The Aadhaar-issuing body said it has given the "search facility" for grievance redressal
Highlights
- A newspaper reported that it got an offer to buy Aadhaar login details
- An official said the system only provided limited access to basic details
- The UIDAI insisted that there had been no breach but files a police case
NEW DELHI:
UIDAI, the authority that issues Aadhaar numbers, has filed a police case after a newspaper appeared to have bought login details to get access to its database for Rs 500, but insisted that there had been no breach. "The Aadhaar data including biometric information is fully safe and secure," a statement by the Unique Identification Authority of India, or UIDAI, said. Aadhaar already faces a legal challenge in the Supreme Court filed by activists who believe that the rule to force people to submit their Aadhaar numbers was a violation of their privacy.
Here are the 10 points on this story:
The newspaper, The Tribune, has reported that it received an offer to buy access into the Aadhaar database for Rs 500, and that it's journalist was given login details to access the data. The journalist tried to key in an individual's Aadhaar number and was able to see the demographic details of the person concerned, the newspaper has claimed.
The story was seen as a vindication of concerns expressed by think-tanks such as the Centre for Internet and Society that the centralized data retention model for 12-digit biometric identity to all Indian residents was flawed.
But the UIDAI has indicated that the login details provided to the newspaper "appears to be instance of misuse of the grievance redressal search facility", given to designated personnel and state government officials. They could access details about an individual by entering their Aadhaar or enrolment number.
A UIDAI official said this system only provided limited access about the basic details of an individual and does not include access to biometric details. Also, there were enough checks and balances built into the system to trace every piece of data that has been accessed to ensure that every deviation will be punished.
"The legal action including lodging of FIR against the persons involved in the instant case is being done," the UIDAI statement said.
There has not been any data breach of biometric database which remains fully safe and secure with highest encryption, the UIDAI said, underlining that mere display of demographic information cannot be misused without biometrics. It also stressed that Aadhaar number is not a secret number and had to be cited by residents to avail various services.
Aadhaar was set up to be a form of digital identification for all residents, originally pitched for targeted delivery of benefits to the poor.
UIDAI says it has a well-designed, multi-layer approach, robust security system in place and the same is being constantly upgraded to maintain the highest level of data security and integrity.
In the past, the UIDAI has, however, taken a dim view of government websites publicly displaying details such as names and addresses of Aadhaar beneficiaries.
Last month, the UIDAI told parliament that about 210 government departments and organisations had been ordered to remove the Aadhaar and other personal data from their websites.
Post a comment