Can Mobile Companies Store and Reuse My Biometrics from SIM Verification?
The answer is a definitive NO. Mobile companies are strictly prohibited from storing or reusing your biometric data collected during Aadhaar-based SIM verification. Here’s a detailed explanation:
Biometric Data Protection:
- Your biometric data (like fingerprints) is encrypted immediately upon capture during the verification process.
- This encrypted data is sent directly to UIDAI (Unique Identification Authority of India) for verification.
- Mobile companies never have access to the raw biometric data.
Legal Prohibitions:
- Regulation 17(1)(a) of the Aadhaar (Authentication) Regulations 2016 explicitly forbids requesting entities (including mobile phone companies) from:
- Storing biometric information
- Sharing biometric information
- Publishing biometric information
- Retaining copies of biometric information (like fingerprints)
Scope of Prohibition:
- This prohibition applies to all requesting entities, which includes:
- Mobile phone companies
- Banks
- Any other service providers using Aadhaar for verification
Consequences of Violation:
- Any violation of these regulations is a punishable offense under the Aadhaar Act 2016.
- This ensures that companies take these privacy protections seriously.
Purpose of Biometric Verification:
- The biometric data is used solely for one-time verification of your identity against the UIDAI database.
- Once verification is complete, the mobile company only receives a ‘Yes’ or ‘No’ response from UIDAI.
UIDAI’s Role:
- UIDAI acts as a secure intermediary, ensuring that your biometric data remains protected.
- They handle the actual matching of biometrics against their database, not the mobile companies.
Consumer Rights:
- As a consumer, you have the right to expect that your biometric data will be used only for the purpose of verification.
- You can report any suspected misuse or storage of biometric data to UIDAI and relevant authorities.
Best Practices:
- Always ensure that biometric verification is done through official UIDAI-approved devices and processes.
- Be cautious of any requests to provide biometric data outside of the official verification process.
Transparency:
- Mobile companies are required to be transparent about their data handling practices.
- They should inform you about how your data will be used during the verification process.
The law provides strong protections for your biometric data during Aadhaar-based SIM verification. Mobile companies are strictly prohibited from storing or reusing this sensitive information. The process is designed to protect your privacy while still allowing for secure identity verification. If you ever suspect misuse of your biometric data, you have the right to report it and seek action against the offending party.
Related Articles: