Data security totally baseless

The discovery that the Aadhaar details of any individual could be leaked for just Rs 500 and 10 minutes proves right the claims against the ‘Aadhaar’ scheme once again.

The newspaper, The Tribune, proved Aadhaar’s lack of security by ‘purchasing’ the details of thousands of individuals through agents of an anonymous Whatsapp group that operates based in Punjab. The fraud team has reportedly been selling the data for the last six months. It means that the Aadhaar details of more than 119 crore individuals can be purchased at all times by anyone who wishes to do so akin to buying from a market. The Unique Identification Authority of India (UIDAI), the Aadhaar authority that has been asserting so far that the data was fully safe and secure, is still continuing the same claims. The authority said that the biometric data including the fingerprints have not been leaked. There seems to be facilities for monitoring the intruders and keeping them off limits. Even if it is admitted that the complete data have not been leaked, it has already been proved that it is possible to leak the data circumventing the authority’s security systems. Given the fact that the authority which claims to monitor the intruders, has failed even to notice that the data has been leaked for the last six months, how can these caretakers and their digital barriers be trusted again? This complete ignorance of the Aadhaar authority should generate more fear than the leaking of the Aadhaar data.

The Congress that now voices against Aadhaar are those who introduced the scheme. During their very tenure, subjects ranging from the necessity of Aadhaar to its security were topics of contention. But they did not back out. The Congress cabinet in Karnataka approved a Bill last week that makes Aadhaar mandatory for citizens to avail the government benefits and necessary services. On the other hand, when Congress introduced Aadhaar during its tenure, the BJP and Narendra Modi had aggressively opposed the scheme. After assuming power, they have outright forgotten all the downsides of Aadhaar. Experiences so far have shown that the claims of the government, that Aadhaar was being made compulsory to prevent corruption and leaking of resources, are wrong. Government departments and Aadhaar websites keep claiming that the number of people who need government subsidies and concessions have come down drastically. They also say that the reduction has been fake; and that the Aadhaar would be useful in detecting the fraudsters.

However, the drawbacks, scepticisms, uncertainty and ignorance in implementing Aadhaar are pulling people back. The ‘fraudsters’ (as dubbed by the authorities), who have not completed their ‘Aadhaar linking’, suffer hardships even in areas which the Supreme Court had ruled not to make Aadhaar linking compulsory, without receiving the concessions they deserve. The death of three Dalit brothers in Karnataka last year due to starvation had been news. They had been denied ration for six months because they did not have Aadhaar. Those hapless souls as well might have been ‘fraudsters’ in the eyes of the Aadhaar authority. An eleven-year old girl in Jharkhand died due to hunger after she was denied ration due to the lack of an Aadhaar link. Widow of a Kargil martyr in Haryana died after she was refused medical treatment on the grounds of lack of Aadhaar card. In short, the Aadhaar authorities have never been bothered about making the services available. All the attention and obstinacy have been in persuading the people to get an Aadhaar card as soon as possible and collecting their data. Even then they had one argument left with them that was in favour of the Aadhaar scheme - that the Aadhaar data was safe and secure and that it could not be leaked. That as well has been shattered now.

The report by The Tribunal concerning the lack of security of the Aadhaar data is not the only evidence. The authorities have so far not been able to provide a specific explanation for the apprehensions and scepticisms raised. Following the report by The Tribunal, online newspaper The Quint has revealed yet another information: not only can any random person have access to the Aadhaar database but they could have control on the data as well. There is reportedly no restriction as to who could be the admin of the official portal. Once a person becomes an admin, he can make anyone he choose an admin of the portal. Anybody could leak any data without Rs 500; they can choose the colluding parties as well. All this when the authority overtly claims that the scheme is highly secured. Doesn’t the UIDAI that keeps justifying that the biometric data have not been leaked, even notice the doors open? They are now saying that the matter would be investigated. Let it be probed. Let this scheme be suspended until everybody is convinced that things are safe and secure. Even if things are secure, questions rooted in Constitution related to privacy and personal liberty would remain in the Aadhaar matter. Let us hope that when the Supreme Court dispose of the Aadhaar cases, all these things would be taken into consideration.