New Delhi: A police case has been filed against The Tribune journalist who exposed how people could illegally access demographic data of individuals from UIDAI, the authority that issues Aadhaar numbers. The complaint, which also names people who sold unauthorised access details to the journalist, was filed within days of the news report.
- The Tribune reported data breach in Aadhaar network
- Reporter said she purchased phone numbers, email addresses for Rs 500
- Aadhaar authority had denied breach, said biometric data was secure
The report had renewed privacy concerns around the world's largest database of biometric details of a 1.19 billion residents in India.
The Editor's Guild of India has condemned the police case against the journalist, Rachna Khaira.
"It is clearly meant to browbeat a journalist whose investigation on the matter was of great public interest. It is unfair, unjustified and a direct attack on the freedom of the press," it said in a statement.
"Instead of penalising the reporter, UIDAI should have ordered a thorough internal investigation into the alleged breach and made its findings public," the top editors' body said, demanding that the cases be withdrawn.
The newspaper, The Tribune, had reported that it received an offer to buy access into the Aadhaar database for Rs. 500, and that its journalist was given login details to access the data. The journalist tried to key in an individual's Aadhaar number and was able to see the demographic details of the person concerned, the newspaper had claimed.
The newspaper which had reported on misuse of the facility, The Tribune, confirmed on its website on Sunday that a police case had been filed.
The Unique Identification Authority of India, or UIDAI, had denied that there had been a breach of its biometric database but conceded the facility to access demographic details of individuals provided to designated persons to redress grievances had been misused. It also stressed that biometric details - fingerprints of the enrolled individuals and their Iris scan - had not been accessed.
A source said the UIDAI had filed the case because unauthorized access was a criminal offence under the law. "Everything else is matter of investigation," he added.
In a letter to the newspaper yesterday, the UIDAI had also asked the reporter to clarify if it had been able to access the fingerprints or Iris scan of any resident and the number of Aadhaar numbers it had crossed-checked.
The UIDAI statement also underlined that the biometric database was "fully safe and secure with highest encryption".
According to the authority, sensitive Aadhaar information was protected by strong cryptography that UIDAI officials say would take "millions of computers and billions of years to decrypt the data".
The demographic details of individuals are not really confidential information, the source said. It was also pointed out that electoral rolls, which contain similar demographic information, were already in public domain.