Picture used for representational purpose only

HYDERABAD: A massive probe has been launched by multiple agencies such as Unique Identification Authority of India, Election Commission of India and Cyberabad police into a complaint filed regarding alleged privacy breach and misuse of data of 3.7 crore voters in Andhra Pradesh.

The complaint was filed by YSR Congress MP V Vijaysai Reddy against Hyderabad-based IT Grids (India) Pvt Ltd’s ‘Sevamitra’ app promoting the Telugu Desam Party (TDP). Vijaysai alleged that government data from the Smart Pulse Survey which was linked to State Resident Data Hub (SRDH) containing demographic data of Aadhaar and electoral rolls prepared by the ECI were misused.

IT Grids India Pvt Limited, based in Madhapur, has done several applications and other IT solutions for various AP government departments and is also the developer of the ruling TDP ‘Sevamitra’ app.

The app has voter ID numbers, names, colour photos, booth-level information, family details, caste information and government schemes and amounts a voter gets as beneficiary. The app comes with all the information inbuilt and is extensively used by TDP activists.

Investigators are now focusing on how the company obtained family details and beneficiary data. Cyberabad police commissioner V C Sajjanar told TOI, “We have received the complaint and are yet to register an FIR. We are studying the contents.”

EC should regulate breach of privacy: Security researcher

An e-mail and messages sent to the promoter of IT Grid went unanswered. Sources said Ashok Dakavaram told police that the data used in the app is collected from open data sources available on electoral rolls and the survey conducted house-to-house by the party workers. He denied collecting any information from Aadhaar or SRDH or any government database.

Security researcher Srinivas Kodali told TOI, “Any personal information of a voter is part of his fundamental right of privacy. The Election Commission needs to regulate any breach.” On June 19, 2018, TOI published a story on the breach of data of 4.5 crore citizens from Smart Pulse Survey after Kodali exposed it.

An Election Commission official told TOI, “The soft copy of electoral rolls provided to political parties is only non-photo electoral roll data. The hard copy printouts are given in black and white with photos. We haven’t supplied any soft copy or hard copy of electoral rolls to any party or any company.”

Officials of UIDAI are yet to respond on whether the photographs and family grouping belongs to their database or SRDH. An official of UIDAI said, “We have asked the states to destroy SRDH after a Supreme Court judgement. We were informed that Andhra Pradesh destroyed it a few months ago. But we have to verify whether Smart Pulse survey database is still having traces and demographic details collected from SRDH.”

Andhra Pradesh government created an SRDH in association with UIDAI and the SRDH mirror image of the Aadhaar data relating to AP from the Data Repository of UIDAI in Bengaluru. SRDH contains the basic data like a resident’s Aadhaar number, name, date of birth or year of birth, gender, address, postal pin code, photo, biometric data.

In 2016, the AP government took up Smart Pulse Survey of all households, aimed at capturing socio-economic data directly in digital form, with online validations. It is aimed at completing the seeding of Aadhaar with departments’ database, ensuring correctness of data already seeded with Aadhaar, e-string the demographic data in the SRDH.

AP Government information technology advisor J Satyanarayana, who is also chairman of UIDAI, told TOI, “The Smart Pulse Survey is integration and convergence of the multiple databases of socioeconomic data of the people with the SRDH database. The purpose is for real-time governance and aimed at checking whether the welfare schemes are reaching beneficiaries.SRDH as a separate entity has been stopped.”

