India Eases Restrictions on Aadhaar Authentication Service, Raising Privacy Concerns
New Delhi Eases Restrictions on Aadhaar Authentication Service
India has eased restrictions on its Aadhaar authentication service, a digital identity verification framework linked to the biometrics of over 1.4 billion people, to allow businesses, including those in e-commerce, travel, hospitality, and healthcare, to use the verification system to authenticate their customers. The update has raised concerns about the potential misuse of individuals’ biometric IDs.
Amendments to the Legislation
On Friday, the Indian IT ministry introduced the Aadhaar Authentication for Good Governance (Social Welfare, Innovation, Knowledge) Amendment Rules, 2025, to amend the legislation introduced in 2020 as a result of a Supreme Court judgment that restricted the access of private entities seeking Aadhaar data. The new amendment comes nearly two years after the Indian government began its public consultation, the responses to which have not been disclosed.
Expanded Scope of Aadhaar Authentication
The update aims to "enhance scope and utility of Aadhaar authentication" by "allowing the usage of Aadhaar for improving service delivery" and "enables both government and non-government entities to avail Aadhaar authentication service for providing various services in the public interest," the IT ministry said in its press statement. The amended rules exclude the sub-rule that allowed Aadhaar authentication to prevent the "leaking of public funds." This broadens the scope of the unique ID-based verification provided by the Indian government’s Unique Identification Authority of India (UIDAI) and expands the authentication service to various public and private sectors.
Increased Usage of Aadhaar Authentication
According to the UIDAI website, Aadhaar authentication hit 129.93 billion transactions in January, up from 109.13 billion in February last year. National Informatics Center, National Health Agency, State Bank of India, Bank of Baroda, and Punjab National Bank were among the top entities using Aadhaar-based authentication to verify their users this month.
Concerns Over Data Protection and Use
Under the new rules, entities looking to enable Aadhaar authentication will be required to "apply with the details of intended requirements the concerned ministry or department of the Central or the State government" which "will be examined by UIDAI and MeitY [the IT ministry] that will approve these applications based on UIDAI’s recommendation, the government stated. However, policy experts have raised concerns about the lack of clear criteria for evaluating these applications and the potential for misuse of individuals’ biometric IDs.
Expert Opinions
Kamesh Shekar, a digital governance lead at New Delhi-based tech policy think-tank The Dialogue, said, "What criteria the MeitY and UIDAI would be taking into consideration for evaluating such applications have to be made clearer and more transparent to weed out misuse, which is a concern flagged by the Supreme Court while deliberating on Section 57 of the Aadhaar Act."
Prasanna S, an advocate-on-record in the Supreme Court, who was among the advocates fighting for the Right to Privacy and had challenged the Aadhaar Act, said, "Licensing regime existed even earlier under the 2020 rules. But now, with the access being expanded, the concern with the kind of a regime gets reinforced multifold."
Sidharth Deb, associate director for public policy at the New Delhi-based consultancy firm The Quantum Hub, said, "Once you start linking ID documentation or ID instruments to accessing digital services, there is always the risk of exclusion. We really need to start thinking about how we define voluntary so that citizens have as much autonomy as possible to be able to access digital services in as frictionless a manner as possible."
Conclusion
The Indian government’s decision to ease restrictions on Aadhaar authentication has raised concerns about the potential misuse of individuals’ biometric IDs. While the update aims to improve service delivery, it is essential to ensure that the necessary safeguards are in place to protect individuals’ privacy and prevent misuse. The government must provide clear guidelines on the evaluation process for entities seeking to use Aadhaar authentication and ensure that the benefits of this technology are shared equitably by all citizens.
Frequently Asked Questions
Q: What is the purpose of the Aadhaar authentication service?
A: The purpose of the Aadhaar authentication service is to verify an individual’s identity using their biometric data.
Q: Who is eligible to use the Aadhaar authentication service?
A: The service is available to both government and non-government entities, including businesses in various sectors such as e-commerce, travel, hospitality, and healthcare.
Q: What are the concerns about the use of Aadhaar authentication?
A: There are concerns about the potential misuse of individuals’ biometric IDs and the lack of clear criteria for evaluating applications to use the service.
Q: What is the current usage of the Aadhaar authentication service?
A: According to the UIDAI website, the service has been used for over 129.93 billion transactions in January.
