Mera Aadhaar Meri Pehchan: But Leaked All Over the Internet!
Despite the Unique Identification Authority of India (UIDAI) shirking its responsibility for safety and security of Aadhaar data, the internet is full of such records. A simple search can reveal Aadhaar data of hundreds, if not thousands, of the UID holders. In fact, by using simple words like 'Mera Aadhaar meri pehchan filetype:pdf', we stumbled upon detailed profiles of people uploaded online by third parties or agents. 
 
 
One such site, on first page of the search results is StarCardsIndia.com, which seems to think that uploading entire application forms for obtaining permanent account number (PAN) of people in internet is 'smart' thing to do. This website is registered by one Krishna Chaitanya Mories for Desimobile Voice Labs Communications Pvt Ltd from Hyderabad, as per records from Who.is.The data uploaded in PDF format includes, Aadhaar number, mobile number, email ID, address and photo, along with other personal details of the applicants. 
 
 
Since Desimobile Voice Labs is registered in Hyderabad, we may think that it may be an agency helping people from that area to obtain PAN cards. However, the data we stumbled upon reveals that the applicants are from Bareilly, Darbhanga and Banda, mostly from Uttar Pradesh and Bihar. It is still fine, but why it needs to upload and publish all records of individuals in the public domain is not clear. 
 
 
Most shocking is a CancerCareTrust.org, which is found uploading all details of cancer patients like children and their parents online! 
 
 
One college from Mirajapur even uploaded all data including Aadhaar number, mobile numbers of its teachers. The college have also uploaded self-attested scanned copies of Aadhaar on its website.
 
  
Is there any solution to this? Some may even ask, if this was not the case before Aadhaar. Yes, there were few instances. However, those pre-Aadhaar leakages were not able to disable a person from the entire system. Aadhaar has the capability as the UIDIA itself had admitted about deactivating 81 lakh UID numbers. As per the provisions of Sections 27 and 28 of Aadhaar Act, a person's Aadhaar can be cancelled or deactivated if multiple Aadhaar have been issued, or there are discrepancies in the biometric data or supporting documents. But then who has verified or audited Aadhaar data collected by third parties, based on which UIDAI has been issuing the UID number? 
 
Earlier this week, French security expert who goes under the pseudonym 'Elliot Alderson' (@fs0c131y) had exposed vulnerabilities of Aadhaar and UIDAI and found almost 20,000 Aadhaar cards on the internet within three hours. The UIDAI, however, dismissed the claim in its usual fashion. (Read: 20,000 Aadhaar cards found within 3 hours by security expert; UIDAI dismisses report)
 
UIDAI, however, dismissed the claims. In its tweets, the authority said, "Publication of Aadhaar cards by some people have absolutely no bearing on UIDAI and not the least on Aadhaar security. Aadhaar as an identity document by its very nature needs to be shared openly with others as and when required and asked for. Aadhaar just like any other identity document, therefore, is never to be treated as a confidential document. Although Aadhaar has to be shared with others, it being a personal information like mobile number, bank account number, PAN card, passport, family details, etc, should be ordinarily protected to ensure privacy of the person."
  • Like this story? Get our top stories by email.

    User

    COMMENTS

    Pandit Akshay Tiwari

    10 months ago

    12345

    Nitish Kumar

    1 year ago

    Que puis-je faire quand je commence ma carrière ou qu'est-ce que c'est?

    MUKUND PHADKE

    1 year ago

    For last two months trying for Aadhar link mobile portability from mtnl to Vodafone, so I am without Aadhar linked mobile. Now if someone misuses , it is fault of system.

    Raghunadha Rao K

    1 year ago

    Inspite of several objections adamant penchant for promoting aadhar is going on.we
    do not know what the real obective is.Students for exams,patients in hospitals even in
    graveyards the aadhar is asked.while looters from PNB could go scot free with aadhar
    in system the insistence on unsafe exercize isuseless

    Ramesh I

    2 years ago

    It is such blatant misuse / abuse of information by third parties (and even Govt Depts / websites) which makes one vulnerable to exploitation by crooks and is a violation of one's fundamental right to privacy. As the SC originally stated in its Oct'15 interim order that Aadhar should be made mandatory only for a select few govt welfare scheme. Yet, the erstwhile UPA Govt and subsequently the NDA Govt has brazenly violated that SC order and forced people to share their Aadhar in various areas which are not remotely related to 'welfare'. I wish the SC had been more proactive and instructed the Govt to stop making Aadhar necessary for frivolous reasons like linking to mobile connections, Bank A/cs (which are anyway seeded with PAN No., and PAN is linked to Aadhar). Of late, even local cable TV distributor has been demanding copy of Aadhar Card for new subscriptions, and one wonders who else he may be sharing such info with. There are already cases of multiple mobile connections having been taken on one's Aadhar No. even in cities one has never visited, so this illegal sharing of citizens' Aadhar Card is rampant and neither the Govt nor UIDAI has cared to address this. Nothing much has happened even after the recent expose by Tribune journos who obtained tons of Aadhar info by paying a mere Rs 500 to some agency/person who had unrestricted access to the entire Aadhar Database of over a billion people. Aadhar Project was poorly planned and worse, poorly executed in haste, as it probably serves some sinister purpose for politicians to exploit. Else, no new govt would pursue such a project of previous govt if it didn't have 'hidden' benefits.

