Cameraperson: Abhay Sharma
Video editor: Vivek Gupta
We have absolutely no problem going and putting our fingerprint and iris and getting our whole body naked before the white man. But when your government asks you for your name and address, nothing more, there’s a massive revolution saying it’s an intrusion into the privacy of the individual.KJ Alphons, Minister of State for Electronics and Information Technology
What he’s basically saying is that if you criticise Aadhaar, it’s because you’re racist.
But there are real concerns over the safety of Aadhaar data and our personal information. And we have proof of that. You have proof of that.
So dear Minister KJ Alphons, I have a question.
CLAIM 1: You boasted that the entire Aadhaar database is safe because BIOMETRIC data has not been breached.
Let’s do a fact check, shall we?
There are two types of information with the UIDAI.
One, is demographic data – this includes an individual’s name, parent’s name, photograph, date of birth, email address, mobile number and complete residential address. That data has been breached.
Second, is biometric data – fingerprints, iris scans. Thankfully, that information has not been breached.
So, Minister Alphons, to say that there has been NO data breach just because biometric data has not been breached is not true.
- In January this year, The Tribune’s reporter Rachna Khaira was able to access the database that stored the personal information of more than 100 crore Aadhaar cardholders. She did this in 10 minutes and for a meagre sum of 500 rupees.
- Within hours of her report, we at The Quint did a follow-up story that showed that even unauthorised individuals could be made admins of the Aadhaar database, without sufficient checks in place.
- In March, it was revealed that a simple Google search “mera aadhaar meri pehchan filetype:pdf” revealed the Aadhaar details of several individuals. These details were published online by various sites, including a government website and the official website of the All India Football Federation. The UIDAI was not responsible for this data leak, it was these particular websites that were to be blamed.
But the bottom line remains, the Aadhaar details of individuals – which contain their personal demographic information – are not guarded well enough, both by the UIDAI and by websites of companies and government bodies.
CLAIM 2: Minister Alphons, next you trivialised the significance of these data leaks by comparing the Aadhaar details available online to the information in an old telephone directory. And you also said that we Indians are ready to get naked to get a US visa but cry “Revolution!” when the Indian government asks us for our name and address.
Phew.
First of all, I really don’t know what visa process you applied through, but Minister, you really don’t need to get naked to get a US visa. Trust me. And secondly, you realise the difference between a government asking for information versus that information being leaked online?
We don’t have a problem with the government asking us for our “names and addresses” and compiling those details. We have a problem when that database is vulnerable, easily breached and not adequately secured.
And about the telephone directory example – consent, dear Minister, consent. I can choose to not have my name and telephone number published in the telephone directory. But I cannot choose to not have my Aadhaar details stored in the Aadhaar database. So, if that database gets breached, it’s natural for me to worry, right?
CLAIM 3: Next, Minister Alphons, about the privacy concerns around the NaMo app, you said, "It’s a pack of lies. You think the Prime Minister of India is going to transfer data to some private company in the US? Come on, yaar, don’t be nuts to believe this kind of things. I mean, if you’re going to believe fake stories, there is no end to that.”
Firstly, “Come on yaar, don’t be nuts” isn’t a very sound defence. For anything. And especially not if we’re talking about an app by the Prime Minister of India.
NarendraModi.in was sending the personal information of its users to a third-party website in.wzrkt.com. This has been fact-checked and proven to be true. That’s not fake news. And now, the privacy policy on PM Modi’s website has quietly been changed.
So, rubbishing all these valid concerns as “fake stories” will not work, dear Minister. Luckily for you, the Congress is in a soup of its own – they’ve deleted their app as well after similar privacy concerns emerged. The point is – brushing this under the carpet is unlikely to fool anyone.
CLAIM 4: Minister Alphons, the gist of your argument has been that someone getting access to your demographic data/personal information cannot hurt you in any way.
Let me explain why that is not true.
When someone gains access to so much of your personal information, it makes you more vulnerable to phishing.
Phishing is the fraudulent practice of tricking people into revealing sensitive personal information such as passwords and credit card numbers by posing as people from reputable companies.
The information obtained is then used to carry out credit card frauds, unauthorised transactions and so on.
If an unauthorised individual to whom you have NOT provided your personal information can manage to gain access to your identification documents, that information may, in fact, be used to dupe you.
So yes, your personal information or the details on your Aadhaar card getting leaked online is a HUGE worry. It increases your vulnerability to online fraud. And no, your biometric details are not needed for that to be true.
CLAIM 5: Minister Alphons, you said, “If you want to get any government benefit, you must have an Aadhaar. Now again, government has made it very clear, we do not deny anybody any government benefit including your ration, your provisions, even if you don’t have an Aadhaar card.”
A small objection, Minister – the government hasn’t been asking for Aadhaar just for government benefits. Before the Supreme Court’s stay came along, the government had been asking us to link Aadhaar to bank accounts, mobile numbers, school admissions! None of those things are “government benefits”.
End the Denial, Address the Concerns
Mr Alphons, you are a Central Minister. You sit at the high table. With all said and done, wouldn’t you agree that it’s time for the government to accept that the privacy concerns that people have about Aadhaar, and indeed the NaMo app, are legitimate?
And instead of brushing them under the carpet, we must address them.
Surely, that must be essential if we’re ever going to truly become a Digital India. Right?
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)