The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 intends to provide for targeted delivery of subsidies and services to individuals residing in India by assigning them unique identity numbers, called Aadhaar numbers.
Every resident shall be entitled to obtain an Aadhaar number. A resident is a person who has resided in India for 182 days, in the one year preceding the date of application for enrolment for Aadhaar
Information to be submitted
To obtain an Aadhaar number, an individual has to submit the following information
- biometric (photograph, finger print, iris scan) and
- demographic (name, date of birth, address)
The Unique Identification Authority (UID) may specify other biometric and demographic information to be collected by regulations.
At the time of enrolment, the individual will be informed of the following
- the manner in which the information will be used
- the nature of recipients with whom the information will be shared, and
- the right to access this information.
After verification of information provided by a person, an Aadhaar number will be issued to him.
Use of Aadhaar number
To verify the identity of a person receiving a subsidy or a service, the government may require them to have an Aadhaar number. If a person does not have an Aadhaar number, government will require them to apply for it, and in the meanwhile, provide an alternative means of identification. Any public or private entity can accept the Aadhaar number as a proof of identity of the Aadhaar number holder, for any purpose. Aadhaar number cannot be a proof of citizenship or domicile.
Functions and composition of authority
The key functions of the UID authority include,
- specifying demographic and biometric information to be collected during enrolment
- assigning Aadhaar numbers to individuals
- authenticating Aadhaar numbers, and
- specifying the usage of Aadhaar numbers for delivery of subsidies and services.
The UID authority will consist of a chairperson, two part-time members and a chief executive officer. The chairperson and members are required to have experience of at least ten years in matters such as technology, governance, etc.
The UID authority will authenticate the Aadhar number of an individual, if an entity makes such a request. A requesting entity (an agency or person that wants to authenticate information of a person) has to obtain the consent of an individual before collecting his information. The agency can use the disclosed information only for purposes for which the individual has given consent.
Response to authentication query
The UID authority shall respond to an authentication query with a positive, negative or other appropriate response. However, it is not permitted to share an individual’s finger print, iris scan and other biological attributes.
Authentication record maintained by UID authority
The UID authority shall record the entity requesting verification of a person’s identity, the time of request and the response received by the entity. The purpose for which an individual’s identity needs to be verified will not be maintained.
Protection of information
Biometric information such as an individual’s finger print, iris scan and other biological attributes (specified by regulations) will be used only for Aadhaar enrolment and authentication, and for no other purpose. Such information will not be shared with anyone, nor will it be displayed publicly, except for purposes specified by regulations.
Cases when information may be revealed
In two cases, information may be revealed
- In the interest of national security, a Joint Secretary in the central government may issue a direction for revealing, (i) Aadhaar number, (ii) biometric information (iris scan, finger print and other biological attributes specified by regulations), (iii) demographic information, and (iv) photograph. Such a decision will be reviewed by an Oversight Committee (comprising Cabinet Secretary, Secretaries of Legal Affairs and Electronics and Information Technology) and will be valid for six months.
- On the order of a court, (i) an individual’s Aadhaar number, (ii) photograph, and (iii) demographic information, may be revealed.
Offences and penalties
A person may be punished with imprisonment upto three years and minimum fine of Rs 10 lakh for unauthorised access to the centralized data-base, including revealing any information stored in it. If a requesting entity and an enrolling agency fail to comply with rules, they shall be punished with imprisonment upto one year or a fine upto Rs 10,000 or Rs one lakh (in case of a company), or with both.
Cognizance of offence
No court shall take cognizance of any offence except on a complaint made by the UID authority or a person authorised by it.
To view the complete Act, click here.