    Ravindra Prabhakar Joshi

    2 years ago

    There are so many places where we have to give our personal details. And we do share them without much fuss. Integrating Bank accounts/ PAN and mobile number is a must to avoid misuse, frauds and also terrorism. What if we had only one number from the beginning? We would not have objected. It is better remove the flaws in the system instead of the system itself.

    GLN Prasad

    2 years ago

    There may be more shocks in future. To day a consumer of HP gas learnt that the Gas subsidy not being credited to his bank account seeded with AADHAR with distributor, but some one created an account and without knowledge, consent the subsidy is being credited to unknown account. Neither Gas distributor,company nor consumer knows which bank account and how it can be credited without cancelling the previous and without knowledge of actual consumer. Every one says "we do'nt know". Distributor provided just a bank name (not branch, not account number) washed his hands off. No reply from GAS PSU except ritual directions to distributor to look into the matter. The consumer a low paid security guard is knocking each door to get the subsidy to account. Finally, with lot of efforts it was learnt that one bank created an account without any forms , opened the account, and subsidy is being credited in that dummy fake account in the name of consumer. That means every one can enter and make any modifications in AADHAR seeding without knowledge of concerned parties. PSU Gas company says they do not know how it can be avoided.

    Sanujit Ghose

    2 years ago

    I got into IAS in 1964 and by turn of the postings I arrives in the govt of India in 1972. I was one of the few who got the Aadhar card soon thereafter in early I970s. Ration card, driving licence, passport everything I got without any reference to the Aadhar card. Suddenly, a legislation appeared and got passed in the Parliament. Right from the cradle to the burning ghat, Aadhar is a must. Every govt agency is unwilling to accept the legality of personal identity in a court for a legal matter. Yet for getting the ration weekly, gas cylinder etc Aadhar is daily required otherwise the very livelihood is denied! Neither the issuing company nor any govt department is the authorized department for the legality of a card holder!

    Gurudutt Mundkur

    2 years ago

    With the Supreme Court postponing the deadline, we need to get to know the percentage of AADHAAR numbers which have leaked. This figure should be then be given to the SC.
    Also, the Govt should produce documents how many illegal registrations under various schemes have been detected. Parliamentarians and the public should be informed of these figures.

    SuchindranathAiyerS

    2 years ago

    Ever since I linked my Aadhar to my Airtel mobile, I have been getting unwanted calls from scamsters, particularly stock exhangists, and others.

    REPLY

    Mrinal Thakkar

    In Reply to SuchindranathAiyerS 2 years ago

    when you were linking , you gave them permission (i gave consent too , but out of force and not choice) to share your details with Airtel , UIDAI and all of airtel's partners (i got to know this when i called on 14546 to link my uncle's aadhar because his fingerprint wouldnt match)

    i am sure all other companies are doing the same "legally".

    unfortunately no escape from it

    SC extends Aadhaar linking deadline till disposal of the matter
    The Supreme Court on Tuesday extended the deadline to link Aadhaar to various things, including bank accounts and mobile numbers till the disposal of the matter. 
     
    The five-judge Bench hearing the Aadhaar cases, passed an interim order directing that the order passed on earlier occasion stands extended till the disposal of the matter. Further, this extension would also cover the issue of passports. 
     
     
    The extension, which was denied last week, came about quite accidentally. Senior Counsel Arvind Datar made a submission on Aadhaar being mandatory for obtaining tatkal passport. Requesting the Bench to consider extension of deadlines to link Aadhaar, Mr Datar said, "Making Aadhaar mandatory for tatkal passport is in violation of SC order."
     
    Responding to this, Attorney General KK Venugopal said, "There are other IDs like water bill, electricity bill, which can be used. Aadhaar is only for expediting the procedure. In case of passport under tatkal scheme, Aadhaar is required for out of turn consideration to expedite the process. And we are strictly following orders of the SC."
     
    There was some dispute regarding producing Aadhaar enrolment number in case of non-production of Aadhaar number for tatkal passport. Mr Datar then read out the order passed by the apex court on 15 December 2017.
     
    Chief Justice Dipak Misra then clarified that the deadline had been extended covering all the fields.
     
    AG Venugopal requested the Bench that the extension of deadlines should not affect Section 7 of the Aadhaar Act related with subsidies. 
     
