ToxicsWatch, Journal of Earth, Science, Economy and Justice

 Briefing Paper

CFCL welcomes proposed withdrawal of DNA Technology (Use & Application) Regulation Bill, demands repeal of Biometric Aadhaar Act 

Unlike EU Parliament’s questionable creation of the Common Identity Repository (CIR), a gigantic biometrics database, Indian Govt’s withdrawal of DNA Bill is consistent with verdicts of European Court of Human Rights and Indian Supreme Court   

Citizens Forum for Civil Liberties (CFCL) welcomes proposed withdrawal of 36 page long the DNA Technology (Use and Application) Regulation Bill, 2019 and demands repeal of Biometric Aadhaar Act.

The withdrawal is proposed in the aftermath of the 144 page long report of  Parliamentary Standing Committee on Science and Technology, Environment, Forests and Climate Change which was tabled in Lok Sabha on 3 February 2021 factored in its ramifications. Drawing on the deliberations of the committee, CFCL demands repeal of Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 which enables collection of “biometric information”and “biological attributes”. As per Section 2 (g) of Aadhaar Act, 2016, “‘biometric information’ means photograph, fingerprint, iris scan, or such other biological attributes of an individual as may be specified by regulations”. The “other biological attributes” include biometric information like DNA.  

Union government’s decision to withdraw the DNA Profiling Bill is consistent with the decision of the European Court of Human Rights (ECHR) in S and Marper vs. United Kingdom (2008) on violation of the right to privacy and family life by DNA profile retention in criminal justice databanks and Supreme Court of India’s verdict of 9-judge Constitution Bench dated 24 August 2017 on fundamental right to privacy in Justice K. S. Puttaswamy (Retd.) vs. Union of India (2017). The decision in the former was delivered by 17 judges on December 4, 2008. The Court found that the “blanket and indiscriminate nature” of the power of retention of the fingerprints, cellular samples, and DNA profiles of persons suspected but not convicted of offenses, failed to strike a fair balance between competing public and private interests.

In the latter, the Indian Court grappled with the issue of collection of DNA in its verdict It drew on this ECHR decision and the UK Supreme Court’s verdict in R vs. The Commissioner of Police of the Metropolis (2011) which held that the police force's policy of retaining DNA evidence in the absence of 'exceptional circumstances' was unlawful and a violation of Article 8 of the European Convention on Human Rights. It also drew on the 2012 report of Justice A.P. Shah headed Group of Experts on Privacy which recommended a framework for protection “multi-dimensional privacy” with specific reference to “use of personal identifiers, bodily privacy including DNA as well as physical privacy.” But the Union government’s decision to promote online databases like Central Identities Data Repository (CIDR) of “biometric information” and “biological attributes” based Aadhaar Numbers is indefensible and is contrary to India’s supreme national interest.

Significantly, biometrics “means the technologies that measure and analyse human body characteristics, such as ‘fingerprints’, ‘eye retinas and irises’, ‘voice patterns’, “facial patterns’, ‘hand measurements’ and ‘DNA’ for authentication purposes” according to Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 under section 87 read with section 43A of Information Technology Act, 2000. It becomes clear from these provisions that the plan of data collection does not end with collection of fingerprints and iris scan; it goes quite beyond it and envelopes "other biological attributes".

Subsequent to the recommendations of the report of Jairam Ramesh headed Parliamentary Standing Committee on Science & Technology, Environment, Forests and Climate Change, the Bill is listed for withdrawal. The submission made by CFCL is acknowledged in the parliamentary report. CFCL has argued for long that the Human DNA Profiling Bill in question  must be read with Clause 2 (g) of Aadhaar Act, 2016 that defines 'biometric information' and includes human DNA profiling and voice samples by mentioning "other such biological attributes of an individual" by any future regulation, apart from photograph, fingerprint and Iris scan.

The dissenting opinions expressed by members of this Parliamentary Committee are included in the report. These include Note of Dissent received from the Shri Asaduddin Owaisi, M.P., Lok Sabha (page no. 38-49) which among other things raises the issue of fallibility of DNA Evidence, absence of Data Protection Law and disregard of verdicts in Puttaswamy case and Subramanian Swamy case and Note of Dissent received from Shri Binoy Viswam, M.P., Rajya Sabha (page no. 50). Viswam observes, "the impact of this law on marginalized and minority communities such as, Dalits, Adivasis, religious and gender minorities, among others, make it impossible for me to support it. In light of the social, political and economic realities of India especially given the history of oppression faced by particular social groups cannot be ignored while considering such laws. It is time that the Government puts a hiatus on the passing of legislation that continues to encroach upon the right to privacy in the name of reasonable restrictions, till the time comprehensive data protection laws are not passed in the country." He also raised the issue of non-compliance with verdict in Justice K.S. Puttaswamy (Retd.) v. Union of India and breach of fundamental rights recognized by the Constitution of India. 

