Team Code: 7-04

7th Intra Moot Court Competition, 2019

BEFORE

The Hon'ble High Court of Hayati

Under Art. 226 of the Constitution of Mahishmati

Rudra.................................................................................................................Petitioner

v.

ITSM and Hashtag Solutions...........................................................................Respondent

And

Rudra..................................................................................................................Petitioners

v.

Government of Mahishmati.............................................................................Respondents

Under Sec. 18 of the SHWA

Anjali Madhur.....................................................................................................Petitioner

v.

ICC and ITSM....................................................................................................Respondents

MEMORANDUM ON BEHALF OF PETITIONERS

TABLE OF CONTENTS

i
 7th Intra Moot Court Competition, 2019

S.NO TITLE PAGE NUMBER

1. LIST OF ABBREVIATIONS iii
2. INDEX OF AUTHORITIES iv
3. STATEMENT OF JURISDICTION v
4. STATEMENT OF FACTS vi
5. ISSUES RAISED viii
6. SUMMARY OF ARGUMENTS ix
7. ARGUMENTS ADVANCED 1

Writ Petition:
1. That Hashtag Solutions and ITSM infringed right to 1
privacy.
2. That the requirement of Aadhaar number under Sec.7 is 12
not mandatory.

Appeal:
1. That the petitioner was subjected to sexual harassment
15
and that the decision of ICC and the termination of the
petitioner is not valid.

8. PRAYER xi

ii
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

LIST OF ABBRIEVIATIONS

ABBREIVIATIONS FULL FORM

Aadhaar Act Aadhaar Act, 2016
AIR All India Report
Art. Article
GOM Government of Mahishmati
Hashtag Solutions Hashtag Solutions Private Limited
Hon’ble Honorable
ICC Internal Compliance Committee
i.e That is
ITSM Innovative Technology Solutions Mahishmati Private Limited
KB Kings Bench
MoEIT Ministry of Electronics and Information Technology
Para Paragraph
SC Supreme Court
SCC Supreme Court Cases
Sec. Section
SHWA Sexual Harassment at Workplace
UIDAI Unique Identification Authority of India
UOI Union of India
v. Versus

iii
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

INDEX OF AUTHORITIES

Cases

Binoy viswam v. Union of India, (2017) 7 SCC 59...................................................................................13

BV Nagaraju v. Oriental Insurance Co. Ltd., 1996 SCC (5) 71...................................................................2
Gaurav Jain v. Hindustan Latex Family Planning Promotion Trust and Ors., 2015 SCC OnLine Del
11026.....................................................................................................................................................16
Justice KS Puttaswamy v. Union of India, (2019) 1 SCC 1.......................................................9, 10, 11, 14
Justice KS Puttuswamy v. Union of India, (2019) 1 SCC 1.........................................................................9
Northern Rly.Coop.Credit Society v. Industrial Tribunal, AIR 1967 SC 1182..........................................19
Painter v. Liverpool Oil Gas Light Co., (1836) 3 Ad & E.........................................................................17
Sandeep Singh Jadoun v. PIO, DGEAT, CIC/DGEAT/A/2018/117567......................................................4
State of Madhya Pradesh v. Firm Gopi Chand Sarju Prasad, AIR 1972 MP 43..........................................2
State of W.B. v. Anwar Ali Sarkar, AIR 1952 SC 75................................................................................14
Tejinder Kaur v. UOI, Delhi High Court, 2017 SCC OnLineDeL 12221..................................................16
Tournier's case , [1924] 1 KB 461...............................................................................................................4
v. National Collegiate Atheletic Association , 865(P2D) 633 (Cal 1994)..................................................11
Vijay Prakash v. Union of India, AIR 2010 Del 7.....................................................................................10
Vodafone International Holdings BV v. Union of India, [2012] 1 S.C.R. 573............................................3
Books

1. MP Jain, Constitution of India,

2. PavanDuggal, Law on Aadhaar, 1st edition, 2016.
3. Karnika Seth, Computers, Internet and New Technology Laws, 2nd edition, 2016.

Statutes

1. The Constitution of India, 1950.

2. Aadhaar Act, 2016.
3. Information Technology Act, 2008.
4. Information Technology Rules, 2011.

Websites

1. SCC online
2. Manupatra
3. www.mondaq.com

iv
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

STATEMENT OF JURISDICTION

Writ Petition:

The counsel on behalf of the respondents approach the Hon’ble High Court of Hayati under Art
226(1) of the Constitution of Mahishmati which states that:

Notwithstanding anything in Article 32 every High Court shall have powers, throughout the
territories in relation to which it exercise jurisdiction, to issue to any person or authority,
including in appropriate cases, any Government, within those territories directions, orders or
writs, including writs in the nature of habeas corpus, mandamus, prohibitions, quo warranto
and certiorari, or any of them, for the enforcement of any of the rights conferred by Part III and
for any other purpose.

Appeal:

The counsel on behalf of the respondents approach the Hon’ble High Court of Hayati under Sec
18(1) of the SHWA which states that:

Any person aggrieved from the recommendations made under sub-section (2) of section 13 or
under clause (i) or clause (ii) of sub-section (3) of section 13 or subsection (l) or sub-section (2)
of section 14 or section 17 or non-implementation of such recommendations may prefer an
appeal to the court or tribunal in accordance with the provisions of the service rules applicable
to the said person or where no such service rules exist then, without prejudice to provisions
contained in any other law for the time being in force, the person aggrieved may prefer an
appeal in such manner as may be prescribed.

v
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

STATEMENT OF FACTS

Hashtag Solutions Private Limited (“Hashtag Solutions”) is the 100% subsidiary company to
Innovative Technology Solutions Mahishmati Private Limited (“ITSM”). Both companies have
their registered office at Hayati. ITSM is the 4th largest software development company in
Mahishmati. In the year 2016, the Government of Mahishmati (“GOM”) introduced a
programme named, The Digital Mahishmati with a vision to transform Mahishmati into a
digitally empowered society and knowledge economy. In the same year GOM further introduced
the Aadhaar Act,2016 (“Aadhaar Act”). The main feature of the act was to create a Digital ID to
its citizens. GOM madeit mandatory for every citizen to provide their Aadhaar number to
purchase a new Sim card by introducing Section 57 in the Aadhar Act which made linking of
biometric IDs with SIM cards.

