FIR against Tribune reporter on Aadhaar data breach story

When contacted, The Tribune’s editor-in-chief Harish Khare refused to comment on the FIR

A deputy director of the Unique Identification Authority of India (UIDAI) has registered an FIR contrary to the Tribune newspaper and its author Rachna Khaira following her report the way anonymous sellers over WhatsApp were allegedly providing usage of Aadhaar amounts for a fee.

The FIR also names Anil Kumar, Sunil Kumar, and Raj, most of whom were mentioned in The Tribune report as people Khaira contacted in the course of her reporting.

 The FIR was lodged with the Crime Branch's cyber cell under IPC Sections 419 (punishment for cheating by impersonation), 420 (cheating), 468 (forgery) and 471 (using as genuine a forged document), also as daddy 66 of the IT Act and Section 36/37 of the Aadhaar Act.

After contacted, '' The Tribune's Editor in Chief Harish Khare refused to comment on the FIR.  In the FIR, the complainant, B M Patnaik, who works with UIDAI's logistics and grievance redressal department, says: "An input has been received through The Tribune dated January 3, 2018, that the 'The ' Tribune purchased' a service currently being offered by anonymous sellers across WhatsApp that provided unrestricted access to details to any of those more than 1billion Aadhaar amounts created in India up to now."

The FIR details how the reporter caught in touch with the other persons named in the FIR and extends on to state : "The abovementioned men have unauthorisedly obtained the Aadhaar eco-system in connivance of their unlawful conspiracy... The action of this aforesaid involved persons is in breach of (the numerous sections mentioned in the FIR)... Consequently an FIR needs to be filed at the cyber cell to get its said violation."

The UIDAI's networking unit didn't answer calls and texts out of The Sunday Express.  The UIDAI CEO, once contacted, said he had been in an interview.  The Tribune report, also dated January 3, had said: "It required just Rs 500, paid through Paytm, and 10 minutes at which an 'representative' of the group running the racket created a 'gateway' with this particular correspondent and gave a log in ID and password.  Lo and behold, you can enter any Aadhaar number from the portal, and then immediately get all of details that an individual might have filed to your UIDAI (Particular Identification Authority of India), including name, address, postal code (PIN), photo, phone number and email."

Subramanian Swamy Says Aadhar A Threat To National Security

Overdue on Saturday, '' UIDAI's Chandigarh regional division, composed to The Tribune's editor-in-chief, asking if "was at all easy for the correspondent to view or obtain Fingerprints and iris-scan of any person through the aforesaid access to UIDAI portal site" and "the number of Aadhaar numbers did the correspondent actually input through the said login user identification and password and whom did people Aadhaar numbers participate in".  The letter asked for these details to be sent from January 8, "failing that it will be assumed that there was no access to some Fingerprints or iris-scan".

Following the report appeared, the UIDAI had in a statement stated that there "have been no Aadhaar data breach."

"The Aadhaar data, including biometric information, is fully secure and sound," it'd said, adding, "There hasn't been some data breach of the biometric database, and this remains fully safe and secure with the maximum encryption at UIDAI and only display of demographic information can't be falsified without biometrics."