The world’s largest biometric ID program does not violate India’s privacy laws, the country’s Supreme Court ruled on Wednesday. The controversial biometric identity program, known as Aadhaar, has nearly 1 billion registered users and was set up back in 2009 as a way for the government to streamline social welfare programs and prevent identity fraud. It was retroactively legalized by a law passed in 2016.
Through the program, the government of India assigns each resident a 12-digit number and registration card. It also collects and stores demographic and biometric data of each registered person, including their name, gender, date of birth, fingerprints, iris scans, and photos. The registration numbers are required to access various government and financial services, including bank accounts. While it was initially well-received, Time reports that many residents now feel that Aadhaar is a not particularly secure, easy to hack, widespread surveillance program (and Edward Snowden agrees, by the way).
Critics have long claimed that the sweeping data collection program violates privacy laws, particularly in light of last year’s landmark decision ruling that Indian citizens have a fundamental right to privacy. Four judges on the five-member Supreme Court panel disagreed. They ruled that the program can continue, albeit with a narrower scope and increased restrictions on data storage. The court also made it so that private companies can’t require customers to sign up with their Aadhaar IDs, the Next Web reports. That includes local companies like the online payment company Paytm, and telecom provider Reliance Jio, as well as international tech giants like Microsoft and Amazon, which have integrated Aadhaar into some of their products.
You can read the full judgment from the Supreme Court here.