Current Affairs Topics Archive
International Relations Economics Polity & Governance Environment & Ecology Science & Technology Internal Security Geography Social Issues Art & Culture Modern History

Government proposal to preload Aadhaar app on phones faced pushback

March 20, 2026 5 min read Science & Technology Polity & Governance GS2 (Governance Digital Identity Data Protection) GS3 (S&T: Digital Infrastructure)
On This Page

What Happened

  • The government's Unique Identification Authority of India (UIDAI) privately proposed in January 2026 that companies like Apple, Samsung, and Google consider pre-installing the Aadhaar application on smartphones sold in India, seeking engagement through the IT Ministry.
  • UIDAI's stated rationale: pre-installation would allow citizens to "readily access essential Aadhaar functionalities without the need for separate downloads" and would "enhance its reach and accessibility" — particularly for rural and first-time smartphone users.
  • The proposal drew significant opposition from the Manufacturers Association of Information Technology (MAIT), which represents major smartphone brands. Member companies argued pre-installation would not drive greater public good, would raise production costs, and would require separate production lines for India-specific handsets.
  • Concerns about privacy were also raised: the Aadhaar system has faced criticism for past data breaches, and mandatory pre-installation of a biometric identity app is seen by privacy advocates as a step toward normalising surveillance infrastructure at the hardware level.
  • It remains unclear whether the proposal is being actively pursued or was dropped following the pushback.
  • This is one of six mandatory preloading requests that MAIT has pushed back against, indicating a pattern of government-industry friction over digital infrastructure mandates.

Static Topic Bridges

Aadhaar Act 2016 and the Digital Identity Framework

Aadhaar is India's biometric-based digital identity system, administered by the Unique Identification Authority of India (UIDAI) under the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016. It assigns a unique 12-digit identification number to residents based on demographic and biometric data (fingerprints and iris scans). As of 2026, approximately 1.34 billion residents hold an Aadhaar number. The Aadhaar Act was significantly tested by the Supreme Court in the Puttaswamy-II judgment (2018), which upheld the constitutional validity of Aadhaar for government welfare delivery but struck down mandatory Aadhaar linkage for private entities (banks, telecom) as a violation of the right to privacy. The Act provides that UIDAI is the sole custodian of identity information and sets strict limits on data sharing.

  • Aadhaar Act 2016: administered by UIDAI, under the Ministry of Electronics and Information Technology (MeitY)
  • Unique number: 12-digit, linked to biometrics (fingerprints + iris scans) and demographics
  • Enrolment: ~1.34 billion residents as of 2026
  • Supreme Court Puttaswamy-II (2018): upheld Aadhaar for welfare delivery; struck down private-entity mandatory linkage
  • Uses: DBT (Direct Benefit Transfer), PMJDY banking, telecom KYC, DigiLocker, e-Sign, airport entry (Digi Yatra)
  • Aadhaar data breaches: multiple reported incidents, including 2018 leak affecting ~1 billion records

Connection to this news: The UIDAI's preloading proposal seeks to expand Aadhaar's hardware-level footprint beyond its current voluntary app download model. Privacy advocates argue this crosses a line the Puttaswamy-II judgment drew against mandatory Aadhaar penetration into private domain.

Right to Privacy and the Puttaswamy Judgment (2017)

Justice K.S. Puttaswamy (Retd.) v. Union of India (2017) is a landmark nine-judge Supreme Court constitution bench judgment unanimously holding that the right to privacy is a fundamental right under Article 21 (Right to Life) of the Indian Constitution. The judgment explicitly recognised informational privacy — the right of individuals to control data about themselves — as a component of the broader privacy right. It overruled earlier judgments (M.P. Sharma v. Satish Chandra, 1954; Kharak Singh v. State of UP, 1963) that had denied privacy as a fundamental right. Puttaswamy (2017) is the constitutional foundation on which the Digital Personal Data Protection Act, 2023 (DPDP Act) was built. The judgment introduced a proportionality test for state interference with privacy: any restriction must be (a) legal, (b) serve a legitimate state aim, (c) be necessary, and (d) be proportionate.

  • Puttaswamy (2017): 9-judge bench, unanimous — Right to Privacy is a fundamental right under Article 21
  • Informational privacy: recognised as a component — individuals have the right to control personal data
  • Proportionality test: state privacy intrusions must be legal, necessary, and proportionate to the aim
  • Overruled: M.P. Sharma (1954) and Kharak Singh (1963) — both had denied privacy as fundamental right
  • Impact: directly enabled passage of DPDP Act 2023; forms constitutional basis for all data protection claims

Connection to this news: Mandatory preloading of Aadhaar — a biometric identity app — on all smartphones sold in India would likely face a Puttaswamy proportionality challenge. Is it necessary? Is it proportionate? Critics argue less invasive means (app store promotion, awareness campaigns) exist.

Digital Personal Data Protection Act 2023 and India's Data Governance Architecture

India enacted its first comprehensive data protection law — the Digital Personal Data Protection Act (DPDP Act) 2023 — after nearly a decade of deliberation following the Puttaswamy judgment. The Act governs the collection, storage, and use of digital personal data about Indian residents. Key features: it requires data fiduciaries (entities collecting data) to obtain informed consent, restricts data processing to stated purposes, mandates data minimisation, requires breach notifications, and establishes the Data Protection Board of India as the adjudicatory body. However, critics note that the Act provides broad exemptions for state agencies and the central government — potentially allowing government entities to collect and use data without the consent requirements that bind private firms. The DPDP Act's rules are still being finalised as of 2026.

  • DPDP Act 2023: India's first comprehensive data protection law; enacted August 2023
  • Key principles: purpose limitation, data minimisation, storage limitation, consent, breach notification
  • Data Protection Board of India: adjudicatory body for complaints and penalties
  • Maximum penalty: up to ₹250 crore per violation
  • State exemption: Section 17 allows central/state governments to exempt themselves from most provisions — a major criticism
  • IT (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021: require platforms to remove deepfakes, misinformation, and certain categories of harmful content within specified timeframes

Connection to this news: The Aadhaar preloading proposal sits at the intersection of the DPDP Act's consent requirements and the state's exemptions from those requirements. A mandatory preloaded Aadhaar app — which passively collects device-level data — raises exactly the data minimisation and purpose limitation questions the DPDP Act is meant to address.

Key Facts & Data

  • Aadhaar enrolment: ~1.34 billion residents as of 2026
  • UIDAI proposal (January 2026): preload Aadhaar app on all smartphones (Apple, Samsung, Google)
  • Opposition: MAIT (Manufacturers Association of IT); 6 similar preloading requests have been rejected
  • Arguments against: higher production costs, separate India-specific production lines, no clear public good case
  • Puttaswamy (2017): 9-judge bench — Right to Privacy = fundamental right under Article 21
  • DPDP Act 2023: India's first data protection law; Data Protection Board as adjudicator; ₹250 crore max penalty
  • Aadhaar Act 2016: administered by UIDAI (under MeitY); Puttaswamy-II (2018) limited mandatory private-sector use
  • Past Aadhaar breach: 2018 incident reportedly affected ~1 billion records