentication no information about the nature of transaction etc. is obtained. The Authority has mandated use of Registered Devices (RD) for all authentication request. Introduction of RD in Aadhaar authentication system rules out any possibility of use of stored biometric and replay of biometrics captured from other source. Requesting entities are not legally allowed to store biometrics captured for Aadhaar authentication under Regulation 17(1)(a) of the Authentication Regulations. Further, the authority or any entity under its control is statutorily barred from collecting, keeping or maintaining any information about the purpose of authentication under Section 32(3) of the Aadhaar Act.

The Court also held that after going through the Aadhaar structure from the provisions of the Aadhaar Act and the machinery which the Authority has created for data protection, it was of the view that it is very difficult to create profile of a person simply on the basis of biometric and demographic information stored in CIDR.

On data protection also, the Court sided with the government. Holding that the Act has endeavoured to provide safeguard and the issue will be addressed on striking down of certain provisions.

“Insofar as use and protection of data is concerned, having regard to the principles enshrined in various cases, Indian and foreign, the matter is examined from the standpoint of data minimisation, purpose limitation, time period for data retention, data protection and security (qua CIDR, requisite entities, enrolment agencies and Registrars, authentication service agency, hacking, biometric solution providers, substantive procedural or judicial safeguards). After discussing the aforesaid aspect with reference to certain provisions of the Aadhaar Act, we are of the view that apprehensions of the petitioners stand assuaged with the striking down or reading down or clarification of some of the provisions…”

2. Whether the Aadhaar Act violates the right to privacy and is unconstitutional on this ground?

The Court answered this in the negative.

It held that all matters pertaining to an individual do not qualify as being an inherent part of Right to privacy. Only those matters over which there would be a reasonable expectation of privacy are protected by Article 21.

The Court ruled that the triple test laid down in order to adjudge the reasonableness of the invasion to privacy has been made. It held that the Aadhaar scheme is backed by the statute, i.e. the Aadhaar Act. It also serves legitimate State aim, which can be discerned from the Introduction to the Act as well as the Statement of Objects and Reasons which reflect that the aim in passing the Act was to ensure that social benefit schemes reach the deserving community.

Reasonable expectation of privacy is also taken into consideration, it ruled.

“…the inroads into the privacy rights where these individuals are made to part with their biometric information, is minimal. It is coupled with the fact that there is no data collection on the movements of such individuals, when they avail benefits under Section 7 of the Act thereby ruling out the possibility of creating their profiles. In fact, this technology becomes a vital tool of ensuring good governance in a social welfare state.”

The Court noted that the failure to establish the identity of an individual has proved to be a major hindrance for successful implementation of those programmes as it was becoming difficult to ensure that subsidies, benefits and services reach the unintended beneficiaries in the absence of a credible system to authenticate the identity of beneficiaries.

It also noted that while the challenge to Aadhaar Act is on the basis of dignity as a facet of right to privacy under Article 21, the rationale behind Section 7 of the Aadhaar act is to ensure that right to life of marginalised are protected by ensuring that they get the benefits of welfare schemes.

The Court, therefore, ruled that the Aadhaar Act meets the test of proportionality as the following components of proportionality stand satisfied: (i) A measure restricting a right must have a legitimate goal (legitimate goal stage). (ii) It must be a suitable means of furthering this goal (suitability or rationale connection stage). (iii) There must not be any less restrictive but equally effective alternative (necessity stage). (iv) The measure must not have a disproportionate impact on the right holder (balancing stage)

The Court also found that as the information collected at the time of enrolment as well as authentication is minimal, balancing at the first level is met. Insofar as balancing of two competing fundamental rights is concerned, namely, dignity in the form of autonomy (informational privacy) and dignity in the form of assuring better living standards of the same individual, the Court held that the same has also been satisfied.

3. Whether children can be brought within the sweep of Sections 7 and 8 of the Aadhaar Act?

(a) For the enrolment of children under the Aadhaar Act, it would be essential to have the consent of their parents/guardian.

(b) On attaining the age of majority, such children who are enrolled under Aadhaar with the consent of their parents, shall be given the option to exit from the Aadhaar project if they so choose in case they do not intend to avail the benefits of the scheme.

4. Is Aadhaar compulsory for admission to schools?

Aadhaar is not compulsory for admissions to schools as it is neither a service nor subsidy.

Further, since a child between the age of 6 to 14 years has the fundamental right to education under Article 21A of the Constitution, school admission cannot be treated as ‘benefit’ as well.

