How safe is your online data? Five flash points you cannot ignore
NEW DELHI: Breach of online data is emerging as a serious financial risk. It becomes all the more alarming when the government is universalising Aadhaar-based payment system as it prepares to turn India into a less-cash economy. Digital payments at such a large scale require adequate infrastructure and regulation. Moreover, internet is increasingly becoming prone to identity theft and related risks.
Below are a few areas of concern regarding breach of online data:
1. Data on sale
ET approached companies called ‘data brokers’ — who hawk their services on online listings and sell personal information — posing as a prospective buyer. For anywhere between Rs 10,000 and Rs 15,000, personal data of up to 1 lakh people was offered in Bengaluru, Hyderabad and Delhi. One data broker said he could get lists of high net worth individuals, salaried people, credit card holders, car owners and retired women in any given vicinity.
2. The complex data web
In most cases, when you sign up at a website, you give consent for some sort of sharing of data. This clause can land your data in wrong hands. When the data is sold by a broker, it becomes difficult to trace the source of the data leak.
3. Is Aadhaar safe?
Recently, officials of the Unique Identification Authority of India (UIDAI) noticed that one individual performed 397 biometric transactions between July 14, 2016 and February 19, 2017. Out of this, 194 transactions were performed through Axis Bank, 112 through Bengaluru-based e-sign provider eMudhra and 91 through Mumbai-based business correspondent Suvidhaa Infoserve. Digital payments require adequate infrastructure and regulations. However, biometric mismatch, identity theft and immediate revocation of access in case of identity theft are some areas of concern in Aadhaar-based payments.
4. Insecure data banks
The government is linking the Aadhaar database to all government services from education to cooking gas. The number of private companies obtaining and offering services based on Aadhaar data is also increasing. According to the UIDAI, it had shut dozens of private websites and mobile applications for illegally obtaining Aadhaar details. Creation of large databases due to Aadhaar linkages is fraught with risk as India lacks strong laws to tackle data theft and breach of privacy.
5. Weak laws
The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016, has provisions against disclosure of information stored in the UIDAI system. But only the authority has the right to file a case and not the individual. The basic problem is that the laws don't allow a person ownership over his own data. Strong privacy laws for online data are required for safe digital payments.
Below are a few areas of concern regarding breach of online data:
1. Data on sale
ET approached companies called ‘data brokers’ — who hawk their services on online listings and sell personal information — posing as a prospective buyer. For anywhere between Rs 10,000 and Rs 15,000, personal data of up to 1 lakh people was offered in Bengaluru, Hyderabad and Delhi. One data broker said he could get lists of high net worth individuals, salaried people, credit card holders, car owners and retired women in any given vicinity.
2. The complex data web
In most cases, when you sign up at a website, you give consent for some sort of sharing of data. This clause can land your data in wrong hands. When the data is sold by a broker, it becomes difficult to trace the source of the data leak.
3. Is Aadhaar safe?
Recently, officials of the Unique Identification Authority of India (UIDAI) noticed that one individual performed 397 biometric transactions between July 14, 2016 and February 19, 2017. Out of this, 194 transactions were performed through Axis Bank, 112 through Bengaluru-based e-sign provider eMudhra and 91 through Mumbai-based business correspondent Suvidhaa Infoserve. Digital payments require adequate infrastructure and regulations. However, biometric mismatch, identity theft and immediate revocation of access in case of identity theft are some areas of concern in Aadhaar-based payments.
4. Insecure data banks
The government is linking the Aadhaar database to all government services from education to cooking gas. The number of private companies obtaining and offering services based on Aadhaar data is also increasing. According to the UIDAI, it had shut dozens of private websites and mobile applications for illegally obtaining Aadhaar details. Creation of large databases due to Aadhaar linkages is fraught with risk as India lacks strong laws to tackle data theft and breach of privacy.
5. Weak laws
The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016, has provisions against disclosure of information stored in the UIDAI system. But only the authority has the right to file a case and not the individual. The basic problem is that the laws don't allow a person ownership over his own data. Strong privacy laws for online data are required for safe digital payments.
