“Privacy is non-negotiable, confidentiality is non-negotiable under the Aadhaar Act,” the Unique Identification Authority of India (UIDAI), the nodal agency implementing the Aadhaar scheme, has said in the Supreme Court.
Additional Solicitor-General Tushar Mehta, appearing for the UIDAI, made this emphatic claim on Thursday when apprehensions were raised by a nine-judge Bench that personal data collected during Aadhaar enrolment might make its way into the hands of private players, for whom such details would transform into “vital commercial information”.
The court was, in turn, responding to a submission by Attorney-General K.K. Venugopal, appearing for the Centre, that citizens could not claim informational privacy when the state asks for data for a legitimate purpose such as Aadhaar. “There is no denying that it [Aadhaar] is a social welfare scheme, but you [the government] must first concede that the state is obliged to put a robust personal data protection mechanism in place,” Justice D.Y. Chandrachud said.
“There may be a billion Aadhaar card holders. I don’t want the state to pass on my personal information to some 2,000 service providers who will send me WhatsApp messages offering cosmetics and air conditioners ... That is our area of concern. Personal details turn into vital commercial information for service providers. Have you got a robust protection mechanism,” Justice Chandrachud asked.
Fundamental right
Justice S.A. Bobde wondered whether the Aadhaar Act of 2016 itself had any provisions to protect privacy. Mr. Venugopal then pointed to Section 28 of the statute dealing with “security and confidentiality of information”. It was in the State’s legitimate interest to keep personal data secure as this would make Aadhaar acceptable to one and all, he submitted.
“So does this mean you do recognise privacy as a fundamental right?” Justice Bobde persisted.
Here, Justice Rohinton F. Nariman observed that the government had dedicated an entire chapter in the 2016 Act to the protection of privacy and security. “So is this not a statutory recognition of privacy as a fundamental right,” he asked Mr. Venugopal.
“A law [Aadhaar Act] may specifically provide for the protection of privacy because privacy is not recognised as a fundamental right,” said Mr. Venugopal, turning the judge’s question on its head.
Justice Chandrachud said informational privacy was the most “vexed” portion of the ongoing debate as parts of personal data were already in the public domain. To this, Mr. Venugopal said informational privacy can never be a part of fundamental rights. 
There was no informational privacy against compelling state interests and public utility, for which the state can ask for fingerprints. But again, individuals can refuse if the information sought was totally irrelevant,” he said.