The UIDAI jumped into the debate following a full-blown war of words on Twitter between Trai Chairman RS Sharma and some users over the potential of Aadhaar number being misused.
The Telecom Regulatory Authority of India (Trai) chairman yesterday shared his Aadhaar number publicly, challenging anyone to show how mere knowledge of the number can be misused to harm him. The move had triggered a tsunami of tweets with the Twitterati claiming to disclose Sharma’s personal details – from PAN to a mobile number.
In a statement today, the UIDAI said: “…any information published on Twitter about the said individual…RS Sharma was not fetched from Aadhaar database or UIDAI’s servers.
“In fact, this so-called ‘hacked’ information (about Sharma’s personal details such as his address, date of birth, photo, mobile number, e-mail, etc.) was already available in the public domain as he is a public servant for decades and was easily available on Google and various other sites by a simple search without Aadhaar number.”
Rubbishing all claims that personal details of Sharma were dug up using his Aadhaar number, the Unique Identification Authority of India (UIDAI) said it “condemns such malicious attempts by few individuals to malign the world’s largest unique identity project – Aadhaar”.
Many users had claimed that they got Sharma’s personal details “by hacking Aadhaar database”, but added such a claim was “farce” and that no such information about Sharma has been fetched from either it severs or Aadhaar database. The Aadhaar database is safe, the UIDAI added.
“This is merely cheap publicity by these unscrupulous elements who try to attract attention by creating such fake news,” it alleged.
Anyone can google or tap other sources and find out Sharma’s personal details without Aadhaar, UIDAI said, pointing out that the Trai chief mobile number is available on NIC website as he was, at one point, the IT Secretary.
Similarly, other details like date of birth are available in the civil list of IAS officers kept in public domain, while his address is on Trai website given his current role. The email id may be available in public domain too, it added.
“They clubbed all these inputs and claimed that they have managed to breach Aadhaar database and got his personal details, which is completely false,” the statement said.
The UIDAI said that given the connected digital world, various search engines such as Google, can throw up personal data “without Aadhaar” and a profile can be made.
“It is reiterated that in this case…no data has been fetched using his Aadhaar number from UIDAI’s servers or Aadhaar database. One could have just googled his name (without Aadhaar number), visited a few other websites and got most of the details which are being shown on Twitter,” UIDAI added.
The Aadhaar issuing body argued that people usually give PAN or mobile number at many places, and noted: “Someone can pick other personal data from different websites as he gets to know his PAN/mobile number”.
The issue of not about Aadhaar, PAN or mobile number, the UIDAI said, adding that this is a challenge of emerging digital world and personal data protection, which have been sought to be addressed in the recommendations submitted by the Justice Srikrishna committee.
Interestingly, the Justice Srikrishna committee came out with its report on data protection last week where it mooted changes in Aadhaar Act and proposed new safeguards to protect information of Aadhaar holders.
Justice Srikrishna panel on data protection has recommended that Aadhaar Act is amended “significantly” to bolster privacy safeguards and mooted that only public authorities discharging public functions approved by the UIDAI or entities mandated by the law be given the right to request for identity authentication.