INSUBCONTINENT EXCLUSIVE:
Tuesday asked the Unique Identification Authority of India (UIDAI) why it needed to collect 'meta data' of personal transactions of citizens
which go for Aadhaar authentication to avail services and benefits.A five-judge Constitution bench headed by Chief Justice Dipak Misra,
hearing a clutch of petitions challenging Aadhaar and its enabling 2016 law, was responding to the submission of UIDAI that it collected
only "limited technical meta data." Meta data is a set of data that describes and gives information about other data."Why do you (UIDAI)
have to retain meta data of personal transacations of persons entered through Aadhaar authentication," the bench, also comprising Justices A
government, said the petitioners, opposing the Aadhaar scheme, have completely "misunderstood the concept of meta data" and the UIDAI
collected "limited technical meta data" to have control over the requesting entities (REs) which seek Aadhaar authentication for granting
services and benefits.He said that on one hand, the petitioners were saying that UIDAI had no control over requesting entities, but
simultaneously, they were also alleging that UIDAI will have so much control over the meta data that may lead to surveillance.While it was
important to exercise control over the REs, there was no data about the location or purpose of transaction or authentication which was being
collected by UIDAI, he said.The bench then asked him "So you are not collecting meta data about the person but only about the machine," to
which Mr Dwivedi replied in affirmative.The senior lawyer referred to foreign judgments and said there was reasonable and legitimate
expectation of privacy, but the context was "very important"."A criminal might not have any expectation of personal autonomy whereas a
common man will," he said, adding that there will be different levels of privacy rights when a person was inside home and when he ventured
out in "relational world"."Individuals live in communities and their personality is shaped by imbibing cultural and social values of the
Regulations are designed to protect objective principles that define reasonable expectation of privacy," he said.He said the possibility of
data breaches cannot be a ground to strike down the Aadhaar law and efforts should be to make it work and not to strike it off.He then
referred to the example of doctors trying to save a patient and asked the court to adopt the same approach in saving the Aadhaar law and
for the breaches.The lawyer said the Information Technology Act provided for penalties and recently, UIDAI had imposed penalties on Airtel
bringing people "face to face" with the authorities through Aadhaar was the best model as the State should reach them to accord the benefits
of the welfare schemes."We are not sure if that is the best model
The individual should not be a supplicant
The State should go to him and give him benefits," the bench had said.The bench had also said that if biometric authentication is attached
to every transaction entered into by a person, it would "form a wealth of information" necessitating the need for data protection.