5. Whether benefits to school children under Sarv Shisksha Abhiyan requires Aadhaar?

No. Benefits to children between 6 to 14 years under Sarv Shiksha Abhiyan shall not require Aadhaar enrolment.

For availing the benefits of other welfare schemes which are covered by Section 7 of the Aadhaar Act, though enrolment number can be insisted, it would be subject to the consent of the parents, as mentioned in (a) above.

However, the court added an important rider that no child shall be denied benefit of any of these schemes if, for some reasons, she is not able to produce the Aadhaar number and the benefit shall be given by verifying the identity on the basis of any other documents.

6. Whether Aadhaar can be insisted for availing benefits under social welfare schemes covered by Section 7?


The Court upheld the validity of Section 7 of the Act stating that the rationale behind Section 7 is to ensure targeted delivery of services, benefits and subsidies which are funded from the Consolidated Fund of India.

This has been done keeping in view the larger interest to ensure social and economic justice, to eliminate inequality and to ameliorate a lot of the poor and the Dalits. Some such schemes are PDS, scholarships, mid-day meals, LPG subsidies, etc.

The court held that it is convinced that the purpose of the provision is to ensure that such benefits which help to achieve right to life, reach the deserving. Hence, it upheld he same.

7. What is the scope of the term “benefits” in Section 7?

The Court held that “benefits” should be those which have the colour of subsidies. The expression ‘benefit’ has to be read ejusdem generis with the preceding word ‘subsidies’.

The government cannot resort to Section 7 and enlarge the scope of subsidies, services and benefits. ‘Benefits’ should be such which are in the nature of welfare schemes for which resources are to be drawn from the Consolidated Fund of India.

Therefore actions by CBSE, NEET, JEE and UGC requirements for scholarship shall not be covered under Section 7, unless it is demonstrated that the expenditure is incurred from Consolidated Fund of India.

A benefit which is earned by an individual (e.g. pension by a government employee) cannot be covered under Section 7 of the Act, as it is the right of the individual to receive such benefit.

8. Constitutionality of the provisions of Aadhaar Act

(a) Section 2(d) which pertains to authentication records, such records would not include metadata as mentioned in Regulation 26(c) of the Aadhaar (Authentication) Regulations, 2016. Therefore, this provision in the present form was struck down. Liberty, however, was given to reframe the regulation, keeping in view the parameters stated by the Court.

(b) Section 2(b) was upheld. The said section defines ‘resident’, and the apprehension expressed by the petitioners was that it should not lead to giving Aadhaar card to illegal immigrants. The Court, therefore directed the Centre to take suitable measures to ensure that illegal immigrants are not able to take such benefits.

(c) Regulation 27 of Aadhaar (Authentication) Regulations, 2016, which provides archiving a data for a period of five years was struck down on the ground that retention of data beyond the period of six months is impermissible.

(d) Section 29 which imposes a restriction on sharing information and was held to be valid as it protects the interests of Aadhaar number holders. However, the petitioners raised an apprehension that this provision entitles Government to share the information ‘for the purposes of as may be specified by regulations’.

The Court noted that the Aadhaar (Sharing of Information) Regulations, 2016, as of now, do not contain any such provision. If a provision is made in the regulations which impinges upon the privacy rights of the Aadhaar card holders that can always be challenged, the Court ruled.

(e) Section 33(1) of the Act prohibits disclosure of information, including identity information or authentication records, except when it is by an order of a court not inferior to that of a District Judge.

This provision was read down with the clarification that an individual, whose information is sought to be released, shall be afforded an opportunity of hearing. If such an order is passed, in that eventuality, he shall also have right to challenge such an order passed by approaching the higher court. During the hearing before the concerned court, the said individual can always object to the disclosure of information on accepted grounds in law, including Article 20(3) of the Constitution or the privacy rights etc.

(f) Insofar as Section 33(2) is concerned, it was held that disclosure of information in the interest of national security cannot be faulted with. However, for determination of such an eventuality, an officer higher than the rank of a Joint Secretary should be given such a power. Further, in order to avoid any possible misuse, a Judicial Officer (preferably a sitting High Court Judge) should also be associated with. Therefore, Section 33(2) in the present form was struck down with liberty to enact a suitable provision on the lines suggested above.

(g) Section 47 was upheld by the court with a direction to amend the same.

