Saturday, October 24, 2020
Home News Reports Beyond outrage - What's the Tribune Aadhaar hack and consequent FIR is all about

Beyond outrage – What’s the Tribune Aadhaar hack and consequent FIR is all about

On 4th Jan, The Tribune published a story titled “Rs 500, 10 minutes, and you have access to billion Aadhaar details”. The story claimed that you can “purchase” a “service” being offered by anonymous sellers over WhatsApp that provides unrestricted access to all details of every Aadhaar number generated in India so far.

This is how it worked: the journalist anonymously contacted an Aadhaar agent who installed a software on her computer using “Team Viewer”, a remote desktop software. The journalist also received an username and password on her mail. And bingo, she had access to “all Aadhaar details”.

If true, this is a very serious security flaw. This should be brought to the authorities notice as soon as possible to fix the lapses before the data ends up in wrong hands. Also, the report suggests that the journalist was able to access the Aadhaar data using credentials generated specifically for her. Now this is pretty embarrassing.

Sensitive data should always be protected using multiple layers of security and not just a user id and password. This is a standard practice in banks where apart from the credentials, an employee has to punch his fingerprint to log in into the core banking system. What this means is, even if you get an SBI employee’s credentials and get access to SBI’s intranet, you still can’t log into the system unless you are an employee of SBI authorized to use the system you are trying to log into.

Systems that deal with sensitive data are always authenticated through multiple layers to ensure no foul play. To think that something like Aadhaar data, where security is being questioned day in and day out, will leave the security perimeter for the agents to just an user id and password. This is some serious lackadaisical approach from the authorities towards privacy & data security.

However, some of the claims of the news report is questionable. For example, the report then claims that, using this security vulnerability, one can get a SIM on someone else’s name or withdraw money from someone else’s account. Both these require biometrics and as per UIDAI claims, biometrics data was not breached, though it agrees that some details (non biometric) may have been exposed, which is a security flaw nonetheless.

UIDAI press note on the said security breach

UIDAI maintains that this is a case of “misuse” of the grievance redressal search facility provided to some designated personnels. Subsequently, on 4th Jan, UIDAI registered an FIR with cyber cell, Delhi Police in this matter, under Aadhaar act [pdf] 36 and 37 and other IPC sections which names Unknowns, Anil Kumar & Sunil Kumar (the people who installed the app on the journalist’s machine and gave her access privileges), Rachana Khaira (the journalist who installed the “app” and allegedly accessed UIDAI details) and Tribune newspaper. As law bound, UIDAI has disclosed all the details of the case that is known to it in the FIR. The FIR names everyone in the chain of events leading to commission of the crime.

Section 36 and 37 of the Aadhaar act

Everyone, who thinks this is an attack on press freedom, here are few submissions.

  • Some quarters in the press maintain that the people are actually whistleblowers who exposed the vulnerabilities in the system. However, Sunil Kumar and Anil Kumar (assumed names I believe) are not whistleblowers. They are authorised agents by UIADI, who have misused their access privileges to allow access to a 3rd party for exchange of money. This is not whistleblowing, this is rather monetising the known vulnerability of the system to their own benefit, without bringing it to authorities notice. Even if we consider them whistleblowers, there could be others like them (referred to as the ‘Unknowns’ in the FIR, I will presume) doing the same, whose actions need to be investigated to find out and address any misuse of data.
  • A reading of above mentioned sections of Aadhaar act clearly establishes that a crime has been committed. UIDAI neither has investigating nor prosecution power. The natural course of action demands an investigation for which FIR is the first step in the process. For the investigating agency to conduct a free and fair investigation, it is imperative for them to know the full details of the case. Hence, the FIR had to name all of them. Whether everyone is actually charged or not will be decided by the investigating team while filing chargesheet. However, a proper enquiry demands the journalist and her team to be questioned to understand the modus operandi and chain of events. Do the journalist fraternity expect UIDAI to partially report the crime so that a fellow journalist is not named? Won’t that jeopardise the investigation? As UIDAI rightly points out, if someone is named in the FIR, it doesn’t necessarily mean he is guilty or is being targeted. That will be decided only after police investigations are over.
  • At times, to unearth scams or expose vulnerabilities, occasionally law has to be bypassed. Sting operations where journalist try to offer bribe to govt officials are an example. Though bribing a govt official is a crime under PCA, this is done in larger public interest to expose the malaise. However, who gets to decide whether the wrong you committed to bring out the “bigger wrong” is actually in public interest? The honourable Supreme Court in Rajat Prasad vs C.B.I case makes it clear that, a crime does not stand obliterated or extinguished merely because its commission is claimed to be in public interest. It will depend on the facts and circumstance of the case. So, let the court decide on the public interest part.

SC judgement on Sting operation and criminality

While we all want the Aadhaar system to be foolproof, we also need people to be punished for misusing their privileges and violating Aadhaar act. So, before making a hue and cry about journalistic freedom being trampled, please go through the merits of the case and understand the intention of filing the FIR. Union Minister for Information Technology Ravi Shankar Prasad and UIDAI too have clarified that the FIR is not about prosecuting the journalist or the newspaper but to seek their assistance in nabbing real culprits.

We all want a foolproof resilient system and at the same time we also want the culprits to be brought to the book. One would expect the newspaper to cooperate with the authorities to nab the culprits and tighten the loose screws. That will be some public service, a cause you dedicate yourself to.

