Monthly Archives: June 2017

Aadhaar Is Not Mandatory For Bank Accounts And Bank Purposes

Banks have been harassing their customers in the name of seeding of Aadhaar with customer’s bank accounts. Some banks even tried to impose a restriction on deposit and withdrawal of cash unless Aadhaar is seeded with bank account. However, vigilant citizens foiled all these attempts of banks and Indian government so far.

Now government and banks have once again started harassing the bank customers. As per the Reserve Bank of India (RBI) directions, Aadhaar is absolutely optional for banking purposes, including direct bank transfer (DBT).

Even a Constitution Bench of Supreme Court has made Aadhaar optional (pdf) till the matter is decided by it finally. The constitutionality of Aadhaar and Aadhaar Act, 2016 has already been challenged before the Supreme Court.

In fact, Indian must block their biometric and deseed Aadhaar from all services and purposes as soon as possible. But both biometric blocking and Aadhaar deseeding must be done together for stronger protection.

If you have already seeded your Aadhaar with a bank account, ask your bank to deseed it. No bank can refuse to deseed your Aadhaar form the bank account if you have complied with other KYC requirements. Such KYC requirements can be complied with by giving other government approved documents like PAN, driving license, passport, etc.

Aadhaar is not needed for:

(1) Opening of a bank account or continuing the same in an uninterrupted manner,

(2) Uninterrupted cash deposits and withdraws, subject to citing of PAN in some cases,

(3) Opting for Internet banking, digital payments, etc without Aadhaar clubbing,

(4) For money laundering issues that Indian government and its authorities are required to manage,

(5) For checking terrorism funding or any other illegal activity involving money of a person, etc.

The list is just illustrative and many more cases would be covered by this list in future.

So Aadhaar is optional for all purposes, including for banking related issues. If any bank or other institution asks for Aadhaar, simply refuse the same citing interim order of the Constitution Bench.

Aadhaar Is Not Mandatory For PAN And Tax Returns Even In July 2017

Many people have asked us whether quoting of Aadhaar is mandatory or not for tax returns or PAN purposes. Recently Supreme Court gave a very complicated judgment in this regard where one thing was dependent upon another.

For instance, the constitutional validity of Section 139AA (1) has been partially approved subject to final decision of the Constitution Bench of Supreme Court. Further, constitutional validity of Section 139AA (1) has also not been tested on the more stringent touchstone of Article 21 and other Fundamental Rights. Even the limited constitutional validity of Section 139AA (1) is subject to the final decision of the Constitution Bench.

Section 139AA (2) has also been severely read down by Supreme Court making the entire Section 139AA toothless. No penal action, including cancellation of PAN card, can take place now till the matter is finally decided by the Constitution Bench of Supreme Court.

So for all practical purposes, Supreme Court of India has made Aadhaar optional for Section 139AA. As a result no return would be rejected or any PAN would be cancelled for not quoting Aadhaar.

Even in July Aadhaar would be optional keeping in mind the settled legal and constitutional position in this regard.

Please see the true interpretation and impact of recent Supreme Court’s judgment on Section 139AA here.

Indians Must Block And Destroy Their Biometric And Deseed Aadhaar From All Services Opines Praveen Dalal

Aadhaar has created serious constitutional, civil liberties and cyber security problems in India. Indian government and Supreme Court are not interested in rescuing Indians from this precarious situation. Clearly India is heading towards dystopian and totalitarian state and something has to be done right now to counter this position.

We have suggested few strategies to Indians so that they can escape from being digital slaves forever. These include:

(a) Blocking of your biometric at UIDAI website and never using Aadhaar again for KYC or EKYC purposes in future,

(b) Deseeding of Aadhaar from all services, whether government or private, where you have seeded the Aadhaar, and

(c) Asking the UIDAI and Supreme Court to delete your biometric database from UIDAI registry and any and all other places where your biometric have been stored.

According to Praveen Dalal, it is pertinent that you must go for biometric blocking and Aadhaar deseeding together and not in isolation. Neither blocking of biometric nor deseeding of Aadhaar from all services without blocking of the biometric is sufficient in itself.

Once the biometric have been blocked and Aadhaar is deseeded from all government and private services, ask UIDAI, Indian government and Supreme Court to destroy your biometric to prevent any future misuse of the same.

Cyber security of Aadhaar and its biometric database is very poor by design and implementation. It is better to safeguard you interests, including your civil liberties, than being sorry in future. So start blocking your biometric at UIDAI, deseed Aadhaar from all services and demand for destruction of biometric from all places.

The Constitution of India and your Fundamental Rights empower you to take all these actions. Neither Indian government nor Supreme Court of India can restrict you from doing above mentioned three activities of blocking, deseeding and destruction of biometric database of Aadhaar.

General Guidelines For Securing Identity Information And Sensitive Personal Data Or Information In Compliance To Aadhaar Act, 2016 And Information Technology Act, 2000

Recently the Meity released guidelines pertaining to data security for various government departments. The guidelines intend to assist government departments that collect, receive, possess, store, deal or handle personal information including sensitive personal information or identity information to implement the reasonable security practices and procedures and other security and privacy obligations under the IT Act, 2000 and Aadhaar Act, 2016.

While the IT Act 2000 has become grossly outdated yet the constitutionality of Aadhaar Act, 2016 is already questioned before the Supreme Court of India. Further, the guidelines are general guidelines meant for guiding the government departments and lack enforceability capability. In any case, enforcement of laws in India is very poor especially when it comes to enforcement of cyber law and cyber security related norms.

Some people have already started celebrating as if these guidelines have brought something magical. Truth is these guidelines are neither effective nor enough to cover even the basic concepts of data protection and cyber security as per international standards. So the fact remains that India has no dedicated privacy, cyber security and data protection laws and cyber security of sensitive information, including Aadhaar and its CIDR, is at great risk.

The guidelines are just suggestions with no binding legal obligations for data breaches. They are simply telling the government departments to use common sense while dealing with sensitive data of Indians. They have not put any onerous obligations upon government departments the violation of which would be subject to prosecution. Indians have no right even if their data and information is leaked by such government departments.

Government departments are even free to ignore these guidelines as non-existent by simply not acting upon them. There is no time line within which the government departments are required to ensure even basic cyber security practices. Saying that government departments must do this and that does not make any sense if there is no time bound obligations coupled with imposing sanctions against non compliance.

In short, these guidelines are just eyewash to fool Indians and Supreme Court by claiming that some magical data security and cyber security remedy has been put at place. In reality, the guidelines are nothing more than a façade to keep Indians in dark.