Centre for Internet & Society

The recently-concluded Assembly elections may have set more than just one precedent with implications for the entire nation.

The article by Akshatha M was published in Economic Times on June 5, 2018. Sunil Abraham was quoted.

While the poll result led to what many see as the beginning of a national front comprising regional parties, the steps Karnataka’s chief electoral officer took to protect the privacy of its electoral rolls will be emulated across the country. 

The Election Commission of India, in an internal circular issued in January, ordered the chief electoral officers of all states and union territories to publish electoral rolls only in image PDF and CAPTCHA formats. These formats ensure that no individual can access electoral data, except as readonly files. While the image PDF format disables the search option in the rolls, CAPTCHA does not allow visitors to either extract or download the rolls.

“It has been decided that electoral rolls should be published on (the) website in image PDF only. If presently-available PDF electoral rolls are not image PDF, then the same shall be done immediately,” the EC circular said. 

It all started in the latter part of 2017 when Karnataka’s chief electoral officer published the draft electoral rolls as image PDF with CAPTCHA formats. Earlier, rolls were published in text PDF (minus CAPTCHA) format. Electoral analysts and citizen groups took exception to the new formats on the grounds that that did not allow them to analyse errors.

CEO Sanjiv Kumar’s contention was that analysts were seeking easy access to data. He defended his move on the grounds that the personal data of voters need to be protected. The tiff eventually reached the EC’s doorstep. It turns out that the chief election commissioner was convinced about Sanjiv Kumar’s intent.

Speaking to ET, CEC Om Prakash Rawat said: “After Cambridge Analytica and Facebook episodes, the EC has decided to protect voters’ data from data harvesting and data manipulation as a precautionary measure. We are also working towards adding special data security features in the electoral rolls.” 

Electoral roll analysts continue to see the EC’s decision as a bid to cover up flaws in the rolls. “Their argument is self-defeating on two counts: One, an individual can still extract the data, though it is a little time-consuming. Two, voter data is sold in broad daylight for 7 paise per record and despite knowing this, the election authorities have not taken any action to prevent the same,” said Bengaluru-based electoral roll analyst PG Bhat.

Data security researchers say the EC decision to have the new formats is no long-term solution.

Sunil Abraham, executive director of the Centre for Internet and Society, said that the image PDF format would not be a longterm solution at a time when the optical character recognition software has become all-powerful. “The EC should first remove EPIC numbers from the public database as it allows people who are into data-mining exercise to combine data. The solution would be to have mandatory registration in order to access data, even for voters,” he said.

He said the EC should have a system that enables it to track those who access electoral data. “Mass export of data should be permitted only for those who are monitoring electoral rolls at the polling-station level,” he said.