On Saturday, President Ram Nath Kovind gave his assent to an ordinance that allows the voluntary use of Aadhaar as ID proof to open a bank account or get a SIM card. The ordinance was necessitated after the Rajya Sabha could not approve the Bill in the last two sessions of the Parliament after it was passed at the Lok Sabha.

It amended the existing Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016.
The gazette notification said, "Parliament is not in session and the President is satisfied that circumstances exist which render it necessary for him to take immediate action." It further said that "therefore in exercise of the powers conferred by clause (1) of article 123 of the Constitution, the President is pleased to promulgate the following ordinance - This Ordinance may be called the Aadhaar and Other Laws (Amendment) Ordinance, 2019." It also said that the act would come to force "at once."

The new act makes it clear that:

• One cannot be denied a service like opening a bank account or purchase a SIM card, for lack of Aadhaar
• One has the right to choose whether on not provide their Aadhaar details for KYC procedure.
• The amendments provide for stiff penalties for violation of norms set for the use of Aadhaar and violation of privacy by the service providers.
• It bans storing of core biometric information or Aadhaar number by service providers in cases of individuals who have voluntarily offered to give the details for identity authentication purposes.
• Gives a child an option to exit from the biometric ID programme on attaining 18 years of age.
• Every requesting entity to who an authentication request is made will have to inform the Aadhaar number holder of alternate and viable means of identification and will not deny any service to them for refusing to, or being unable to undergo authentication.
• The changes entail a civil penalty of up to Rs 1 crore on entities that violate the provisions of the Aadhaar Act, with an additional fine of up to Rs 10 lakh per day in case of continuous non-compliance.
• Unauthorized use of identity information by a requesting entity or offline verification seeking entity would be punishable with imprisonment of up to three years with a fine that may extend to Rs 10,000 or in case of a company with a fine of up to Rs 1 lakh.