  Support Us  

Whether NDTV or 'The Wire', they never have to worry about funds. In name of saving democracy, they get money from various sources. We need your support to fight them. Please contribute whatever you can afford

Related Articles

Trending now

Farooq Abdullah, Mehbooba Mufti, Sajjad Lone come together to form ‘Gupkar Alliance’, vow to restore articles 370, 35A and statehood in Jammu & Kashmir

The in the Gupkar alliance seeks restoration of Articles 370 and 35A and also the statehood for Jammu and Kashmir

PM Narendra Modi inaugurates three key projects in Gujarat, calls it a symbol of strength, devotion and health

PM Narendra Modi virtually inaugurated three development projects related to agriculture, tourism and health in Gujarat today

Alt News selectively cites coronavirus statistics to criticise PM Modi alleging he used selective data

Alt News published an article alleging that PM Modi selectively cited coronavirus numbers to give a rosy picture of country’s fight against the pandemic

Arvind Kejriwal remains non-committal on making coronavirus vaccine free in Delhi

The reluctance of Arvind Kejriwal to clearly state the policy of his government on coronavirus vaccine in Delhi is puzzling.

‘Encounter specialist’ cop facing murder charges and reinstated by Param Bir Singh had joined Shiv Sena

Sachin Vaze, Pradeep Sharma, who were both 'encounter specialist' cops facing murder charges, were close to Mumbai CP Param Bir Singh

Radio Mirchi RJ finds space with radical preacher Zakir Naik as she waters down terms like ‘Kafir’ and ‘Jihad’

A video featuring Radio Mirchi RJ Sayema is doing rounds on the internet in which she was seen normalising anti-Hindu bigotry by legitimising the usage of radical Islamic terms as 'Kafir' and 'Jihad'.

Recently Popular

‘He supplies drugs and girls’: Estranged wife of Mahesh Bhatt’s nephew Luviena Lodh alleges harassment by nephew-uncle duo

Luviena Lodh said that Mahesh Bhatt is the don of the industry, and he controls everything that goes on in the film industry

Exclusive: Conversation that shows how Mumbai Police is trying to coerce witness into naming Republic TV in TRP scam

While Hansa Research report and the FIR filed named India Today in TRP scam, in less than 24 hours, Mumbai Police had seemingly made up its mind that Republic TV was the culprit

France: Charlie Hebdo cartoons projected on government building to express solidarity with deceased teacher who was beheaded by Islamic terrorist

Days after the barbaric beheading of teacher Samuel Paty on the streets of Paris by a terrorist for showing the cartoons of Prophet Mohammad to his students, support continues to pour in for the deceased teacher.

‘Jism ki garmi’: How Hindi film industry disregarded consent and normalised rape and molestation over the years

The Hindi film industry has, knowingly or unknowingly, convinced a generation of people that rape is normal when done in light of 'greater good'.

Lucknow: Jama Mazar caretaker ‘Kale Baba’ caught running sex racket, video goes viral

The caretaker has allegedly confessed to police that he was sexually exploiting women and engaging them in illicit activities in the name of curing infertility and other ailments.

Complaints filed against Eros Now and Arré for vulgar social media posts related to Navratri

Both Eros Now and Arre had published social media posts linking Navratri festival with sex and vulgarity
- Advertisement -

Farooq Abdullah, Mehbooba Mufti, Sajjad Lone come together to form ‘Gupkar Alliance’, vow to restore articles 370, 35A and statehood in Jammu & Kashmir

The in the Gupkar alliance seeks restoration of Articles 370 and 35A and also the statehood for Jammu and Kashmir

PM Narendra Modi inaugurates three key projects in Gujarat, calls it a symbol of strength, devotion and health

PM Narendra Modi virtually inaugurated three development projects related to agriculture, tourism and health in Gujarat today

Times of India hides identity of Dilbar Qureshi who posed as a Hindu man and kidnapped a minor Hindu girl in Delhi Love Jihad...

The Times of India report merely says that a 13-year old girl was kidnapped by a 25-year old man, hiding his identity completely

Alt News selectively cites coronavirus statistics to criticise PM Modi alleging he used selective data

Alt News published an article alleging that PM Modi selectively cited coronavirus numbers to give a rosy picture of country’s fight against the pandemic

Arvind Kejriwal remains non-committal on making coronavirus vaccine free in Delhi

The reluctance of Arvind Kejriwal to clearly state the policy of his government on coronavirus vaccine in Delhi is puzzling.

Mumbai: Body of missing Coronavirus patient recovered after 14 days from the hospital bathroom

The TB+Coronavirus patient had gone missing om October 4, but his body was recovered 14 days later on 18th inside a toilet in the hospital

Wife of UP police DIG who is member of the SIT formed in relation to Hathras case dies by suicide

Pushpa Prakash reportedly killed herself by hanging. The reason of suicide is not yet known.

Finance ministry issues guidelines for interest waiver scheme during the lockdown period- Read details

The govt will pay the difference between simple and compound interest from March to August under compound interest waiver scheme

‘Encounter specialist’ cop facing murder charges and reinstated by Param Bir Singh had joined Shiv Sena

Sachin Vaze, Pradeep Sharma, who were both 'encounter specialist' cops facing murder charges, were close to Mumbai CP Param Bir Singh

US Presidential elections: YouTube overwhelmed with political ads, sees a shortage of advertising space

YouTube has received so many ads for the US presidential elections in the same states that it can't find enough space to place them

Connect with us

245,563FansLike
467,761FollowersFollow
19,100SubscribersSubscribe