Aadhaar data leak: Edward Snowden backs India reporter over expose
published on The BBC, on January 9, 2018
US whistleblower Edward Snowden has tweeted in support of an Indian journalist being investigated by police for a report on the controversial Aadhaar biometric identity scheme.
He said that Rachna Khaira, who said she was able to buy citizens’ personal details for just 500 rupees ($8; £6), deserved an award.
Identification authorities say she committed a “criminal offence” by accessing the Aadhaar database.
The case has angered many Indians.
The editor of The Tribune newspaper, which employs Ms Khaira, defended the report, saying it had been published “in response to a very genuine concern among the citizens on a matter of great public interest”.
The newspaper would explore all legal options in the case, Harish Khare added.
The Editor’s Guild of India also issued a statement expressing its “deep concern” over what it called an “unfair, unjustified and a direct attack on the freedom of the press”.
Other media outlets have also taken up the story.
The Unique Identification Authority of India (UIDAI) police complaint named Ms Khaira, along with “agents” she said had offered her access to the database. It said that all of them had violated India’s privacy laws and demanded police action against them.
Mr Snowden said Ms Khaira should be lauded for her reporting instead of being investigated.
His is the latest show of support for the journalist on social media.
In the Tribune’s investigative report, Ms Khaira said that once she paid an “agent”, she was given a username and password that allowed her to enter any Aadhaar number into the UIDAI website and get access to user information including names, addresses, photos, phone numbers and email addresses.
Paying a further 300 rupees, she added, yielded “software” that allowed her to print out any Aadhaar card for which she had the number.
The UIDAI said the breach appeared to be exploit a scheme that allowed Aadhaar agents to rectify errors in user information such as outdated addresses or the inaccurate spelling of a person’s name.
However, it added that agents could not access people’s biometric details and stressed that these remained safe.
Aadhaar started out as a voluntary programme to help tackle benefit fraud, but was made mandatory last year for those accessing welfare schemes.
Critics have repeatedly warned that the system puts personal information at risk.
The government has always insisted that the biometric data is “safe and secure in encrypted form”, and anybody found guilty of leaking data can be jailed and fined.
A case challenging the mandatory linking of a person’s Aadhaar number to bank accounts and welfare schemes is pending before the Supreme Court.