The GOM entered into a contract with Hashtag Solutions to verify the Aadhar numbers provided
by the consumers to obtain a new SIM card. There was an important condition in the contract
which states that the information obtained from the customers shall be kept confidential during
the contract period and such information shall be destroyed after the contractually term or
occurrence of any termination event. Mrs. Anjali Madhur, was nominated as the project head
under this contract. The Supreme Court of Mahishmati in August 2017 made it no longer
mandatory to obtain a SIM card and declared Section 57 of Aadhar Act as unconstitutional. After
the judgment the GOM terminated the contract with Hashtag Solutions and orally assured that
subsequent Contract to develop a software for offline verification shall be awarded to them.

Anjali Madhur started working on the projects of ITSM after being asked by ITSM to work with
them till the management assaigns her with new project. This participation was not welcomed by
their senior officers. Later she discovered that ITSM was withholding the data to do an offline
verification for a new app called “Unisex” which they are developing and the aadhaar data will
be used by them for the subsequent Government projects. This new app is similar to any other
dating app in the country of Mahishmati. One of the compulsory clause under the terms of use of
the app was that the new user had to accept a clause that allows ITSM to verify their aadhaar
data at the time of registration of the app. Not being satisfied with Mrs. Anjali Madhur’s
participation, two senior most members, namely Mr. Shahid Khan and Mr. Khanna Guru, of
ITSM inn order to harass her started calling with nicknames, making offensive gestures, passing
vi
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

improper comments about her to the other colleagues, making physical contact and advances.
Mrs. Anjali Madhur discussed about the harassment with their colleagues and also with the
Technical Manager, Mr. Karan Kapoor, who worked with her in the Aadhaar verification project.
But there was no support and help from any of them. After the span of 4 months, she
complained a complaint to She-Box. Accordingly, the disciplinary proceedings were initiated by
the Internal Compliance Committee (“ICC”) against the two senior officers. After completing of
the inquiry on the complaint, on 20.01.2019, the ICC submitted a report to the employer of ITSM
that no action needs to be taken against the respondents as the allegations against them are not
proved and the reasons as for mentioned in the ICC report.

After the report of ICC, on 24.01.2019, ITSM without serving notice period, Mrs. Anjali Madhur
got terminated on the allegations that she filed a false complaint against the senior employees of
ITSM and also tarnishing the reputation of ITSM. Later she was asked to submit her laptop and
the other electronics provided to her by ITSM. On 27.01.2019, a news channel, telecasted a news
that the Aadhaar and the other personal information of many citizens were openly made available
in the website of ITSM and severe accusations were made against ITSM. Being aggrieved by the
decision of the ICC, Mrs. Anjali Madhur approached the High Court of Hayati on 19.02.2019.

Rudra, a non-profitable organization, filed two writ petitions and one being against Hashtag
Solutions and ITSM in the High Court of Hayati for directing the Hashtag Solutions and ITSM to
handover all the Aadhar information that are in their possession to the government and the other
petition seeking a declaration that the requirement of Aadhar is not mandatory to avail benefit or
services of the Government of Mahishmati. Hence this case.

ISSUES RAISED

vii
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

WRIT PETITION

ISSUE 1

Whether ITSM and Hashtag Solutions have infringed right to privacy?

ISSUE 2

Whether requirement of Aadhaar number is mandatory under sec.7 of the act?

APPEAL

ISSUE 1

Whether the petitioner was subjected to sexual harassment and whether the
decision of ICC is Valid?

viii
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

SUMMARY OF ARGUEMENTS

WRIT PETITION

1. THAT HASHTAG SOLUTIONS AND ITSM INFRINGED RIGHT TO PRIVACY

Hashtag Solutions have breached the contract where they had this contract with Ministry of
Electronic and Information Technology and ITSM used the information that Hashtag Solutions
collected in unauthorized manner. ITSM being a holding company should not hold the Aadhaar
information collected by Hashtag Solutions. This will amount to holding of unauthorized
information which is not permissible as per the law. Hashtag solution and ITSM has violated the
right to Privacy of the citizens. It was the duty of Hashtag solutions to protect the data of the
citizens but failed to do so by holding the unauthorized information of the citizens of
Mahishmati.

2. THAT THE REQUIREMENT OF AADHAAR UNDER SEC. 7 IS NOT MANDATORY

That the requirement of Aadhaar under Sec.7 is not mandatory as it is violating Art. 14 and Art.
21 of the Constitution of Mahishmati. This section mandates that proof of Aadhaar number
would be necessary for receipt of certain subsidies, benefits and services etc. meaning thereby
for availing such subsidies, benefits and services, it would be necessary for the intended
beneficiary to possess Aadhaar number. Classification caused by the Act lacks rational nexus.At
the point of use, the Biometric Authentication divides residents into two classes: those who have
and do not have Aadhaar Sec. 7 also violates Art. 21 of the Constitution of Mahishmati.
Mandatory imposition of Aadhaar violates their rights to choose how to identify themselves to
the government in a reasonable and non-intrusive fashion. On making Aadhaar mandatory,
instead of the citizen’s right to food and a correlative duty on the State to take action to ensure
the proper fulfillment of such rights, the State is exercising its power to convert the constitutional
rights of its citizens into liabilities. Hence it is a clear violation to Article 14 and as well as
Article 21.
APPEAL
1. THAT THE PETITIONER WAS SUBJECTED TO SEXUAL HARASSMENT AND
THAT THE DECISION OF ICC IS INVALID .

