NEW DELHI: Aadhaar’s tryst with litigation continues as the Supreme Court on Friday sought responses from the finance ministry and the Unique Identification Authority of India (UIDAI) to a PIL which alleged that two amendments to the law and regulations governing Aadhaar allowed private players to access its database, compromising citizens’ privacy.A bench of Chief Justice S A Bobde and B R Gavai sent notices to the finance ministry and the UIDAI on a PIL filed by Mysuru-based 77-year-old retired Army officer S G Vombatkere and Delhi-based 53-year-old social activist Wilson Bezwada, who was one of the pioneers in launching a movement against manual scavenging .Senior advocate Shyam Divan did not have to break a sweat in persuading the bench to entertain the PIL, which has challenged the Aadhaar and Other Laws (Amendment) Act, 2019, and the Aadhaar (Pricing of Aadhaar Authentication Services) Regulations, 2019, on the ground that these violated the right to privacy, declared part of right to life by a nine-judge SC bench.The petition, filed through advocate Vipin Nair , said the SC, while upholding validity of Aadhaar, had limited its use for government purposes. But the amended Act created a back-door to permit private parties to access the Aadhaar ecosystem, which enabled state and private surveillance of citizens, it said. The amended regulations permitted commercial exploitation of personal and sensitive information of citizens, which originally was collected for exclusive use by the state for implementation of welfare schemes, the petition said.The petitioners said linking of Aadhaar database to existing bases of services offered under Prevention of Money Laundering Act and Indian Telegraph Act posed a grave threat to security as the government had admitted that Aadhaar data was unverified. “Permitting unverified ‘Trojan horse’ Aadhaar data to creep into these databases (under PMLA and Telegraph Act) will infect integrity of the latter two databases,” it said.In its responses outside the court, the UIDAI said private service providers would need consent of users for Aadhaar-KYC and that nothing would be recorded other than the verification. The Aadhaar system is blind to the purpose of verification. Similarly, it argued that apart from Aadhaar numbers, service providers may get details like addresses and age as is available on many other ID forms.The petitioners said the amended Act created a new system of “offline verification” bypassing the UIDAI and created “unprecedented opportunities for unauthorised parties to save and replicate Aadhaar-related personal data in various federated databases” which was unconstitutional since private entities were not permitted to store and commercialise citizens’ personal data.“Section 2(3) of the Aadhaar (Pricing of Authentication Services) Regulations, 2019, demonstrates coercion by the state through arbitrarily imposing enrolment targets on enrolment registrars and empowering itself to levy penalty charges for not achieving those targets,” the PIL said.While seeking annulment of amendments to the Act and Regulations, the petitioners requested the court to “issue an appropriate writ, order or direction in the nature of a mandamus to declare that private entities which have access to the Aadhaar database are under a public duty to ensure that Aadhaar numbers and the data available through the Aadhaar database are not stored by these private entities”.