Amid concerns about the leak of personal information collected by UIDAI for Aadhaar card, the Centre, on Tuesday (January 23), told the Supreme Court that Justice BN Srikrishna (retired) Committee report on data protection and cyber security was likely to be ready by March. As per a report by The Indian Express, the Attorney General K K Venugopal conveyed this to a five-judge Constitution Bench headed by Chief Justice of India Dipak Misra during hearing on a batch of petitions challenging the Constitutional validity of the Aadhaar Act and 139 related notifications issued by the government. Venugopal also informed the court that based on the recommendations of Justice Srikrishna panel, a proper law will be put in place.
The Attorney General’s submission came after senior advocate Shyam Divan contended on behalf of petitioners that there were serious concerns about biometric details of individuals collected by UIDAI getting into the hands of private parties. The Bench — also comprising Justices AK Sikri, AM Khanwilkar, DY Chandrachud and Ashok Bhushan – asked Divan to clarify the relationship between security fears and constitutional validity of the law. As per the report, Divan told the bench that the Aadhaar Act requires subscribers to update their biometric data, and this is a recognition of the fact that a person’s biometric data may change in his or her lifetime.
Divan said the entire architecture of Aadhaar was unconstitutional and it was not fit for a democratic society. “In a welfare state, there are huge points of interaction between an individual and state… You have a complete surveillance state if this is allowed to stand,” he said, adding individuals must have choices, as per the report.
What is Data Protection Law?
Data Protection refers to the set of privacy laws, policies and procedures that aim to minimise intrusion into one’s privacy caused by the collection, storage and dissemination of personal data. Personal data generally refers to the information or data which relate to a person who can be identified from that information.
Why is a Data Protection Law necessary?
There is an ongoing explosion of cyber crimes on a global scale. Data breaches and cyber crimes in India will be tough to combat until strong cyber laws are not made. India presently does not have any express legislation governing data protection or privacy. However, the relevant laws in India dealing with data protection are the Information Technology Act, 2000 and the (Indian) Contract Act, 1872. Therefore, Centre is planning to introduce a law on the subject of data protection in the near future.