The petitioner (Mrs. Anjali Madhur) was subjected to sexual harassment by Mr. Khanna Guru
and Mr. Shahid Khan. Also the decision given by the ICC is not valid and also that the
termination of the petitioner was illegal.As per the court, the ICC has the power to extend the
time limit for filing a complaint by 3 months, i.e. up to a total of six months from the date when
the incident took place by recording reasons in writing if it is satisfied that certain circumstances

ix
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

prevented the complainant from filing the complaint earlier.Lack of direct evidence or witnesses
must not deter or discourage the aggrieved employee from filing a complaint to the ICC or even
reporting the incident orally in the first instance but as soon as possible after the occurrence.
Also, simply because the petitioner was unable to produce direct evidence to satisfy her claim,
ICC cannot give a decision against her and ITSM basing on such decision cannot terminate the
petitioner from her services.

x
Memorandum on behalf of Petitioners
 ARGUMENTS ADVANCED

WRIT PETITIONS

1. THAT HASHTAG SOLUTIONS AND ITSM INFRINGED RIGHT TO PRIVACY

1.1 Breach of contract by Hashtag Solutions

Petitioners submit that Hashtag Solutions have breached contract that they had with MoEIT and
ITSM used the information that Hashtag Solutions collected in unauthorized manner by violating
Sec. 28, 29, 37 and 43 of Aadhaar Act, 20161 and Sec. 43A, 72 & 72A of IT Act, 2008 2 and IT
Rules under Information Technology (Reasonable Security Practices and Procedures and
Sensitive Personal Data or Information) Rules, 2011.

Requirement of contract under Art. 299 of the Mahishmati Constitution3

It may be noted that like other contracts, a Government Contract is also governed by the
Mahishmati Contract Act4, yet it is distinct. Thus Art. 299 lays down three conditions which the
contracts made in the exercise of the executive power of the Center or a State must fulfill to be
valid

1. The contract must be expressed to be made by the president or the Governor as the case
may be;
2. These contracts made in the exercise of the executive power are to be executed on behalf
of the President/Governor as the case may be; and
3. The execution must be by such person and in such manner as the President or the
Governor of the case as the case may be, may direct or authorize.5

The expression "executed" does not by itself contemplate execution of a formal contract by the
executing parties. A tender for the purchase of goods in pursuance of a tender notice, notification

1
Aadhaar Act, 2016, Sec. 28, 29, 37 and 43.
2
Information Technology Act, 2008, Sec. 43A, 72 and 72A.
3
The Constitution of India, Art. 299.
4
Indian Contract Act, 1875.
5
Veena Gopalakrishnan, Government contracts (25th July, 2019), http://www.legalserviceindia.com/article/l42-
Government-Contracts.html.
 7th Intra Moot Court Competition, 2019

or statement inviting tenders issued by or on behalf of the President or the Governor, as the case
may be, and acceptance in writing which is expressed to be made in the name of the President or
Governor and is executed on his behalf by a person authorized in that behalf would fulfill the
requirements of Art. 299(1). If these requirements are fulfilled, a valid contract may result from
the correspondence.6

MoEIT, GOM, is authorized person under Art. 299 and has authority to come into contract with
Hashtag solutions. It has followed the procedure of tender and chose to come into contract with
Hashtag Solutions only when they bid in favorable condition of the tender.

Breach of contract by Hashtag Solutions

A contract is incomplete without a termination notice. Every Contract enshrines the

circumstances in which a contract may be terminated. Generally a contract may be terminated in
any of the following ways: (a) at the option of either parties without assigning any reason and/or
(b) at the option of the non-defaulting party on the occurrence of certain specified event and/or
(c) upon expiration of the term of the contract. Contracts that can be voided in any way fall
within the ambit of 'determinable contracts'. Hence, by inserting a termination clause in a
Contract, the parties can establish a definite mechanism to be followed for putting an end to the
Contract and avoid arbitrary termination.7

The Supreme Court of Mahishmati8 also emphasized on the same rule in B.V. Nagaraju v
Oriental Insurance Co. Ltd.9 Every contract contains a core or fundamental obligation which
must be performed. If one party fails to perform this fundamental obligation, he will be guilty of
a breach of contract whether or not any exempting clause has been inserted which purports to
protect him.

It is submitted that Hashtag Solutions and MoEIT entered into contract to collect biometric
information of citizens for Aadhaar data and to promote digital Mahishmati. The contract
contained clause that when the contract is terminated on occurrence of events or after completion
6
State of Madhya Pradesh v. Firm Gopi Chand Sarju Prasad, AIR 1972 MP 43.
7
Tejasvini shirodkar, Pooja Shah, Determinable Contracts v. Specific Performance: Discretion Of Court (30th
July,2019),http://www.mondaq.com/india/x/534120/Contract+Law/Determinable+Contracts+VS+Specific+Perform
ance+Discretion+Of+Court.
8
Supreme Court of India.
9
BV Nagaraju v. Oriental Insurance Co. Ltd., 1996 SCC (5) 71.

2
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

of contractual term of two years, then all information collected should be destroyed by Hashtag
Solutions10. On the event of declaring Sec. 57 of Aadhaar Act unconstitutional by Supreme
Court, the contract was terminated by the MoEIT.11 According to contract, when termination
takes place, Hashtag solutions shall destroy the information collected but, Hashtag solution did
not destroy the information and further forwarded information to ITSM. Therefore there was
breach of contract by Hashtag Solutions. Unauthorized transfer of information by Hashtag
solutions to ITSM.

Lifting of corporate veil

Holding and subsidiary company different entity. Lifting of corporate veil to make holding
company and wholly owned subsidiary is only in the matters of management control or policy
decisions, holding company cannot take up contracts of subsidiary company as they both are
separate legal entity12. Contracts of subsidiary companies are not to be taken up by holding
company as they are different legal entity and they have different liabilities. this corporate veil
can be lifted only when there is any fraud or misconduct is taking place. By breaching the
contract Hashtag Solutions has fraudulently transferred Aadhaar information to ITSM, therefore,
corporate veil has to be lifted and both the companies are to be held liable for transfer of Aadhaar
information.

1.2 Unauthorized use of Aadhaar information by ITSM

Holding company not authorized to take information from subsidiary

The petitioners further submit that a holding company is not authorized to take any type of
information available with the subsidiary contract without a lawful contract.

