Ola subsidiary charged with Aadhaar data theft, FIR filed against one employee

The identity theft was allegedly committed by Qarth Technologies, which is owned by Ola.

news Crime

The High Grounds Police, on Wednesday, filed an FIR against an individual from Qarth Technologies, for allegedly accessing information from the Unique Identification Authority of India website.

Qarth Technologies is a company owned by Ola, which offers multibank Immediate Payment Service.

Ride-sharing platform Ola acquired Qarth Technologies in 2016. The High Grounds police registered the FIR after Ashok Lenin, Deputy Director, UIDAI Regional Office, Bengaluru filed a complaint on Wednesday.

According to a report by the Times of India, the case seems to be one of unauthorized authentication of Aadhaar data by the private company.

The FIR has been registered sections 37 and 38 of Aadhar Act 2016, sections 65 and 66 of IT Act of 2000, and sections 120 B, 468 and 271 of the Indian Penal Code. On Thursday, the case was transferred to the Cyber Crime Police.

According to Deccan Herald, Lenin has accused Qarth Technologies official of misusing the Aadhar website. “Qarth workers have developed an app and accessed details on Aadhaar website without authentication and provided the same as e-KYC details. The Data theft started on January 1and went on till July 26. The accused has joined hands with miscreants in leaking the Aadhaar information and illegally using the same,” Lenin said in his complaint.

An Ola spokesperson told TOI that it neither commissioned nor is involved in any such activity. Ola denied knowledge of the complaint as well.

Under the offences and penalties chapter of the Aadhaar Act, 2016, penalties are levied for disclosing identity information.

Section 37 of the Act states that “whoever, intentionally discloses, transmits, copies or otherwise disseminates any identity information collected in the course of enrolment or authentication to any person not authorised under this Act or regulations made thereunder or in contravention of any agreement or arrangement entered into pursuant to the provisions of this Act, shall be punishable with imprisonment for a term which may extend to three years or with a fine which may extend to ten thousand rupees or, in the case of a company, with a fine which may extend to one lakh rupees or with both.”

Section 38, which has also been invoked against the company, refers to penalty for unauthorized access to the Central Identities Data Repository. The section states that offenders will be punishable with imprisonment for a term which may extend to three years and the offender will also be liable to a fine not be less than ten lakh rupees.

The IPC sections invoked in the case pertain to criminal conspiracy (120-B), forgery for purpose of cheating (468) and using as genuine forged records (471).