A few minutes ago, the Supreme Court delivered a judgement striking down Section 66 A of the Information Technology Act, 2000. This was in response to a PIL that challenged the constitutionality of this provision. In light of this, we present a background to Section 66 A and the recent developments leading up to its challenge before the Court. What does the Information Technology Act, 2000 provide for? The Information Technology (IT) Act, 2000 provides for legal recognition for transactions through electronic communication, also known as e-commerce. The Act also penalizes various forms of cyber crime. The Act was amended in 2009 to insert a new section, Section 66A which was said to address cases of cyber crime with the advent of technology and the internet. What does Section 66(A) of the IT Act say? Section 66(A) of the Act criminalises the sending of offensive messages through a computer or other communication devices. Under this provision, any person who by means of a computer or communication device sends any information that is:
Over the past few years, incidents related to comments, sharing of information, or thoughts expressed by an individual to a wider audience on the internet have attracted criminal penalties under Section 66(A). This has led to discussion and debate on the ambit of the Section and its applicability to such actions. What have been the major developments in context of this Section? In the recent past, a few arrests were made under Section 66(A) on the basis of social media posts directed at notable personalities, including politicians. These were alleged to be offensive in nature. In November 2012, there were various reports of alleged misuse of the law, and the penalties imposed were said to be disproportionate to the offence. Thereafter, a Public Interest Litigation (PIL) was filed in the Supreme Court, challenging this provision on grounds of unconstitutionality. It was said to impinge upon the freedom of speech and expression guaranteed by Article 19(1)(a) of the Constitution. How has the government responded so far? Subsequently, the central government issued guidelines for the purposes of Section 66(A). These guidelines clarified that prior approval of the Deputy Commissioner or Inspector General of Police was required before a police officer or police station could register a complaint under Section 66(A). In May 2013, the Supreme Court (in relation to the above PIL) also passed an order saying that such approval was necessary before any arrest is to be made. Since matters related to police and public order are dealt with by respective state governments, a Supreme Court order was required for these guidelines to be applicable across the country. However, no changes have been made to Section 66 A itself. Has there been any legislative movement with regard to Section 66(A)? A Private Member Bill was introduced in Lok Sabha in 2013 to amend Section 66(A) of the IT Act. The Statement of Objects and Reasons of the Bill stated that most of the offences that Section 66(A) dealt with were already covered by the Indian Penal Code (IPC), 1860. This had resulted in dual penalties for the same offence. According to the Bill, there were also inconsistencies between the two laws in relation to the duration of imprisonment for the same offence. The offence of threatening someone with injury through email attracts imprisonment of two years under the IPC and three years under the IT Act. The Bill was eventually withdrawn. In the same year, a Private Members resolution was also moved in Parliament. The resolution proposed to make four changes: (i) bring Section 66(A) in line with the Fundamental Rights of the Constitution; (ii) restrict the application of the provision to communication between two persons; (iii) precisely define the offence covered; and (iv) reduce the penalty and make the offence a non-cognizable one (which means no arrest could be made without a court order). However, the resolution was also withdrawn. Meanwhile, how has the PIL proceeded? According to news reports, the Supreme Court in February, 2015 had stated that the constitutional validity of the provision would be tested, in relation to the PIL before it. The government argued that they were open to amend/change the provision as the intention was not to suppress freedom of speech and expression, but only deal with cyber crime. The issues being examined by the Court relate to the powers of the police to decide what is abusive, causes annoyance, etc,. instead of the examination of the offence by the judiciary . This is pertinent because this offence is a cognizable one, attracting a penalty of at least three years imprisonment. The law is also said to be ambiguous on the issue of what would constitute information that is “grossly offensive,” as no guidelines have been provided for the same. This lack of clarity could lead to increased litigation. The judgement is not available in the public domain yet. It remains to be seen on what the reasoning of the Supreme Court was, in its decision to strike down Section 66A, today.
Yesterday, the Supreme Court delivered its first verdict in a series of legal challenges that have been made against the Aadhaar project.[1] In the present matter, the court was examining whether a provision of the Finance Act, 2017 that made Aadhaar mandatory for filing of income tax returns and applying for Permanent Account Number (PAN) cards was constitutionally valid. The court has upheld the validity of this provision, subject to a few qualifications. Below, we discuss the background of the Aadhaar project, why the courts have stepped in to examine its legality, and some aspects of the recent judgement.
