Aadhaar: TRAI chief RS Sharma's challenge boomeranged as his personal info gets disclosed
Moments after RS Sharma, Chairman of Telecom Regulatory Authority of India (TRAI), shared his Aadhaar number on Twitter with a challenge to 'harm him' on Sunday, several people revealed his personal information, like permanent account number (PAN), his date of birth, mobile numbers, and residential address. Some even claimed to have created a profile on e-shopping sites using these credentials.
 
The TRAI Chairman neither accepted nor rejected whether the information revealed on Twitter belonged to him or no. 
  
In a series of tweets on Saturday, a French security expert, who goes by the nickname Elliot Alderson and uses twitter handle @fs0c131y, caused ripples on the social media, leaking "personal address, DoB, your alternate phone number" and explaining to Mr Sharma, the TRAI chairman, how risky it was to make the Aadhaar number public.
 
"People managed to get your personal address, DoB and your alternate phone number. I stop here, I hope you will understand why make your Aadhaar number public is not a good idea," Alderson wrote.
 
 
Mr Sharma, former Director General (DG) and Mission Director of Unique Identification Authority of India (UIDAI), has been maintaining that Aadhaar does not violate privacy and the government reserved a right to create such a database of residents since it gives subsidies on state-run welfare schemes. He and all other supporters of Aadhaar, however, keep quite on why Aadhaar is enforced upon citizens who does not receive any subsidy from the government.
 
It is illegal for even Mr Sharma to publish his Aadhaar number, under the Aadhaar Act. Section 29 of the Aadhaar (Targeted delivery of financial and other subsidies, benefits and services) Act, 2016 prohibits public sharing Aadhaar number. Sub-section 4 of Section 29 of the Act says, “No Aadhaar number or core biometric information collected or created under this Act in respect of an Aadhaar number holder shall be published, displayed or posted publicly, except for the purposes as may be specified by regulations.”
 
In this situation, it would be interesting to see if UIDAI takes any action against Mr Sharma, its former chief for publishing own Aadhaar number on a public platform. 
 
Amid a debate on privacy concerns, which has also reached the Supreme Court, activists and people in general fear that the 12-digit biometric number is harmful to citizen's privacy.
 
"My Aadhaar number is 7*** **** ***0. Now I give this challenge to you: Show me one concrete example where you can do any harm to me," tweeted Mr Sharma, whose tenure as chief of TRAI ends on 9 August 2018. He is holding the position since August 2015. 
 
Earlier, a Twitter user had asked Mr Sharma to "walk your talk" after the TRAI chief tweeted his interview with an online portal in which he strongly defended Aadhaar and rejected apprehensions that one billion Aadhaar accounts were vulnerable. 
 
He had said there had not been a single instance of data being breached and had there been one, the entire Aadhaar database would have been vulnerable.
 
Within hours of tweeting his Aadhaar number, Anderson replied to Sharma: "The phone number linked to this #Aadhaar number is 9********7. According to an official @nicmeity circular, this phone number is the number of your secretary," Anderson wrote and posted a link to a circular issued by the Ministry of Electronics and Information Technology (MeitY). 
 
One question here is how Mr Sharma linked his secretary's mobile number with his own Aadhaar number? Also, in that case, which number is used by Mr Sharma's secretary to link to own Aadhaar?  
 
The security researcher also posted a picture of Mr Sharma with a portion of it blackened. "I supposed this is your wife or daughter next to you."
 
Anderson, who is known to have revealed security loopholes in the Aadhaar data system, also posted screenshots of Mr Sharma's leaked details with key areas blackened and hidden.
 
One of the screenshots even carried his PAN details. But that was also hidden.
 
 
While personal information of Mr Sharma was being spread on the social media, his previous employer, UIDAI came out with its ‘standard’ denial. Dismissing claims made by ‘certain elements’ on Twitter and a section of media, UIDAI said, “they have fetched personal details of Ram Sewak Sharma, who is a public servant using his Aadhaar number. Any information published on Twitter about RS Sharma was not fetched from Aadhaar database or UIDAI’s servers. In fact, this so–called ‘hacked’ information was already available in public domain as he being a public servant for decades and was easily available on Google and other sites.”
 
Alderson, however says, “If your phone numbers, address, date of birth, bank accounts and others personal details are easily found on the Internet you have no #privacy. End of the story.” 
 
/div>

 

Like this story? Get our top stories by email.

User

COMMENTS

Suresh Deshmukh

4 months ago

I hold this portal - Moneylife - in very high esteem for the forthright views, stories and opinions - but except in matters related with Aadhaar. Almost everyday, stories trying to show Aadhaar in very bad light are being churned out. They stretch things to very ridiculous levels at times. I am at a loss to understand why Moneylife appears to have made anti-Aadhaar stand as their journalistic policy, putting their own credibility at stake.
Very sad and hurting!

