Aadhaar card is now mandatory for various services, including banking, gas connections, mobile numbers and more. The government is constantly launching new Aadhaar-linked schemes, forcing citizens to obtain the unique 12-digit number as soon as possible. But the government has found itself in hot waters for the economically beneficial idea of centralising Aadhaar.
The security of Aadhaar has raised questions more than once. The concern quickly escalated when the Central government admitted in June that details of Aadhaar cards were displayed on 210 government websites. Currently, a nine-judge panel led by Chief Justice of India J S Khehar has been constituted in the Supreme Court to assess whether the Aadhaar project violates the people's right to privacy.
As if the Aadhaar data dump on hundreds of government websites wasn't enough, there is another government organisation which is responsible for publishing Aadhaar numbers of more than 20,000 people. The Greater Ludhiana Area Development Authority (GLADA), under the Pradhan Mantri Awas Yojana, collected applications from the lower economy sections of society for houses in Ludhiana and Jagraon.
Like any other government scheme, this one too is linked to Aadhaar, which makes it mandatory for applicants to present their unique identity numbers along with other personal details. While there's nothing wrong with that, as it helps the government to better track the success of the housing programme, the Punjab government's website published the details of applicants, including their names, fathers' names and Aadhaar numbers of chosen beneficiaries.
The misstep was rectified and the data was removed from the website by Monday evening after being notified by Hindustan Times. But nothing is really erased once it is on the Internet. The PDF files of the leaked data remained online.
"If any government department has published a list of applicants with their Aadhaar numbers, their information can get leaked. It is a grave threat to the privacy of residents as Aadhaar information can be misused," Satish Thaman, a member of Ludhiana district (west sub-division) grievances redressal committee, told the paper.
This is just one instance with a worrying amount of Aadhaar data being leaked on the Internet. In April, a significantly large database of 1.4 million beneficiaries of a pension scheme was published on the Jharkhand Directorate of Social Security website. This instance was quickly followed by another one where the Union Water and Sanitation Department published Aadhaar details of beneficiaries of the Swachh Bharat Mission-Gramin.
This is a huge concern for security of Indians, who have obtained Aadhaar by scanning their biometrics. Such confidential data can turn into a disaster if it falls in the wrong hands. Despite a series of data dumps, the UIDAI said in May that biometrics linked to Aadhaar are in "safe custody."
The surprising element here is that the battle isn't against hackers on the Dark Web. The confidential information is being published on government websites. In May, the Centre had said that four government websites published 13.5 crore Aadhaar numbers, 100 million plus bank account numbers, addresses, caste/religion and other related information, NDTV had reported.
Under Section 29 (4) of the Aadhaar Act, publicly display of Aadhaar numbers or core biometric information is strictly prohibited. Violators can land in prison for up to three years, besides being subjected to other penalties.
As a result of mandating Aadhaar, 99 percent of adult residents have already enrolled for the 12-digit unique identification number. The UIDAI surpassed the 111 crore mark in January in a country with a population of more than 125 crore people.
Is Aadhaar paving the way forward or putting millions at risk? The government must get to work seriously on the poor security protocols of their websites in order to successfully push Aadhaar centralisation.