New Delhi: After causing a flutter on social media with his Aadhaar dare, Trai Chairman R S Sharma has said he had thrown an open the challenge to Twitterati — to prove how mere knowledge of the 12 digit number could be misused to cause harm — not as a regulatory head but as an ordinary citizen of India.
An all-out war had erupted on Twitter after Telecom Regulatory Authority of India (Trai) chief gave out his Aadhaar number, challenging anyone to show how mere knowledge of the number can be misused to harm him, triggering a deluge of tweets that claimed to disclose his personal details — from PAN to mobile number. The challenge by Sharma had evoked an immediate response on the social media platform, managing to create quite a stir with some users claiming to have dug up his mobile number, photo, residential address, date of birth, even chat threads using the information, and others warning him about the perils of throwing such a dare on the social media platform.
Some rushed to support Sharma, explaining how the much of the information about him could be procured without using his Aadhaar number. “…Pl understand that I threw this challenge, not as TRAI Chairman, but as a normal citizen of India,” Sharma tweeted replying to two users, one of them a French security expert who goes under the pseudonym Elliot Alderson and describes himself as “worst nightmare” of the UIDAI. Unique Identification Authority of India (UIDAI) is the nodal body for issuing the biometric identifier Aadhaar.
Incidentally Alderson, the vigilante hacker who uses the handle @fs0c131y on Twitter, has in the past revealed purportedly flaws in Aadhaar system and exposed data security loopholes in mobile apps of political parties like BJP and Congress. “People managed to get your personal address, dob (date of birth) and your alternate phone number. I stop here, I hope you will understand why make your #Aadhaar number public is not a good idea,” Alderson had tweeted yesterday, following Sharma’s challenge.
Giving out his full Aadhaar number, Sharma (@rssharma3) had tweeted: “Now I give this challenge to you: Show me one concrete example where you can do any harm to me!”. The challenge by Sharma had thousands retweets and likes, and the numbers had continued to climb well into the Saturday night. While much of the information that was dug out may already been in the public domain, Sharma did not verify whether the specific details pertaining to PAN were indeed correct.
Sharma himself continued to engage in the verbal duel with the Twitterati till late hours on Saturday dismissing much information being revealed as public information and seeking to “debunk the theory that Aadhaar compromises the privacy of the person”. “…Yeh details koi state scret nahin hain (These details are no state secret)…,” retorted Sharma at one point even chiding one of the users for disclosing address that was old and asking if he (the user) would like to have his latest address. When contacted by PTI on Saturday evening, Sharma had declined to make detailed comment on the matter saying “Let the challenge run for some time”.
While many on Twitter claimed victory over ‘leaking’ Sharma’s personal details post the challenge, the Trai chief asserted through multiple tweets and replies that the challenge had never been about phone numbers and other information but for causing harm using knowledge of his Aadhaar number. “No I did not challenge them for phone number and other info. I challenged them for causing me harm! So far no success. Wish them luck,” Sharma wrote. The high drama played out on the micro-blogging platform a day after Justice Srikrishna committee came out with its report on data protection where it mooted changes in Aadhaar Act and proposed new safeguards to protect information of Aadhaar holders.
Sharma, former UIDAI director general, has been an ardent supporter of the Aadhaar programme vouching for the safety of the system, and dispelling privacy concerns surrounding Aadhaar even during his current tenure as Trai chief. “Data privacy is a big and very important issue in a digital world. I am one of the most vociferous supporter of that. However, the only thing I am saying is that Aadhaar does not violate privacy,” Sharma had tweeted. Meanwhile, Justice Srikrishna panel on data protection has recommended that Aadhaar Act be amended “significantly” to bolster privacy safeguards, and mooted that only public authorities discharging public functions approved by the UIDAI or entities mandated by law be given the right to request for identity authentication.
The report, submitted on Friday, assumes significance given that public and private sectors are collecting and using personal data on an unprecedented scale and for various purposes, and instances of unregulated and arbitrary use, especially that of personal data, have raised concerns about privacy and autonomy of an individual. Over the last one year, there have also been reports of personal information being allegedly compromised with increasing use of biometric identifier Aadhaar in an array of services, and the Supreme Court has reserved its judgement on a clutch of petitions, challenging the constitutional validity of Aadhaar Act.