BENGALURU: Even while the security and privacy of data secured by the
Unique Identification Authority of India (UIDAI) under its Aadhaar project is being questioned,
Karnataka police have shared personal details — including Aadhaar numbers — of victims of the Gruha Kalyan housing scam on an open network.
TOI noticed that personal details such as names, addresses, contact numbers and Aadhaar numbers apart from other details of 1,157 complainants — the victims of the estimated Rs 79 crore scam —have been uploaded on a police website, and were available until the time of going to the press on Wednesday. Also listed were PAN numbers of complainants alongside the sums they had paid and the moneys refunded.
The Criminal Investigation Department (CID) is investigating the scam which came to light in 2016. Officers probing the case had claimed the accused had floated companies such as Dreamz Infra India Ltd and Gruha Kalyan Private Limited and duped people crores of rupees. The entire scam spanning several cities is estimated at over Rs 500 crore.
Victims are now aghast at the callous manner in which their details have been shared on a public platform by the police. The victims TOI spoke to say they were unaware that their personal details were listed on the website.
Dr C Giridharan from Chennai, who was allegedly cheated out of Rs 6 lakh, said: “Why should police share somebody’s details on an open forum. This is shocking to say the least.” Ashok, another victim, said he wasn’t asked for consent before his Aadhaar number was uploaded on the website.
Kislay Chaudhary, chairman and CEO of
Indian Cyber Army, a cyber security organization, and an analyst to cybercrime investigation units of Uttar Pradesh, Madhya Pradesh, Bihar and Delhi, said police are in breach of UIDAI rules. “With Aadhaar numbers in hand, miscreants can access financial and social details of the individuals,” he said. “This data can easily be misused.”
Under the Aadhaar Act 2016, any individual, entity or agency, which is in possession of Aadhaar number(s) of Aadhaar number holders, shall ensure security and confidentiality of the Aadhaar numbers and of any record or database containing the Aadhaar numbers.
M Mohan Reddy, convener of State-Level Bankers Committee (SLBC), revealed the rules pertaining to Aadhaar was made stringent under the Aadhaar Act. “Previously we could display
Aadhaar details, but the Act has been modified and we cannot publish Aadhaar numbers any more,” Reddy said. “Now, no one is allowed to publish Aadhaar details.”
Times View
Critics argue that such an enormous and potentially lucrative database such as Aadhaar can never be fully secured and too often, lax government officials and now police have lent credence to this view. No matter how stridently UIDAI claims that data obtained under the Aadhaar project is safe, citizens are unlikely to be consoled especially since fraudsters have been able to reach into bank accounts of people with even less data than UIDAI has under its thumb. With police too leaking personal data, one wonders who UIDAI can call on to ensure strict action.
