While necessary for auditing the system, the above clause makes security researchers vulnerable to legal ramifications given that there is “little judicial recourse” as stated by Apar. He, Lakshman and Anivar echoed the fact that the development of the app was done privately, and as such the codes and specifications of the app are not publicly available when the government of India has a policy for adopting open source softwares. Anivar suggested that even the UIDAI which comes under the Ministry of Electronics and Information Technology is supposed to be following the government’s policy on open source but don’t seem to. “Even projects like UIDAI, which is directly under MEITY and bound to follow Govt policy onOpen source & open standards are bringing Aadhaar into payments in proprietary way via contract with private entity like NPCI,” Anivar said. “This means even tech savvy free and open source community among citizen are prevented from analysing consumer interests in the code,” he added.