In his long dissent note Owaisi draws attention towards Crimes solved by DNA evidence fall despite millions being added to database (telegraph.co.uk). It has been noted by Christopher Hope that the case for the national DNA database has been undermined by figures showing that the addition of millions of profiles in the past six years has not increased the number of crimes solved by DNA evidence. In the past year the number of crimes solved using DNA has actually fallen despite the number of people on the database rising to more than four million. The news comes as European Union judges decide whether to wipe over a million profiles from innocent people from the database. Figures show that for the past six years the number of crimes solved using DNA evidence has remained static at between 0.34 and 0.36 per cent - about one in 300 of all recorded crimes. The number of crimes which were solved by a DNA match fell by 13 per cent to 17,614 last year as recorded crime fell overall, according to figures contained in Parliamentary answers. Over the same period the number of people's whose identity was on the national DNA database more than doubled in size from 1.9million people to 4.1million. There was a big boost to the figures in April 2004 when police were able to take DNA from anyone arrested for a recordable offence before they were charged. Previously, they had to wait until the offenders were charged. "If your DNA is on the database the government could use it to track you or your relatives, even if you are innocent of any crime. A smaller database would be much cheaper and also more effective" observes Helen Wallace.  

The new report records the observation of Liberal Democrats' shadow home affairs spokesman Chris Huhne saying: "These figures undermine the Government's flawed argument in favour of holding the DNA of innocent people. Bigger is not always better..."The DNA database is not the universal panacea to crime ministers would have us believe – the huge expansion of the database has not improved detection.  It also records the view of the Tories’ shadow Home Secretary Dominic Grieve. He said: “It is a sign of this Government’s skewed priorities that a million innocent citizens have been swabbed and sampled onto the DNA database, while serious criminals are left off. This latest research just strengthens the case for a national debate on the scope of this database, including the criteria for retention of DNA.” CFCL's submission echoes these concerns as well. 

Clause 22 of the Bill seeks to provide that any person who was present at the scene of a crime when it was committed; or is being questioned in connection with the investigation of a crime; or intends to find the whereabouts of his missing or lost relative, in disaster or otherwise, may voluntarily consent in writing to bodily substances being taken from him for DNA testing, subject to certain conditions specified therein. The Parliamentary Committee has recommended its modification and replacement with the following provision: “If the person giving the voluntary consent is below the age of eighteen years and the consent of the parent or guardian of such person is refused or cannot be obtained, the person investigating the case may make an appropriate application to the Magistrate having jurisdiction, for obtaining such bodily substances and the Magistrate, if satisfied that there is reasonable cause from taking the bodily substances from such person, order for taking of bodily substances from that person and after giving a hearing to the parent or guardian and thereafter passing a reasoned order.” This assumes significance in the context of Clause 23 of the Bill which seeks to provide for the sources and manner of collection of samples for DNA testing. For the purposes of the proposed law samples for DNA testing may be collected from bodily substances; scene of occurrence or scene of crime; (c) clothing and other objects; or (d) such other sources as may be specified by regulations. It provides for collection of any intimate bodily substance from living persons and non-intimate bodily substance provided that before collecting bodily substances for DNA testing of a victim or a person reasonably suspected of being a victim who is alive, or a relative of a missing person, or a minor or a disabled person, written consent of such victim or such relative or the parent or guardian of such minor or disabled person shall be obtained and, in case of refusal, the person investigating the case may make an application to the Magistrate having jurisdiction, for obtaining such bodily substances and the Magistrate, if he is satisfied that there is reasonable cause for taking the bodily substances from such person, order for taking of bodily substances from that person.

The “intimate bodily substance” means a sample of blood, semen or any other tissue, fluid, urine or pubic hair, or a swab taken from a person's body orifice other than mouth; or skin or tissue from an internal organ or body part, taken from or of a person, living or dead. The “intimate forensic procedure” means any of the following forensic procedures conducted on a living person, namely:—(i) external examination of the genital or anal area, the buttocks and breasts in the case of a female; (ii) taking of a sample of blood; (iii) taking of a sample of pubic hair; (iv) taking of a sample by swab or washing from the external genital or anal area, the buttocks and breasts in the case of a female; (v) taking of a sample by vacuum suction, by scraping or by lifting by tape from the external genital or anal area, the buttocks and breasts in the case of a female and vi) taking of a photograph or video recording of, or an impression or cast of a wound from, the genital or anal area, buttocks and breasts in the case of a female.

