The government of India is concerned that publishing unit costs of Rafale fighter jets procured from France could be a national security issue, denying this information even to the parliament. But the Central Board of Excise and Customs had published details of all defence products imported by the country between 2004 and 2016 on its website. As part of a larger transactional trade database, the department published details of unit prices of every defence product from bolts, missiles and periscopes to parts of nuclear reactors.

This defence import data can be accessed by searching for defence keywords on the following websites Zauba , InfoDriveIndia, Trade Intelligence, Cybex EXIM, EXIM Pulse. The primary source of this trade database was customs department’s icegate.gov.in portal.

The data was made public by the customs board without the knowledge of Ministry of Defence, thus making it a breach or data leakage in information security parlance.

Public access to this data was shutdown on November 25, 2016, after complaints were made by private businesses to the prime minister’s office regarding loss of business transactional privacy.

The customs board, before shutting down public access, deliberated with other departments to create a balance between transparency of state functions and privacy of sensitive business data. The file regarding the shutdown of this database was obtained using RTI and gives key insights on how the department considered transparency and privacy issues.

A quick look at the defence imports from France will give us an idea of the unit costs and how India spends its defence budget. Dassault Aviation, the manufacturer of Rafale, also supplied India with the famed fighter jet Mirage and its upgraded version Mirage-2000. A list of all the upgrades the new Mirages are being fitted with and their unit costs can be found here. The upgrades include details of Thales RDY 3 radar, crash recorder, crypto-computer, GPS, GLONASS Antenna and the key component mica missiles.

Aircraft are not the only defence equipment India imports from France. Under a technology transfer agreement, India’s Mazagon Dock Limited has been working on “Project 75” to build indigenous scorpion class submarines. The shipments include propellers, steering gears, periscopes, gas turbo generators, spares for torpedos, sonar beacons, air flow valves, cooling systems and many other parts. The database also has information about the yard where the submarines are being manufactured.

The database also provides information about defence equipment imported from other countries. Parts of nuclear reactors from Russia, parts for research to DRDO labs from the US and many more. A detailed look by defence analysts and security analysts can help map entire India’s defence supply chain with international suppliers.

India is not the only country which publishes trade data, the US bill of ladings also contain details of defence equipment imported by and exported out of the country. Similar to private firms selling India’s trade data, there are companies in the US which do the same.

The question is whether this database should have been public. This data has always been public and many defence analysts would agree that there is nothing wrong that. But it is important to recognise that the data was made public by the customs board without the knowledge of Ministry of Defence. The fact that government bodies are not informed about the data maintained across departments is the reason behind the leak.

If the government thinks publication of unit costs of Rafale fighter jets is a national security issue, then it must also recognise the breach as one and appoint an enquiry committee. If this is not a security issue, then the government should provide an answer in the parliament on unit costs of Rafale fighter jets, including all the parts. During a press conference held by Arun Shourie, Yashwant Sinha and Prashant Bhushan on Rafale, they said the secrecy clause does not cover the cost of acquisition.

The government, irrespective of the party in power, has always used national security as a ruse to avoid being held accountable by citizens. There is a need to define national security and what exemptions from transparency and accountability can be made to protect national security. The draft Data Protection Bill, which was submitted by Justice Sri Krishna Committee attempts to define it, but the scope of the definition might be limited only to personal data.

As a society, India is debating issues of transparency, privacy, data protection, surveillance and national security. Different arms of the state, including the judiciary, parliament and government are debating these issues. All these debates are meaningless if citizens are not empowered in the process. Transparency should always be more important than privacy or national security.

Srinivas Kodali is a independent researcher working on data and the internet.