Section 47 provides for the cognizance of offence only on a complaint made by the Authority or any officer or person authorised by it is concerned. The Court held that it needs a suitable amendment to include the provision for filing of such a complaint by an individual/victim as well whose right is violated.

(h) Section 57 was read on down on the ground that it is susceptible to misuse.

In the present form is susceptible to misuse inasmuch as: (a) It can be used for establishing the identity of an individual ‘for any purpose’. The Court read it down to mean that such a purpose has to be backed by law. Further, whenever any such “law” is made, it would be subject to judicial scrutiny.

It also held that such purpose is not limited pursuant to any law alone but can be done pursuant to ‘any contract to this effect’ as well. This, it held, is clearly impermissible as a contractual provision is not backed by a law and, therefore, first requirement of proportionality test is not met.

Further, apart from authorising the State, even ‘any body corporate or person’ is authorised to avail authentication services which can be on the basis of purported agreement between an individual and such body corporate or person. Even if it is presumed that the legislature did not intend so, the impact of the aforesaid features would be to enable commercial exploitation of an individual biometric and demographic information by the private entities. Thus, this part of the provision which enables body corporate and individuals also to seek authentication would impinge upon the right to privacy of such individuals. Consequently, it was declared unconstitutional.

(i) Other provisions of Aadhaar Act were held to be valid, including Section 59 of the Act which, according to us, saves the pre-enactment period of Aadhaar project, i.e. from 2009-2016.

9. Whether the Aadhaar Act defies the concept of Limited Government, Good Governance and Constitutional Trust?

Aadhaar Act meets the concept of Limited Government, Good Governance and Constitutional Trust

10. Next was the all-important question of whether the Aadhaar Act could be passed as ‘Money Bill’ within the meaning of Article 110 of the Constitution?

The Court answered this question in the affirmative. While admitting that Rajya Sabha plays a significant role in our bicameral system of Parliament, and Article 110 which provide for money Bills have to be interpreted strictly, the Court held that Aadhaar Act fell within the ambit of Article 110.

This, the Court ruled, by reasoning that the main object of Aadhaar Act is to extend benefits in the nature of aid, grant, or subsidy to the marginalised sections of the society with the support of Consolidated Fund of India.

This finds expression in Section 7 of the Aadhaar Act which the Court held is the main provision in the Act. The other provisions in the Act are only incidental in nature for the proper working of the Act and therefore, the Aadhaar Act was validly passed as a ‘Money Bill’, the Court ruled.

11. Whether Section 139AA of the Income Tax Act, 1961 is violative of right to privacy and is, therefore, unconstitutional?

Consequently, whether Aadhaar is mandatory for filing of Income Tax Returns?

The validity of this provision was upheld in the case of Binoy Viswam by repelling the contentions based on Articles 14 and 19 of the Constitution. However, on the question of privacy which, at that time, was traced to Article 21, the matter left open for a decision by the 9-judge Bench.

The Court, therefore, re-examined the provision on the touchstone of principles laid down in KS Puttaswamy and on “manifest arbitrariness” as a ground of challenge to the legislative enactment. It then held that the provision satisfies the tests in relation to the same and upheld the same.

This would mean that Aadhaar is now mandatory for filing of Income Tax returns.

12. Whether Rule 9 of the Prevention of Money Laundering (Maintenance of Records) Rules, 2005 and the notifications issued thereunder which mandates linking of Aadhaar with bank accounts is unconstitutional?

The Court held that the provision in the present form does not meet the test of proportionality and, therefore, violates the right to privacy of a person which extends to banking details. Further, this linking is made compulsory not only for opening a new bank account but even for existing bank accounts with a stipulation that if the same is not done then the account would be deactivated, with the result that the holder of the account would not be entitled to operate the bank account till the time seeding of the bank account with Aadhaar is done. This amounts to depriving a person of his property.

The rule was, therefore, struck down. Thus, Bank accounts need not be linked with Aadhaar.

13. Whether Circular dated March 23, 2017, issued by the Department of Telecommunications mandating linking of mobile number with Aadhaar is illegal and unconstitutional?

Circular dated March 23, 2017, mandating linking of mobile number with Aadhaar was held to be illegal and unconstitutional as it was not backed by any law and is hereby quashed.

Consequently, mobile number need not be linked with Aadhaar.

14. Whether certain actions of the respondents are in contravention of the interim orders passed by the Court, if so, the effect thereof?

This question was answered in the negative.

Read the Majority judgment below. 

Bar and Bench - Indian Legal news