President Approves Aadhaar Ordinance Allowing Private Cos To Access Aadhaar Info

According to a government notification on March 2, the President of India, Ram Nath Kovind has approved promulgation of an ordinance which will allow voluntary use of Aadhaar by private entities.

According to the notification, the amendments made to the Aadhaar Act 2016, Prevention of Money Laundering Act 2005 and Indian Telegraph Act 1885 are the same as those contained in the Bill passed by the Lok Sabha on 4th January 2019.

However, the bill could not be considered and passed in the Rajya Sabha, as it was adjourned sine die (adjourned for an indefinite period). Thus the bill was considered by the president of India.

According to the gazette notification, “ And whereas Parliament is not in session and the President is satisfied that circumstances exist which render it necessary for him to take immediate action”.

In a historical judgement passed by the Supreme Court in September 2018, Section 57 which allowed the use of Aadhaar by private companies was struck down.

Following this the Ministry of Electronics and Information Technology (MeitY) had introduced an Aadhaar amendment Bill during the winter session of the Parliament in January which had proposed voluntary use of Aadhaar for the customer verification process.

The Section 5 of the Aadhaar Amendment Bill reads: “Every Aadhaar number holder to establish his identity, may voluntarily use his Aadhaar number in physical or electronic form by way of authentication or offline verification, or in such other form as may be notified, in such manner as may be specified by regulations.”

Some of the amendments introduced in the Aadhaar Act:

• Allows voluntary use of Aadhaar number in physical or electronic form by authentication or offline verification with the consent of Aadhaar number holder
• Can use the twelve-digit Aadhaar number and its alternative virtual identity to conceal the actual Aadhaar number of an individual
• Children who currently holds Aadhaar number are allowed to cancel it once they reach the age of 18
• Allow the private entities to perform authentication only when they are compliant with the standards of privacy and security specified by the authority
• Aadhaar number for authentication can be used on a voluntary basis as an acceptable KYC document under the Telegraph Act, 1885 and the Prevention of Money-laundering Act, 2002
• Proposes deletion of section 57 of the Aadhaar Act relating to the use of Aadhaar by private entities
• Users cannot be denied of services for refusing or being unable to undergo authentication
• Provides for the establishment of Unique Identification Authority of India Fund
• Provides for civil penalties, its adjudication, appeal thereof in regard to violations of Aadhaar Act and provisions by entities in the Aadhaar ecosystem

The debate related to validation of Aadhaar continues to remain that whether the bill is violating the SC’s decision. While the bill clearly states the use of Aadhaar only on a voluntary basis, Member of Parliament, Sashi Tharoor had said  that the Bill is, “a violation of Supreme Court judgment and the fundamental right to privacy.”

In December 2018, it was also reported that the amendment also suggested that any attempt to breach the Aadhaar database will be punishable by 10 years in jail rather than the current, three year punishment.

Government’s Efforts To Find Alternatives For KYC

This development came in after Reserve Bank of India extended the deadline for full KYC compliance by six months from the previous February 28, 2019 deadline, bringing some relief to the online payment companies.

The central bank had introduced KYC guidelines for all banks in 2002. Under this rule, all financial institutions are mandated to get information about the users and authenticate their identity, in order to prevent financial crimes such as money laundering.

However, the fintech and telecom companies were in a pinch after the SC barred the use of Aadhaar by private companies as they heavily relied on Aadhaar-based eKYC for authentication. Since then, both the government and the industry players have been looking to come up with an alternative in compliance with the ruling.

In December 2018, it was reported that the central government and the RBI are reportedly considering the use of an ‘offline Aadhaar’ verification system which will operate on QR codes instead of biometrics.

The RBI had also been considering to introduce live video verification for the customer authentication process. The central bank was also considering rolling out a digital authentication process which will use XML internet format to get very limited information about the users from the Aadhaar database where the biometric information will not be included.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.