Report on citizens' surveillance is baseless: IT minister Ravi Shankar Prasad

The minister said that there are suitable provisions under the IT Act and work is in progress to bring in a law for data protection.

Published: 05th December 2019 03:54 PM  |   Last Updated: 05th December 2019 03:59 PM   |  A+A-

IT minister Ravi Shankar Prasad

Union Telecom Minister Ravi Shankar Prasad at a JIO stall during the inauguration of Indian Mobile Congress 2019 in New Delhi. (File photo | PTI)


NEW DELHI: Minister of Communications and Electronics and Information Technology Ravi Shankar Prasad said on Thursday that the report by UK-based research firm Comparitech, highlighting that India ranks behind only Russia and China when it comes to surveilling citizens, appear to be flimsy and questionable.

The report stated that India is the fifth-worst country after China, Malaysia, Pakistan and the US in terms of extensive and invasive use of biometric data.

The minister said that there are suitable provisions under the IT Act and work is in progress to bring in a law for data protection. Further, there is a baseless assumption that the Aadhaar database includes information such as purchases, bank accounts, insurance and others.

ALSO READ: Mass surveillance tech just needs a missed call to hack you

The government's request to WhatsApp regarding traceability without compromising on encryption has been wrongly projected as a possible privacy intrusion. Therefore, even while the report recognises that the laws and courts in India are working to protect data privacy, it seems to have jumped to a conclusion without looking at the legal regime in India and the checks and balances available.

"These attempts to malign the Government of India for reportedly surveilling citizens are completely misleading," the minister said.

He said that the government is committed to protect the fundamental rights of citizens, including the right to privacy. The government operates strictly as per the provisions of law and laid down protocols. There are adequate safeguards to ensure that no innocent citizen is harassed or his privacy breached.

The Ministry of Electronics and Information Technology is working on the Personal Data Protection Bill to safeguard the privacy of citizens, and it is proposed to table it in Parliament.

Prasad said that there has never been any instance of data breach from the Aadhaar database (Central Identities Data Repository). For the security of Aadhaar data centres, Unique Identification Authority of India (UIDAI) has a well-designed, multi-layer robust security system in place and the same is being constantly upgraded to maintain the highest level of data security and integrity.

ALSO READ: WhatsApp says it alerted government of privacy breach in May, Centre denies it

The architecture of the Aadhaar ecosystem has been designed to ensure security and privacy which is an integral part of the system from the initial design to the final stage.

Various policies and procedures have been defined and are reviewed and updated continually thereby appropriately controlling and monitoring any movement of people, material and data in and out of UIDAI premises, particularly the data centres.

"UIDAI data is fully secured/encrypted at all times i.e. at rest, in transit and in storage. For further strengthening of security, security audits are conducted on regular basis," the minister said.

Additionally, there are multiple layers of security at the physical level in UIDAI Data Centres and it is being managed by armed CISF personnel round the clock.

The security assurance of the Aadhaar ecosystem has been strengthened with the enactment of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 and subsequently the Aadhaar and Other Laws (Amendment) Act, 2019 which has stringent penalties and punishments for offenders.

The UIDAI has been declared ISO certified with respect to information security which has added another layer of IT security assurance. In pursuance of sub-section (1) of Section 70 of the IT Act 2000, UIDAI has also been declared as a Protected System by the National Critical Information Infrastructure Protection Centre, the minister said.


Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on are those of the comment writers alone. They do not represent the views or opinions of or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp