An incident in Jharkhand again seems to have raised some serious questions of Aadhaar's data-breach vulnerabilities.
The Aadhaar numbers of hundreds of thousands of pension beneficiaries were suspected to have been illegally displayed on a government website in Jharkhand, in violation of the Aadhaar Act,
reported. The lapse, apparently, occured due to a programming error on the Women and Child & Social Security of the Government of Jharkhand's website, maintained by the Jharkhand Directorate of Social Security.
The Aadhaar Act prohibits public display of an individual's Aadhaar details. But, Opposition and experts have repeatedly raised doubts about its privacy provisions and asserted that misuse of data is a possibility. The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016, prohibits the publishing, display or posting publicly of a person’s Aadhaar details with the exception of certain regulations.
The names, addresses, Aadhaar numbers and bank account details of the beneficiaries of the states’s old-age pension scheme were revealed due to a glitch on the website, a report published in Hindustan Times
Out of the over 1.6 million pension beneficiaries in Jharkhand, more than 1.5 million had furnished their Aadhaar numbers, The Indian Express report said. On Saturday evening, the Unique Identification Authority of India (UIDAI) office in Ranchi called up the office of the Department of Women and Child & Social Security to inform them of the glitch.
"We got a call from the UID cell telling us that the Aadhaar numbers of pension beneficiaries were being displayed on the website. We are aware of the seriousness (of the matter) and we will try to find out how and from where this mistake happened,” Director (Social Security) Ram Parvesh was quoted as saying by The Indian Express.
While the data were easily traceable till Saturday evening, the website was blocked later in the day. It is, however, unclear since when the data were made public.
The Supreme Court had on Friday asked Attorney General (AG) Mukul Rohatgi to justify making Aadhaar mandatory for filing of income-tax returns, in violation of the Court's earlier order. "Is making Aadhaar by force the only way to tackle fraud," the Court had asked the central government.
Earlier, on March 27, the Supreme Court had made it clear that Aadhaar could not be made mandatory by the government for extending benefits of social welfare schemes. The top court had, however, said the government could not be barred from seeking these cards, issued by UIDAI, for "non-benefit" purposes like filing of IT returns and opening of accounts.
UIDAI acts tough
On April 19, the UIDAI had filed First Information Reports against eight websites for "illegally collecting" Aadhaar-related data from citizens. It had shut down several websites and applications offering Aadhaar-related services to prevent citizens' personaldata from being compromised.