Aadhar And The Architecture Of Consent: Protecting The World’s Largest Biometric Database

Rohan Bhimajiyani, LL.M., Gujarat National Law University

ABSTRACT

With the rise of digitalisation in every realm of our lives, governments around the world have embraced technology to deliver welfare services to their citizens. It provides a secure, cost-effective and modern solution to the legacy methods of service delivery.

The Government of India has undertaken the ‘Digital India’ project under which various services have been made digital. The government has leveraged technology to deliver services to the masses and build lasting infrastructure, which it calls ‘Digital Public Infrastructure’ to be used as public goods. The JAM Trinity, as it is colloquially known, consists of Jan Dhan, Aadhar and Mobile numbers. It consists of complete private information of a citizen, which is used to deliver services. Aadhar was started as a way to streamline benefit delivery to the marginalised. However, over the years, it has developed into a prerequisite for accessing any government service, making it challenging to opt out by design, putting in question the consent of citizens.

The Supreme Court of India in the KS Puttaswamy v. Union of India recognised the fundamental right to privacy under Article 21 of the Constitution; the Digital Personal Data Protection Act 2023 provides for the protection of the data of citizens. This paper aims to explore the privacy risks associated with the rise of Aadhaar and other such technologies. The authors look into the progression of Aadhar over the years and the existing legal framework around data protection. We then compare global best practices to analyse how India can ensure it protects the largest biometric database in the world. We end the paper with our suggestions and the way forward.