Published On: June 7th 2026
Authored By: Sufiya Khan
Renaissance Law College
Case Details
Case Name: Justice K.S. Puttaswamy (Retd.) v. Union of India
Citation: (2019) 1 SCC 1; AIR 2018 SC (Supp) 1841
Court: Supreme Court of India
Date of Decision: 26 September 2018
Bench: Dipak Misra C.J.; A.K. Sikri, A.M. Khanwilkar, D.Y. Chandrachud, and Ashok Bhushan JJ.
Introduction
The Aadhaar judgment in Justice K.S. Puttaswamy (Retd.) v. Union of India is one of the most significant constitutional decisions in India’s contemporary legal history.[1] Decided by a five-judge Constitution Bench, the case examined the constitutional validity of the Aadhaar scheme and the Aadhaar Act, 2016, in light of the fundamental right to privacy recognised in the earlier 2017 Puttaswamy decision.[2] The case lies at the intersection of technology, governance, and constitutional rights, raising critical questions about state surveillance, data protection, and welfare delivery.
The Court was tasked with balancing two competing interests: the State’s objective of ensuring efficient delivery of subsidies and benefits, and the individual’s right to privacy and informational self-determination.[1] The controlling analytical tool was the proportionality test, first articulated in the 2017 privacy judgment, which requires that any state restriction on fundamental rights must have a legitimate aim, be suitable and necessary, and maintain a fair balance between rights and state interests.[2] The judgment has far-reaching implications for digital governance and data protection jurisprudence in India.
Facts of the Case
The Aadhaar project was conceptualised in 2006 and formally launched in 2009 with the establishment of the Unique Identification Authority of India (UIDAI) by executive notification.[3] The objective of the scheme was to assign a unique twelve-digit identification number, the Aadhaar number, to every resident of India, based on their demographic and biometric data including fingerprints and iris scans. The government argued that Aadhaar would serve as a reliable proof of identity and facilitate targeted delivery of subsidies, benefits, and services.
Initially introduced as an administrative scheme, Aadhaar lacked statutory backing. In 2016, Parliament enacted the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, granting legislative legitimacy to the scheme.[4] The Act enabled the government to require Aadhaar authentication for availing welfare benefits funded from the Consolidated Fund of India.
The petitioners, led by retired Justice K.S. Puttaswamy, challenged both the Aadhaar scheme and the Aadhaar Act.[1] They argued that the collection and storage of biometric data violated the fundamental right to privacy under Article 21 of the Constitution. The petitioners also contended that Aadhaar created a surveillance architecture capable of profiling individuals, thereby threatening democratic freedoms.
The Union of India defended the scheme, asserting that Aadhaar was essential for preventing leakages in welfare distribution and ensuring that benefits reached the intended beneficiaries.[3] The government emphasised the scale of enrolment (over a billion individuals) and the transformative potential of Aadhaar in promoting financial inclusion and good governance.
The case gained additional complexity due to earlier interim orders of the Supreme Court that had restricted the mandatory use of Aadhaar. Moreover, a nine-judge Bench in 2017 had already recognised the right to privacy as a fundamental right, thereby setting the constitutional framework for adjudicating the present dispute.[2]
Legal Issues
Issue 1: Whether the Aadhaar Act, 2016 violates the fundamental right to privacy under Article 21 of the Constitution?
Issue 2: Whether mandatory linking of Aadhaar with welfare schemes and services is constitutionally valid?
Issue 3: Whether the Aadhaar Act satisfies the test of proportionality in restricting fundamental rights?
Issue 4: Whether the Aadhaar Act was validly passed as a Money Bill under Article 110 of the Constitution?
Issue 5: Whether provisions relating to data collection, storage, and authentication create a surveillance state?
Arguments Presented
Petitioners’ Arguments
The petitioners argued that Aadhaar infringed the fundamental right to privacy by mandating the collection of sensitive biometric data.[2] They contended that such data, once centralised, could be misused for surveillance and profiling, thereby undermining individual autonomy and dignity.
It was further argued that the Aadhaar Act failed the test of proportionality, as less intrusive alternatives existed for identity verification. The petitioners emphasised that mandatory linking of Aadhaar to essential services such as bank accounts and mobile phones was coercive and violated individual freedom.
Additionally, the petitioners challenged the classification of the Aadhaar Act as a Money Bill, arguing that it contained provisions beyond the scope of Article 110 and was therefore passed in violation of constitutional procedure. The lack of robust data protection safeguards and the possibility of data breaches were also highlighted as serious concerns.[5]
Respondent’s Arguments
The Union of India defended Aadhaar as a transformative tool for ensuring efficient and transparent delivery of welfare benefits. It argued that Aadhaar eliminated duplication and fraud, thereby saving public resources.
The government contended that the data collected was minimal and that adequate safeguards existed under the Aadhaar Act to protect privacy. It emphasised that core biometric information could not be shared and that authentication processes were secure.[4]
The respondents further argued that Aadhaar satisfied the proportionality test, as the intrusion into privacy was minimal compared to the significant public interest served. They also maintained that the Act was validly passed as a Money Bill, as its primary objective related to expenditure from the Consolidated Fund of India.
Court’s Reasoning and Analysis
The Supreme Court applied the proportionality test, as laid down in the 2017 Puttaswamy judgment, to evaluate the constitutionality of Aadhaar.[2] This test requires that any restriction on fundamental rights must have a legitimate aim, be suitable to achieve that aim, be necessary, and maintain a balance between rights and state interests.
