Didn’t order Aadhaar-SIM link, Govt circular wrong, says SC

| | New Delhi

The Supreme Court on Wednesday told the Unique Identification Authority of India (UIDAI) that linking Aadhaar with mobile SIM card was not ordered by the Supreme Court contrary to what the Government Circular said in this regard.

Adding a new twist to the ongoing hearing on a clutch of petitions challenging the roll-out of Aadhaar, a Constitution Bench headed by Chief Justice of India Dipak Misra read out

the contents of a circular issued by the Department of Telecommunications (DoT) on October 23, 2017.

The circular said, “On March 23, 2017, the DoT issued instructions to the Telecom Service Providers to perform biometric (fingerprint/iris) Aadhaar e-KYC for re-verification of existing subscribers analogous to new subscribers as per the order of the Supreme Court (vide order dated February 6, 2017 passed

in the case of Lokniti Foundation vs Union of India WP(C) 607/16).”

Pointing this out to UIDAI counsel and senior advocate Rakesh Dwivedi, the Bench also comprising Justices AK Sikri, AM Khanwilkar, DY Chandrachud, and Ashok Bhushan, said, “There is no direction to link Aadhaar with mobile SIM cards as per our order in Lokniti Foundation case. But your circular says so.”

Dwivedi submitted that often the observations made by the court in the order are taken in the spirit of the final order passed. However, he dismissed the same claiming that the process of linking SIM cards with Aadhaar number is one-time and cannot be treated as excessive since the need was felt to verify SIM card holders, both of existing and new mobile phone users, to curb threat to national security and aid crime prevention.

Dwivedi, who had the onerous task to display that adequate security systems are in place at UIDAI to prevent leakage of biometrics or other information stored of close to 120 million Aadhaar users, showed how the information available with UIDAI is commercially unviable compared to the mountain of information available with Google, YouTube and Facebook.

To illustrate his point that Aadhaar cannot be breached, Dwivedi informed Court about a website hosted in Netherlands by one Lenny Zeltser who accepted Dwivedi’s open challenge to collect all information about him that he possibly could find using expertise on the web. After two weeks, Dwivedi received a mail having a host of his intimate details, public dealings, information on each member of his family, extended family, date of birth, voter I-card details, likes and dislikes, hobbies and interests, etc. Interestingly, none of the family members’ Aadhaar card information could be known by the website. Dwivedi said all this information was available about him on Google and similar is the case with all of us.

He also cleared ambiguities about possible data leak or sharing by authenticating banks, mobile phone companies, or such requesting entities. Most of the requesting entities seeking authentication are State Governments or State bodies and very few are private entities, Dwivedi said, adding the information is stored in encrypted form which is not accessible by the said entity. For maintaining surveillance, Aadhaar cannot match Facebook, Google, etc as it does not have such big amount of meta data, or processing power or statistical know-how. The data available with these companies is far in excess of what Aadhaar stores, he added.