Investigative journalism & crime
Shreenath A Khemka
King's College Scholar, LLM, University of Cambridge, UK
LAST week, Rachna Khaira, a reporter of Chandigarh-headquartered The Tribune, stormed the news with claims of the Aadhaar database being vulnerable to leaks and misappropriation. Her evidence was a back-alley transaction which went on to expose how readily, cheap, and easy it was to gather private data which was protected under layers of security and surveillance. Her prize was the registration of an FIR for cheating and forgery, among others. The Editors' Guild and The Tribune termed it as a 'browbeat' to investigative journalism. The UIDAI defended the FIR, stating the 2014 judgement in the Dalip Singh sting operation, implying that the reporter's actions were tainted. However, the UIDAI has failed to realise the full dictum of the Supreme Court which not only placates any legal infringement, but also recognises the need to encourage such instances of investigative journalism.
Sometimes, in order to reveal the deplorable state of affairs, a journalist is forced to act in surreptitious ways, something which is essential to expose institutional faults. The question then looms whether a journalist taking part in a smaller unlawful transaction to expose a gaping crime is guilty or not. The Supreme Court has observed that if in every case of investigative journalism the guilt was to be adduced onto the Samaritan reporter, then "public interest would be severely jeopardised." The crime of an investigative journalist is paradoxical; she is guilty of exposing a crime that she had to become a part of to expose. This is the fundamental line that the American courts have used to defend investigative journalism.
In Sherman v. United States, the US Supreme Court holds that a distinction is to be made between a genuine case of exposition and an entrapment. Exposition was understood as merely revealing an ongoing state of affairs, while entrapment was seen as "product of the creative activity" which was honey-trapping the accused into committing the crime. The Aadhaar leak was an exposition of the ongoing pedalling of private demographical and financial data. It was a trap for the 'unwary criminal' and not the 'unwary innocent', but more, it was a caution to the State and to its citizens.
In R v. Mack, the Canadian Supreme Court used this line of distinction to adduce criminality on private persons when they entrapped another, but gave immunity in cases of exposition. It is true that that a crime does not stand absolved merely because it yields a benefit in public interest. However, criminal jurisprudence dictates that mens rea has to be present for a successful criminal conviction.
The Rajat Prasad judgement of the Supreme Court of India held that where a journalist has no connection with the purported transaction, then a criminal intent cannot be imputed onto her. The Indian courts have built onto the entrapment distinction by holding that when the exposition of crime leads to no benefit onto the journalist, then the ancillary legal infraction is condoned. The court in the Rajat Prasad case had found an interested political benefit in entrapping the then Union Minister, Dalip Singh, of bribery charges by his political rival Ajit Jogi's son by orchestrating a sting operation.
The present case is not just about criminals who leaked the Aadhaar database, it is a case which substantially weakens the case for having the Aadhaar database as it exists. With the nine-Judge verdict on the right to privacy as a fundamental right, the pending petition before the Supreme Court to quash the Aadhaar enrolment, and the frequent claims of data leaks, the Aadhaar is evolving into a comedy of errors. While on the one hand the State mandates enrolment of all biometric, demographic, and financial data for access to the simplest resources, it miserably fails to buttress the sensitive data from potential misuse.
The present instance raises three questions which the UIDAI must answer.
1 Firstly, even considering the UIDAI's claim that biometric data was not accessed, the ability to access sensitive demographic data is itself reprehensible. Biometric data has no intrinsic value, but is a measure of safety to match the correct identity with the particulars to ensure that there exist no false positives in the system. The ability to access demographic data without requiring the person's biometrics is an even worse proposition as it exposes the redundancy of biometric security in the first place.
2 Secondly, if it is possible to access the Aadhaar data, it may also be possible to change the same. The ability of third parties to permeate the database is troubling, but the ability to alter records or to create false identities would be evermore irksome.
3 Thirdly, is such third-party access detectable or not? In the present case, the UIDAI was not able to detect the security breach while peddlers engaged in the solicitation of sensitive information. Continued third-party access without detection only makes it impossible to catch the crime.
The failure to address these questions adds to the outcry of the citizens who resist Aadhaar enrolment, stating that it is a breach of privacy. What it shows is that not only is the sensitive data not protected from the State, but it is easily accessible by crooks with the help of just a smartphone. The UIDAI's defence is in many ways a red herring. It has only restated that the database is immune from any infringement. Yet, time and again, there are cases to the contrary. The first step to solving a problem is to recognise that it exists. The UIDAI must use this as an opportunity to introspect.
(Views are personal)