Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016

Background

The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 was enacted on March 25, 2016. It provides the legislative framework for the Aadhaar unique identification programme, which was launched in 2009 under an executive order creating the Unique Identification Authority of India (UIDAI) within the Planning Commission. The first Aadhaar number was issued on September 29, 2010, to Ranjana Sonawane in Tembhli village, Nandurbar, Maharashtra.

The Aadhaar project was conceived as a tool for efficient delivery of government subsidies and services by eliminating duplicates and ghost beneficiaries. It was originally envisioned by Nandan Nilekani, who served as the first Chairman of UIDAI (2009-2014). The project operated without a statutory framework for seven years (2009-2016), relying solely on executive authority. Multiple PIL petitions challenged its constitutional validity during this period.

The Act was controversially passed as a Money Bill under Article 110 of the Constitution, which meant it required approval only from the Lok Sabha and could not be rejected by the Rajya Sabha (which could only recommend amendments). As of 2025, over 140 crore Aadhaar numbers have been generated, covering more than 99.9% of India’s adult population. Aadhaar is the world’s largest biometric identification system, with over 2,707 crore authentication transactions recorded in FY 2024-25 alone.

Key Concepts

• Aadhaar Number: A 12-digit random number issued by UIDAI to every resident of India after collecting biometric (fingerprints of all 10 fingers, iris scan of both eyes, facial photograph) and demographic data (name, date of birth, gender, address) (Section 2(a))
• Resident: An individual who has resided in India for 182 days or more in the 12 months immediately preceding the date of application for enrolment — this includes non-citizens (Section 2(v))
• Core Biometric Information: Fingerprint, iris scan, and other biological attributes of an individual as specified by regulation — this information receives the highest level of protection under the Act (Section 2(g))
• Authentication: The process by which the Aadhaar number along with biometric/demographic information is submitted to UIDAI for verification (Section 2©) — returns only a yes/no response, not the underlying data
• Requesting Entity: An agency or person that submits the Aadhaar number and biometric/demographic data for authentication (Section 2(u)) — must be registered with UIDAI and comply with privacy safeguards
• Enrolment Agency: Entity engaged by UIDAI or Registrar for enrolling individuals and collecting their biometric and demographic data (Section 2(k))

Important Provisions

Section 3 — Aadhaar Number: Every resident is entitled to obtain an Aadhaar number by submitting demographic and biometric information. Children below 5 years are enrolled based on demographic information and photograph of the child along with one parent/guardian’s Aadhaar number. Upon attaining 15 years, the child may update biometrics. Children have the right to cancel their Aadhaar upon attaining 18 years.

Section 7 — Proof of Aadhaar for Subsidies: The Central Government or State Government may require Aadhaar authentication for receipt of subsidies, benefits, and services funded from the Consolidated Fund of India or Consolidated Fund of State. However, if an individual does not possess Aadhaar, they shall be offered alternate means of identification for receiving the subsidy/benefit/service.

Section 8 — Authentication: Any requesting entity may perform authentication only with the consent of the individual and for a purpose established by law. The response to authentication request shall only contain a yes/no answer and shall not contain core biometric data. All authentication logs must be maintained.

Section 28-29 — Protection of Information: Core biometric information collected during enrolment shall not be shared with anyone for any reason whatsoever. Identity information (other than core biometric) may be shared only with the consent of the individual or in response to a court order. No core biometric information shall be published, displayed, or posted publicly.

Section 33 — Disclosure in Certain Cases: Identity information (excluding core biometric) may be disclosed pursuant to an order of a High Court or Supreme Court, or in the interest of national security by direction of an officer not below the rank of Joint Secretary — such direction must be reviewed by an Oversight Committee headed by the Cabinet Secretary.

Section 47 — Offences and Penalties: Unauthorised access to the Central Identities Data Repository (CIDR) is punishable with imprisonment up to 10 years and fine up to Rs 10 crore. Unauthorised collection or use of identity information is punishable with imprisonment up to 3 years and fine up to Rs 10,000 or Rs 1 lakh (depending on the offence). Only UIDAI can file complaints under this section.

