UIDAI says Aadhaar misuse traceable; govt to file FIR on alleged leak

UIDAI has refuted the claims of leak and termed it as an instance of misuse of grievance redressal search facility

The government on Thursday said Aadhaar was not a secret number but any misuse of Aadhaar infrastructure can be traced and action can be taken against the user.

“The Unique Identification Authority of India (UIDAI) maintains complete log and traceability of the facility and any misuse can be traced and appropriate action is taken,” the statement of UIDAI said.

Amid reports of Aadhaar data breach, UIDAI has refuted the claims and termed it as an instance of misuse of grievance redressal search facility while asserting that data including biometric information is fully safe and secure.

“Further, the Aadhaar number is not a secret number. It is to be shared with authorised agencies whenever an Aadhaar holder wishes to avail certain service… But that does not mean that the proper use of Aadhaar number poses a security or financial threat,” the statement added. 

It said the reported case appears to be an instance of misuse of the grievance redressal search facility. "As UIDAI maintains complete log and traceability of the facility, the legal action including lodging of FIR against the persons involved in the instant case is being done."

The Authority had given the search facility for the purpose of grievance redressal to designated personnel and state government officials and the facility only gives limited access to the name and other details and has no access to biometric details by entering Aadhaar number.

Dinesh Kumar Tyagi, Chief Executive Officer, CSC SPV, said not all the around 300,000 common service centres (CSCs) across the country were involved in enrolling Aadhaar cards.

He told Business Standard that only 27,000 CSCs were doing Aadhaar enrollment services but after UIDAI made it mandatory that the enrollment should be done only on government premises, 10,000 CSCs shifted whereas the remaining 17,000 are not involved in Aadhaar-related work.

He further asserted that all the village level entrepreneurs (VLE) doing Aadhaar enrollment through CSCs need to authenticate themselves in order to enroll Aadhaar cards and all the data is stored in UIDAI data centres.

The report in a newspaper had mentioned that around 1 lakh VLEs may have gained access to UIDAI data to provide Aadhaar services to common people for a charge as they were rendered idle after the job was withdrawn from them.

CSC is a Special Purpose Vehicle (SPV) under the Department of Electronics and IT. The CSCs are providing various government, private and other services like Aadhaar enrolment, ticket booking, utility bills payment etc to people digitally. 

The Authority stressed that there has not been any data breach of a biometric database which remains fully safe and secure with the highest encryption at UIDAI and a mere display of demographic information cannot be misused without biometrics.