Central Identities Data Repository under the Aadhaar law

In the previous posts, basics about Aadhaar, punishments for data breaches under Aadhaar law, sharing of information under Aadhaar law , Aadhaar and Privacy etc have been discussed. This post focusses on Central Identities Data Repository and how it is maintained by the Unique Identification Authority of India.

What is Central Identities Data Repository (CIDR)

Section 2 (h) , Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 defines “Central Identities Data Repository”  as a centralised database in one or more locations containing –

  • all Aadhaar numbers issued to Aadhaar number holders,
  • along with the corresponding demographic information and biometric information of such individuals and
  • other information related thereto.

Establishment and Maintenance of CIDR

Section 10, Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 empowers the Authority to engage one or more entities to establish and maintain the Central Identities Data Repository and to perform any other functions as may be specified by regulations.

Updation of Information

Section 6 , Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 provides that the Authority may require Aadhaar number holders to update their demographic information and biometric information, from time to time, in such manner as may be specified by regulations, so as to ensure continued accuracy of their information in the Central Identities Data Repository.

Security and Protection of Information

Section 28(3), Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 requires the Authority to take all necessary measures to ensure that the information in the possession or control of the Authority, including information stored in the Central Identities Data Repository, is secured and protected against access, use or disclosure not permitted under this Act or regulations made thereunder, and against accidental or intentional destruction, loss or damage.

Section 28(5),  Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016provides that the Authority or any of its officers or other employees or any agency that maintains the Central Identities Data Repository shall not, whether during his service or thereafter, reveal any information stored in the Central Identities
Data Repository or authentication record to anyone.

Changes in the information 

Section 31,   Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016provides that –

  • in case any demographic information of an Aadhaar number holder is found incorrect or changes subsequently, the Aadhaar number holder shall request the Authority to alter such demographic information in his record in the Central Identities Data Repository in such manner as may be specified by regulations.
  • in case any biometric information of Aadhaar number holder is lost or changes
    subsequently for any reason, the Aadhaar number holder shall request the Authority to
    make necessary alteration in his record in the Central Identities Data Repository in such
    manner as may be specified by regulations.
    Section 31 further provides that on receipt of any request , the Authority may, if it is satisfied, make such alteration as may be required in the record relating to such Aadhaar number holder and intimate such alteration to the concerned Aadhaar number holder.
    Section 31 further provides that no identity information in the Central Identities Data Repository shall be altered except in the manner provided in this Act or regulations made in this behalf.

The right of an Aadhaar number holder to identity information ( Exception to prohibition on disclosure of Information)

Proviso to Section 28(5), Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016provides that an Aadhaar number holder may request the Authority to provide access to his identity information excluding his core biometric information in such manner as may be specified by regulations.

Image from here

 

Bhumika Sharma

She is currently a Research Scholar, (PhD) at Himachal Pradesh University, Shimla. She finds peace in writing and researching on a variety of social issues. She believes in the power of education and awareness to deal with various problems.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.