Every political party in Andhra Pradesh wants voters’ privacy protected, but why can’t they have it?

- Srinivas Kodali @digitaldutta

It was the YSRCP that first demanded the protection voters’ privacy in Andhra Pradesh during the 2019 elections. The demand was made in the backdrop of TDP members getting caught with the Seva Mitra app, containing colour photos and 360-degree profiles of voters.

The political tides have changed. Now, the Jana Sena Party is demanding “My Data, My Right”, protesting against the Andhra Pradesh government’s village volunteers collecting personal data. The TDP, too, has joined in, demanding an end to 360-degree profiling. Then what is the problem with the voters’ privacy?

It was the TDP government from 2014 to 2019 that pioneered 360-degree profiling in Andhra Pradesh.

Retired bureaucrat J Satyanarayana, who was the Unique Identification Authority of India (UIDAI) chairman and IT advisor to the Andhra Pradesh government, championed the cause of real-time governance and 360-degree profiling in the state.

But Andhra Pradesh was the second state to do the profiling.

Telangana had already started implementing it before Andhra Pradesh did with its Samagra Kutumba Survey and Integrated People Information Hub. Both Telangana and Andhra Pradesh were the ground zero of these new experiments of pushing Aadhaar-based 360-degree profiling.

Imported model

This model of governance and push for Aadhaar is not native to India. It was primarily experimented in Estonia in Europe and later suggested to our bureaucrats to be adopted. The early experiment of the AP Smart Card project in 2006 under YS Rajasekhara Reddy was the precursor to the Aadhaar project, even before Nandan Nilekani adopted it to be enforced across the country.

United Andhra Pradesh was the laboratory to experiment with the implementation of new governance models and technologies because of globalisation and its IT sector’s place in global trade. The bureaucracy was open to experimenting with anything new in the population to be ahead in global supply chains.

There are many problems with Aadhaar-based 360-degree profiling and there has been large-scale opposition to it, resulting in the Supreme Court of India recognising the fundamental right to privacy.

The Aadhaar project itself was heavily restricted by the court, saying it should be used only for welfare. Yet, the government passed new laws and rules to push it, disregarding the Supreme Court judgements.

The nature of the Aadhaar project and 360-degree profiling allows the government to track citizens from birth to death. This was necessary for the government in a post-26/11 India, where the government wanted to know everyone in the country.

However, the threat to civil liberties was always on since this information can be misused, affecting electoral democracy.

The big player

The Aadhaar-Voter ID linking experiments in Telangana and Andhra Pradesh resulted in denying lakhs of voters the right to franchise in the 2018 Assembly elections in Telangana. It also resulted in Aadhaar profiles being used for electioneering at large.

Yet, these issues were ignored — and continue to be ignored and unacknowledged — because the Indian IT sector pushes towards a data economy. Everything from Aadhaar, UPI, Digital Locker, and CoWIN are being exported to other countries just the way they have been imported into India from Estonia.

Welfare was always used as an excuse to push technologies that the Indian IT sector could use to create a domestic IT economy. Even today, the biggest opposition to the Privacy and Data Protection Bill is from the Indian IT sector, not politicians.

At every level of the Aadhaar litigation, it was not only the government but the Indian IT sector also opposed a pushback.

A strict Data Protection Bill will address issues of government data collection and how data is affecting elections and electoral politics. But these have been ignored by allowing the government to have exceptions to collect as much data as it want to implement the rule of the law.

The present draft of the Digital Personal Data Protection Bill, 2022, is not good enough to protect the citizens’ rights and it is just a rubber stamp on all government projects. A Data Protection Bill respecting the Supreme Court’s verdict on Aadhaar and the fundamental right to privacy would not allow 360-degree profiling. The draft Bill envisages it.

The political opposition seen in Andhra Pradesh is necessary to make people understand the dangers of information and with successive pushbacks, the people may realise the larger problem irrespective of whose politics prevail. But notwithstanding the opposition to these systems, as long as they are not opposed nationally, they will remain the same way.

