)
Indian Infosec Consortium alleged that Google, in the "disguise of social responsibility", would "manipulate" the
voter data in various ways by running data analytics tools
Cyber security professionals have raised an alarm about the potential danger to national security, even before the Election Commission (EC) formally announces a tie-up with US technology giant Google. The poll panel has been in talks with the internet firm's India office to allow voters to easily search for their details on electoral lists. The company had also proposed to build an application for voters to get road directions to polling stations through Google Maps.
It was also reported last week that Google would help EC manage online voter registrations before the Lok Sabha elections this year. "This will lead to a goldmine of intelligence," said Jiten Jain, a member of the Indian Infosec Consortium (IIC), an association of professionals working in the field of cyber security and are critics of the proposed relationship between EC and Google. He added that citizens will have to provide their email addresses and mobile numbers for new voter registrations. That, combined with Google's other technology offerings like email, search, maps, etc could aid in building profiles of voters which could invade their privacy.
The other allegations made by members of the association were that EC had not sought a security clearance for such a measure and had also not actively reached out to "Indian" or "government-owned" organisations before choosing Google. According to IIC, the move acquires significance against the backdrop of revelations made by Edward Snowden, former contractor of the National Security Agency (NSA), alleging that the US government has been snooping upon digital conversations of residents of many countries, including India, by hacking into the networks of technology firms.
On December 30, deputy election commissioner Alok Shukla had told Business Standard that the Google initiative was part of the digitisation of electoral rolls, which was already happening at the state-owned NIC servers. "Google is generally considered an expert and known for its search feature and the idea is to develop an application through which a voter can find his or her information very easily and even get driving directions to the polling station through an application on mobile phone."
He added that EC had signed a non-disclosure agreement with the company and was not paying it for the services. "We have been in talks with several companies and it so happened that Google showed a positive inclination (towards the project)."
On Saturday, Shukla told Business Standard EC was not "handing over details, which were not already in public domain". He added the voter details were already "searchable", and Google would not "combine it with existing" features of theirs. He also denied having any tie-up with the company. "We don't have a contract with them. There is no arrangement with them. The talks are going on. We will decide when the time comes."
A Google spokesperson said in an email the firm's election team developed tools and resources to make civic information universally accessible and useful, help drive more informed citizen participation, and open new engagement avenues for politicians, citizens, and civic leaders.
A spokesperson for Google said in an email that the company's election team developed tools and resources to make civic information universally accessible and useful, help drive more informed citizen participation, and open up new engagement avenues for politicians, citizens, and civic leaders. "As part of this effort, Google has worked with electoral institutions across the world. The technologies and APIs (application programming interfaces) that Google deploys in these initiatives across the globe are available in the public domain."
The Times of India had reported in its January 1 edition that an "arrangement between EC and Google was learnt to have been clinched late this month, and was expected to be "operational" by the second week of January". The report had added that Google was offering similar services across 100 countries as part of its corporate social responsibility obligations and would not charge EC for these services, estimated to cost $50,000 (over Rs 30 lakh).
IIC alleged that Google, in the "disguise of social responsibility", would "manipulate" the voter data, including family details, in various ways by running data analytics tools.
According to the law, the voter roll, which has details like name, address, age, father's name, etc, is a public document and is posted in the PDF format on the portals of various state election commission offices. However, as part of a digitisation exercise, EC has been trying to create a national database of citizen information that will contain the data in a common format. It will enable people to not only search their information easily but weed out fakes and duplicates from the rolls.
IIC was on Saturday also represented by Tarun Wig of Innefu Labs, an information security consulting company; Manu Zacharia, president of Information Security Research Association (Isra); Rajshekhar Murthy, director of the National Security Database, which helps locate security professionals for government and is supported by the government; and Alok Gupta, founder and managing director of Pyramid Cyber Security & Forensic Ltd.