The “non-intimate bodily substance” means any of the following taken from or of a person, living or dead, namely:—(i) handprint, fingerprint, footprint or toe print; (ii) a sample of hair other than pubic hair; (iii) a sample taken from a nail or under a nail; (iv) swab taken from any part of a person's body including mouth, but not any other body orifice; (v) saliva; or (vi) a skin impression.

The “non-intimate forensic procedure” means any of the following forensic procedures conducted on a living individual, namely:—(i) examination of a part of the body other than the genital or anal area, the buttocks and breasts in the case of a female, that requires touching of the body or removal of clothing; (ii) taking of a sample of hair other than pubic hair; (iii) taking of a sample from a nail or under a nail;(iv) taking of a buccal swab with consent; (v) taking of a sample by swab or washing from any external part of the body other than the genital or anal area, the buttocks and breasts in the case of a female; (vi) scraping or lifting by tape from any external part of the body other than the genital or anal area, the buttocks and breasts in the case of a female; (vii) taking of a handprint, fingerprint, footprint or toe print; or (viii) taking of a photograph or video recording of, or an impression or cast of a wound from, a part of the body other than the genital or anal area, the buttocks and breasts in the case of a female.

The Parliamentary report records the claim of the Department of Biotechnology, Ministry of Science and Technology that "nearly 60 countries have enacted similar legislation" but does not provide the names of these countries. It only mentions USA's DNA Identification Act (1994), UK's Criminal Justice and Public Order Act (1994) and Criminal Justice and  Police Act (2001), Canada's DNA Identification Act (1998). It simply states that "Similar legislation has been enacted in other countries including Norway, Finland, Belgium, Denmark, Australia, New Zealand, and Bangladesh." 

In its recommendation, the Parliamentary Committee states that "some Members have expressed their fears that this Bill when it becomes a law could be used to target certain sections of our society. The Government must assuage these fears both in Parliament and outside." It records that "some Members believe that in order to ensure the prevention of misuse of the provisions of the Bill and avoid targeting of certain categories of people, the application of the Bill must be limited to the terms "victims‟ "offenders‟, "missing persons‟ and "unknown deceased persons‟ and not cover "suspects‟ and "undertrials‟ as well as provided for presently in the Long Title. The Committee has taken on board these concerns that must be addressed by the Government in a suitable manner." Despite such gnawing concerns regarding  inclusion of "suspects‟ and "undertrials‟ in the Long Title of the Bill, in keeping with the majority view expressed in the Committee, the Committee was compelled to recommend  retention of "suspects‟ and "undertrials‟ in the Long Title.

The Long Title of this Human DNA Profiling Bill "provides for the regulation of use and application of Deoxyribonucleic Acid (DNA) technology for the purposes of establishing the identity of certain categories of persons including the victims, offenders, suspects, undertrials, missing persons and unknown deceased persons and for matters connected therewith or incidental thereto." Its overarching ambit leaves the scope of its misuse by totalitarian regimes in future.

Given the fact that words have meaning in specific national contexts, the reference to “Crime Scene Index” cannot be explained by referring to similar provisions in Australian and Canadian law. The Parliamentary Committee rightly observes that "The risk with a national databank of crime scene DNA profiles is that it will likely include virtually everyone since DNA is left at the “crime scene” before and after the crime by several persons who may have nothing to do with the crime being investigated. There is also DNA to be present of those who were  nowhere near “crime scene” but bodily material like hair may have been transported to the crime scene inadvertently by a variety of ways. Many of these DNA profiles will then find their way into the “crime scene index” without the knowledge of these persons." 

The Committee has recommended that "crime scene DNA profiles can be used in the investigation and trial but (i) should not be put in a databank; and (ii) destroyed once the case concludes with acquittal. If there is a conviction, only the DNA profile of the convict could be included in the databank." There was no consensus on this fundamental issue. Some Members feel that the “crime scene index” is unnecessary and is not a required feature to solve crimes. The Committee expressed the hope that the Government will address the concerns raised by the critics of the very idea of a “crime scene index” in the revised version of the Bill and when it is re-introduced in Parliament. 

The fact remains biometric data like fingerprint, voice print, iris scan and DNA do not reveal citizenship or residentship. While use of biometric technology, an advanced technique for the identification of humans, based on their characteristics or traits is unfolding there is agency within India too. These traits can be face, fingerprint, iris, voice, signature, palm, vein, and DNA. DNA recognition and vein recognition are the latest and most advanced types of biometric authentication. Biometric technology is being deployed in the application areas like government, travel and immigration, banking and finance, and defense. Government applications cover voting, personal ID, license, building access, etc.; whereas travel and immigration use biometric authentication for border access control, immigration, detection of explosives at the airports, etc. Banking and finance sector use biometric authentication for account access, ATM security, etc.

