Forensic Probe Into Aadhaar Data Controversy in Andhra Pradesh Raises Troubling Questions

The Wire
April 15, 2019

Initial findings of the investigation into 'IT Grids Pvt Ltd' have added fuel to the long-standing suspicion that state data hubs are being wrongly exploited.

 A fresh first information report (FIR) has been registered by the Cyberabad police, on the back of a complaint by the Unique Identification Authority of India (UIDAI) against ‘IT Grids Pvt Ltd’ for allegedly illegally storing and using Aadhaar data.

IT Grids, a company that does work for the Telugu Desam Party (TDP), has been in the eye of the storm over the last month. The firm came under the radar of investigation agencies after a complaint by YSR Congress party against a mobile app run by the TDP called ‘Seva Mitra’.

After a series of raids by the Cyberabad Police on the office of IT Grids in Madhapur, forensic investigations were conducted on material seized part of the raids. The Telangana State Forensic Science Laboratory (TSFSL) has in its initial probe concluded that the data of 7.8 crore people from Telangana and Andhra Pradesh were being stored by the company with the cloud storage services of Amazon Web Services.

The Seva Mitra application was allegedly being used by the Telugu Desam Party for voter profiling – or allowing booth-level workers to better understand the preferences of voters.

The application had voter details, including photos, with more space for TDP volunteers to collect further field information. It also contained information about beneficiaries of government subsidies programmes, indicating (but not confirming) that personal data was sourced from the government databases.

For its part, the TDP has maintained that all data was collected in a legal manner, primarily through surveys carried out by party workers with the consent of voters.

Most importantly perhaps, the investigation has revealed that the data parameters that IT Grids was storing was very similar to the format used by Aadhaar-centric databases like the state resident data hubs (SRDH) and the central identities data repository (CIDR).


The alleged presence of Enrolment Identification Numbers (EID) in the data that has been examined has reportedly strengthened this suspicion and the UIDAI has requested the police to carry further investigation by lodging the complaint.

How did we get to such a position, where potential violations of privacy went largely unnoticed?

A united Andhra Pradesh was one of the first states to adopt the Aadhaar project in 2010, part of the early experiments made by the UIDAI to roll out the project.

The Aadhaar programme by itself has many databases in its pipeline and it’s not simply the CIDR which is the primary database that houses the project’s information. The UIDAI has over the years helped build SRDH for several states including Andhra Pradesh.


The process is quite simple: the UIDAI collects Aadhaar enrolment data in partnership with the state governments, with an option for states to collect extra personal information through a mechanism called called Know Your Resident Plus (KYR Plus). The UIDAI actively shared back all Aadhaar numbers against enrolment EIDs along with 44 other parameters post the deduplication process. This was, in some cases, literally given to states in the form of excel sheets (.csv files) for storing it in their SRDHs.

The government of Andhra Pradesh has also separately been actively collecting data from its citizens using what it calls the “Smart Pulse Survey”. The survey used Aadhaar to build a 360 degree profile database called “People Hub” (an SRDH) which is one of the components of state’s real-time governance architecture called “e-Pragati”.


In essence, Andhra Pradesh tracks everyone’s Aadhaar information and links it to every other database for real-time governance. The geo-location of everyone in the state was also collected as part of e-KYC of every resident in the state. Nearly every government official has access to the state’s SRDH portal. The problem, though, is all of this information was made public for years and several complaints of data leaks were reported to both the UIDAI and the AP government.

Aadhaar-based voter profiling

The final piece of the puzzle was the Election Commission. As part of its National Electoral Roll Purification Authentication Programme (NERP-AP), there is some evidence to show it has shared voter data including photographs with the SRDHs in 2015.

The SRDHs were then actively used to find duplicate voters in the states of Telangana and Andhra Pradesh. This has prompted some to ask whether this method was used to cause large scale voter deletions in the region. This data sharing — and in some cases, wrongful deletions — were carried out without supervision and caution until the Supreme Court shut down the project in August 2015.  