REPLY

Shivram Ramakrishnan

In Reply to Suresh Deshmukh 3 months ago

Hi Suresh, You perfectly expressed my thoughts. I am still unable to fathom how knowing someone’s PAN number or email ID is more dangerous than giving an identity to a lot of people and ensuring benefits are targeted to the right group? I am yet to see a convincing argument in this regard. Merely asking people to read up on privacy and then discuss is insufficient argument.

Venkatraman Narayanan

4 months ago

Please don’t give credence to frauds such as Elliot Anderson etc.

Anindya Bhattacharya

4 months ago

Can Moneylife digital team suggest me a way to know if any particular MP / MLA in India have Aadhaar card?

Anindya Bhattacharya

4 months ago

May I request Moneylife team to put in perspective "What privacy is in today's context?" through a well researched article.

Mahesh S Bhatt

4 months ago

Overconfidence gifted stupid Telecom Companies Government Ministers ( Sinisters) Mahesh Bhatt

Narayan

4 months ago

Very bad journalism. The so-called ethical have failed miserably to prove that you can harm anyone if you know their aadhar number. They could crack aadhar database, they simply googled and turned in the info available there. Sharma is public servant, much of the information they claim to have gathered is widely available on government site. Nobody can harm him with such data. Please stop criticizing aadhar.

REPLY

Venkatraman Narayanan

In Reply to Narayan 4 months ago

Completely agree. Sucheta has a problem with uidai and so propping up such articles. I am not sure if anybody is independent.

Roy Aranha

4 months ago

Something terribly wrong with claims and arguments about the safety of ones personal information and security

Saravanan R

4 months ago

This confirms there is bigger conspiracy by anti bjp forces to discourage digital transactions and to support black money generation.

Vivek Silla

4 months ago



https://thewire.in/tech/trai-rs-sharma-daughter-kavita/amp/

atul naik

4 months ago

What boomeranged? Challenge was to harm. No one has been able to do that.

Mihir A. Kulkarni

4 months ago

Disappointed with the article. Should have done more research. There is another thread where all claims are refuted with proof and source of information that Anderson revealed is provided.

Magesh Kuppan

4 months ago

If phone, email id and address is available in public domain, then why cry that "privacy is affected because of Aadhaar "

REPLY

Saravanan R

In Reply to Magesh Kuppan 4 months ago

True.

Delhi HC and Madras High Courts Allow Filing Tax Returns without Aadhaar
The Delhi High Court on Tuesday directed the Income Tax (I-T) Department to provide an additional button on its tax-filing portal to allow filing of tax returns without Aadhaar number. 
 
The High Court also gave relief to two professionals, Shreya Sen and Jayshree Satpute, from quoting Aadhaar number for filing their income tax returns (ITRs). 
 
On a plea that they are not the only ones who are being forced to obtain Aadhaar number for filing tax return, the High Court directed the I-T Dept to put an optional button on its web portal for filing online tax returns without the Aadhaar number.
 
Separately, the Madras High Court also allowed nine petitioners to file their ITRs without quoting their Aadhaar or enrolment numbers. According to a report from Bar & Bench, the Division Bench of Justices MM Sundresh and Anand Venkatesh opined that an order allowing the filing of manual returns would not be prejudicial to the Income Tax (IT) authorities. The Court observed that if the Supreme Court decides to uphold the Constitutionality of Aadhaar, then the petitioners would have to file their ITR again by quoting Aadhaar.
 
The Court passed the interim order after hearing submissions made by Senior Advocate Arvind Datar, briefed by Advocate Rahul Unnikrishnan, for the petitioners. ASG G Rajagopalan made arguments for the state, the report says.
 
As per Section 139AA of the Income Tax Act, assessees are required to quote their Aadhaar Card number or the Aadhaar enrolment number when filing ITRs.
 
Here is the order passed by the Delhi High Court...
 
 
Like this story? Get our top stories by email.

User

COMMENTS

sumit khanduja

4 months ago

This high court orders should be welcome coz aadhar is violating article 21 of consitution. And how many politicians do have aadhar card?

Dindayal Maurya

4 months ago

The Powerful, Backmoney , Shell company holder are misusing the law in guise of confidentiality act.
Then what is the use of aadhar law why not the court dare and take full responsibilty of it consequences and Scrap it. Court is just paving way to protect the corrupt, blackmoney holder and money launderer.
.

SIVASANKARAN E M

4 months ago

The courts are m aking the life difficult for the lay Man while the powerful approach the courts to for the relief

NPCI ask banks to stop Aadhaar-based payments through UPI and IMPS
The National Payments Corporation of India (NPCI) has asked banks to discontinue Aadhar-based payments through the Unified Payments Interface (UPI) and Immediate Payment System (IMPS) channels. Pay to Aadhaar is an additional functionality in UPI and IMPS where the payer can transfer funds to the beneficiary using Aadhaar number. Separately, NPCI also asked banks to stop giving cashbacks on using Bharat Interface for Money (BHIM) to all users, except new ones. 
 
