Centre for Internet & Society

The worst fears are coming true. Your sensitive private data may be up online turning you into a potential target of frauds. What is all the more dangerous is that you may be not even aware of this.

The article by First Post editors was published on October 28, 2013. Sunil Abraham is quoted.


An investigation by the Business Standard has revealed that various state and central government departments have already started putting up citizen’s personal details such as bank accounts and income on websites. The rationale behind the move is bringing about transparency.

The report also provides details of two persons, which the reporters could access online – a 25-year-old from Haryana and another farmer from Uttar Pradesh.

In the first instance, the paper got the details from the state government website which has published all the details as the youth is a beneficiary of the NREGS.

The Haryana government made public the details of the NREGS beneficiaries in its bid to bring about transparency. In Rural Development Minister Jairam Ramesh’s words, the aim is to make available all these data for public scrutiny.

In the second instance, the paper has obtained the occupation and yearly income, ration card number, full address, age, father’s/husband’s name, category and poverty status of the farmer. These details are available online as the state government is computerising the public distribution system.

If you thought, not everybody’s data will be made public this way, you are wrong, because before long the details of all the beneficiaries of direct benefit transfer will also be published online.

Though the Information Technology Act does not permit publishing sensitive personal financial details online, there is an exception if such information is come under Right to Information Act.

At the face of it transparency is a lame excuse to publish such data. How can the government provide all the details, including the bank account details of its citizen, at a time when cyber crime has increased many-fold.

And nobody knows the gravity of the situation better than the government. Minister of State for Communications & IT Milind Deora recently told Lok Sabha that this year until June as many as 78 government websites were hacked.

Citing Indian Computer Response Team (CERT-In) data he said in 2011 as many as 308 government sites were hacked and in 2012 the figure was 371.

The number of security breach incidents in 2011 stood at 13,301 and in 2012 at 22,060. The corresponding figure for this year until June has already hit 16,035, he said. Security breach included incidents related to spam, malware infection and system break-in.

In such an environment, the governments’ transparency drive comes at the cost of personal security.

The problem with making public details such as date of birth and names of family members is that it helps the hackers crack passwords. Most of the people have such details as their passwords and pins, the BS report says.

Sunil Abraham of Centre for Internet and Society rightly says in the BS report, “If people start publishing information like these and the government doesn’t regulate it through a data protection law, criminal minds can harvest and combine all databases accurately.”