The government has decided to amend the Telegraph Act and the Prevention of Money Laundering Act in order to allow private entities such as banks and telecom service providers access to Aadhaar as one of the “know your customer” (KYC) methods. The amendments, cleared by the Union cabinet on Monday, propose stringent penalties for hackers.
The cabinet also approved 10-year jail terms for those found guilty of data breach; use of quick response (QR) codes for Aadhaar authentication; and parental consent for use of children’s biometric identification, said a government official, who asked not to be named. Currently, a person found guilty of breaching data can be imprisoned for as many as three years.
Monday’s decision allowing voluntary seeding of Aadhaar with bank accounts and mobile phone numbers will give statutory backing to the use of the 12-digit unique biometric identification number by private entities where it is justified. Finance minister Arun Jaitley had in October indicated that the Supreme Court judgement on Aadhaar had allowed scope for banks and mobile telephone companies to use the biometric identification number by way of new legislation. For such use, it has to be shown that the principle of proportionality is met—that is, it should not go beyond what is necessary to meet the policy objective.
The apex court, which upheld the constitutional validity of Aadhaar with riders, struck down a part of the controversial Section 57 of the Aadhaar Act that allowed corporate bodies to use Aadhaar by way of a contract. The court upheld the use of Aadhaar by government agencies such as the income tax department.
The government is of the view that use of the biometric identification number helps prevent diversion of state benefits intended for the poor. Last year, the government claimed to have saved ₹90,000 crore in subsidies by use of Aadhaar.