Wanted: Global demand

The TDP’s plan to draw the attention of Home Minister Amit Shah to the issue of 360-degree profiling in Andhra Pradesh is useless when the Ministry of Home Affairs (MHA) itself wants 360-degree profiling databases like NATGRID, CCTNS, and ICJS for surveilling the citizens.

Indians already have a fundamental right to privacy, but who will implement it when the governments at both the Centre and state support Aadhaar? No court can implement its order or get these systems changed unless there is a change in the technical architecture of the Aadhaar system.

For the moment, this will happen only if there is a global demand from countries that want to buy Aadhaar, to change its code and architecture to respect individual privacy. No matter how much Indians demand privacy, the current technical and governance setup does not allow any political party to change what is already built.

The MHA is introducing a Bill for amending the Registration of Births and Deaths Act, 1969, in the ongoing Parliament session. The Bill seeks to link all major government databases at the Centre and state to build the National Population Register using Aadhaar as a unique ID. The Bill puts into law the idea of 360-degree profiling and allows the MHA to track citizens from birth to death, something that has been widely experimented with and accepted in Andhra Pradesh.

No amount of opposition will change the 360-degree profiling even though everyone knows it is bad. Every political party in power will continue to push it and oppose it when in Opposition. This is how the Indian state functions: Aadhaar is now part of statecraft.

[This article is published under Creative Commons Attribution – No Derivatives 4.0 International (CC BY-ND 4.0). The article may be reproduced without permission].

...

#AndhraPradesh #privacy #PersonalData #DataProtection #aadhaar #UIDAI #UPI #CoWin #DigiLocker # #360degreeProfiling #TDP #JanaSena #SrinivasKodali #india

CoWIN data breach: 1 held, minor detained

There have been claims about a breach of data of citizens registered on the CoWIN platform, but the Centre has termed such reports “mischievous” and “without any basis”.

#CoWinDataBreach #bihar #CoWin #DataBreach #aadhaar #cybersecurity #data #DataProtection #security #technology #covid #governance #CERTIN #india

https://www.thehindu.com/news/national/two-held-over-involvement-in-cowin-data-leak/article66996534.ece

A man from #Bihar was arrested and a juvenile was apprehended in connection with their involvement in the alleged #dataleak from #CoWIN portal. The man is alleged to have used a #Telegram app to leak the data.

https://trib.al/N3rfqRz #press

CoWin Fiasco Should Alert Us to Hidden Agendas Behind Digital Identity-Based Governance

While CoWin may have been promoted as the solution for vaccine management delivery, the idea was also to promote data sharing with the private sector for the digital health economy. The same model is being pushed across the globe by multilateral organisations.

#CoWinDataBreach #CoWin #cybersecurity #DataProtection #DigitalIdentity #aadhaar #UIDAI #UNDP #welfare #surveillance #privacy #HumanRights #exclusion #IndiaStack #india

https://thewire.in/tech/cowin-fiasco-should-alert-us-to-hidden-agendas-behind-digital-identity-based-governance

Explained | Reports recently emerged that a bot on the messaging platform #Telegram was allegedly returning personal data of Indian citizens who registered with the #CoWIN portal for vaccination purposes. How did this happen?
@johnXavier777 explains: https://trib.al/UX2kXJ5 #press

TMC lawmaker Derek O'Brien has filed a complaint with Kolkata's cyber police station over the alleged leak of sensitive data stored in #CoWIN portal.

https://www.hindustantimes.com/india-news/tmc-lawmaker-lodges-complaint-with-cyber-police-over-alleged-leak-of-sensitive-data-from-cowin-portal-in-kolkata-101686855557573.html #press

#CoWINDataLeak - Personal Data of Vaccine Recipients Leaked

Malayalam news portal, said that a Telegram bot on the channel “hak4learn” was providing access to the private information of millions of Indians.