What is Aadhaar about, and how is it being used?
Earlier, various identity proofs were required for access to governments benefits, subsidies and services, such as a ration card, driving license or voter id. However, as these proofs could be easily duplicated or forged, there was leakage of benefits and subsidies to ineligible beneficiaries. The Aadhaar project was initiated in 2009 to address these problems. It was envisaged as a biometric-based unique identity number that could help identify eligible persons. It was thought to be a more reliable identity proof, because it sought to authenticate a person’s identity based on their unique biometrics, like fingerprints and iris scans.1
In 2016, Parliament enacted the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 to provide legislative backing to the project. This Act allowed Aadhaar to be used for authentication purposes by the central and state government, as well as by private bodies and persons.[2]
Under its provisions, government has been issuing various notifications making Aadhaar mandatory for government projects, such as LPG subsidies and Mid-Day Meal scheme.[3] In addition, in 2017, Parliament passed the Finance Act to amend the Income Tax Act, 1961, and made Aadhaar mandatory for filing of income tax returns, and applying for PAN.[4]
What is the information collected under Aadhaar?
To obtain an Aadhaar number, a person is required to submit their : (i) biometric information (photograph, 10 fingerprints, scans of both irises), and (ii) demographic information (name, date of birth, gender, residential address) to the Unique Identification Authority of India (UIDAI).[5] The Aadhaar number, the demographic and biometric information (called identity information) is together stored in the Central Identities Data Repository. In addition, every time a person’s identity is authenticated using Aadhaar, information related to the authentication request is recorded as well.
How is this information protected?
While India does not have a comprehensive law on privacy and data security, the Aadhaar Act, 2016 has some protections. For example, it prohibits UIDAI and its officers from sharing a person’s identity information and authentication records with anyone. It also forbids a person authenticating another person’s identity from collecting or using their information without their consent. Other protections include prohibitions against publicly displaying a person’s Aadhaar number and sharing of a person’s fingerprints and iris scans with anyone. Note that there are penalties prescribed for violation of these provisions as well.[6]
However, the Act permits information be disclosed in the interest of national security and on the order of a court.[7]
The UIDAI authority has been made responsible for the operation and maintenance of the Aadhaar database, and for laying down the security protocols for its protection.[8]
Why did the courts step in?
Even as Aadhaar is being rolled out, with about 111 crore of the 125 crore population already on the database, there are several important constitutional and legal questions around the unique identity project.[9][10] While yesterday’s judgement addresses one of these issues, other questions remain unresolved. A description of the key legal questions is provided below.
Privacy: It has been argued that the collection of identity data without adequate safeguards interferes with the fundamental right to privacy protected under Article 21 of the Constitution. Article 21 guarantees right to life and personal liberty. In August 2015, a three judge bench of the Supreme Court passed an order stating that a larger bench must be formed to decide the questions of: (i) whether right to privacy is a fundamental right, and (ii) whether Aadhaar violates this right.[11] However, the court has not set up a larger bench to hear these petitions till June 2017.[12]
Mandatory vs voluntary: Another question before the court is whether Aadhaar can be made mandatory for those government benefits and services, that citizens are entitled to under law. In 2015, the Supreme Court passed some interim orders stating that: (i) Aadhaar cannot be made mandatory for providing citizens with benefits and entitlements, and (ii) it can only be used for seven schemes including PDS distribution of foodgrains and kerosene, LPG distribution scheme, MGNREGA wage payments, and Prime Minister’s Jan Dhan Yojana.11
Subsequently, Parliament enacted the Aadhaar Act, 2016, and the government has been issuing notifications under it to make Aadhaar mandatory for various schemes.3 In light of this, more petitions have been filed challenging these notifications.[13] Judgements on these petitions are awaited as well.
Linking Aadhaar with PAN: In 2017, after Parliament made Aadhaar mandatory for filing of tax returns and applying for PAN under the Income Tax Act, 1961, fresh petitions were filed in the Supreme Court. The new provision stated that if a person failed to link their PAN with the Aadhaar number by a date notified by the central government, their PAN will be invalidated. The government said this will decrease the problem of multiple PAN cards obtained under fictitious names and consequent tax fraud and tax evasion, because Aadhaar will ensure proper identification.1,[14] However, the petitioners argued that this may interfere with a person’s fundamental rights, such as their right to practice any profession, trade or business and right to equality. It is this question that has been addressed in the new judgement.1
Money Bill: The fourth question is related to the manner in which the Aadhaar Act, 2016 was passed by Parliament. The Act was passed as a Money Bill. A Money Bill only needs to be passed by Lok Sabha, while Rajya Sabha may make non-binding recommendations on it. In case of the Aadhaar Act, Rajya Sabha made some recommendations that were rejected by Lok Sabha. It has been argued before the courts that the Aadhaar Act does not qualify as a Money Bill because it contains provisions unrelated to government taxation and expenditure.13,[15]
What has the judgement held?
