Non-disclosure of UIDAI’s contracts with foreign firms despite CIC’s order.
Dr D.Y. Chandrachud, Chief Justice of India is all set to set up 7-judge Constitution Bench to decide constitutionality of Aadhaar Act and other legislations. It was announced on October 6, 2023. Earlier, on May 3, 2023 too, Dr. Chandrachud had orally observed that constituting a 7-judge bench to hear the constitutionality of money bills was on his mind. He was responding to the mention of the verdict in Roger Mathew case dated November 13, 2019 by Senior Advocate Dr A.M.Singhvi. Dr. Singhvi had said, "Your lordship had said earlier also that you will consider as soon as possible, after the holidays".
(Notably, the bench comprising Chief Justice of India Dr. D.Y.Chandrachud, Justices Sanjay Kishan Kaul, Sanjiv Khanna, B.R.Gavai, Surya Kant, J.B.Pardiwala and Manoj Misra have issued directions for the pre-hearing steps in various matters before 7-judge constitution bench and 9-judge constitution bench. In its October 12, 2023 order, it has instructed that the compilation of documents, pleadings, precedents must be filed in three weeks along with written submissions).
Supreme Court’s decision dated November 13, 2019 had referred the illegitimate enactment of Aadhaar Act as “Money Bill” for consideration by a larger Bench. Even as one awaits the constitution of a 7-Judge Constitution Bench to hear the Roger Mathew v. South India Bank Ltd case as a consequence of the verdict of 5-Judge Constitution Bench, Delhi High Court has listed the case regarding non-disclosure of contracts with foreign firms by Unique Identification Authority of India (UIDAI) under Aadhaar Act on March 21, 2023. Aadhaar like projects have unfolded in the regions of “undivided India” besides Afghanistan. Pakistani National ID Card (NIC), Bangladeshi National Identity Card (NID) and Afghanistani Electronic National Identity Cards (e-Tazkira) are part of the World Bank’s eTransform Initiative that transforms government-citizen relationship through indiscriminate mass surveillance of the entire populations.
The case with Aadhaar Number, an unique identification (UID) number related case in Delhi High Court on non-disclosure of information under Right to Information (RTI) Act on firms like Accenture and Safran Group despite the order of Central Information Commission (CIC) has been sent back to CIC on September 6,2023.These firms have made themselves parties in the case. Such firms are involved in demographic and biometric profiling of populations of “undivided India” and Afghanistan.
In April 2022, the audit report of the Comptroller Auditor General (CAG) of India revealed “flaws in the management of various contracts entered into by UIDAI”. The upcoming hearing in High Court assumes significance because it is linked to the case related to a RTI reply that shared truncated contract agreements executed between UIDAI with L1 Identity Solutions Operating Company, currently a subsidiary of French conglomerate Safran Group, Sagem Morpho Security Pvt Ltd, a subsidiary of Safran Group, Accenture Services Pvt Ltd, a US company. At the time of award of contract to L1 Identity Solutions Operating Company was a US company.
With regard to Sagem Morpho Security Pvt Ltd, a reply dated October 25, 2013 from Assistant Director General, UIDAI states that the “effort is on to find the data” about the value of contract awarded. This reply in the matter of Sagem Morpho Security Pvt Ltd remains quite intriguing.
Notably, L1 has undergone metamorphosis and become part of Safran Group along with Morpho Security Pvt Ltd. UIDAI had awarded contracts to three companies namely, Satyam Computer Services Ltd (Mahindra Satyam), as part of a “Morpho led consortium”, L-1 Identity Solutions Operating Company and Accenture Services Pvt Ltd of US for the “Implementation of Biometric Solution for UIDAI”.
Pursuant to CIC’s intervention in the matter of application filed by Col. Mathew Thomas, an octogenarian defence scientist, and submissions by the author on his behalf, UIDAI shared its contract agreement with French and US biometric technology companies but crucial pages are missing from the contract agreement after the CIC heard the matter on September 10, 2013. CIC has ruled, “Any agreement entered into by the government is an agreement deemed to have been entered into on behalf of and in the interest of ‘We the people’.
Sushma Singh, as the Information Commissioner provided UIDAI’s letter written to CIC submitting that "contractual obligation in respect of BSP (Biometric Solution Provider) contracts has expired. Therefore, UIDAI has no objection in sharing the following contract details:-a) Copy of contract of UIDAI with M/s L-1 Identity Solutions for Biometric Technology; and b) Copy of contract of UIDAI with M/s Accenture for Biometric Technology".
After examining these documents with regard to the Accenture for Biometric Technology, it has come to light that the first 237 pages appear to be in order but after that there is a one pager titled Annexure J Technical Bid. The Technical Bid document is missing. After that there is a one pager titled Annexure K Commercial Bid Commercial (Bid as submitted by M/s Accenture Services Pvt Ltd). The Commercial Bid document is missing.
With regard to the L-1 Identity Solutions for Biometric Technology, one noticed that the first 236 pages appear to be in order but after that there is a one pager titled Annexure I non-disclosure agreement as submitted by L-1 Identity Solutions Operating Company Pvt Ltd. But this document is missing. After that there is a one pager titled Annexure J Technical Bid as submitted by L-1 Identity Solutions Operating Company Pvt Ltd. The Technical Bid document is missing. After that there is a one pager titled Annexure K Commercial Bid as submitted by L-1 Identity Solutions Operating Company Pvt Ltd. The Commercial Bid document is missing.