    However, the Supreme Court passed an interim order extending the deadline to link Aadhaar till the matter is disposed off. This means, the 31 March 2018 deadline is not valid if there is no judgement passed by the Court till that time.
     
    The extension of deadline, however does not apply to the benefits, subsidies and services under Section 7 of the Aadhaar Act.

    The order passed by the apex court says...
    "We direct that the interim order passed on 15 December 2017 shall stand extended till the matter is finally heard and the judgment is pronounced. That apart, the directions issued in the interim order shall apply as stated in paragraphs 11 to 13 in the said order. For the sake of clarity, we reproduce the said paragraphs, which read as under:-
    11. In terms of (iii) above, subject to the submission of the details in regard to the filing of an application for an Aadhaar card and the furnishing of the application number to the account opening bank, we likewise extend the last
    date for the completion of the process of Aadhaar linking of new bank accounts to 31 March 2018.
    12. In terms of (iv) above we extend the date for the completion of the E-KYC process in respect of mobile phone subscribers until 31 March 2018.
    13. Consistent with the above directions, we also direct that the extension of the last date for Aadhar linkage to 31 March 2018 shall apply, besides the schemes of the Ministries/ Departments of the Union government to all state governments in similar terms. As a consequence of the extension of the deadline to 31 March 2018, it is ordered accordingly.

    It is also directed that the same shall also control and govern the Passports (1st Amendment) Rules, 2018."
     
    Earlier during the day, Congress leader and Senior counsel P Chidambaram, appearing for his party colleague Jairam Ramesh challenged the Aadhaar Act on the ground that it was incorrectly certified as a Money Bill. He stated that the Aadhaar Act as passed by the Lok Sabha is primarily a Bill for creation of Unique Identification Authority of India (UIDAI) and entirety cannot be said to be a money bill as contended by the government.

    Contending that when the Aadhaar Bill was introduced or certified, it was not a money bill, Mr Chidambaram said, "If this (Aadhaar) Bill can go through as a Money Bill, potentially any Bill can slip through in the guise of a Money Bill.  It sets a very dangerous precedent. Money bill is an extremely narrow subset of financial bill. This (Aadhaar) bill goes far beyond the intended purpose of delivery of subsidies."

    "There is only one Bill and if that Bill is not a money bill, the whole (Aadhaar) Act has to go. Any Bill incorrectly passed as a Money Bill strikes at the root of one of the basic features of the Constitution, the federalism. Rajya Sabha, which is bypassed for the Aadhaar Act is the council of the States," Mr Chidambaram said.

    Senior Advocate KV Vishwanathan contended how Section 7 of the Aadhaar Act talks about exclusion and thus is consequently unconstitutional. He said, "How it cannot be upheld on a promise made by the Union that the provision will be reasonably administered.

    The hearing will continue on Wednesday.

    (Based on live tweets of public-spirited Prasanna S (@prasanna_s) and @SFLC.in)
  • Like this story? Get our top stories by email.

    User

    COMMENTS

    vishnu yadav

    5 months ago

    [email protected] com

    Manash Pradhan

    1 year ago

    Yeh kya kaise hai

    Digital Roy Academy

    1 year ago

    When these people will understand. It should be stopped all further Aadhar linkages till the issue is resolved.

    Amit Gupta

    2 years ago

    What about ppl who submitted the details....SC should tell that the data be destroyed.

    REPLY

    Ralph Rau

    In Reply to Amit Gupta 2 years ago

    Agree. If UK could destroy the National ID database then why not India.

    Saying that Government has spent 20,000 crore on Adhaar is not a good reason to continue. Much more money has been lost on PNB and other scams.

    Ramesh I

    2 years ago

    I wish the SC had done this when the very first PIL was filed challenging the validity of Aadhar and some highlighting how the Govt had violated the SC's order of Oct'15 which limited Aadhar usage to a select few Govt welfare schemes. While we have often seen 'judicial activism' in recent times, this one is a clear case of 'judicial inactivism' or apathy, when it could have clearly taken suo motu action when its own order was violated brazenly by the Govt. While the Political Executive's apathy has ruined the country, the SC's silence and inaction when it's most required, reflects its insensitivity towards public interest and order, particularly in such cases which affect lives of almost the entire 1.3 billion Indians. In fact, the SC ought to have taken up this matter and tried it expeditiously, so that the general public is not put to untold hardships by a delinquent Govt for years.

    SuchindranathAiyerS

    2 years ago

    Finally, the Supreme Court steps in to stop the crazy, ad hoc whimsies of the Modi BJP Sarkar:

    Dayananda Kamath

    2 years ago

    What action court is going to take against all those authorities who are coercing linking of Aadhaar. Unless action is taken this will continue one of the brokerage bonanzaportfolio reduced to update my email for refusing toLink aadhar

    V Ramesh

    2 years ago

    1)Why does it so long for the court to decide on such an important matter?
    2) They should stop all further Aadhar enrollments/linkages till the issue is resolved.

