The UIDAI today asserted that the personal details of Trai chief R S Sharma being put out on Twitter are not from the Aadhaar database or its servers, and that "so called hacked information" is easily available with a simple search on Google and other sites, without using the 12-digit unique identity number.
The UIDAI jumped into the debate following a full blown war of words on Twitter between Trai Chairman RS Sharma and some users over the potential of Aadhaar number being misused.
The Telecom Regulatory Authority of India (Trai) chairman yesterday shared his Aadhaar number publicly, challenging anyone to show how mere knowledge of the number can be misused to harm him. The move had trigerred a tsunami of tweets with the Twitterati claiming to disclose Sharma's personal details - from PAN to mobile number.
In a statement today, the UIDAI said: "...any information published on Twitter about the said individual...RS Sharma was not fetched from Aadhaar database or UIDAI's servers.
"In fact, this so called 'hacked' information (about Sharma's personal details such as his address, date of birth, photo, mobile number, e-mail, etc.) was already available in the public domain as he being a public servant for decades and was easily available on Google and various other sites by a simple search without Aadhaar number."
Rubbishing all claims that personal details of Sharma were dug up using his Aadhaar number, the Unique Identification Authority of India (UIDAI) said it "condemns such malicious attempts by few individuals to malign the world's largest unique identity project - Aadhaar".
Many users had claimed that the they got Sharma's personal details "by hacking Aadhaar database", but added such a claim was "farce" and that no such information about Sharma has been fetched from either its severs or Aadhaar database. The Aadhaar database is safe, the UIDAI added.
"This is merely cheap publicity by these unscrupulous elements who try to attract attention by creating such fake news," it alleged.
Anyone can google or tap other sources and find out Sharma's personal details without Aadhaar, UIDAI said, pointing out that the Trai chief mobile number is available on NIC website as he was, at one point, the IT Secretary.
Similarly, other details like date of birth is available in the civil list of IAS officers kept in public domain, while his address is on Trai website given his current role. The email id may be available in public domain too, it added.
"They clubbed all these inputs and claimed that they have managed to breach Aadhaar database and got his personal details, which is completely false," the statement said.
The UIDAI said that given the connected digital world, various search engines such as Google, can throw up personal data "without Aadhaar" and a profile can be made.
"It is reiterated that in this case...no data has been fetched using his Aadhaar number from UIDAI's servers or Aadhaar database. One could have just googled his name (without Aadhaar number), visited a few other websites and got most of the details which are being shown on twitter," UIDAI added.
The Aadhaar issuing body argued that people usually give PAN or mobile number at many places, and noted: "Someone can pick other personal data from different websites as he gets to know his PAN/mobile number".
"Can anyone demand on this basis that PAN (permanent account number) number is unsafe and should be abolished? Or, can say that it is the online world and online search which help gather information from different sources and create a profile and therefore, online search should be prohibited? Of course, this is not the answer," the statement said.
The issue of not about Aadhaar, PAN or mobile number, the UIDAI said, adding that this is a challenge of emerging digital world and personal data protection, which have been sought to be addressed in the recommendations submitted by the Justice Srikrishna committee.
Responding to the open challenge by Sharma yesterday, many on Twitter claimed victory over 'leaking' his personal details but the Trai chief has maintained in multiple tweets and replies that the challenge had never been about phone numbers and other information but for causing harm using knowledge of his Aadhaar number.
Interestingly, the Justice Srikrishna committee came out with its report on data protection last week where it mooted changes in Aadhaar Act and proposed new safeguards to protect information of Aadhaar holders.
Sharma, former UIDAI director general, has been an ardent supporter of the Aadhaar programme vouching for the safety of the system, and dispelling privacy concerns surrounding Aadhaar even during his current tenure as Trai chief.
Meanwhile, Justice Srikrishna panel on data protection has recommended that Aadhaar Act be amended "significantly" to bolster privacy safeguards, and mooted that only public authorities discharging public functions approved by the UIDAI or entities mandated by the law be given the right to request for identity authentication.
The report, submitted on Friday, assumes significance given that public and private sectors are collecting and using personal data on an unprecedented scale and for various purposes, and instances of unregulated and arbitrary use, especially that of personal data, have raised concerns about privacy and autonomy of an individual.Over the last one year, there have also been reports of personal information being allegedly compromised with increasing use of biometric identifier Aadhaar in an array of services, and the Supreme Court has reserved its judgement on a clutch of petitions, challenging the constitutional validity of Aadhaar Act.