CIA Can Access Aadhaar Database, Says WikiLeaks; Indian Govt Denies Claim

WikiLeaks on Friday published documents claiming that Central Intelligence Agency (CIA) of the United States is using technology tools to secretly access Aadhaar data. According to the claim, which was denied by Indian officials, CIA is using tools made by US-based Cross Match Technologies to collect data. Cross Match specialises in biometric software.

Wikileaks published documents about CIA’s project ExpressLane for cyber spying. “The OTS (Office of Technical Services), a branch within the CIA, has a biometric collection system that is provided to liaison services around the world — with the expectation for sharing of the biometric takes collected on the systems,” it said. “But this ‘voluntary sharing’ obviously does not work or is considered insufficient by the CIA, because ExpressLane is a covert information collection tool that is used by the CIA to secretly exfiltrate data collections from such systems provided to liaison services.”

The OTS system consists of core components that are based on products from Cross Match, the company that was certified for supplying biometric solutions to the Unique Identification Authority of India (UIDAI) for the Aadhaar project.

WIkiLeaks posted a series of tweets on the matter on Friday:

Is your government using the “Cross Match” biometric system? For years CIA has used it to suck out all the records https://t.co/8FefOS2Ljl pic.twitter.com/9tgon09TTu

— WikiLeaks (@wikileaks) August 24, 2017

Cross Match received certification for India’s massive UID national identity card biometric system https://t.co/YzyajUOWBi

— WikiLeaks (@wikileaks) August 24, 2017

Have CIA spies already stolen #India‘s national ID card database? #aadhaar #biometric https://t.co/zqJmkaoiw8 #modi

— WikiLeaks (@wikileaks) August 25, 2017

The WikiLeaks tweet links to an article by the geopolitical magazine GGI News that details how the CIA can access Aadhaar database, and that CIA agents can access it in real time.

Indian officials, however, dismissed the claims, saying the report was not a “leak” by WikiLeaks but a report by a website, according to the Times of India. “The reports do not have any basis in fact. Aadhaar data is safely encrypted and is not accessible to any other agency,” the publication reported, citing official sources.

Cross Match was also in the news in 2011 when reports emerged that the US military used a Cross Match product to identify Osama bin Laden during the operation to assassinate him in Pakistan.

The Indian government’s Aadhaar programme, which involves issuing a 12-digit unique identity number to each Indian resident based on their biometric and demographic data, has been mired in several controversies since it was launched in 2009. It is said to be the world’s largest biometric ID system, with over 1.171 billion enrolled members as of August 15, 2017. One of the major objections raised against it, that it involves breach of privacy of individuals, was upheld by the Indian Supreme Court on August 24. The Supreme Court, while hearing a petition that said Aadhaar violates the right to privacy of an individual, held that individual privacy is a fundamental right. However, the court did not pass any interim order against the Central government’s notification that makes Aadhaar mandatory for everyone.