'Your phone number, your birth of date, your parent's name, your address, your photographs, I have everything with me.'
Do you think your Aadhaar data is safe and secure with the government?
Then meet Rachna Khaira, a reporter at The Tribune newspaper who has been named in an FIR by the Delhi police in connection with a report on the breach of details of over one billion Aadhaar cards.
Khaira, below, exposed the loopholes in Aadhaar's digital security thanks to which she says they are available for as low as Rs 500.
Rediff.com's Syed Firdaus Ashraf spoke to Khaira about her expose and the case registered against her.
How did you get this story?
I got one source who was stating that he has got access to all Aadhaar data.
He was afraid if he had something illegal on his hand.
He informed the UIADI (Unique Identification Authority of India) of this, but their operators did not take him seriously and forwarded his complaint.
He then came to me and wanted to highlight this issue.
The story was very technical and therefore I think nobody took him seriously.
What did you expect to happen when you filed your report?
I thought the government will rectify the Aadhaar system.
I thought they will go into details and find out to what level the security of Aadhaar had been compromised.
Not in my wildest dream did I think that they will file an FIR (first information report) against me.
The UIDAI was given (our) personal data with some sort of security. (But) They have failed.
Their doors and windows were open. Now they are saying since I entered their room, it was my fault.
They should have seen who let the door open. It is their fault.
If a room with treasure in it was left open, and if I enter the room and do not steal but start making a noise about public wealth being left in the open, then it is not my fault.
I am not stealing.
The person who left the door open is at fault.
Now they say that I have not stolen anything, but are asking me why did I enter the room?
They are not investigating who unlocked the doors of the vault.
What will you do now?
After the reports came out, the UIADI must have realised that their data is exposed.
They launched an FIR against me and my (news)paper The Tribune and some of the people who were mentioned in my report.
I am yet to receive a report of the FIR.
I know they have taken the action against me under the Aadhaar Act and I-T Act. My newspaper is taking care of the legal aspects.
Some people allege you did something illegal to get this story.
It is not people, but UIDAI officials who are saying this.
There seems to be some confusion on their part.
UIDAI staffers are non-technical people and they are unable to understand the technical aspect of my story.
What I mean to say in my report is that my source was able to purchase Aadhaar data by paying only Rs 500.
UIDAI is now saying there was a breach and since I accessed the data, therefore, they have launched a complaint against me.
They said I have got the data illegally.
Didn't you use a false name to get access to the UIDAI data?
You tell me how you do an undercover story.
I was accessing data from unknown people and I don't know whether these people were from India or from some other country.
These sellers were anonymous.
If I had told them that, 'I am Rachna, a journalist working for The Tribune', do you think those people would have given me access to the UIDAI data?
What bullshit is the UIDAI talking about?
Do journalists who do sting operations share their real names and phone numbers?
UIDAI guys were caught napping and therefore they are making these accusations against me.
They are saying you misused your position as a reporter.
No, they did not say that.
They said there are designated officers who have been given passwords and login (ids).
Like in Punjab, two people have been given passwords and now the UIDAI is saying that these officials misused the data and not me.
If someone wants to make a new Aadhaar card or upgrade their Aadhaar card, then people go to the grievances cell to get these changes done.
This was misused by officials, not me. I am not being charged with misuse (of Aadhaar details).
Please explain the importance of your story to our readers.
I will tell readers that your phone number, your birth of date, your parent's name, your address, your photographs, I have everything with me.
Whenever I want to access all your details, I can do it anytime because your Aadhaar card is available everywhere.
I have got all your demographic details with me.
I can also tell you that wherever you have upgraded your Aadhaar card, I know this.
And that is not good.
What about our bank accounts? Are they safe?
We have not done our investigation to that level.