PUNE: Pune-based activist Vivek Velankar is concerned about the safeguards in place to protect Aadhaar data. He feels the Unique Identification Authority of India (UIDAI) is stonewalling him by refusing to reveal the names of companies responsible storing the sensitive data as well as the manufacturers of the servers. The UIDAI , however, claims the information cannot be revealed due to security reasons.Today several questions regarding protection of Aadhaar data are being posed. Moreover, there is also the concern about compulsory Aadhaar registration actually breaching Right to Privacy. To address such questions, Velankar had filed an RTI application seeking the names of the companies storing Aadhaar data, name of the country where the data is stored and also the names of the server manufacturers.“I had sought the information regarding UIDAI under RTI. However, the identification authority has denied the information citing Section 8 (1)(a) of the RTI Act, which says that if the information is provided, the country's security will be endangered,” he said.The activist added that such basic information should, in fact, be published in the public domain to assure people that the data storage work has not been given to a foreign company, and it is stored within India. Moreover, people should also get the assurance that the servers on which the data is stored, are not manufactured in China.In their reply, UIDAI officials stated that the nature of the information is such that it cannot be shared outside the authority, unless mandated. They further added that UIDAI’s central identities data repository facilities, information, assets, logistics, infrastructure and dependencies installed at UIDAI locations are to be protected for the purpose of Information Technology Act, 2000.Anupam Saraf, an internationally-renowned expert on governance of complex systems as well as the advisor to former Goa chief minister, added that to coerce anyone to enroll and link Aadhaar to PAN, cellphone numbers, bank accounts and almost all public and private databases, is not a good idea. “Aadhaar destroys business and governance processes. It removes the steps of identification and consent in transactions with authentication. Authentication is not identification, and it is not consent to any transaction. It exposes everyone to Aadhaar fraud.”Saraf, who is from Pune, points out to one of minister Ravi Shanker Prasad’s statements in Parliament , in which the minister said that 34,000 enrollment officials had been suspended for irregularities, while 50%-90% of the Aadhaar database was full of “ghosts”.“If Aadhaar is not certified by any government official to be a proof of identity, address, resident status or even existence, and if the Aadhaar database has never been verified or audited by anyone, than its use for governance is bad, if not mala fide,” he said.Saraf believes that no data protection or privacy law is adequate to cure Aadhaar of these ills. He feels that the threat to Aadhaar data can only be neutered by destroying it and prohibiting the use of Aadhaar, as was done in the case of national ID data in the UK.