Finance Minister Arun Jaitley today played down privacy and security concerns of making Aadhaar mandatory for citizens, saying all technology can be hacked into and that should not prevent the use of the technology.
"The fact that technology can be broken into is never an argument to not have technology. Firewalls must be strong enough," Jaitley said, while addressing opposition questions about security of Aadhaar-related information raised by former finance minister P Chidambaram in the Parliament today.
Chidambaram had noted the high-profile hacking of the US Pentagon and the reported leak of MS Dhoni's Aadhaar number reported earlier today.
However, Jaitley did not elaborate on the level of security firewalls in the Aadhaar system, or how the government might address privacy breaches related to Aadhaar outside the provisions of the Aadhaar Act, which experts say has vague or poorly-defined clauses that offer little in the way of promising data privacy to citizens.
Jaitley also dismissed the Dhoni Aadhaar leak incident, saying it was a one-off case and the UIDAI, the agency that issues Aadhaar, had taken swift action, blacklisting the centre that leaked the information for 10 years.
Chidambaram also noted that Aadhaar was always meant to be an "instrument to extend services and benefits and subsidies."
"The larger question is how will you protect the privacy of transactions. Of facts and material in the IT returns...?" Chidambaram asked.
Jaitley was also asked to disclose the extent of the PAN duplication problem by another member of the opposition that the finance minister has said previously is behind the government's decision to make Aadhaar mandatory for filing taxes. Jaitley wouldn't respond to that, except to say the government has chosen to expand the use of Aadhaar because of the "strength" and success of the technology.
On Tuesday, an Aadhaar centre, CSC e-Governance Services, had tweeted a picture of Dhoni authenticating his fingerprints along with a screenshot of Dhoni's Aadhaar page, making his details public. Dhoni's wife complained to IT minister on Twitter about the incident, following which the UIDAI took action.
In a separate incident, On Tuesday, UIDAI launched a police complaint in connection to two separate Aadhaar applications but with the same biometric information.
There have been other security incidents, too. Last month, UIDAI initiated police action against entities associated with Axis Bank including Suvidhaa Infoserve and e-sign provider eMudhra, which had allegedly engaged in unauthorised authentication and impersonation by illegally storing Aadhaar biometrics.
Earlier this month, security researcher Srinivas Kodali warned Indian authorities of a website that was leaking Aadhaar demographic data of over five lakh minors, as well as the existence several parallel databases that had key identification data linked to Aadhaar, Scroll reported.