A reference is also invited to the provisions of Sec. 43A13 of IT Act and the Information
Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or
Information) Rules, 2011 (Hereinafter, IT Rules) framed under that Act, which, inter alia, gives
protection to sensitive personal data or information of customers of body corporate. Rule 5(5) 14

10
Para 3 of Moot Proposition.
11
Para 3 of Moot proposition.
12
Vodafone International Holdings BV v. Union of India, [2012] 1 S.C.R. 573.
13
IT Act, Sec. 43A (2008).
14
IT Rules, Rule 5 (2011)

3
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

of IT Rules, provide that information collected shall be used for the purpose for which it has
been collected. These provisions may have to be read in conjunction with the principles
enumerated in the Tournier15 case.16 Principles enumerated in Tournier's case17 are as follows:

A bank's duty of confidentiality is not absolute, and is subject to four exceptions, identified
in Tournier18

1. disclosure by compulsion of law;

2. disclosure under duty to the public interest;
3. disclosure under the bank's own interest and
4. disclosure under the customer's approval.

According to Sandeep Singh19The confidential information that is kept with body corporate has
to protected by the body corporate except under exceptions that are enumerated in Tournier's
case, i.e,

1. By compulsion of law;
2. In public interest;
3. Provider's prior consent.
Disclosure of personal information is allowed where either provider has given his consent or
when it is necessary to comply with a legal obligation. When the same is done for a legal
enforcement purpose no prior consent of provider is required. 20 But the transfer that took place
between Hashtag Solutions and ITSM with regard to information does not fall under any of the
exceptions mentioned above nor there was any consent given by Ministry for such transfer.

Violation of provisions under Aadhaar Act

15
Tournier's case , [1924] 1 KB 461.
16
Sandeep Singh Jadoun v. PIO, DGEAT, CIC/DGEAT/A/2018/117567.
17
Id at 15.
18
Id at 15.
19
Id at 16.
20
IT Rules, Rue 6 (2011).

4
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

Sec. 28(4)(c) of Aadhaar Act has mandated that the UIDAI shall require all third party agencies
including consultants, advisors and other persons, to act only on the instructions from the
UIDAI. Hashtag Solutions was given instruction by Ministry in contract to destroy the
information after termination of contract, but Hashtag Solutions breached the contract by not
destroying information and violated Sec. 28(4)(c). This Sec. 28 provides foundation, on which
the protection and preservation of security and confidentiality of identity information and
authentic records of individuals is sought to be maintained in the Aadhaar ecosystem 21, both by
the UIDAI as also all agencies, consultants, advisors and other persons, officers employees or
other agencies maintaining the central identities data repository. Sec. 28(5) thereby gives
supremacy to the principle that by and large, the Authority being the UIDAI or any of its
officers, employees or agencies maintaining the Central Identities Data Repository, shall not
reveal any information stored on CIDR or authentication record to anyone.22

It is assumed that MoEIT is on par with UIDAI, according to Sec. 28(5) Ministry should or its
officers, employees or agencies should not reveal information but Hashtag Solutions revealed
this information to ITSM and ITSM in turn failed to take reasonable security measures as per
Rule 8 of IT Rules.

Sec. 29(4) was violated by ITSM. Sec. 29(4) sates as follows:

No Aadhaar number or core biometric information collected or created under this Act in
respect of an Aadhaar number holder shall be published, displayed or posted publicly, except for
the purposes as may be specified by regulations.

Section 29(4) further puts embargo upon the publication, displaying or

posting publicly of the following information:

1. Aadhaar Number of Aadhaar Number holder

2. Core biometric information collected or created under the Act in respect of the
Aadhaar Number

21
“Aadhaar ecosystem” which includes enrolling agencies, Registrars, requesting entities, offline verification-
seeking entities and any other entity or group of entities as may be specified by regulations, Aadhaar and other laws
bill, Sec.2(aa) (2018)
22
Pavan Duggal, Law on Aadhaar (1st edition, 2016).

5
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

As such, none of the aforesaid two kinds of information can mandatorily be published, displayed
or posted publicly except for the purposes as may be specified by regulations. When the
information collected by Hashtag Solutions was disclosed on ITSM's website then Sec. 29(4)
was violated by displaying Aadhaar information on its website.
Section Sec. 37 makes act of disclosing identity information as offence which is punishable with
imprisonment for a term which may extend to three years or with a fine which may extend to ten
thousand rupees. In the case of a company, this fine can extend to one lakh rupees. Identity
information includes Aadhaar number, biometric information and demographic information 23,
displaying of Aadhaar number by ITSM is punishable under Sec. 37 of Aadhaar Act.

Sec. 43(2)24states that if any officers of the company, such directors, managers, secretary or other
officers have given consent for commission of the offence then they shall be made liable. Today,
a large number of companies are providing computers, computer systems, computer networks,
computer resources and communication devices connections to their employees. If there is any
misuse or potential abuse of the said computer resources, and if pursuant thereof offences are
committed under the Aadhaar Act, then the company cannot escape responsibility for the same.
This so because the said computer resources would be deemed to be that of the company and that
being so, the offence would also be deemed to have been committed by the company. Hence, the
subject of corporate liability in the context of misuse of computer resources assumes tremendous
significance.25 ITSM managers were aware of holding of information by ITSM which was
collected by Hashtag Solutions was in the possession of ITSM for unauthorized use in UNISEX
app and for subsequent government contract for offline verification. 26 Therefore, ITSM has
committed an offence under Sec. 43(2) of Aadhaar Act as managers were aware of holding of
such information, even then they failed to take measures to secure it.

Violation of Sec. 43A, 72A and 72 of IT Act

23
Aadhaar Act, Sec. 2(n) (2016).
24
Aadhaar Act, Sec. 43 (2016).
25
Pavan Duggal, Law on Aadhaar (1st edition, 2016).
26
Para 4 of Moot proposition.

6
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

Petitioner's humbly submit that ITSM has violated Sec. 43A, 72 and 72A of IT Act 2008 by
disclosing information on its website.

