Stolen Aadhaar data may have been used to remove voters from electoral roll: Report

tech2 News Staff
The Aadhaar and Other Laws (Amendment) Bill, 2019 will be introduced in the ensuing session of Parliament, beginning June 17.

Last week, IT Grids, a company hired by the Telugu Desam Party (TDP) for developing its Seva Mitra app, was found to be allegedly storing data of 7.82 crore Indians from Andhra Pradesh and Telangana, and another 2 crores from Punjab. Later investigation found that the structure and size of the database held by IT Grids was similar to what was owned by the Unique Identification Authority of India (UIDAI). In effect, it was yet another case of Aadhaar data breach.

Now as the investigation has been furthered, it has been found that this stolen data was allegedly being used to try and remove voters from electoral rolls, according to a report by Huffington Post. The publication spoke to IG Stephen Raveendra, who is heading the Special Investigating Team (SIT) for this case. He also revealed that when studying the origin of data they found that some parts of it could have only come from UIDAI's database.

"We are forensically examining the hard drives to trace where the data came from. But there are several columns of data that are an exact replica of the format used in the SRDH and CIDR," the publication quotes him as saying.

To put things in perspective, CIDR is the database that holds the demographic and biometric data of Aadhaar users. SRDH were state-level replicas of the CIDR pertaining to that state, for the "ability to manage resident data."

On 12 April, UIDAI filed a complaint in the Madhapur police station citing the findings of the special investigation team (SIT) that discovered this data. The case was registered under sections 37, 38(a), 38(b), 38(g), 40, 42, 44 of the Aadhaar Act 2016 and will be investigated by the SIT.

The State Resident Data Hubs (SRDH) have been a matter of concern since their inception. SRDH contain Aadhaar data, including demographic and biometric data, as well as local data from other sources, such as Kerala's KYR+. And security experts have expressed that these data hubs are vulnerable to attacks.

UIDAI officials claim that the core Aadhaar biometric data stored in the CIDR is never shared with anyone. It also repeated the oft-heard come-back, that the biometric data hasn't been affected.

The police suspect that IT Grids could have illegally obtained this Aadhaar data and misused it. The mere fact that this data was taken on a removable storage drive is in itself a violation of the Aadhaar Act according to the police.

Also See: IT Grids Aadhaar data leak: Case transferred to special investigation team by Telangana government

Aadhaar data leak: Details of 7.82 cr Indians from AP and Telangana found on IT Grids' database

BJP MLA Ramesh Katara tells people in Dahod that Narendra Modi has installed CCTV cameras in polling booths, will record their vote

Read more on News & Analysis by Firstpost.