As IT department braces for Aadhaar linkage, concerns remain

Being a technocrat, it was not surprising that Rajeev Chandrasekhar, a member of Rajya Sabha, decided to put a series of questions to the government on the ever-expanding use of the 12-digit unique identification number or Aadhaar.

Being a technocrat, it was not surprising that Rajeev Chandrasekhar, a member of Rajya Sabha, decided to put a series of questions to the government on the ever-expanding use of the 12-digit unique identification number or Aadhaar.

One such question, which was answered by the Ministry of Electronics and Information Technology on March 17, queried whether the government acknowledges that the violation of the Supreme Court's orders on Aadhaar by government agencies amounts to an infringement of Fundamental Rights of citizens under Article 21 of the Constitution. What prompted the question was perhaps the string of government notifications that mandated the use of Aadhaar for a wide range of government services-the most recent one being the Cabinet decision to make Aadhaar number mandatory for income tax filing-despite the apex court's interim order that restricts its universal use until a final verdict is given by the court.

Chandrasekhar also wanted to know whether the government proposes to examine and address the unresolved concerns under the Aadhaar programme, including the use of Aadhaar as ID and KYC, data security and privacy concerns, and data integrity of the Aadhaar database.

As the question suggests, there are some unresolved concerns regarding the use of Aadhaar. The first is, to what extent the government can ignore Supreme Court's directives-the last one came after the government enacted the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act 2016, and the other, and equally important, issue is about data security and privacy.

Chandrasekhar got a standard response from the ministry. It said that the usage of Aadhaar is governed by the Aadhaar Act 2016 (and hence it is legal), and that the section allows alternative and viable means of identification for delivery of the subsidy, benefit or service, if the unique ID has not been assigned to the individual beneficiary. It also said that "appropriate legislative and administrative measures have been taken to ensure the privacy, data integrity and data security of identity information and authentication records of individuals".

The Supreme Court alone is the best judge to decide whether there has been a violation of its directive or not. Assuming that the government has acted within its rights, one may not find it too problematic to link Aadhaar with the filing of IT returns. After all, the government is only trying to weed out the practice of using multiple PAN numbers, leveraged by unscrupulous tax evaders, by linking IT filings with the unique ID. But it may still have to explain the privacy concern.

A personal identification number (PIN), if compromised, can be changed. However, various stakeholders say that your biometrics, if compromised, can be misused by cybercriminals and may pose a grave threat. The government seems to be confident that nothing will go wrong. And hence, this latest push to expand Aadhaar's reach.