Incidentally, all the programmes including Smart Pulse Survey, People Hub, e-Pragati, the pilot project on Aadhaar Voter Id linking were carried out by the UIDAI’s man on ground and M. Chandrababu Naidu’s trusted bureaucrat – Ahmed Babu. This was done under the umbrella of the Real-time Governance Society of AP.

In a press conference held after the raids on IT Grids’ offices, Babu and the IT secretary of AP defended the security and integrity of the SRDHs, contradicting the initial claims of Cyberabad Police and publicly reported Aadhaar data leaks from Andhra Pradesh.

Forensic investigations have always been demanded after each publicly reported Aadhaar leak. The UIDAI has always ignored this demand and has denied the role of Aadhaar in causing severe problems to the society. This has resulted in wrongful use of the technology to cause harm and even helped political parties in micro-targeting voters.


While the probe into IT Grids is yet to conclude, with nobody guilty yet, it’s time the UIDAI takes the misuse of Aadhaar data seriously and adopts this same standard of investigation into other incidents across the country.

Reference:-https://thewire.in/government/andhra-pradesh-stolen-aadhaar-data

Comments

Post a Comment

Popular posts from this blog

India Joins Russia in Voting Against West-Backed Move to Expand Powers of OPCW

The Wire: June 28, 2018 New Delhi: India voted against a UK-backed move that will allow the global chemical weapons watchdog to apportion blame for illegal attacks, criticising the decision to grant “unchecked powers” to the head of the group which could be used for “partisan” purposes. On Wednesday, more than two-thirds of the member states of the Organisation for the Prohibition of Chemical Weapons (OPCW) voted to authorise the international body to identify the perpetrators and sponsors of a chemical weapons attack. It also specifically called on the OPCW’s technical secretariat to begin work on identifying the perpetrators behind the use of chemical weapons in Syria. The draft decision, sponsored by 30 countries, was adopted at the fourth special session of the conference of the states parties to the Chemical Weapons Convention at the Hague, with 82 in favour and 24 negative votes. While Europe, the United States and their allies voted ‘yes’, there was strong oppo...
Read more

As financial insecurity rises in urban India, so does investment in insurance

Image
Scroll.in March 13, 2020 Urban Indians are becoming less confident about their financial security. Up to 58% of them fret over financial independence post retirement, which is a 4% increase from last year. An equal share of urban Indians worry about meeting their daily medical expenses and sustaining their current lifestyle once they stop working. The findings are part of a survey published by Delhi-based Max Life Insurance in association with London-based consultancy Kantar. The firms surveyed 7,014 respondents in 25 cities, including six metros, nine tier-1 cities, and 10 tier-2 cities, between December 2019 and January 2020. Source: Max Life Insurance via Quartz The trends Source: Max Life Insurance via Quartz Source: Max Life Insurance via Quartz Source: Max Life Insurance via Quartz A significant share of urban Indians also say their families will have no financial support in the event of the breadwinner’s death. In such a scenario, around 57% believe the family sav...
Read more

ED tracks Swiss Bank A/Cs of Agusta scamster

The Poineer February 10,2019 Rakesh K Singh The Enforcement Directorate (ED) has tracked a dozen Swiss bank accounts in the name of Rajiv Saxena, who is key accused in the Rs 3,600 crore AgustaWestland VVIP chopper scam. The ED has also found out accounts held by  his family members and associates where the kickbacks in the now scrapped deal were allegedly parked. Two bank accounts are in the name of Rajiv Saxena’s  associates Pankaj Jain and Sumita Jain who are also the authorised signatories. The  third is in the name of another associate Ajit Singh Bubber, but Rajiv and his family members are authorised signatories. The remaining nine accounts are largely owned and operated by Rajiv, his family members and associates. Rajiv Saxena was deported by the UAE authorities on January 30 and the ED formally arrested him the next day and a court later granted his remand to the agency. He is currently undergoing custodial interrogation by the ED. The agency had in 2017...
Read more