Aadhar Data Breach

Introduction

An Aadhaar card is a 12-digit identification number that serves as proof of address and identity for Indian residents. The Unique Identification Authority of India (UIDAI) issues Aadhaar cards to all Indian residents, and they are valid for life.

Anyone who is an Indian resident can voluntarily enroll for an Aadhaar card at no cost. The enrollment process involves providing some demographic and biometric information, and are linked to an individual's biometrics to prevent duplicate numbers. They can be used for a variety of services, including: Banking, Mobile phone connections, Ration cards, Passports, and other government and non-government services.

Last year, literally hundreds of millions of people’s secret and sensitive information were exposed, oversimplified, and collected into various lists from the dark web to be sold. Sustained acts of cybercrime and poor security measures once again resulted in significant violations of privacy in 2018. The biggest, according to two studies, was the Aadhaar data breach in India.

The World Economic Forum's (WEF) Global Risks Report 2019 adds that the largest data breach was realized in India where the government ID database- Aadhaar-was reported to have been breached multiple times with records of all the 1.1 billion registered citizens being compromised. The database was being sold by criminals for Rs500 for ten minutes in January that year while in March(2018), a state-owned utility company (INDANE) leaked information and anyone could download names and identification number.

Understanding Aadhaar Data Breach

In the present world with so much emphasis on relaying information through technology, privacy or security of information is of great importance. The Aadhaar system, operated by the Unique Identification Authority of India (UIDAI), is one of the biggest biometric databases of the world. Aadhaar was incorporated to give an identity to every citizen of India, which comprises personal, biometric, as well as demographic attributes. However, in the good pursuit of large data storage and analysis, great risks emerge, and Aadhaar is no exception to data security breaches.

Major Incidents and Allegations

• Exposed Data via Government Portals: Some concerns arose about Personal Identity Information through Aadhaar being published on some government-based Websites. Even though UIDAI stated that biometric data was not leaked in such cases it only shows the vulnerabilities in the data sharing model.
• Unauthorized Access by Third Parties: Audits also showed examples where various outsiders were inside the Aadhaar ambit and had been collecting the 12-digit unique identification number along with other related information, which at times was sold.
• Journalistic Exposes: Various investigations pointed these weaknesses, among them, it was claimed that one could acquire the Aadhaar data for a token fee. These events served to illustrate how effective monitoring processes should be maintained.

Legal and Ethical Concer

Aadhaar is functioning under the provisions of the Aadhaar Act, 2016 which defines the manner in which data has to be protected and used. The right to privacy was declared a fundamental right by the Supreme Court in Aadhaar case in 2018, and use the Aadhaar while limiting it only to certain services. In this regard, important as these legal frameworks maybe, enforcement and accountability remain major issues. The ethical implications are as follows too. People provide their data to enmer with the assumption that security measures shall be applied intensively.

Steps Taken by UIDAI

• Virtual IDs: Intended to be used as a veil over the actual Aadhaar numbers to make the process of transactions more secure.
• Biometric Locking: Ensures that people across the globe can put a lock on their biometric information to discourage its misuse.
• Stronger Authentication Mechanisms: It has been encouraged to minimize such openings by the deployment of multi-factor authentication.
• Penal Measures: Severe penalties on unauthorised access and use have been provided under Aadhaar Act.

Moving Forward:- Strengthening the Framework

Despite the measures put in place being appreciable, the cyber risks are ever evolving thus the need to keep adapting. Here are some recommendations:

• Regular Security Audits: Inadequate internal control policies can be inspected and repaired through audits performed by independent third parties, on a recurring basis.
• Awareness Campaigns: Such basic security features such as the biometric locking and the provision of virtual ID can help citizens learn how to secure their data.
• Collaboration with Cybersecurity Experts: Industry engagement and researchers can keep up with the modern problems and find more effective answers.

Infographic

• Data Breaches of 2018 Below is an illustrative table highlighting some of the largest 2018, including Aadhaar:The side illustration brings out the magnitude and effects of such breaks hence the importance of data defense mechanisms. In a blogpost, 'Top 10 Biggest Data Breaches in 2018', Avast Software says data breaches are a terrifying top trend in the cyber-crime world that shows no sign of slowing any time soon.
  

  Conclusion

  Aadhaar system shows that India is a technological giant nation which has grown up to encompass the digital environment. Nevertheless, such a system will be as much trusted and reliable as citizen data are protected, along with other concerns. Data breaches can be countered on a proactive and comprehensive level thus ensuring Aadhaar's further stability as the foundation of India's digital ecosystem minimally invasive to privacy and security.