The potential applications of biometric information includes voter registration, access to healthcare records, banking transactions, national identification systems and parental control. Biometrics is turning the human body into the universal ID card of the future. Biometric information includes DNA profiling besides fingerprints wherein biological traits are taken from a person because by their very nature are unique to the individual and positively identifies that person within an ever larger population as the technology improves. 

It is noteworthy that Parliamentary Committee's recommendation with regard to the deletion of provision for "a Regional DNA Data Bank” seems to indicate its bias towards the virtues of centralised electronic online database like Central Identities Data Repository (CIDR), a centralised database in one or more locations containing all Aadhaar numbers issued to Aadhaar number holders along with the corresponding demographic information and biometric information of such individuals and other information related thereto. It demonstrates that no lessons have been learnt from the ongoing leakage of centralised online databases by the likes of Julian Assange and Edward Snowden. Ideally, such databases should be in decentralised silos. 

The Union Government's Approach Paper for Legislation on Privacy has aptly noted that "While many agencies of government collect personal data, this information is stored in silos with each agency of the government maintaining information using different fields and formats. Government databases do not talk to each other and given how differently they are organized, the information collected by different departments cannot be aggregated or unified. Data privacy and the need to protect personal information is almost never a concern when data is stored in a decentralized manner. Data that is maintained in silos is largely useless outside that silo and consequently has a low likelihood of causing any damage." It is crystal clear that centralised databases like DNA Data Bank and CIDR are aimed at eliminating the separation of data that currently exists between multiple databases. Indeed such a vast interlinked public information database has been unprecedented in India. This is being done without steps to protect personal data before the vast government storehouses of  private data are linked up and the threat of data security breach becomes real.

Notably, on May 3, 2023, Dr. Justice D.Y. Chandrachud, the Chief Justice of India, observed that he is considering setting up a bench of seven judges to address the constitutional matter concerning money bills. He was responding to Senior Advocate Dr. Abhishek Manu Singhvi's request to set up the Constitution Bench to hear the Aadhaar Act case in view of the verdict by a 5-Judge Bench on 13 November 2019 in Rojer Mathew vs. South Indian Bank Ltd. This Bench observed that in Justice K. S. Puttaswamy (Retd.) vs. Union of India (2018), the Aadhaar case majority verdict authored by Justice A. K Skri did not adequately analyse the effect of the word 'only' in Article 110(1) of the Constitution of India. He did not explore the consequences of passing an enactment as a "Money Bill" if some of its provisions do not adhere to Articles 110(1)(a) to (g). Given the fact that the Rojer Mathew bench had the same number of judges as in the Justice K. S. Puttaswamy (Retd.) case, the Chief Justice headed Constitution Bench forwarded the matter to a 7-judge Bench to determine the correctness of the interpretation given in the biometric Aadhaar Act case on 26 September 2018.

Instead of drawing on the sane advice of Giorgio Agamben, the 81-year-old Italian philosopher against the ‘bio-political tattooing’ that produces an ‘identity without person’, foreign biometric identification technologies are being adopted not realizing how it provides a continuity between the world of the Nazi concentration camp and contemporary democracy. The marriage of statistics of biological characteristics, and biometric technology with digital sculpture can displace the political class for good. In April 2019, European Parliament voted to build common identity repository (CIR), one of the world’s largest biometric identity databases by interconnecting a series of border-control, migration, and law enforcement systems into a mega biometrics-tracking, searchable database of EU and non-EU citizens. This is happening after the EU pulled out of negotiations for a mandatory treaty for regulating transnational corporations (TNCs) and other business enterprises initiated by Ecuador with endorsement from South Africa, India and several other developing countries. The US, UK and France are pushing the biometric profiling experiment. In a seemingly unrelated development, French Safran group which had purchased US firm L1 has sold one of its subsidiaries to a UK based company. Safran group has a French government stake in it and has 40 year partnership with China. Clearly, the EU is acting like the mouthpiece of TNCs. In such a backdrop, India’s withdrawal of the DNA Bill is a step in the right direction.  

Unmindful of dangerous ramifications of such applications, if citizens and political parties concerned about civil liberties do not act quickly enough biometric ID’s like UID/Aadhaar Numbers are all set to be made as common as email addresses without any legitimate constitutional mandate. The withdrawal of DNA Profiling Bill creates a compelling logic for the repeal of Aadhaar Act whose constitutionality is pending before a Constitution Bench of the Supreme Court.

Dr. Gopal Krishna    

The author had appeared before the Parliamentary Standing Committee on Finance that examined the National Identification Authority of India Bill 2010, the original Aadhaar Bill. He is a lawyer and is the convener of Citizens Forum for Civil Liberties (CFCL). CFCL has been working on the subject of biometric identification and surveillance since 2010. E-mail:krishnagreen@gmail.com