Sec. 72 A of IT Act states as follows:

Save as otherwise provided in this Act or any other law for the time being in force, any person
including an intermediary who, while providing services under the terms of lawful contract, has
secured access to any material containing personal information about another person, with the
intent to cause or knowing that he is likely to cause wrongful loss or wrongful gain discloses,
without the consent of the person concerned, or in breach of a lawful contract, such material to
any other person shall be punished with imprisonment for a term which may extend to three
years, or with a fine which may extend to five lakh rupees, or with both.

Sec. 72A of IT Act states that any person under lawful contract secures access to personal
information and discloses such information in breach of contract to another person, without prior
consent of the provider, then the person has breached confidentiality and privacy of provider and
should be punished under this Section. Hashtag Solutions have breached the contract with
MoEIT under Sec. 72A of IT Act, by first, not destroying the information collected and, second,
by disclosing the information to ITSM for unauthorized use of information. Hashtag Solutions
breached confidentiality and privacy of its customers which resulted into loss of infringement of
their right to privacy.

Sec. 43A of IT Act obligates a body corporate that deals with sensitive personal data in a
computer resource which it owns, controls or operates to maintain 'reasonable security practices'
to safeguard personal information of individuals. Sec. 43A explains that these reasonable
security practices will be governed by contract between the parties or as per the industry practice
and norms or prescribed by the central government. In case an organization is negligent in
undertaking this obligation causing wrongful loss or gain to any person, Sec. 43A makes such
entity liable to pay compensation to the person affected. 27Sec. 43A is to be interpreted strictly,
there is no need of mens rea for commission of breach of confidentiality. ITSM has violated Sec.
43A as the computer source was of ITSM and it does not matter by whom the data was leaked,
ITSM is strictly liable.

27
Karnika Seth, Computers , Internet and New Technology Laws (2nd edition, 2016).

7
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

Sec. 72 of IT Act has also been violated by ITSM, Sec. 72 states as follows:
Save as otherwise provided in this Act or any other law for the time being in force, any person
who, in pursuant of any of the powers conferred under this Act, rules or regulations made there
under, has secured access to any electronic record, book, register, correspondence, information,
document or other material without the consent of the person concerned discloses such
electronic record, book, register, correspondence, information, document or other material to
any other person shall be punished with imprisonment for a term which may extend to two years,
or with fine which may extend to one lakh rupees, or with both.
ITSM took Aadhaar information from Hashtag Solutions and disclosed that information on its
website, ITSM has violated Sec. 72 of IT Act read with Sec. 43A of IT Act. ITSM has disclosed
the Aadhaar information without provider's consent and according to Sec. 43A ITSM has to be
made strictly liable for such acts of disclosure.
Violation of IT Rules, 2011
Personal sensitive information involved here are Aadhaar details and such information as per
Rule 3.28 Rule 729 provides that transfer shall be permissible only when it is necessary for
performance of lawful contract between provider of information and body corporate and or
where provider has given his consent to such transfer.30Hashtag solutions has breached the
contract by not fulfilling essential condition, therefore the transfer is unlawful and the provider,
government being the provider here, has not agreed for such transfer.
Rule 8 and Rule 6(3) were also violated, if it is considered that transfer of information to ITSM
was authorized, then there was no reasonable practice and procedure to protect the sensitive
personal information as used as the information was displayed by violating Sec. 29(4) of
Aadhaar Act.

Petitioners humbly submit that ITSM and Hashtag Solutions have violated Aadhaar Act, IT Act
and IT Rules by first, breaching the contract which lead to, second, unauthorize use of Aadhaar
information, third, which finally lead to disclosure of Aadhaar information by not maintaining
reasonable security procedure and practices.

28
IT Rules, Rule 3 (2011).
29
IT Rules, Rule 7 (2011).
30
Karnika Seth, Computers, internet and new technology laws (2nd edition, 2016).

8
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

1.3. That the act of the companies has violated right to privacy under Art. 21 of the
constitution.
It is submitted that Hashtag solution and ITSM has violated the right to Privacy of the citizens. It
was the duty of Hashtag solutions to protect the data of the citizens but failed to do so.

Not only from the Commencement of Constitution but even before the Constitution there was a
concept of right to privacy which was protected. Despite the evident historical emphasis on
privacy, the Court in Puttaswamy case31 held that an individual's right to privacy is an inherent
part of the right to life and personal liberty and therefore is implied in Art. 21 of the Mahishmati
Constitution.32 According to Parent, (1983) privacy is the condition of not having undocumented
personal knowledge about one possessed by others. Thus, in such an account, the right to privacy
would include a bundle of rights such as the right to privacy of beliefs, thoughts, personal
information, home, and property.33

The fundamental right to privacy would cover at least three aspects – (i) intrusion with an
individual’s physical body, (ii) informational privacy, and (iii) privacy of choice. 34there has been
infringement of informational privacy. The right to privacy is also recognized in case of bilateral
relationships that impose duty of confidentiality against disclosure of personal information such
as marriage or contract of service.35

The counsel on behalf of petitioners contend that right to privacy under Art. 21 also extends to
protection of personal information of citizens from unauthorized possession and unauthorized
use. As proved in the above mentioned issue, Hashtag Solutions has violated an important
condition of the contract i.e to destroy the personal information of citizens after the termination
event. After the termination event the information that Hashtag solution is in possession of is
unauthorized information because it is no longer authorized to hold such information. Hashtag
Solutions has therefore violated the right to privacy by possession of unauthorized information.

31
Justice KS Puttuswamy v. Union of India, (2019) 1 SCC 1.
32
Id.
33
Vrinda Bhandari and Renuka Sane, Towards a privacy framework in India in the age of the internet (2nd August,
2019), https://macrofinance.nipfp.org.in/PDF/1LEPCPr_BhandariSane20160926.pdf.
34
Id at 31.
35
Vijay Prakash v. Union of India, AIR 2010 Del 7.

