‘Aadhaar data breach report incorrect’
NEWDELHI: The Unique Identification Authority of India (UIDAI) on Thursday told the Delhi HC that reports regarding security breach of data related to Aadhaar is incorrect and misleading as the strongest encryption technology has been used to store data which is impossible to decrypt.
“The technology used is 2048bit encryption, which is the strongest one and it is impossible to decrypt and extract any information even if enrolment packets were accessible during transit to the UIDAI data centre,” UIDAI told a bench of Justice S. Ravindra Bhat and Justice Prateek Jalan. The bench was hearing a plea seeking exemplary damages for the losses caused due to leakage of Aadhaar data. The plea was filed by Shamnad Basheer alleging that the dissemination of personal information of Aadhaar holders made it clear that the government is responsible for any breach of right to informational privacy. In an affidavit, the government agecy said that Aadhaar data is fully secured at all times and for further strengthening of security and privacy of data, security audits are conducted on regular basis, and all possible steps are taken to make the data safer and protected.
It further added that there are multiple layers of security at physical level in UIDAI data centres and is being managed by armed Central Industrial Security Force personnel round-theclock. “The technical architecture of Aadhaar has been structured in such a way, so as to ensure clear data verification, authentication and de-duplication, while ensuring a high level of privacy and information security,” the UIDAI said.
Adding that there is no merit in the application, UIDAI said, “the alleged facts on the basis of which the petitioner has filed the plea are unsubstantiated statements and the information relating to the Aadhaar scheme has been grossly misreported and interpolated to mislead this court.”