The Bar Council of India does not permit advertisement or solicitation by advocates in any form or manner. By accessing this website, www.khaitanco.com, you acknowledge and confirm that you are seeking information relating to Khaitan & Co of your own accord and that there has been no form of solicitation, advertisement or inducement by Khaitan & Co or its members. The content of this website is for informational purposes only and should not be interpreted as soliciting or advertisement. No material/information provided on this website should be construed as legal advice. Khaitan & Co shall not be liable for consequences of any action taken by relying on the material/information provided on this website. The contents of this website are the intellectual property of Khaitan & Co.

Please accept the above


See all results for ""

Supreme Court upholds the constitutionality of Aadhaar albeit conditionally


On 26 September 2018, after marathon hearings over four months, a five judge constitution bench of the Supreme Court comprising of Hon’ble Chief Justice Deepak Mishra, Hon'ble Justice A K Sikri, Hon’ble Justice A M Khanwilkar, Hon’ble Justice D Y Chandrachud and Hon’ble Justice Ashok Bhushan upheld the Aadhaar scheme by a 4:1 majority. The majority judgment has been delivered by Justice A K Sikri (on behalf of Chief Justice Mishra, Justice Khanwilkar and himself). Justice Bhushan delivered a separate concurring judgment and Justice Chandrachud delivered the sole dissent. Despite upholding the constitutionality of the Aadhaar scheme, several provisions of the Aadhaar (Targeted Delivery of Financial and other Subsidies, Benefits and Services) Act, 2016 (Act) have been struck/read down to accommodate the apprehensions that had been raised by the Petitioners, particularly with respect to the threat to privacy and data protection.


The Aadhaar scheme was conceptualised in the year 2006 and launched in the year 2009 when the Central Government constituted the Unique Identification Authority of India (UIDAI) by way of an executive order for issuing unique identification numbers to Indian residents. From the year 2012, several petitions were filed before the Supreme Court and various high courts challenging inter alia the constitutional validity of the scheme. Even after the Aadhaar scheme received statutory backing with the passage of the Act in 2016, petitions were filed challenging the provisions of the Act, the Aadhaar (Authentication) Regulations, 2016 (Aadhaar Regulations), the Money Laundering (Amendment) Rules, 2017 (PMLA Rules) and all notifications issued under Section 7 of the Act which made Aadhaar mandatory for availing various benefits.

One of the major arguments against the Aadhaar scheme and the Act was that it violated the right to privacy. This question has been settled by a separate nine judge constitution bench of the Supreme Court in K S Puttaswamy and Another vs Union of India [2017 (10) SCC 1] (Puttaswamy) which unanimously held that the right to privacy was indeed a fundamental right guaranteed as a facet of personal liberty under Article 21 of the Constitution.

Apart from the substantive challenge based on the right to privacy, the passage of the Act as a money bill pursuant to Article 110 of the Constitution was also challenged, as this bypassed the requirement of a Rajya Sabha vote.


The Aadhaar scheme has the potential to enable an intrusive State to become a surveillance State. The Act violates the fundamental right to privacy.

There is a risk of misuse of biometric information at the stage when the data is made available to the enrolment agency and again at the stage of claiming a benefit when the Aadhaar number has to be provided to the requesting entity as such entities are not controlled by the UIDAI.

The procedures for data collection adopted prior to the passage of the Act as well as the provisions of the Act mandating identification by only one mode, i.e. Aadhaar, are violative of the fundamental right to equality, right to freedom and speech and right to life/personal liberty enshrined in Articles 14, 19 and 21 of the Constitution.

Rule 9 of the PMLA Rules which mandates linking of Aadhaar number with bank accounts is not only a violation of the fundamental rights of Indian citizens under Articles 14, 19(1)(g) and 21 of the Constitution, but is also violative of the constitutional right to property under Article 300A. They also contradict the RBI Circular of 2013 which provides a list of documents that were acceptable as proof of identity.

Section 57 of the Act, which allowed any body-corporate or individual with a legal backing to use Aadhaar numbers for establishing identity, is unconstitutional. Section 59 which retrospectively validated all actions including the enrollment of citizens under the Aadhaar scheme even prior to the passage of the Act, was also claimed to be unconstitutional.

