Monday, March 05, 2018

Aadhaar authentication in India's defence production units: Chinese, US companies can "steal" data from cloud

By Our Representative
Even as the Punjab and Haryana High Court has said that linking aadhaar number to direct recruitment should not be a mandatory condition as it violates the “equal opportunity clause in Article 16(1) of the Constitution of India”, an internal Government of India circular wants the introduction of aadhaar-enabled biometric attendance System in the department of defence production, Government of India (GoI).
The circular, which went form the Secretary, Union ministry of communication and information Technology to his counterpart in the department of defence production, wants that the aadhaar enabled biometric attendance system in the department of defence production be made mandatory.
Considering this as a clear violation of the judicial orders, including the latest one by the Punjab & Haryana High Court, advocacy group Citizens Forum for Civil Liberties (CFCL) has sent a legal notice to Government of India’s (GoI’s) department of electronics and information technology, to which the GoI department has responded, stating, “aadhaar is being used for biometric attendance system and this does not form part of defence application”.
Pointing towards how the system would work, CFCL says, “A web based application software system will enable online recording of attendance and that the dash board relating to real time attendance and related statistics can be viewed by everyone.”
Prepared by Gopal Krishna of the CFCL, the note says, “The fact is that the application of biometric UID/aadhaar was restricted to ‘civilian application’ and was not meant for defence application. The Central government’s Biometrics Standards Committee had categorically stated that UID/aadhaar is meant only for “civilian application” but the order on aadhaar enabled biometric attendance system has been extended to defence employees as well.”
Krishna says, “UID was first adopted by USA’s Department of Defence, later by NATO. It has subsequently been pushed through World Bank’s etransform Initiative in partnership with France, South Korea, Gemalto, IBM, L1, Microsoft, Intel and Pfizer.”
Pointing out that L1 was a US a company when it got a contract from UIDAI, but it got purchased by French Conglomerate Safran Group after security clearance by the US government, the note insists, “This constitutes breach of national security as no such clearance was granted by Government of India. Some of these companies have partnership with Chinese government as well.”
According to Krishna, “Across the globe very stringent data privacy law has been framed wherein one’s personal data cannot be used by anyone including the government without your specific consent. But in India there is no data protection law.”
He adds, “Aadhaar is akin to a piece of collar which the transnational powers want to tie on the neck of Indian citizens. Government has allowed itself to be misled and it has failed to protect personal sensitive information which has already gone to foreign companies and continues to flow in their direction.”
Krishna believes, “The entire information of the employees working in the department of defence production, which will include related statistics, will be stored online and on cloud will be available to everybody.”
He adds, “Besides, application of UID in the department of defence production not being in national interest making it available to everyone and on the cloud, including to the foreign companies like Safran Group, its L1 Solutions, Accenture and Ernst & Young will violate the order of Hon’ble Court.”
“It is evident that the coverage of defence employees under aadhaar enabled Biometric Attendance System does establish conclusively that it aadhaar is being put to defence application contrary to the claim of the government”, Krishna says.

No comments: