advertisement
In yet another revelation that raises worries about the privacy of your Aadhaar data, it has been found that a simple Google search will lead you to the Aadhaar details of several individuals. These details, including their name, address, Aadhaar number, date of birth and photograph, have been made publicly accessible on the internet for no clear reason. Thankfully, the biometric details are not available.
The sites that have uploaded Aadhaar details of individuals for apparent public consumption include, among others:
Here’s how easy it is to actually find the Aadhaar details of several people unknown to you.
The details you will be able to access are as follows:
A Moneylife article that pointed out this ease of accessing Aadhaar details of individuals unknown to you has triggered an online conversation as well.
Here are some of the worrying questions that arise as a result of this revelation.
If the websites concerned (including a government site) deliberately uploaded the Aadhaar details of these individuals online:
If the websites concerned (including a government site) are not aware that the Aadhaar details of these individuals are publicly available online:
And the common question, regardless of whether these websites deliberately uploaded this information publicly:
These are questions that the Unique Identification Authority of India (UIDAI) will have to answer. Yet again, at some stage or the other, there has been a failure to keep the Aadhaar details of individuals secure.
The UIDAI cannot possibly deny the revelations made as anyone can search and verify this story for themselves. Therefore, anything short of a good explanation as to what has gone wrong will be unacceptable.
The All-India Football Federation (AIFF) does not seem to understand the difference between keeping an internal records of member’s ID proofs and uploading people’s personal documents online.
The Quint is refraining from sharing the specific URL on the AIFF site which reveals the data. This is to respect the privacy of hundreds of people whose personal documents are on the webpage.
However, it would seem that the AIFF itself has little respect for the privacy concerns of people who provide the organisation with their identification proofs. Or worse still, the AIFF is unaware about the difference between uploading files to a private drive on the cloud versus uploading them on their website for public consumption.
When someone gains access to so much of your personal information, it makes you more vulnerable to phishing.
Phishing is the fraudulent practice of sending emails or making calls claiming to be from reputable companies in order to induce people to reveal their personal information, such as passwords and credit card numbers. The information obtained is then used to carry out credit card frauds, unauthorised transactions and the likes.
So organisations like the AIFF and government body Indian National Centre for Ocean Information Services are endangering the security of the people whose personal details they are divulging online.
If this callousness in handling people’s personal data continues, our vulnerability to fraud and phishing too will only increase.
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)