You are here

Mediating Privacy with Access to Social Security Benefits

Dr. Ananth Padmanabhan

In light of the Supreme Court verdict in Justice Puttaswamy v. Union of India, there has been an upsurge in discourse on rights and autonomy that an individual is entitled to as well as a narrative around benefits of sharing data.

The concept of privacy can be traced back to the landmark judgements in MP Sharma v. Satish Chandra (1954) as well as Kharak Singh v. State of UP. In the former, the Court held that the constitution makers did not recognise the fundamental right to privacy, analogous to the American Fourth Amendment and therefore there was no justification in importing that right into the Indian Constitution through a process of strained construction. The Court also stated that power of search and seizure was an overriding power of the State for protection of social order. In the latter, the Court upheld that right to privacy was not guaranteed under the Constitution and surveillance is merely a manner in which privacy is invaded but it is not an infringement of a fundamental right.

However, in recent times, there has been a trend in jurisprudence to increase the ambit of fundamental rights.

While hearing the Aadhar challenge, the context within which the case is being decided is distinct for there is a different conception of privacy. There has been a shift in the way privacy is understood, from decisional and spatial privacy, we now understand privacy as information to privacy. There is a spurt in the growth of domain of technology, where the line between personal and private is increasingly blurred as more people are putting personal information out in the public domain. We live in a world of semantic web, where the machines are capable of understanding and analysing data. The Court has grounded the right to privacy in the inviolate part of the personality of the Constitution, embedding it in the basic structure doctrine to protect it against erosion. The rights under Indian Constitution are constrained by reasonable restrictions.

The Aadhar Act in question is an act that imposes restrictions on this right to privacy. The question is whether there is a reasonable restriction or not. It has been argued that the Aadhar Act is protected as there is a compelling state reason, i.e., using predictive analysis to use funds efficiently and targeting social welfare schemes.

As far as the working of the scheme is concerned, the exclusion and the security aspect need to be looked at. The exclusion aspect is such that not everyone has access to the same point of authentication gadgets, which work differently in different areas. This leads to arbitrariness in the ways in which the scheme is administered. The security aspect comes in because of the 10 digit Aadhar number (which is used for authentication by both private and public actors) that is only defended on the grounds that no data breach of the same has happened till date.

Dr. Padmanabhan believes that there is a real possibility of a digital panopticon because of the resident hubs that have to be created by states by linking the Aadhar information of the people.

Another challenge is that this entire process, including the review mechanism, is entirely bureaucratic in nature. The idea of separation of power no longer stands as the judiciary is being entirely bypassed.

One of the biggest issues is, who is regulating this database? Dr. Padmanabhan believes that there is no regulator at all. The UIDAI is a mere custodian, not a regulator. If there is a hack, a custodian would not be considered responsible for the same. Therefore, an independent regulator is a necessity.

It has become extremely difficult to differentiate between the public and private actors in such cases. Therefore, a robust data protection law is required because it is not enough to address the issues with Aadhar.

A law which gives rights and appropriate remedies, and makes sure that data is handled in a proper manner, is required. It is time to think beyond the concept of consent, in relation to privacy.

The factors that need to be balanced via this law are the trade-off between innovation and individual rights, entry barriers for Indian companies as compared to the data giants in the US and Europe, and state interest as compared to threat to national security.