9
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

The data protection concept is connected with the individual’s privacy. 36ITSM has violated the
fundamental right to privacy of the owners of the personal information at three different
instances. The first instance is when ITSM has in an unauthorized way obtained personal
information of many citizens and held that information with it. For the only reason that ITSM is
a holding company of Hashtag Solutions, it is not authorized to take any sensitive information
from Hashtag solutions without any legal contract. It is further contended that ITSM cannot
takea defense saying that it has withheld such information for using it for another application
namely ‘UNISEX’. The app for which ITSM has held the information is not legal. A person’s
private and sensitive information cannot used for different purposes without the knowledge of
the owners of such sensitive information. Privacy protects different aspects of private interest
including private interest protecting information that protects disclosure or misuse of sensitive
personal information and ‘autonomy interest’ which includes the discretion to make personal
decisions or conduct activities in seclusion.37 By taking such information from its subsidiary
company ITSM has infringed the right to privacy as peoples sensitive information is being
accessed by an unauthorized person and also ITSM was misusing the information it has for other
purposes than as was lawfully agreed.

It is further contended by the petitioners that the consent taken from the users for the ‘UNISEX’
app is deceptive as there was no emphasis given to the condition that the app would be taking
their personal information. Moreover, the information is taken without providing any purpose as
to why the information is being taken from the users of Unisex app. This condition in the app
would cause irreversible damage to the user’s fundamental right of privacy under Art. 21 of the
constitution of Mahishmati.38The app has made it mandatory for the users to accept the term that
it would be using their personal information. This is violating the users right to choice. High
courts seem to have more straightforward approach to this issue, by reading a right to privacy
and the right to choose as something that is essential to leading a meaningful life39.

By inserting a mandatory term in the Terms of the use of the app to accept the collection of
Aadhaar details ITSM is violating the fundamental right to choose.
36
Lutha R Nair, Data Protection Efforts in India: Blind leading the Blind?, The Indian Journal of Law & Technology
VOL 4 (2008).
37
Hill v. National Collegiate Atheletic Association , 865(P2D) 633 (Cal 1994).
38
The Constitution of India, Art. 21.
39
Id at 31.

10
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

This shows that there was no express consent given by the users of that application to give their
consent. This also infringes an individual’s right to privacy. Acquiring sensitive information
from users without them giving consent on their own will also infringe the privacy of those
users. ITSM that possess the Aadhaar details acquired from Hashtag Solutions and also the
information that is obtained from the users of the application is now in an influential position as
it is having all the information of a particular individual. ITSM will now be able to do
surveillanceon the profile of the individuals, their movement and also can keep a check on how
an individual is using his Aadhaar card and the details. An identity scheme that employs mass
surveillance impairs an individual's autonomy and self-development and violates the
constitutional protection of privacy and human dignity.40
Right to privacy is implicit in the right to life and liberty guaranteed to citizens by Art. 21 and
that citizens have a right to safeguard that privacy. 41 Informational privacy which does not deal
with a person's body but deals with a person's mind, and therefore recognizes that an individual
may have control over the dissemination of material that is personal to him. Unauthorized use of
such information may, therefore lead to infringement of this right; 42Art. 21 guarantees citizens
the right to safeguard their privacy. Not only collecting personal information in an unauthorized
way but also by publishing that information on the website of ITSM is a clear infringement of
Right to Privacy under Art. 21 because the owner of the sensitive is entitled to control over the
information that he has provided. Using such information for other things to which the consent of
the owner of such information does not extend will cause infringement of privacy.
Even though the users of the app has given their consent to use their Aadhaar details, ITSM has
infringed the privacy of the users of the app by publishing it on their website to which their
consent was not given. The publication of Aadhaar details without the consent and knowledge of
the owners of such information is a serious infringement of Right to privacy of such users.

40
Sheetal Asrani-Dann, The Right to Privacy in the Era of Smart Governance: Concerns Raised by the Introduction
of Biometric- Enabled National ID Cards in India, 47 J. INDIAN L. INST. 53, 62 (2005).
41
Id at 31
42
Id at 31

11
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

2. THAT THE REQUIREMENT OF AADHAAR NUMBER UNDER SEC. 7 IS NOT

MANDATORY.

Petitioners humbly submit that the requirement of Aadhaar under Sec.7 should not be mandatory.
If it is mandatory in nature then that would violate Art.14 and Art.21 of the Constituion of
Mahishmati. If it violates these Art. then the Sec. would be Unconstitutional. Chapter III 43 deals
with ‘authentication’. Sec. 744 falling under this Chapter mandates that proof of Aadhaar number
would be necessary for receipt of certain subsidies, benefits and services etc. meaning thereby
for availing such subsidies, benefits and services, it would be necessary for the intended
beneficiary to possess Aadhaar number. In case of an individual to whom no Aadhaar number
has been assigned, he/she would be required to show that application for enrolment has been
given. Where the Aadhaar number is not assigned, proviso to Sec. 7 lays down that the
individual shall be offered alternate and viable means of identification for delivery of subsidy,
benefit or service.45

Even where a person is availing of a subsidy, benefit or service from the State under Sec. 7 of the
Act, mandatory authentication through the Aadhaar platform (without an option to the citizen to
use an alternative mode of identification) violates the right to informational privacy. An
individual’s rights and entitlements cannot be made dependent upon an invasion of his or her
bodily integrity and his or her private information which the individual may not be willing to
share with the State. The bargain underlying Sec. 7 is an unconscionable, unconstitutional
bargain. Sec. 7 is against the constitutional morality contained in both Part III as well the Part IV
of the Constitution of Mahishmati.46

Petitioners contend that there are various other methods available for identification. One of the
objects of the Aadhaar project is to ensure targeted delivery in the disbursement of government
subsidies benefits and services in India. Identification for this purpose can be carried out by
various other identity documents issued by the government of India, such as passport, voting
card, ration card, driving license, PAN card, overseas Indian citizen card/PIO/OCI of Indian
origin card. There is no justification to impose Aadhaar under as the exclusive means of
43
Aadhaar Act, chapter III (2016).
44
Aadhaar Act, Sec. 7 (2016).
45
Id at 31.
46
The Constitution of India, Part III and Part IV.

