TRAI Chief Makes His Aadhaar Public After Dare, Twitter Responds With His PAN, Phone Number
The incident had netizens divided. While some felt that the exchange would help bring to the fore the concerns regarding Aadhaar, others felt RS Sharma was proved right as the disclosed information was already in the public domain.
New Delhi: When Telecom Regulatory Authority of India (TRAI) chief RS Sharma dared Twitterati to “do him harm” based on his Aadhaar number, little did he know that his move would backfire.
Sharma, who is of the opinion that Aadhaar does not violate privacy, told The Print in an interview on Saturday that he had no qualms about making his 12-digit unique identity number public.
“Tell me what harm can you do to me if you have my Aadhaar details? I will give you my Aadhaar number if you like,” Sharma, whose tenure ends on August 9, told the website.
However, soon after his statement, a Twitter user dared him to “walk the talk” and reveal his number.
Not one to duck in the face of a challenge, Sharma took to the microblogging site to make his number public. He also asked the user to “show me one concrete example where you can do any harm to me!”, much to the amusement of netizens.
But this was just the tip of the iceberg.
Soon, Twitter users took it upon themselves to prove to the TRAI chief that there were loopholes in the system that needed to be plugged.
A user named Elliot Alderson, who described himself as a French security researcher, posted Sharma’s phone number, email address and PAN and a picture of the TRAI chief with a woman relative without revealing her identity.
He was also quick to add that Sharma's bank account was not linked to Aadhaar, to which the TRAI chief responded: "Looks like you are not as good as you claim to be! All my bank accounts are linked to Aadhaar. Further, even if you know my bank account number, so what!"
Alderson then said he would “stop here” and asked Sharma if he understood why making his Aadhaar number public “is not a good idea”.
He added that he was "not against Aadhaar, but only against people who think Aadhaar is unhackable".
The exchange, however, had Tweeple divided.
While some users felt that the incident would help bring to the fore the concerns regarding Aadhaar, others felt that Sharma was proved right as the information disclosed by Alderson was already in the public domain and did not really “do any harm”.
When contacted by PTI, Sharma declined to make a detailed comment on the matter, saying "let the challenge run for some time".
Sharma is believed to be in the running to head the new data protection authority to be instituted in line with the recommendations made by the regulator in its paper on data protection and privacy.
When the Unique Identification Authority of India (UIDAI) was set up in 2009, the former civil servant was selected as its first director-general. He has subsequently been a vocal proponent of UIDAI's security infrastructure.
However, multiple petitions have been filed in the Supreme Court challenging the constitutional validity of such a database, and how making biometric enrollment mandatory was a violation of an individual's privacy. The SC reserved its verdict following the conclusion of hearings in May.
The Justice Srikrishna Committee, in its report published on July 27, recommended that the Aadhaar Act be amended "significantly" to bolster privacy safeguards. It also observed that only government departments or authorities that have secured the approval of the UIDAI can request Aadhaar details for rendering services. The committee is also in favour of giving greater autonomy to the UIDAI so that it operates independently of the government.
The Srikrishna Committee's report is part of the government’s larger attempt at framing a draft Personal Data Protection Bill that will set the guidelines for the collection and storage of sensitive personal information.
Sharma, who is of the opinion that Aadhaar does not violate privacy, told The Print in an interview on Saturday that he had no qualms about making his 12-digit unique identity number public.
We have paid your salary for all these years @rssharma3 please share all your personal data with us. twitter.com/digitaldutta/s…
Walk your talk @rssharma3!
Publish your Aadhaar details to the public if you have so much trust in this 13ft wall secured system.theprint.in/governance/wha…
Walk your talk @rssharma3!
Publish your Aadhaar details to the public if you have so much trust in this 13ft wall secured system.theprint.in/governance/wha…
My Aadhaar number is 7621 7768 2740
Now I give this challenge to you: Show me one concrete example where you can do any harm to me!
But this was just the tip of the iceberg.
Soon, Twitter users took it upon themselves to prove to the TRAI chief that there were loopholes in the system that needed to be plugged.
A user named Elliot Alderson, who described himself as a French security researcher, posted Sharma’s phone number, email address and PAN and a picture of the TRAI chief with a woman relative without revealing her identity.
He was also quick to add that Sharma's bank account was not linked to Aadhaar, to which the TRAI chief responded: "Looks like you are not as good as you claim to be! All my bank accounts are linked to Aadhaar. Further, even if you know my bank account number, so what!"
Alderson then said he would “stop here” and asked Sharma if he understood why making his Aadhaar number public “is not a good idea”.
He added that he was "not against Aadhaar, but only against people who think Aadhaar is unhackable".
The exchange, however, had Tweeple divided.
While some users felt that the incident would help bring to the fore the concerns regarding Aadhaar, others felt that Sharma was proved right as the information disclosed by Alderson was already in the public domain and did not really “do any harm”.
Such a big hacker and all he could manage in 5 hours is a phone number which is already a public record (he's a government official)? The man gave his aadhar number and challenged everyone to bring something concrete which could harm him, not something which is public record.
I'm a lawyer. He's right though. Not just his cell, his PAN, email and other information about him could be obtained. It's not such a terrible loss of privacy, but it still is one. So my suggestion is you chill till the SC decides and then brazenly defend if.
Pls make this opportunity as a case study to demonstrate what all can be stolen .... Citizens shud be shown this.
When contacted by PTI, Sharma declined to make a detailed comment on the matter, saying "let the challenge run for some time".
Sharma is believed to be in the running to head the new data protection authority to be instituted in line with the recommendations made by the regulator in its paper on data protection and privacy.
When the Unique Identification Authority of India (UIDAI) was set up in 2009, the former civil servant was selected as its first director-general. He has subsequently been a vocal proponent of UIDAI's security infrastructure.
However, multiple petitions have been filed in the Supreme Court challenging the constitutional validity of such a database, and how making biometric enrollment mandatory was a violation of an individual's privacy. The SC reserved its verdict following the conclusion of hearings in May.
The Justice Srikrishna Committee, in its report published on July 27, recommended that the Aadhaar Act be amended "significantly" to bolster privacy safeguards. It also observed that only government departments or authorities that have secured the approval of the UIDAI can request Aadhaar details for rendering services. The committee is also in favour of giving greater autonomy to the UIDAI so that it operates independently of the government.
The Srikrishna Committee's report is part of the government’s larger attempt at framing a draft Personal Data Protection Bill that will set the guidelines for the collection and storage of sensitive personal information.