The Supreme Court has held that the new provision of the Income Tax Act that makes Aadhaar mandatory for income tax assessees is not in violation of the fundamental right to equality, or the fundamental right to practice one’s profession or trade. The petitioners had argued that the new provision discriminates between individual and non-individual assessees (e.g. companies or firms), because it only seeks to address tax fraud by individuals. They had also contended that Aadhaar could not address the problem of tax fraud through duplicate PANs because there was evidence to show that people had multiple Aadhaar numbers as well. The court rejected these arguments (as well as arguments related to freedom to carry on business), stating that Aadhaar is perceived as the best method of eliminating duplicate PANs, and therefore there is reasonable rationale behind linking the PAN database with Aadhaar.1
The court decided not to examine questions related to human dignity and privacy, on the ground that issues affecting Article 21 will be examined by a larger bench to be set up by the court. However, it granted relief to people, who have not enrolled for Aadhaar, by stating that their PAN cards cannot be invalidated till the time when the matter is finally decided by such a bench.
This, in effect, means that the debate around constitutionality and legality of the Aadhaar project will remain ongoing till a judgement is finally pronounced on whether Aadhaar is in violation of right to privacy under Article 21.
[1] Binoy Viswam vs Union of India, Supreme Court, Writ Petition (Civil) No. 247 of 2017, http://www.sci.gov.in/pdf/jud/wc24717_Sign.pdf.
[2] Sections 7, 8 and 57, Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016.
[3] Unstarred Question No. 4126, Lok Sabha, March 27, 2017; Unstarred Question No. 1209, Lok Sabha, February 9, 2017; S.O. 371 (E), Ministry of Consumer Affairs, Food and Public Distribution, February 8, 2017, http://dfpd.nic.in/writereaddata/Portal/Magazine/Document/1_211_1_aadhaar-notification.pdf; S.O. 369 (E), Ministry of Agriculture and Farmers Welfare, February 8, 2017, http://www.egazette.nic.in/WriteReadData/2017/174076.pdf.
[4] The Finance Bill, 2017, http://www.prsindia.org/billtrack/the-finance-bill-2017-4681/.
[5] Regulations 3 and 4, Aadhaar (Enrolment and Update) Regulations, 2016.
[6] Sections 28-47, Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016.
[7] Section 33, Section 23, Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016.
[8] Section 23, Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016.
[9] “UIDAI achieves 111 crore mark on Aadhaar generation; Unique identity covers over 99 percent adult residents of India”, Press Information Bureau, January 27, 2017.
[10] Justice K. Puttaswamy (Retd) and Another vs Union of India and Others, Supreme Court, Writ Petition (Civil) No. 494 of 2012; Jairam Ramesh vs Union of India, Writ Petition (Civil) 231 of 2016; S.G. Vombatkere and Another vs Union of India and Others, Supreme Court, Writ Petition (Civil) 797/ 2016; “Aadhaar: What are the pending cases before the Supreme Court”, Indian Express, May 31, 2017, http://indianexpress.com/article/india/aadhaar-what-are-the-pending-cases-before-the-supreme-court/.
[11] Justice K. Puttaswamy (Retd) and Another vs Union of India and Others, Supreme Court, Writ Petition (Civil) No. 494 of 2012, September 23, 2013, August 11, 2015, October 15, 2015.
[12] “The Aadhaar/ PAN Judgement”, Indian Constitutional Law and Philosophy Blog, https://indconlawphil.wordpress.com/2017/06/09/the-aadhaarpan-judgment/.
[13] “Aadhaar: What are the pending cases before the Supreme Court”, Indian Express, May 31, 2017, http://indianexpress.com/article/india/aadhaar-what-are-the-pending-cases-before-the-supreme-court/.
[14] Uncorrected Lok Sabha Debates, March 22, 2017, Pg. 240, http://164.100.47.193/newdebate/16/11/22032017/Fullday.pdf.