12
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

identification under Sec. 7, without which a person would be unable to secure her entitlements.
Such mandate would not only infringe upon the privacy of a person and violate a person’s
fundamental rights, but would also unreasonably deprive a person of her entitlements on a
ground that has little connection with her right to receive such entitlements.
Sec. 347 read with Sec. 4(3)48 of the Aadhaar act implies that this act was framed as a voluntary
entitlement to establish one’s identity 49, but the action of the government and the private entities
such as ITSM has made the use of Aadhaar card mandatory under Sec. 7. A resident has to
compulsorily obtain Aadhaar card in order to avail any statutory entitlements. It thus pervades
every aspect of an individual’s life. Concomitantly, there is no opt out option in the Aadhaar Act,
which makes consent irrevocable and deprives individuals the ability to make decisions about
their life.
Petitioner submit that, this kind of mandatory nature of Sec. 7 violates Art 14 50.In order to pass
the test of permissible classification two conditions must be fulfilled viz. (i) that the
classification must be founded on an intelligible differentia which distinguishes those that are
grouped together from others left out of the group, and (ii) that the differentia must have a
rational relation to the objects sought to be achieved by the Act. The differentia which is the
basis of the classification and the object of the Act are distinct and what is necessary is that there
must be nexus between them.51Classification caused by the Aadhaar Act lacks rational nexus.
The entitlement of an individual depends upon status, and not proof of identity.
At the point of use, The Biometric Authentication divides residents into two classes: those who
have and do not have Aadhaar; and those who authenticate successfully, and those who do not.
Given that the probability of biometric mismatch is greatest for the aged, disabled, and
individuals engaging in manual labour amongst the most vulnerable Section of society the
decision to use periodic biometric authentications has a direct and disparate effect of violating
fundamental rights of this class. This division bears no rational nexus with the question of status
for receiving benefits. It leads to under inclusion, and is thus arbitrary, causing an Art. 14
violation.

47
Aadhaar Act, Sec 3 (2016).
48
Aadhaar Act, Sec 4(3) (2016).
49
Binoy viswam v. Union of India, (2017) 7 SCC 59.
50
The Constitution of India, Art. 14.
51
State of W.B. v. Anwar Ali Sarkar, AIR 1952 SC 75.

13
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

Sec. 7 also violates Art. 21 of the Constitution of Mahishmati. Mandatory imposition of Aadhaar
violates their rights to choose which is a fundamental right 52 how to identify themselves to the
government in a reasonable and non-intrusive fashion. On making Aadhaar mandatory, instead
of the citizen’s right to food and a correlative duty on the State to take action to ensure the proper
fulfillment of such rights, the State is exercising its power to convert the constitutional rights of
its citizens into liabilities.
Having established the infringement of Art. 21, the invasion is not justified under the principle of
proportionality. The State’s primary justification of eliminating welfare leakages and ensuring
“better targeting” does not stand up to judicial scrutiny.
Therefore Sec. 7 of the Aadhaar is in violation of Art. 14 and Art. 21 of the Constitution of
Mahishmati and therefore the requirement of Aadhaar should not be made mandatory under Sec.
7 of the Aadhaar Act.

APPEAL
52
Id at 31.

14
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

1. THAT THE PETITIONER WAS SUBJECTED TO SEXUAL HARASSMENT AND

THAT THE DECISION OF ICC AND THE TERMINATION OF THE PETITIONER IS
NOT VALID.

The counsel on behalf of the petitioner hereby submit that the petitioner (Mrs. Anjali Madhur)
was subjected to sexual harassment by Mr. Khanna Guru and Mr. Shahid Khan. The counsel also
contends that the decision of ICC is not valid and also that the termination of the petitioner was
illegal.

Sexual harassment at workplace can result in two possibilities for victim:

1. Hostile environment
2. Quid pro quo nature of sexual harassment
Petitioners submit that Mrs. Anjali Madhur has suffered an outcome of hostile environment after
being harassed by her two senior officers. She was a regular employee under Sec. 2(f) of Sexual
Harassment at Workplace Act, 201353 (Hereinafter, SHWA) which states as follows:

“employee” means a person employed at a workplace for any work on regular, temporary, ad
hoc or daily wage basis, either directly or through an agent, including a contractor, with or,
without the knowledge of the principal employer, whether for remuneration or not, or working
on a voluntary basis or otherwise, whether the terms of employment are express or implied and
includes a co-worker, a contract worker, probationer, trainee, apprentice or called by any other
such name.

According to Sec.2(f) of (hereinafter, SHWA), Mrs. Anjali Madhur is a regular employee. She
works on project basis, these projects are given to her to work on behalf of ITSM. Therefore, she
is an employee of ITSM and she can file a complaint before Internal Complaint Committee
(hereinafter, ICC) on the matter that she was subjected to sexual harassment under Sec.2(n) of
SHWA.

1.1.Limitation period

53
Sexual Harassment at Workplace Act, Sec. 2 (2013).

15
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

A complaint cannot be rejected by the ICC merely on the grounds that the complainant had
delayed in filing the complaint.54As per the court, the ICC has the power to extend the time limit
for filing a complaint by 3 months, i.e. up to a total of six months from the date when the
incident took place by recording reasons in writing if it is satisfied that certain circumstances
prevented the complainant from filing the complaint earlier. 55 According to Sec. 9(1), ICC can
entertain complaints filed after three months if there is justified reason for the delay. The
incidents to Mrs. Anjali Madhur were continuous in nature, there was no delay on her part, she
also had reason that she was mentally traumatized because of the harassment and was not able to
file a complaint against them because of loss of mental stability.56

1.2.Direct evidence

Lack of direct evidence or witnesses must not deter or discourage the aggrieved employee from
filing a complaint to the ICC or even reporting the incident orally in the first instance but as soon
as possible after the occurrence. With the advent of SHWA and the spurt in complaints, there is a
realization that the law against sexual harassment has to be enforced with judicial sympathy and
activism to protect women at the workplace. 57 ICC constituted by ITSM dismissed sexual
harassment case filed by Mrs. Anjali Madhur on the ground there was no direct evidence. ICC
cannot dismiss complaint on the ground that there was no direct evidence, it has to consider
circumstantial evidence as well and then decide the matter. Therefore, ICC violated principle of
natural justice, audi alteram partem, by not giving opportunity to Mrs. Anjali Madhur to
substantiate circumstantial evidence in her matter of sexual harassment at workplace. A party is
not to suffer in person or in purse without an opportunity of being heard.58 De Smith59 says:

No proposition can be more clearly established than that a man cannot incur the loss of liberty
or property for an offence by a judicial proceeding until he has had a fair opportunity of
answering the case against him.

