The Congress on Sunday condemned the lodging of an FIR against The Tribune daily and its reporter Rachna Khaira over Aadhaar data breach story.

After a January 3 news report by Punjab-based newspaper, The Tribune, over breach in Aadhaar data with a headline “Rs 500, 10 minutes, and you have access to billion Aadhaar details”, the Unique Identification Authority of India (UIDAI) has registered an FIR against the newspaper and reporter Rachna Khaira.

The FIR was lodged with the Cyber Cell of the Crime Branch by  UIDAI under IPC sections 419 (cheating under impersonation), 420 (cheating), 468 (forgery), 471 (using a forged document) and also under sections of the IT Act and the Aadhar Act.

The FIR also names Anil Kumar, Sunil Kumar and Raj (all of whom were contacted by the Tribune reporter as part of the story), according to media reports.

The Congress party said it was Narendra Modi government’s “arrogance of power” at its worst and their intention on privacy was thoroughly exposed.

“Intent and Intentions of Modi government on privacy were thoroughly exposed when it had proclaimed that no citizen can have an absolute right over his/her body,” said Congress spokesperson Randeep Singh Surjewala on Twitter.

“In Supreme Court, Modi government had accepted Aadhaar data leak! Now instead of investigating, an evasive Modiji shoots the messenger!” he added.

Earlier, he tweeted: “Shoot the messenger, Ignore the message! This typifies the culture and character of BJP government.

“FIR against The Tribune reporter is arrogance of power at its worst,” said Surjewala.

He also said: “Every Indian must condemn this mindless act of Modi government and UIDAI.”

A case of ‘misreporting’

Earlier, in a statement, UIDAI had responded to the news report as a “case of misreporting”.

“The reported case appears to be instance of misuse of the grievance redressal search facility. As UIDAI maintains complete log and traceability of the facility, the legal action including lodging of FIR against the persons involved in the instant case is being done,” said the authority.

The Aadhaar database “remains fully safe and secure with highest encryption at UIDAI and mere display of demographic information cannot be misused without biometrics”, said UIDAI.

“Claims of bypassing or duping the Aadhaar enrolment system are totally unfounded. The UIDAI Data Centres are infrastructure of critical importance and is protected accordingly with high technology conforming to the best standards of security and also by legal provisions.”

The data breach report 

The Tribune report, which was widely shared on social media sites, claimed that it took just Rs 500 and 10 minutes for the newspaper to get an access through an “agent” to every detail of any individual submitted to the UIDAI, including name, address, postal code (PIN), photo, phone number and email.

The newspaper said it paid another Rs 300, for which the “agent” provided “software” to facilitate the printing of the Aadhaar card after entering the Aadhaar number of any individual.

The Tribune also claimed to have found in its investigation that the racket may have started around six months ago when some anonymous groups were created on WhatsApp.

These groups targeted over three lakh village-level enterprise operators hired by the Ministry of Electronics and Information Technology (ME&IT) under the Common Service Centres Scheme (CSCS) across India, offering them access to UIDAI data.

CSCS operators were initially entrusted with the task of making Aadhaar cards across the country but were withdrawn later. The service was restricted to post offices and designated banks to avoid any security breach in November last year.

(with agency inputs)