The Court acknowledged that Aadhaar served a legitimate state interest by enabling targeted delivery of subsidies and preventing leakages. It observed that welfare schemes often suffered from inefficiencies and corruption, and that Aadhaar provided a reliable mechanism to address these issues.[1]
On the issue of privacy, the Court held that while Aadhaar involved the collection of personal data, the intrusion was limited and regulated. It emphasised that core biometric information was protected under the Act and could not be shared. The Court also noted that authentication records did not store the purpose of authentication, thereby reducing the risk of profiling.[1]
However, the Court scrutinised various provisions of the Aadhaar Act and struck down those found to be excessive or disproportionate. Section 57, which allowed private entities to use Aadhaar for authentication, was declared unconstitutional as it enabled the commercial exploitation of personal data without sufficient legal justification.[6]
The Court also held that mandatory linking of Aadhaar with bank accounts and mobile phones lacked adequate statutory backing and violated privacy rights. Similarly, retention of authentication data beyond a reasonable period was found to be disproportionate.[1]
On the question of the Money Bill, the majority upheld the validity of the Aadhaar Act, holding that its primary objective related to expenditure from the Consolidated Fund of India. Justice D.Y. Chandrachud dissented, however, holding that the Act was improperly classified as a Money Bill, bypassing the Rajya Sabha and thereby violating the bicameral constitutional procedure.[7]
Overall, the Court adopted a balancing approach, upholding Aadhaar for welfare purposes while striking down provisions that posed a disproportionate threat to privacy.[1]
Judgment and Ratio Decidendi
Decision
The Supreme Court upheld the constitutional validity of the Aadhaar Act, 2016, subject to the following modifications:[1]
1. Aadhaar is valid for welfare schemes funded under Section 7 of the Act.
2. Mandatory linking with bank accounts and mobile phone numbers is unconstitutional.
3. Section 57, relating to use of Aadhaar by private entities, is struck down.
4. Data retention provisions are read down to comply with constitutional requirements.
5. Aadhaar cannot be made mandatory for services beyond direct welfare benefit schemes.
Ratio Decidendi
The core legal principle established is that the Aadhaar scheme is constitutionally valid if it satisfies the test of proportionality. Limited intrusion into privacy is permissible when it serves a legitimate state interest and is accompanied by adequate legal safeguards.[1]
Critical Analysis
Significance
The judgment is a landmark in India’s constitutional jurisprudence. It operationalises the right to privacy in the context of digital governance and establishes a framework for evaluating state actions involving large-scale data collection and surveillance.[2]
Implications and Impact
The decision legitimised Aadhaar as a welfare tool, enabling its continued use in subsidy distribution and targeted benefit delivery.[1] At the same time, it curtailed the expansion of Aadhaar into private and commercial domains, thereby protecting citizens from excessive data exploitation. The judgment also highlighted the urgent need for a comprehensive data protection framework in India, a need that was later addressed, at least in part, by the Digital Personal Data Protection Act, 2023.[8]
Critical Evaluation
While the judgment strikes a careful balance between welfare efficiency and individual privacy, it has been criticised for underestimating the risks of centralised biometric data collection. The Court’s reliance on statutory safeguards assumes effective implementation, which may not always be guaranteed in practice.[5]
The majority’s acceptance of the Money Bill classification has also been widely criticised. Justice Chandrachud’s strong dissent specifically warned against bypassing bicameral parliamentary scrutiny, a concern that has resonated in subsequent academic and judicial commentary.[7]
Furthermore, the Court’s faith in technological safeguards may be viewed as optimistic, given the evolving nature of cyber threats, data breach incidents, and the documented vulnerabilities of centralised biometric systems.
Conclusion
The Aadhaar judgment represents a nuanced attempt by the Supreme Court to reconcile technological advancement with constitutional protections.[1] By upholding Aadhaar for welfare purposes while striking down its more intrusive provisions, the Court sought to preserve both the efficiency of the State’s delivery mechanisms and the constitutional dignity of the individual.
The key takeaway from the case is that privacy is not absolute but can be restricted under strict constitutional safeguards, particularly when pursuing legitimate state objectives. However, such restrictions must always satisfy the test of proportionality, and the burden of justification lies firmly with the State.[2]
The judgment will be remembered as a foundational decision in India’s data protection and digital governance jurisprudence.[8] It underscores the continuing need for robust legal frameworks to regulate the use of personal data, prevent misuse, and hold both state and non-state actors accountable in an era of pervasive digital surveillance.
References
Cases
[1] Justice K.S. Puttaswamy (Retd.) v. Union of India, (2019) 1 SCC 1; AIR 2018 SC (Supp) 1841 (India).
[2] K.S. Puttaswamy (Privacy-9J.) v. Union of India, (2017) 10 SCC 1 (India).
[7] Justice D.Y. Chandrachud, Dissenting Opinion in Justice K.S. Puttaswamy (Retd.) v. Union of India, (2019) 1 SCC 1 (India).
Legislations
[4] Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, No. 18 of 2016, India Code (2016).
[8] Digital Personal Data Protection Act, No. 22 of 2023, India Code (2023). [Note: Enacted after the judgment; represents the legislative response to the data protection concerns flagged by the Court.]
Websites and Articles
[3] Unique Identification Authority of India, ‘Aadhaar Overview’ <https://uidai.gov.in> accessed 23 March 2026.
[5] Gautam Bhatia, ‘The Aadhaar Judgment and the Right to Privacy’ (Indian Constitutional Law and Philosophy Blog) <https://indconlawphil.wordpress.com> accessed 23 March 2026.
[6] Usha Ramanathan, ‘Aadhaar: A Biometric History of India’s 12-Digit Revolution’ (2014) 49(28) Economic and Political Weekly.
