The Aadhaar and Other Laws (Amendment) Bill, 2019
- The Aadhaar and Other Laws (Amendment) Bill, 2019 was introduced in Lok Sabha by the Minister of Electronics and Information Technology, Mr. Ravi Shankar Prasad on June 24, 2019. It replaces an Ordinance promulgated on March 2, 2019.
- Offline verification of Aadhaar number holder: Under the Aadhaar Act, an individual’s identity may be verified by Aadhaar ‘authentication’. Authentication involves submitting the Aadhaar number, and their biometric or demographic information to the Central Identities Data Repository for verification. The Bill additionally allows ‘offline verification’ of an individual’s identity, without authentication, through modes specified by the Unique Identification Authority of India (UIDAI) by regulations.
- During offline verification, the agency must (i) obtain the consent of the individual, (ii) inform them of alternatives to sharing information, and (iii) not collect, use or store Aadhaar number or biometric information.
- Voluntary use: The Act provides for the use of Aadhaar number as proof of identity of a person, subject to authentication. The Bill replaces this provision to state that an individual may voluntarily use his Aadhaar number to establish his identity, by authentication or offline verification. The Bill states that authentication of an individual’s identity via Aadhaar, for the provision of any service, may be made mandatory only by a law of Parliament.
- The Bill amends the Telegraph Act, 1885 and the Prevention of Money Laundering Act, 2002 to state that persons with a license to maintain a telegraph, banking companies and financial institutions may verify the identity of their clients by: (i) authentication or offline verification of Aadhaar, (ii) passport, or (iii) any other documents notified by the central government. The client has the choice to use either mode to verify his identity and no person shall be denied any service for not having an Aadhaar number.
- Entities using Aadhaar: Under the Act, usage of Aadhaar number for establishing the identity of an individual, by the State or a body corporate under any law, is permitted. The Bill removes this provision. An entity may be allowed to perform authentication through Aadhaar, if the UIDAI is satisfied that it is: (i) compliant with certain standards of privacy and security, or (ii) permitted by law, or (iii) seeking authentication for a purpose specified by the central government in the interest of the State.
- Aadhaar number of children: The Bill specifies that at the time of enrolling a child to obtain an Aadhaar number, the enrolling agency shall seek the consent of his parent or guardian. The agency must inform the parent or guardian of the manner in which the information will be used, the recipients with whom it will be shared, and of their right to access the information. After attaining eighteen years of age, the child may apply for cancellation of his Aadhaar.
- Disclosure of information in certain cases: Under the Act, restrictions on security and confidentiality of Aadhaar related information do not apply in case the disclosure is pursuant to an order of a District Court (or above). The Bill amends this to allow such disclosure only for orders by High Courts (or above). Further, under the Act, an officer not below the rank of a Joint Secretary may issue directions for disclosing information in the interest of national security. The Bill amends this to allow such disclosure on directions of officers not below the rank of a Secretary.
- UIDAI Fund: Under the Act, all fees and revenue collected by the UIDAI will be credited to the Consolidated Fund of India. The Bill removes this provision, and creates the Unique Identification Authority of India Fund. All fees, grants, and charges received by the UIDAI shall be credited to this fund. The fund shall be used for expenses of the UIDAI, including salaries and allowances of its employees.
- Complaints: Under the Act, courts can take cognizance of an offence only if the UIDAI registers a complaint. The Bill amends this to allow the individual to register complaints in certain cases, including impersonation or disclosure of their identity.
- The Bill defines the Aadhaar ecosystem to include enrolling agencies, requesting agencies, and offline verification-seeking entities. It allows the UIDAI to issue directions to them, if necessary, for the discharge of its functions under the Act.
- Penalties: Under the Bill, the UIDAI may initiate a complaint against an entity in the Aadhaar ecosystem for failure to (i) comply with the Act or the UIDAI’s directions, and (ii) furnish information required by the UIDAI. Adjudicating Officers appointed by the UIDAI shall decide such matters, and may impose penalties up to one crore rupees on such entities. The Telecom Disputes Settlement and Appellate Tribunal shall be the appellate authority against decisions of the Adjudicating Officer.
DISCLAIMER: This document is being furnished to you for your information. You may choose to reproduce or redistribute this report for non-commercial purposes in part or in full to any other person with due acknowledgement of PRS Legislative Research (“PRS”). The opinions expressed herein are entirely those of the author(s). PRS makes every effort to use reliable and comprehensive information, but PRS does not represent that the contents of the report are accurate or complete. PRS is an independent, not-for-profit group. This document has been prepared without regard to the objectives or opinions of those who may receive it.