Landmark Judgments

K.S. Puttaswamy v. Union of India (Aadhaar Case, 2018): A 5-judge Constitution Bench (4:1) upheld the constitutional validity of the Aadhaar Act. Key holdings: (1) Aadhaar is constitutionally valid and does not violate the right to privacy — it passes the proportionality test as it serves the legitimate state aim of preventing leakage of subsidies; (2) Section 7 (mandatory for subsidies from Consolidated Fund) is valid; (3) Section 57 (allowing private entities to use Aadhaar) was struck down as unconstitutional — it went beyond the Act’s objective of targeted delivery of subsidies; (4) The Act was validly passed as a Money Bill (Justice Chandrachud dissented on this point); (5) National security exception under Section 33(2) is valid but must have judicial oversight (the Oversight Committee mechanism was upheld). Justice D.Y. Chandrachud’s dissent held that the Act should not have been passed as a Money Bill.

K.S. Puttaswamy v. Union of India (Privacy Judgment, 2017): A 9-judge Bench unanimously held that the right to privacy is a fundamental right under Articles 14, 19, and 21. This case, arising from the Aadhaar challenge, laid the constitutional foundation for evaluating Aadhaar’s data collection against the right to privacy. The Court held that any invasion of privacy must pass the threefold test of legality, legitimate aim, and proportionality.

Binoy Viswam v. Union of India (2017): The Supreme Court upheld the validity of Section 139AA of the Income Tax Act linking Aadhaar with PAN, holding that it does not violate Articles 14 or 19(1)(g). The Court held that the linkage serves the legitimate purpose of preventing tax evasion and financial fraud.

Recent Amendments / Developments

Aadhaar and Other Laws (Amendment) Act, 2019: Enacted to address the gaps after the Puttaswamy judgment struck down Section 57. Key changes: (1) Inserted Section 4(4) allowing children the right to cancel Aadhaar on attaining 18 years; (2) Amended the Telegraph Act, 1885 and Prevention of Money Laundering Act, 2002 to allow voluntary use of Aadhaar for opening bank accounts, SIM cards, etc. with the individual’s consent; (3) Provided for offline verification using Aadhaar without authentication through UIDAI; (4) Established UIDAI Fund for receipt of fees and revenue.

Aadhaar Authentication for Good Governance Rules, 2020: Central Government notified rules allowing requesting entities to perform Aadhaar authentication in the interest of good governance, prevention of fraud, and for authentication of identity for delivery of services. Entities must apply to UIDAI for permission.

Money Bill Controversy (7-Judge Bench Pending): The challenge to the classification of the Aadhaar Act as a Money Bill was referred to a 7-judge Bench of the Supreme Court in November 2019 (Rojer Mathew v. South Indian Bank Ltd.) by a 5-judge bench led by then CJI Ranjan Gogoi. The reference questions whether the Aadhaar Act, PMLA amendments, and Tribunal reforms were rightly categorised as Money Bills or used to circumvent Rajya Sabha scrutiny. In October 2023, CJI Chandrachud announced that the 7-judge Bench would be established soon. As of early 2026, this reference remains pending — review pleas are also pending, and the 7-judge bench has not yet been formally constituted. If the Court rules that the Aadhaar Act was improperly passed as a Money Bill, the Act would need to be re-enacted through the regular legislative process.

Aadhaar Authentication Scale (2025): UIDAI recorded 221 crore Aadhaar authentication transactions in August 2025 alone — a 10% increase over August 2024, reflecting the deepening integration of Aadhaar into India’s digital infrastructure.

Aadhaar-Voter ID Linkage: The Election Laws (Amendment) Act, 2021 amended the Representation of the People Act, 1950 to allow (voluntary) linking of Aadhaar number with voter ID for the purpose of curbing multiple enrolments in electoral rolls. The Election Commission began the linkage process in 2022.

UPSC Relevance

Prelims: Aadhaar number (12-digit), UIDAI statutory authority (Section 11), first Aadhaar issued (Ranjana Sonawane, Nandurbar, 2010), not proof of citizenship (Section 9), 182-day residency, core biometric cannot be shared, Section 57 struck down, passed as Money Bill Mains GS-2: Right to privacy vs. state surveillance, Money Bill controversy and Article 110, Puttaswamy judgment analysis, judicial review of biometric data collection, federalism implications Mains GS-3: Digital identity and financial inclusion, Aadhaar-enabled Direct Benefit Transfer (DBT), elimination of ghost beneficiaries, cybersecurity of biometric databases, digital economy infrastructure Interview: “Is Aadhaar a tool of empowerment or surveillance? How do you balance efficiency in service delivery with privacy rights?”