SUMMARY
Assam govt is renewing its WIPRO cloud storage pack to restore data
The data was available on NRC's website since October 2019
The system was supposed to be implemented pan-India
Inc42 Daily Brief
Stay Ahead With Daily News & Analysis on India’s Tech & Startup Economy
The Bharatiya Janata Party (BJP)-led Assam government has reportedly lost the data collected for the implementation of state-wide National Register of Citizens (NRC) in a goof-up by the staff.
According to a TOI report, the Assam government forgot to renew the cloud storage provided by WIPRO, where the database was saved. Sources say the government had transferred Prateek Hajela, who was a coordinator in the department, to another post, leaving the department unmanned. However, sources were certain that the renewal process is underway with a new coordinator being appointed and the data will be restored.
The matter came to light after, the NRC database, which was publically available since October 2019, disappeared from the NRC’s official website without notice. Assam leader of the opposition Debabrata Saikia had written to the Registrar General and Census Commissioner regarding the same.
“The data have vanished especially when the appeals process has not even started due to the go-slow attitude adopted by the NRC Authority. There is, therefore, ample scope to suspect that the disappearance of online data is a mala fide act and is prima facie a deliberate violation of the directive issued by the Hon’ble Supreme Court,” the letter read.
Data Loss Damages NRC Credibility
The government of Assam was chosen as a pilot case for the National Registry of Citizens (NRC)to check the entry of illegal immigrants. The state government released its final list on August 31, 2019. The list did not include the name of over 19 Lakh people living in Assam.
The central government, which is also led by BJP, is looking to implement the NRC policy pan-India. The political party also mentioned its intention in its manifesto for Lok Sabha elections of 2019. However, currently, nationwide protests against NRC and the related Citizenship Amendment Act have become the focal point, whereas implementation is a distant thought.
Despite its focus on data protection and forcing companies to use updated practices for data storage, the Indian government seems to be woefully backward in this regard. Not only does it have trouble managing sensitive data, but its websites routinely leak data owing to bad security practices. The multiple leaks in the Aadhaar database are the primary example. Details of around 6.7 Mn Indian residents were leaked on the website of Indian Oil Corporation-owned LPG brand, Indane, back in February last year. Then in September, the Gujarat government’s real estate regulatory authority website allegedly left one of its download URLs unprotected, which in turn exposed sensitive citizen data such as PAN cards, Aadhaar cards, passport size photos, income tax details among other documents.
Similar incidents have happened earlier as well. The Indian government’s health portal, Online Registration System (ORS) compromised the privacy of two million patients in 2018.
So while it’s great to see the government pushing for increased transparency in data collection and storage from companies, perhaps it needs to look at its internal systems as well and ensure that personnel handling data actually have the technical know-how to ensure it doesn’t fall in the wrong hands.
Note: We at Inc42 take our ethics very seriously. More information about it can be found here.