The Act which was introduced as a Money Bill was liable to be struck down since many of the provisions therein, including Section 57, lacked the basic features of a Money Bill.

The mandatory linking of SIM cards to Aadhaar number as per the Telecom Regulatory Authority of India’s circular dated 23 March 2017 did not satisfy the tests laid down in Puttaswamy to determine violations of privacy, particularly the test of proportionality, as the court would have to decide whether a less intrusive measure could have been adopted consistent with the object of the law, and whether the impact of the encroachment on a fundamental right is disproportionate to the benefit which is likely to ensue.


Section 59 of the Act validated all actions taken prior to the passage of the Act under the Aadhaar scheme.

The Act satisfied the test of proportionality because the Act is furthering the legitimate state interests such as dissipation of social welfare benefits. There is a rational nexus between objects of the Act and the means employed to achieve them. Further, the benefits under the Act are essential for ensuring the fundamental right to life and personal liberty to the marginalised sections of the society.

The Act was rightly passed as a Money Bill since it contemplates an expenditure of funds from the Consolidated Fund of India (a requisite under the Constitution for a Bill to qualify as a Money Bill). The preamble to the Act also supports such contention.

The Act mandates collection and storage of minimal biometric information and no other information like religion, caste or medical history was being collected.

The enrolment scheme under the Act is fool-proof as the biometric information collected by an enrolment agency is transmitted to the Central Identities Data Repository (CIDR) within a few seconds and is stored and maintained as authentication transaction data in an encrypted form. Same is the case at the time of authentication by the requesting entity and as such there was no profiling of the citizens.


The demographic and biometric data collected during the enrolment process is minimal and sufficient authentication security measures are being followed by the Respondents.

The Aadhaar number is more effective than other identity proofs as it is unique to an individual and eliminates chances of duplication of identity.

Section 7 of the Act ensures targeted delivery of services, benefits and subsidies pursuant to the discharge of the solemn constitutional obligation of the State to enliven the fundamental right to life and personal liberty and in light of this, the Petitioners’ claim that dignity as a facet of right to privacy was being diluted could not be accepted.

The Act satisfies the test of proportionality as all the components of such test namely a legitimate goal, a rational connection between the measures undertaken for furthering the achievement of the goal, absence of alternative less invasive measures and the absence of a disproportionate impact on the holder of the right, are satisfied.

However, certain apprehensions raised by the Petitioners with respect to safeguarding inter alia the fundamental right of privacy mandated the striking down/reading down/clarifying of some of the provisions of the Act, the Aadhaar Regulations and related legislations, namely:

  •   No archival over 6 months: Regulation 27(1) of the Aadhaar Regulations which provided for archiving authentication records for a period of more than 5 years has been declared unconstitutional. The authentication records are not to be archived for a period of more than 6 months.
  •   Minimisation of storage of meta data relating to a transaction: Regulation 26 of the Aadhaar Regulations enabled the UIDAI to maintain and store a record of all authentications of the Aadhaar number of an individual. Maintenance of metadata in the present form, has been held to be impermissible and Regulation 26 will require suitable amendment.
  •   Opportunity of hearing where disclosure is pursuant to a court order: Section 33(1) of the Act which provides for disclosure of information in the event of a court order, has been read down with a clarification that an individual, whose information is sought to be released, shall be afforded an opportunity of hearing. If such an order is passed, she shall have right to challenge it before a higher court.
  •   Higher authority to decide whether disclosure in the interest of national security:  Section 33(2) of the Act which provided for disclosure of Aadhaar information in the interest of national security has been struck down in its present form with liberty to enact a suitable provision. The bench has directed that determination of requirement for such disclosure should be by an officer ranking higher than a Joint Secretary and that in order to avoid any misuse, a high judicial functionary such as a sitting high court judge should be associated in the process.
  •   No access to private entities: Section 57 of the Act which enabled body corporate and individuals to use/seek Aadhaar numbers for establishing the identity of any individual has been held to be unconstitutional to such extent.
  •   Grant of power to individuals to make complaint: Section 47 of the Act which provided that no Court shall take cognizance of offence under the Act except on a complaint made by the UIDAI should be modified to provide for any individual to be able to make such complaint.
  •   Inapplicability to minors: The enrolment of minors under the Act can be done only with the consent of the parents and such minors would have an option to exit from the scheme if they so choose upon attaining majority. Insofar as the school admissions or benefits to children under schemes like Sarva Shiksha Abhiyan are concerned, the requirement of Aadhaar is not compulsory as it is neither a service nor subsidy.
  •   No mandatory linking of bank accounts: The mandatory linking of Aadhaar number with bank accounts fails the test of proportionality since the deactivation of the account upon the failure of such linkage would result in depriving a person of her property and would also violate the right to privacy of person with respect to the access to banking details.
  •   No mandatory linking with SIM cards: The mandatory linking of Aadhaar number to SIM cards is unconstitutional in view of the Circular dated 23 March 2017 lacking any authority of law and Section 57 being declared unconstitutional.



