Access Management , Governance & Risk Management , Identity & Access Management

Parliament Considers Bill to Modify Aadhaar Use

Proposed Law Designed to Carry Out Use Limits Spelled Out by Supreme Court
Parliament Considers Bill to Modify Aadhaar Use

The India parliament is considering a new Aadhaar amendment bill that would introduce a host of changes in line with the Supreme Court’s decision that Aadhaar cannot be made mandatory for identification and authentication for certain private-sector purposes.

See Also: HIPAA Compliance: What The Healthcare Industry Needs To Know

The legislation is intended to bring changes to the way Aadhaar is used in institutions across the country. The bill was tabled by Union Information and Technology Minister Ravi Shankar Prasad in the Lok Sabha.

“The new amendment will replace the ordinance that was issued earlier in March and mostly tries to make Aadhaar safer and ensure citizen's data privacy stays intact,” says Advocate Prashant Mali, practicing lawyer, Bombay High Court. “The major change that this bill will introduce is that Aadhaar won't be mandatory any more for verification purposes.”

The Supreme Court in its judgement last year had said Aadhaar cannot be made mandatory for opening of a bank account and for getting mobile connections or for any service.

The proposed bill clearly states that a citizen cannot be denied a service by the private sector if they don’t possess an Aadhaar ID. For instance, if someone wants to start a mobile phone contract or open a bank account, they wouldn’t be required to present Aadhaar details. “However, if someone voluntarily wants to present their Aadhaar data, it can be done,” Mali says.

Legal experts point out, however, that even if the bill becomes a law, Aadhaar would remain compulsory for government services as well as to file tax returns.

“Though on paper Aadhaar is voluntary, every taxpayer in the country needs it to file taxes,” says Vicky Shah, a Mumbai-based cyber lawyer. “It will also be needed for every government scheme. So basically, if you are eligible for taxes.”

What the Bill Would Do

The bill, which proposes an amendment to Aadhaar Act 2016, would replace an ordinance issued in March that directed companies not to misuse the Aadhaar data. It proposes stiff penalties for violations of its requirements.

“For instance, if any third party is found violating the regulation, the government will impose heavy fines on the defaulter,” Shah says. “The bill includes a civil penalty of Rs 1 crore as well as Rs 10 lakhs per day if it isn't corrected.”

Prasad, who tabled the Bill in parliament, says children turning age 18 will be given an option to be part of Aadhaar.

To enhance privacy, the bill proposes the introduction of a virtual number in place of the actual Aadhaar number for verification purposes. Though the procedure of virtual ID is already in practice, the bill seeks to give it more teeth by incorporating it into the Aadhaar Act, Mali says.

Under the bill, the government would create a Unique Identification Authority of India Fund. The purpose of this fund, however, has not been made clear. The bill also plans to give the Unique Identification Authority of India, or UIDAI, enhanced regulator-like power.

Until now, the Aadhaar Act was silent on UIDAI's powers to take action against companies that wrongly insist on obtaining Aadhaar numbers, those using Aadhaar numbers for unauthorized purposes and those leaking Aadhaar numbers. “Since the new bill plans to give more power to UIDAI, things are expected to get more smooth in terms of how Aadhaar is getting used,” Vijayashankar says.

Implications of the Bill

The proposed legislation, says Na. Vijayashankar, a Bangalore-based cyber lawyer, “tries to address both the privacy issues as well as the security issues. The introduction of the ‘virtual Aadhaar’ had already ensured that the risks that were inherent in the earlier systems had already been reduced substantially.”

The bill would force banks and other private companies to rethink how they carry out customer verification, some security experts say.

“From a business perspective, there will be an increase in cost if too much paperwork is introduced again for the purpose of verification,” Shah says. “Aadhaar ensured that e-KYC was carried out fast.”

Shah says most banks have already removed the Aadhaar functionality both as remitter and beneficiary. Also, all interfaces currently offering this functionality, including UPI apps and third-party apps, have removed the Aadhaar option as well.

“Nothing much has changed except that banks and telecoms can no longer ask for Aadhaar IDs,” Mali says. “But Aadhaar makes the process easier, so existing users might still continue with Aadhaar, since the privacy aspect has been covered to a large extent through virtual Aadhaar IDs.”

If the bill becomes law, banks could still use Aadhaar authentication for beneficiaries of government subsidies and welfare schemes.

If customers voluntarily want to share their Aadhaar details for authentication, banks would have the option to authenticate either offline or using a QR code. For those who do not wish to share their Aadhaar, banks will probably have to go back checking officially valid documents for opening accounts.


About the Author

Suparna Goswami

Suparna Goswami

Associate Editor, ISMG

Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine and leading Indian newspapers, such as DNA and Times of India.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.