    Pratap kumar Panda

    2 years ago

    Still confused about Aadhaar linkages....

    SUMIT NAHATA

    2 years ago

    So are the MF and Demat accounts exempted as well??

    20,000 Aadhaar cards found within 3 hours by security expert; UIDAI dismisses report
    Once again, French security expert who goes under the pseudonym 'Elliot Alderson' (@fs0c131y) has exposed vulnerabilities of Aadhaar and Unique Identification Authority of India (UIDAI). He says he found almost 20,000 Aadhaar cards on the internet within three hours. The UIDAI, however, dismissed the claim in its usual fashion.
     
    Making fun of UIDAI's security claims on Aadhaar, Alderson, in a series of tweets, says he found over 20,000 Aadhaar cards publicly available on the internet. 
     
     
     
    UIDAI, however, dismissed the claims. In its tweets, it said, "Publication of Aadhaar cards by some people have absolutely no bearing on UIDAI and not the least on Aadhaar security. Aadhaar as an identity document by its very nature needs to be shared openly with others as and when required and asked for. Aadhaar just like any other identity document, therefore, is never to be treated as a confidential document. Although Aadhaar has to be shared with others, it being a personal information like mobile number, bank account number,  PAN card, passport, family details, etc, should be ordinarily protected to ensure privacy of the person."
     
     
    In an open threat for such exposes, UIDAI says, "If anybody unauthorizedly publishes someone’s personal information such as Aadhaar card, passport, mobile number, bank account number, his photograph, he can be sued for civil damages by the person whose privacy right is infringed." 
      
    Labelling the response from UIDAI as 'bad signal, Alderson says, " Instead of making disinformation @UIDAI, please discuss with me. Your threats are useless and I will continue my work. So please stop denying and let’s fix things together."
     
     
    Earlier, Alderson, in a series of relentless tweets had pointed out how UIDAI and Khosla Labs, a licensed Authentication User Agency (AUA), were risking privacy and security of crores of Aadhaar holders. (Read: Aadhaar Mess: How UIDAI continues to goof up on its own mobile apps)
  • Like this story? Get our top stories by email.

    User

    COMMENTS

    Pratap kumar Panda

    2 years ago

    This is an irresponsible tweet by UIADAI telling that if a person's details of AADHAAR is misused or mishandled by anybody,then he can be sued on the pretext that privacy is infringed.How far is it practicable,the privacy of an Indian is infringed everywhere....

    Ramesh I

    2 years ago

    Considering such data breaches and other cases of misuse Aadhar by public and private entities, I can't for the life of me understand why the Supreme Court hasn't barred the Govt from making Aadhar linking mandatory, esp. when the person doesn't want to avail of any govt welfare scheme. Govt claims of Aadhar weeding out fake/undeserving beneficiaries of welfare schemes is total BS, as millions of illegal immigrants from Bangladesh and Myanmar have settled in India over the years and procured Aadhar with fake/forged documents, making them eligible for govt welfare schemes, despite not being citizens of India. This alone should have made our 'honorable' Supreme Court take prompt suo motu action and instructed Govt of India to stall further enrolments or atleast stop making Aadhar mandatory for non-welfare related things like linking with mobile phone a/cs, etc. Several terrorists in J&K or elsewhere have been caught with fake Aadhar cards, and also merrily use mobile services, so Govt has no case in forcing people to link their Aadhar with such services. To me this is both a case of overenthusiasm of the Political Executive and judicial apathy.

    c babu challa

    2 years ago

    Hope the supreme court gives a stay on the aadhar linking immediately. MLF should immediately work on this for the benefit of the citizens. otherwise all the efforts of MLF will be fruitless.

    Amitabha Bhattacharjee

    2 years ago

    Justice is blind

    V Ramesh

    2 years ago

    When did we ever a see the government or its agencies admit that there is a problem?

    We are listening!

    Solve the equation and enter in the Captcha field.
      Loading...
    Close

    To continue


    Please
    Sign Up or Sign In
    with

    Email
    Close

    To continue


    Please
    Sign Up or Sign In
    with

    Email

    BUY NOW

    online financial advisory
    Pathbreakers
    Pathbreakers 1 & Pathbreakers 2 contain deep insights, unknown facts and captivating events in the life of 51 top achievers, in their own words.
    online financia advisory
    The Scam
    24 Year Of The Scam: The Perennial Bestseller, reads like a Thriller!
    Moneylife Online Magazine
    Fiercely independent and pro-consumer information on personal finance
    financial magazines online
    Stockletters in 3 Flavours
    Outstanding research that beats mutual funds year after year
    financial magazines in india
    MAS: Complete Online Financial Advisory
    (Includes Moneylife Online Magazine)