In a dissenting judgment, Justice D Y Chandrachud has declared the Act to be unconstitutional in its entirety as the Act did not meet the test of a money bill and substantive provisions violated fundamental rights including the right to privacy. His judgment analyses and lists the over-breadth of the Act and the Aadhaar Regulations. The judgment also illustrates the vast possibilities of authentication failures that can result in denial of benefits to deserving citizens, thus nullifying the main purpose of the Act. Interestingly, Justice Chandrachud’s judgment gives directions vis-à-vis the treatment of the data which has already been collected by private entities and calls upon the destruction of the same.


An important takeaway from the judgment is the bench’s observation that there is an imminent need for a robust data protection regime in the country. The bench has analysed the issues that were raised in the present petitions from the standpoint of the findings of the Report of the Committee of Experts under the Chairmanship of Justice B.N. Srikrishna and the Draft Personal Data Protection Bill 2018 and observed that the country is not far from a data protection regime which embeds informational and data privacy within our laws and legal system.

The striking down of Section 57 means that private companies can no longer mandate Aadhaar based eKYC as a means of identification or verification. This will have far reaching ramifications on the services sector, in particular, on fintech and telecom companies as eKYC was a quick and efficient means of customer acquisition without the requirement of physical submission of KYC documents. Many industry participants believe that reverting to the paper-based option will be costly and time consuming. Businesses that adapted early to Aadhaar based eKYC authentication now face a quandary regarding the Aadhaar based data already collected and stored and will have to await further directions and clarifications from the Government of India and other regulators.

-     Ajay Bhargava (Partner), Harsh Walia (Associate Partner), Supratim Chakraborty (Associate Partner) and Abhisaar Bairagi (Principal Associate)

For any queries please contact: editors@khaitanco.com

Ajay Bhargava (partners) , Harsh Walia (partners) , Supratim Chakraborty (partners)

We have updated our Privacy Policy, which provides details of how we process your personal data and apply security measures. We will continue to communicate with you based on the information available with us. You may choose to unsubscribe from our communications at any time by clicking here.

For private circulation only

The contents of this email are for informational purposes only and for the reader’s personal non-commercial use. The views expressed are not the professional views of Khaitan & Co and do not constitute legal advice. The contents are intended, but not guaranteed, to be correct, complete, or up to date. Khaitan & Co disclaims all liability to any person for any loss or damage caused by errors or omissions, whether arising from negligence, accident or any other cause.

© 2021 Khaitan & Co. All rights reserved.


One Indiabulls Centre
13th Floor, Tower 1
841 Senapati Bapat Marg
Mumbai 400 013 India

T: +91 22 6636 5000

E: mumbai@khaitanco.com

New Delhi

Ashoka Estate, 12th Floor
24 Barakhamba Road
New Delhi 110 001 India

T: +91 11 4151 5454

E: delhi@khaitanco.com


Simal, 2nd Floor
7/1 Ulsoor Road
Bengaluru 560 042 India

T: +91 80 4339 7000

E: bengaluru@khaitanco.com


Emerald House
1B Old Post Office Street
Kolkata 700 001 India

T: +91 22 6636 5000

E: kolkata@khaitanco.com