CHENNAI: “Chennai’s birth certificate website is an example of how privacy sometimes gets thrown out the window in the name of digitization” posted on Twitter by an angry parent on Wednesday, this did not take too much time in gathering a windfall of attention. He was talking about the Chennai Corporation website which provides open access to Birth Certificates. He decried the website’s policy of making public, digital copies birth certificates of everyone from 1910. By simply selecting the gender and inputting the date of birth, one could have a list of all those born on that date.
In the Twitterati’s own words, “Go find your own birth certificates and your parents’ too”. Each pdf document mentions the following details- your name, father and mother’s name, complete permanent address and ward details. All one has to do is to be born in the city have their birth certificates registered here in the last century.
“There is a difference between information I volunteer, and information that is put up online without my permission. I use social media websites like Facebook, Twitter and LinkedIn but I keep some data personal, date of birth is one among them. So, I would not like my personal details floating around ,” says Sucheta Gupta, an IT professional.
Some tweeters who led the discussion on the social media space suggested tighter measures one-time passwords or a more detailed process to discourage siphoning data.
Cyber specialists share similar opinions as they emphasize the hazards of keeping information on public domain. “It is a good initiative by the Chennai Corporation. But a more secure approach would pay off as it lessens any possible breach,” says UP Prakasham, President of Cyber Society of India.
As the internet search engines like Google and Yahoo index all personal data, fishing for illegal purposes like identity theft and data stealing becomes that much easier in the hands of criminal elements.
Professor Muthukumar who trains officials in Cyber Security says that these kinds of online “footprints” left by either themselves or a third party puts people at the risk of information theft. Even a date of birth, he says can be misused in several ways.
“Secure coding is not followed in India, which puts websites at a higher degree of threat to begin with,” he says. All government websites he says should follow the national security guidelines outlined by Open Web Application Security Project. “Organisations really need to get cyber security audits done regularly, especially. Whether its a mandate or not, it should be done. That practice should become a culture which is missing in India,” he explains emphasizing that the move towards paper governance calls for higher pre-emptive security.