China could offer lessons in information security: analysts
Indian citizens register for Aadhaar cards in Amritsar, India in July 2018. Photo: VCG
India seems to have a big struggle in its accelerating digital transformation process: data security – an area where China’s experience in managing a vast amount of data could offer a valuable lesson, analysts said.
Last week, another security lapse in Aadhaar, India’s vast biometric-based identity project, exposed as many as 6.7 million customers, according to tech news website TechCrunch.
Citing French security researcher Baptiste Robert, TechCrunch reported that the number included 5.8 million users of Indian gas company Indane.
Having enrolled over 1.22 billion Indians till November last year, Aadhaar, the government project has seen several breaches and multiple accounts of data leaks being reported in the past year, intensifying fears about its security, according to a report by Quartz India last December.
Via the project, Indian citizens provide their detailed personal information ranging from addresses and mobile phone numbers to iris scans for the Indian government. In turn, they can get a 12-number Aadhaar card for their unique identification.
In January 2018, Indian newspaper The Tribune said that access to any Aadhaar-holder’s demographic details could be purchased for just Rs500 ($7), although the Unique Identification Authority of India (UIDAI), the government body that administers Aadhaar, disputed the report.
“[Data leakage] may happen… but from my side I’m not concerned. After Aadhaar came into being, it has actually become easy for all citizens to access many government services online by using their Aadhaar number or fingerprint,” Abdul Haleem, a doctor in India, told the Global Times on Wednesday.
“The starting point for the Aadhaar system is to enhance India’s economic and social development. However, the process should be premised on strengthened protection of personal data, otherwise the project will be a failure or even turn into a monster,” said Li Aijun, a professor at the Beijing-based China University of Political Science and Law.
“The government needs to fend off both technology and management risks,” Li told the Global Times on Wednesday.
Long Xingchun, a visiting senior fellow at the S. Rajaratnam School of International Studies, Nanyang Technological University in Singapore, said it’s quite likely that Indian civil servants would take advantage of their posts and sell citizens’ information for profit.
“Compared with India, the Chinese government has been very discreet about the data issue, especially when it comes to the opening-up and sharing of data,” said Li.
Guiyang, capital of Southwest China’s Guizhou Province, also the first pilot city nationwide to adopt big data into internet security, has led in data protection by making its own regulations, she added.