India's Biometric ID System is Leaking Personal Data — And State Agencies Won't Fix The Problem
Rohith Jyothish, 13 Jan 18
       

Taking fingerprints for Aadhaar, photo via Wikimedia Commons, by Kannanshanmugham. CC BY 3.0

India's national scheme holds the personal data of more than 1.13 billion citizens and residents of India within a unique ID system branded as Aadhaar, which means “foundation” in Hindi.

But as more and more evidence reveals that the government is not keeping this information private, the actual foundation of the system appears shaky at best.

On January 4, 2018, The Tribune of India, a news outlet based out of Chandigarh, created a firestorm when it reported on that people were selling access to Aadhaar data on WhatsApp, for alarmingly low prices.

The investigation followed a man named Bharat Bhushan Gupta, a village-level entrepreneur who was lured into buying access to the database by people who approached him on WhatsApp. Gupta later realized that he had access to much more information than he'd asked for

Concerned about what this might mean for ID holders, Gupta attempted to notify the Unique Identity Authority of India (UIDAI), the agency responsible for issuing Aadhaar numbers, about the problem, but was unable to confirm that UIDAI was aware of or addressing the problem.

Gupta is one of 270,000 such village-level entrepreneurs who operate Common Service Centres responsible for various e-services between governments, businesses, and citizens.

He then approached Tribune journalist Rachna Khaira, who undertook the investigation.

Following the investigation, India Today conducted a ‘sting operation’ of their own to confirm the findings of the Tribune reporter.

Inconsistent responses from government

The UIDAI's response to the breach was to file a criminal complaint against Rachna Khaira who conducted the investigation into the breach of personal data and called it ‘misreporting’. When the Editors Guild condemned penalising the reporter, the UIDAI's response was to justify their action.

The Information Technology Minister, Ravishankar Prasad made a statement:

This is not the first time that the UIDAI has “shot the messenger,” so to speak. In early 2017, UIDAI filed a criminal complaint against CNN-News 18 journalist Debayan Ray for conducting an investigation in which he created two Aadhaar enrollment IDs using the same set of biometrics.

UIDAI filed a second complaint against entrepreneur Sameer Kochchar after he blogged about how Aadhaar can be hacked through a “biometric replay attack.” In all three cases, the UIDAI says that the claims made are “misleading.”

Sign in to view full article

       
Robots, Aliens, Corporate Drones – Who Will be The Citizens of the Future?
In the 1940s, science fiction author Olaf Stapledon gave a talk to a school about the future. Addressing his audience ...
Will Slocombe
Wed, 22 Mar 17
Sustainable Shopping: For Eco-Friendly Jeans, Stop Washing Them So Often
Denim jeans – whether ripped, straight, flared, vintage or raw – are one of the world’s most-loved garments. But from ...
Alice Payne, Susannah Kate Devitt
Thu, 1 Jun 17
Why We are Willing to Pay for Mega Expensive Things
It may not seem logical or good value for money, but there are plenty of us that will fork out ...
Paul Harrison
Wed, 15 Feb 17
Every Picture Tells A Story, But Visualisation Can Tell The Right One
They say a picture is worth a thousand words.
Quang Vinh Nguyen
Thu, 4 May 17
Too Many Tabs – Why Some People Can Multitask Online and Others Can’t
The internet may be the most comprehensive source of information ever created but it’s also the biggest distraction. Set out ...
Peggy Alexopoulou
Thu, 5 Jan 17
An Epoch Times Survey
An Epoch Times Survey
AcuSLIM - Acupuncture Weight Loss Programme
Sports Elements
BUCHERER
Sports Elements