Hello law knowledge seekers. In this article you will find some introductory information about AADHAAR Act.
Image Credit: www.businesstoday.in
The Aadhaar (Targeted Delivery of Financial and other Subsidies, Benefits and Services) Act, 2016 (Aadhaar Act):
Main purpose of the Act:
Aadhaar Based Authentication Service:
Image Credit: www.businesstoday.in
The Aadhaar (Targeted Delivery of Financial and other Subsidies, Benefits and Services) Act, 2016 (Aadhaar Act):
Main purpose of the Act:
The Aadhaar Act enables the Government
to collect identity information from citizens including their biometrics, issue
a unique identification (UID) number or an Aadhaar Number on the basis of such
biometric information, and thereafter provide targeted delivery of subsidies, benefits
and services to them.
Aadhaar Based Authentication Service:
The Aadhaar Act also provides for Aadhaar based authentication
services wherein a requesting entity (government / public and private entities /
agencies) can request the Unique Identification Authority of India (UIDAI) to verify
/ validate the correctness of the identity information submitted by individuals
to be able to extend services to them. The requesting entity is required to
obtain the consent of the individual before obtaining his / her identity
information for the purpose of authentication and must use his / her identity
information only for the purpose of authentication.
The Aadhaar Act establishes an
authority, namely, the UIDAI, which is responsible for the administration of
the said Act. It also establishes a Central Identities Data Repository (CIDR) which
is a database holding Aadhaar Numbers and corresponding demographic and
biometric information. Under the Aadhaar Act, collection, storage and use of
personal data is a precondition for the receipt of a subsidy, benefit or
service. Though the Aadhaar Act does not per se make application for an Aadhaar
Number mandatory (it is specifically provided as an entitlement under Section
3) except for availing of certain benefits, subsidies and services funded from
the Consolidated Fund of India, in practice, taking of Aadhaar Number is
becoming mandatory for availing most services through a range of cognate laws.
Data Protection Principles:
The Aadhaar Act and its regulations
recognise various data protection principles, to ensure the security of
information and privacy of Aadhaar Number holders.
1) There is an obligation on the UIDAI
to ensure security and confidentiality of the identity information and authentication
records of individuals which includes taking all necessary steps to protect
such information against unlawful access, use or disclosure, and accidental or
intentional destruction, loss or damage.
2) The Aadhaar Act prohibits the
sharing of core biometric information, and the use of it for a purpose other
than the generation of Aadhaar Numbers and authentication.
3) The sharing of information other
than core biometric information is permissible under certain conditions.
4) The Aadhaar Act also permits an individual
to make a request to the UIDAI to provide his / her access to his / her
identity information (excluding his / her core biometric information) and his /
her authentication records.
5) Individual can also seek
rectification of his / her demographic data if it changes or is incorrect, and his
/ her biometric information if it is lost or changes.
6) Finally, the UIDAI will have no
knowledge of the purpose of any authentication.
Aadhaar (Data Security) Regulations:
Data protection norms for personal
information collected under the Aadhaar Act are also found in the Aadhaar (Data
Security) Regulations, 2016 (Aadhaar Security Regulations). The Aadhaar
Security Regulations impose an obligation on the UIDAI to have a security
policy which sets out the technical and organisational measures which will be
adopted by it to keep information secure.
Criticism:
Despite its attempt to incorporate
various data protection principles, Aadhaar has come under considerable public
criticism. Such as
1) though seemingly voluntary,
possession of Aadhaar has become mandatory in practice, and has been viewed by
many as coercive collection of personal data by the State. Concerns have also
been raised vis-a-vis the provision on Aadhaar based authentication which
permits collection information about an individual every time an authentication
request is made to the UIDAI.
2) despite an obligation to adopt adequate
security safeguards, no database is 100% secure.
In light of this, the interplay between
any proposed data protection framework and the existing Aadhaar framework will have
to be analysed.
Thanks for reading. Please share this blog and follow this. You can comment your subject of interest below.
No comments:
Post a Comment