While giving its order, CIC said, “The claim of ’commercial confidence’ in denying access to agreements between private parties and the masters of the public authorities—citizens—runs counter to the principles of the Right to Information.” CIC observed, “Any agreement entered into by the government is an agreement deemed to have been entered into on behalf of the and in the interest of ‘We the people’. Hence if any citizen wants to know the contents of such an agreement, he is in the position of a principal asking his agent to disclose to him the terms of the agreement entered into by the agent on behalf of the principal. No agent can refuse to disclose any such information to his principal,” the CIC said in its order dated July 27, 2009.
UIDAI is yet to disclose whether there has been any fresh agreement between UIDAI and Safran Group and its subsidiaries and who all are the biometric solution providers after the expiry of the “contractual obligations” with L-1 Identity Solution and Accenture. The contract agreement with Accenture Services Pvt Ltd at clause 15.1 it reads: "By virtue of this Contract, M/s Accenture Services Pvt Ltd/Team of M/s Accenture Services Pvt Ltd may have access to personal information of the Purchaser and/or a third party or any resident of India, any other person covered within the ambit of any legislation as may be applicable."
The clause 15.3 reads: "The Data shall be retained by Accenture Services Pvt Ltd not more than a period of 7 years as per Retention Policy of Government of India or any other policy that UIDAI may adopt in future."
The contract agreement with L1 Identity Solutions Operating Company at clause 15.1 reads: "By virtue of this Contract, M/s L1 Identity Solutions Operating Company/Team of M/s L1 Identity Solutions Operating Company may have access to personal information of the Purchaser and/or a third party or any resident of India, any other person covered within the ambit of any legislation as may be applicable."
The clause 15.3 reads: "The Data shall be retained by L1 Identity Solutions Operating Company not more than a period of 7 years as per Retention Policy of Government of India or any other policy that UIDAI may adopt in future." This implies that all the biometric data of Indians which has been collected so far is now available to US and French Governments.
In April 2022, the audit report of CAG on the functining of UIDAI revealed that "There were flaws in the management of various contracts entered into by UIDAI. The decision to waive off penalties for biometric solution providers was not in the interest of the Authority giving undue advantage to the solution providers, sending out an incorrect message of acceptance of poor quality of biometrics captured by them."
The audit report also reveals that "UIDAI had not ensured that the client applications used by its authentication ecosystem partners were not capable of storing the personal information of the residents, which put the privacy of residents at risk. The Authority had not ensured security and safety of data in Aadhaar vaults. They had not independently conducted any verification of compliance to the process involved." It emerges that UIDAI has put privacy of present and future residents, Prime Ministers, Chief Ministerss, judges, legislators, soldiers, civil servants and intelligence officials and their families at risk.
Annexure 1 of the notification of Government of India dated the January 28, 2009 that constituted UIDAI deals with the Role and Responsibilities of UIDAI. It states: "implementation of UID scheme will entail” taking “necessary steps to ensure collation of NPR with UID (as per. approved strategy)”. NPR refers to National Population Register and UID refers to 12-digit demographic and biometric data based Number which has been given the brand name Aadhaar. The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 subsumed the government’s notification dated the 28th January, 2009. The convergence initiatives of MHA like NPR and UIDAI uses myriad fish baits to ensnare and entrap the present and future generation of citizens, the data subjects at the behest of transnational commercial and security czars.
On July 17, 2022, Lok Sabha was informed that the “Recommendation of CAG’s Audit Report No.24…on ‘Performance Audit on Functioning of UIDAI’ have been accepted for implementation. Action taken report on CAG's report on 'Performance Audit of #UIDAI' uploaded on Audit Para Monitoring System (APMS) (https://apms.nic.in). This information is does not appear to be in public domain. UIDAI’s press release of February 27, 2023 indicates that Aadhaar is focused on “authentication” of digital copy of fingerprints alone, not on identification. Have legislators and citizens been taken for a ride?
A joint reading of two orders of Justice Subramonium Prasad, Delhi High Court dated September 6 in Mathew Thomas v. Union of India (2014) case and October 5 2023 in Prashant Reddy v. CPIO, UIDAI (2023) case shows that all the contracts of UIDAI and foreign firms come under RTI Act. Supreme Court must examine these contracts with reference to Section 57, Aadhaar Act as well.
In such a backdrop, in the aftermath of the revelations by CAG about contracts awarded to foreign firms which are involved in UIDAI’s Centralized Identities Data Repository (CIDR) and Home Ministry’s NPR, can one ask Chief Justice to enquire from the Registrar General as to why this national security related case is not getting the priority it deserves? It is hoped that attempts by the foreign firms which are subverting public institutions is being resisted and the judiciary will not leave any stone unturned to transcend the insurmountable impediment of paucity of time to decide the Aadhaar related cases with the promptness it deserves.
Dr. Gopal Krishna
The author is a lawyer and public policy researcher. He had appeared before the Parliamentary Committee that examined the National Identification Authority of India Bill, 2010 that was withdrawn in 2016 and enacted later as Aadhaar Act 2016