Quoting a 17 July 2018 circular issued by NPCI to banks, a report from Financial Express says (https://www.financialexpress.com/money/discontinue-aadhaar-based-payments-through-upi-and-imps-npci-tells-banks/1251410/), “Aadhaar number is a sensitive information and the revised framework about its usage in the payment landscape is still evolving. With this background, we proposed removal of ‘Pay to Aadhaar’ functionality in both UPI and IMPS before the steering committee (meeting held on 5 July 2018). The proposal of removing the Aadhaar number functionality was approved by the steering committee.”
 
From 31 August 2018, the 'Pay to Aadhaar' function would be removed from both UPI and IMPS. “All member banks should remove this functionality both as remitter and beneficiary. Also, all interfaces currently offering this functionality, such as UPI apps and third-party apps, should remove this option from their respective apps by 31 August 2018,” the circular from NPCI says.
 
The steering committee for UPI and IMPS has 18 bank and non-bank payment players. This includes State Bank of India (SBI), HDFC Bank, Citibank, Maharashtra Gramin Bank, One Mobikwik Systems and Paytm Payments Bank, among others. 
 
In a separate circular, NPCI has asked banks to restrict cashbacks on using BHIM to new users only. In addition, it has removed incentives for merchants accepting UPI payments from 1 July 2018. 
 
In April 2018, the government launched a scheme entailing cashbacks of up to Rs750 per month for users of BHIM app. Merchants who accepted payments through any UPI app were entitled to a maximum cashback of Rs1,000 per month. They were entitled to receive a cashback worth 10% of the value of each transaction, subject to a cap of Rs50 per transaction.
 
In a notification dated 17 July 2018, NPCI said that following a review of the incentive scheme, the Ministry for Electronics and Information Technology (MeitY) has decided to scale it back significantly, another report from the newspaper says
 
For IMPS, there are 364 members banks while for UPI, there are 101 banks registered with NPCI. There are 53.17 crore Aadhaar numbers mapped in the NPCI's Aadhaar based payment system.
 
An Aadhaar number becomes a financial address when an Aadhaar is “seeded” into a table called the “NPCI mapper” by anyone linking the Aadhaar to a bank account. This mapper is a directory of Aadhaar numbers and Institution Identification Number (IIN) numbers used for the purpose of routing transactions to the destination banks. The IIN is a unique 6-digit number issued by NPCI to any participating bank. 
 
If you or anyone else link your Aadhaar with another bank account, the NPCI mapper is overwritten with the new banks’ IIN. Money transferred to an Aadhaar number using the AEPS gets transferred to the bank account linked to the Aadhaar number at the branch recognised by the IIN.
 
This idea of a mapper, as used by NPCI’s AEPS, does not allow for instructions from sender about the account to deposit money, but relies on periodic update of IIN in the NPCI’s table mapping Aadhaar numbers from banks. This mapping is volatile because multiple banks periodically update the Aadhaar numbers linked with accounts held by them. Neither the banks, the NPCI nor you have control on where you would like your payments to go.  
 
According to Dr Anupam Saraph, a renowned expert in governance of complex systems, money launderers exploit this volatility to make money transfers untraceable. "A money launderer can transfer money to an account linked to an alternate IIN and then re-seed the NPCI’s mapper with the original IIN for the Aadhaar number, completely wiping out any trace of money to the alternate IIN. Like transactions of bearer shares in Panama, such money transfers becomes no different from a hawala transaction between real parties who remain anonymous or benami."
Like this story? Get our top stories by email.

User

COMMENTS

Hemant Chitale

4 months ago

What is NPCI doing about the mapper ? Does it maintain a history of updates to the mapper ? Does it allow multiple bank accounts with priority levels / monetary limits to be associated with the same Aadhaar number ?

We are listening!

Solve the equation and enter in the Captcha field.
  Loading...
Close

To continue


Please
Sign Up or Sign In
with

Email
Close

To continue


Please
Sign Up or Sign In
with

Email

BUY NOW

online financial advisory
Pathbreakers
Pathbreakers 1 & Pathbreakers 2 contain deep insights, unknown facts and captivating events in the life of 51 top achievers, in their own words.
online financia advisory
The Scam
24 Year Of The Scam: The Perennial Bestseller, reads like a Thriller!
Moneylife Online Magazine
Fiercely independent and pro-consumer information on personal finance
financial magazines online
Stockletters in 3 Flavours
Outstanding research that beats mutual funds year after year
financial magazines in india
MAS: Complete Online Financial Advisory
(Includes Moneylife Online Magazine)