Aadhar Judgement-10: Let us debate the changes required in PDPA 2018

This is in continuation of the series of articles on this topic

Over the last 9 articles on Aadhaar Judgement, I have provided some views on the interpretation of the Judgement specifically with reference to the upcoming PDPA 2018 which has been introduced in the Parliament as a bill and will be taken up for debate in the next session. The public comments for the same are open upto 10th October 2018. Since the Adhaar judgement has just now been released, it is necessary that we re-visit our views on the PDPA 2018 draft from the perspective of what the judgement implies.

The Srikrishna Committee itself made an elaborate recommendation on the amendments to the Aadhaar Act in the main report but did not make it part of the draft PDPA 2018.  Now the Government apart from making whatever amendments are required to be made in PDPA 2018 may also make the recommended amendments  in the Aadhaar Act taking care that they donot conradict what this Aadhaar Judgement has indicated.

I draw the attention of the readers to the Appendix to the Srikrishna Committee Report which contains a detailed list of “Suggested Amendments to the Aadhaar Act”. It is not clear if the Supreme Court while finalizing the judgment went through these suggestions which were put together under the guidance of a former Supreme Court Judge spending nearly one year on understanding the issues involved in designing a Privacy Act.

It is to be noted that the recommendation contained interesting thoughts of alternate forms in which Aadhaar can be used for authetnication (eg Offline Authentication), strengthening of the dispute resolution mechanism (Introduction of adjudication and Appeallate Tribunal), mechanism for obtaining legal sanction for future use by a law passed by the Parliament, etc.

As regards Section 57, this recommendation included “Offline Verification” as the means by which the authentication was to be made so that all the objections that the current judgement has indicated would be completely irrelevant.

We therefore suggest that the Government while passing the PDPA 2018 also pass the amendment to the Aadhaar Act where by they may replace Section 57 with a read dwon Section 57 and introducing a new Section 57A incorporating the recommendations of the Srikrishna Committee.

Srikrishna Committee rightly did not get into providing prescriptions on information security such as the data retention, meta data collection etc and stuck to the legal issues unlike the current judgement. It’s recommendations are therefore worth looking into in detail.

Probably the Government needs to create a sub committee headed by Justice Srikrishna himself to re draw the Appendix in the light of the Supreme Court judgement.

I recommend that organizations such as Foundation of Data Protection Professionals in India (FDPPI) work with premier academic institutions like NLSUI and develop a draft recommendation of refining Appendix to the Srikrishna Committee in the light of this judgement.

Naavi

Disclaimer: The views expressed here and elsewhere on this site are the personal views of Naavi and not the views of any organization or group that he may be associated with.


This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.