54
Gaurav Jain v. Hindustan Latex Family Planning Promotion Trust and Ors ., 2015 SCC OnLine Del 11026.
55
Tejinder Kaur v. UOI, Delhi High Court, 2017 SCC OnLineDeL 12221.
56
Para 5 of Moot proposition.
57
Sunil Kumar, India: Challenges For Aggrieved Women Employees And Internal Complaints Committee In
Proceedings Under Sexual Harassment Act - A Test Of Legal Rigor (Last update: 27th October, 2015),
http://www.mondaq.com/india/x/438614/employee+rights+labour+relations/Challenges+For+Aggrieved+Women+
Employees+And+Internal+Complaints+Committee+In+Proceedings+Under+Sexual+Harassment+Act.
58
Painter v. Liverpool Oil Gas Light Co., (1836) 3 Ad & E.
59
De Smith, Judicial Review of Administrative Action (1995) 380.

16
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

This concludes that during judicial proceedings the parties must be given total opportunity of
presenting their case. In this case ICC has given its decision by totally ignoring the
circumstantial evidence. This is infringing the petitioner’s right of being heard.

1.3.Grounds on which the complaint was filed were valid

The complainant must gather evidence of the conduct of the accused, and of the incident, its time
and place, whether it was repeated or frequent. All occasions or situations in which the acts
occurred, which will all lend credibility to the charge. The victim would be well advised to speak
to their friends or colleagues immediately after the incident or unwelcome act even if there is still
some doubt or ambiguity regarding the intention of the accused. It does not matter that no clear
pattern of behavior is discernible, or as to whether it is sexually oriented or intended. All these
bits of information would come in useful as evidence when the case demands. 60 There were
incidents where both the senior members of ITSM made offensive gesture towards her and called
her named.61 Mrs. Anjali Madhur spoke to her colleague Mr. Karan Kapoor to help her but he
failed he help her as he had no say in ITSM. After recouping her courage she filed complaint
before ICC.

Two senior members had harassed Mrs. Anjali Madhur under Sec. 2(n)(i) and (v) by making
physical contact and advances and making offensive gestures, passing improper comments about
her to other colleagues.62 Also under Sec. 3 (2)(iv)63 these two senior members of ITSM created
hostile environment for her, because they used to pass improper comments about her to other
colleagues and creating a bad impression in the mind of those colleagues about her. Such
gestures which affected her mentally cannot be considered to be of friendly gesture. These
gestures and name calling are appropriate ground for filing a complaint of sexual harassment
before ICC.

1.4.Termination of Mrs. Anjali Madhur was illegal

60
Sunil Kumar, India: Challenges For Aggrieved Women Employees And Internal Complaints Committee In
Proceedings Under Sexual Harassment Act - A Test Of Legal Rigor (Last update: 27th October, 2015),
http://www.mondaq.com/india/x/438614/employee+rights+labour+relations/Challenges+For+Aggrieved+Women+
Employees+And+Internal+Complaints+Committee+In+Proceedings+Under+Sexual+Harassment+Act.
61
Para 5 of Moot Proposition.
62
Para 5 of Moot proposition.
63
Sexual Harassment at Workplace Act, Sec. 3 (2013).

17
Memorandum on behalf of Petitioners
 7th Intra Moot Court Competition, 2019

Sec. 14(1) of SHWA proviso states that Provided that a mere inability to substantiate a
complaint or provide adequate proof need not attract action against the complainant under this
Sec., ICC stated that no action has to be taken against complainant as there was no adequate
proof to prove the allegations. Even after the decision of ICC, ITSM removed Mrs. Anjali
Madhur without prior notice of termination. There were two wrongs committed by ITSM in this
case:

1. They terminated Mrs. Anjali Madhur against the decision of ICC and violated
Sec. 14(1) proviso;

Simply because the petitioner was unable to produce direct evidence to satisfy her claim, ICC
cannot give a decision against her and ITSM basing on such decision cannot terminate the
petitioner from her services.

2. Terminated Mrs. Anjali Madhur without any prior notice.

Even if there is no provision in the statute about giving of notice, if the order in question
adversely affects the rights of an individual, the notice must be given. The notice must be clear,
specific and unambiguous and the charges should not be vague and uncertain.64

In the present case according to Sec. 16 of SHWA the proceedings are not to be published, if
published then the person who publish the proceedings will be liable under Sec. 17 of SHWA.
There was no threat to ITSM for tarnishing their global image because of Mrs. Anjali Madhur's
complaint as it was not published according to Sec. 16. The termination of the petitioner is
unjustified as it has not followed the main principle of natural justice i.e to give prior notice.

64
Northern Rly.Coop.Credit Society v. Industrial Tribunal, AIR 1967 SC 1182.

18
Memorandum on behalf of Petitioners
 PRAYER

Therefore in the light of the issues raised, arguments advanced and authorities cited, it is humbly
requested that this Hon’ble court may be pleased to adjudge and declare:

1. That Hashtag Solutions and ITSM are liable for data breach and for infringing the
right to privacy and Hashtag Solutions , ITSM should be directed to pay adequate
compensation to the effected parties.
2. That the requirement of Aadhaar under Sec. 7 of the Aadhaar Act is not mandatory
and is violating article 14 and 21 of the Constitutio of Mahishmati.
3. That the decision given by ICC is not valid.

And pass any such order or direction as the Hon’ble Court deems fit and proper in the interest of
justice, equity and good conscience, for this the applicants shall as duty bound ever pray.

Counsel for petitioners