#CoWIN #DataLeak

https://gbhackers.com/cowin-data-leak/

Reading the #CoWin story right

As govts increasingly go digital, three key elements of India’s data security, a data protection bill, a data governance policy & a cyber security strategy, need to be worked on quickly

Read today's op-ed by Prateek Waghre & Tejasi Panjiar 👇… https://twitter.com/i/web/status/1668839990342868992 #press

CERT-in, the cybersecurity agency that deals with breaches in cyberspace, has not directly
put out any update on its assessment of apparent breach of personal information of people who received vaccinations, registered on Union government’s #CoWIN.

https://www.thehindu.com/news/national/no-update-on-investigation-no-fir-yet-into-cowin-leak-from-cert-in/article66964931.ece #press

CERT-in has not directly put out any update on its assessment of the apparent breach of personal information of people who received vaccinations, registered on the Union government’s #CoWIN platform.
https://trib.al/D0yuofo #press

CoWIN breach: ‘No government in a developed country would have survived a data leak of this scale’

Anivar Aravind, a public interest technologist, explains why you should be worried about the CoWIN data leak and why the government should take responsibility.

#CoWinDataBreach #CoWin #DataBreach #privacy #cybersecurity #covid #aadhaar #DataProtection #UIDAI #telegram #UnionGovt #india

https://scroll.in/article/1050852/cowin-breach-no-government-in-a-developed-country-would-have-survived-a-data-leak-of-this-scale

CoWIN Data Breach: Citizens Must Be Allowed to Delete Personal Data from Govt Databases

The purpose for which CoWIN was created is over and there is no need for the government to maintain this health data anymore. Ideally, under the Right to Privacy judgement, we should be allowed to demand data deletions, writes Srinivas Kodali.

#CoWinDataBreach #CoWin #DataBreach #aadhaar #UIDAI #privacy #cybersecurity #DataProtection #RightToPrivacy #UnionGovt #rights #HumanRights #india

https://thewire.in/tech/cowin-data-breach-citizens-must-be-allowed-to-delete-personal-data-from-govt-databases

Union minister Rajeev Chandrashekhar reiterated that the personal details of Indian citizens provided by an automated account on the messaging application Telegram were prima facie not leaked from #CoWIN.

https://www.hindustantimes.com/india-news/many-forces-want-to-undermine-cowin-minister-on-data-breach-101686631740868.html #press

#HTEditorial | A leak of information such as in the #CoWIN breach, if true, can become far more insidious. The potential for harm from such information being public extends beyond spam.

#HTPremium

https://www.hindustantimes.com/editorials/seek-answers-for-data-leaks-101686632901958.html #press

Experts said the controversy involving the possible leak of #CoWIN data underscores the urgent need for a data protection bill that will protect citizens from such exposure.

(Reports @deekbhardwaj)

https://www.hindustantimes.com/india-news/cowin-data-breach-highlights-urgent-need-for-data-privacy-law-experts-101686596061539.html #press

India “was criticized for making #CoWIN the only way for Indians to book a vaccination appointment, excluding millions who didn’t have access to a smartphone or the internet.” Now a massive vaccine database #breach exposes IDs of millions of Indians. This serves as a good example for why people need a #rightToBeOffline.

Reports of breach of data from #CoWIN without any basis: Health ministry

http://toi.in/dH39NZ/a24gk #press

Data breach false alarm.
#CoWIN #Union #data
https://www.indiatoday.in/india/story/cowin-data-leak-it-minister-says-database-not-breached-directly-health-ministry-2392082-2023-06-12?utm_source=rss

#CoWIN #Union #data
https://www.indiatoday.in/india/story/cowin-data-leak-it-minister-says-database-not-breached-directly-health-ministry-2392082-2023-06-12?utm_source=rss

The #Centre assured people that adequate security measures were in place for the #CoWIN application, the country’s foremost #Covid19 vaccination platform,

Read more https://www.hindustantimes.com/india-news/centre-denies-data-breach-on-cowin-vaccination-platform-assures-adequate-security-measures-in-place-101686575209145.html #press