Shooting The Messenger: Reporter Who Exposed Massive Indian Data Breach Targeted By Law Enforcement

from the wrong-target dept

Wed, Jan 17th 2018 3:23am — Mike Masnick

For many years now, we've been among those raising concerns about India's giant identity database known as Aadhaar. A few weeks ago, we wrote that there appeared to be a fairly massive breach of data from that database, and that the information was now available on the dark web for cheap.

This is obviously quite concerning and you'd hope that various Indian government agencies would launch an appropriate investigation. And... it appears at least one investigation has been launched. But, not into the leak. Instead, it's allegedly into the reporter who exposed the leak:

A branch of the Indian government filed a police complaint last week launching an investigation into journalist Rachna Kaira and the Tribune of India, after the publication released a report describing what looks to be a massive vulnerability in a government database that is being exploited by an unknown group to sell highly sensitive and private data about Indian citizens.

The details on the "police complaint" remain sparse, so perhaps it's not a huge deal -- but any attempt to investigate and/or intimidate (and those can be one and the same in some cases) a reporter for merely exposing a fairly big possible data breach that could effect over a billion people at least suggests an interest in covering up the breach, rather than in understanding the breach and preventing further damage.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: aadhaar, data breach, free press, india, journalism, rachna kaira, shooting the messenger

9 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Ninja (profile), 17 Jan 2018 @ 1:41am

It's hard to acknowledge you screwed up. Easiest way out is to yell "LOOK OVER THERE" in hopes everybody ignore they are behind Papier-mâché security that's putting over a billion people at risk of fraud. Future damages be damned.
[ link to this | view in chronology ]
Rayashi (profile), 17 Jan 2018 @ 3:48am

As per a statement from UIDAI, they FIR is against persons 'unknown'. The reporter was added as a person of interest to assist with the investigation.

Link:
https://www.ndtv.com/india-news/aadhaar-police-complaint-against-unknown-people-s ays-law-minister-1797326
[ link to this | view in chronology ]
- Anonymous Coward, 17 Jan 2018 @ 7:47am
  
  Re:
  Thank you for pointing to that article.
  
  I note, though, that the "Editor's Guild of India" claims that the reporter was booked by police, which is rather stronger than "asking for assistance" would imply.
  
  If you tell someone you're going to throw them in jail unless they cooperate with you, that's still the "chilling effect" everyone is warning about.
  [ link to this | view in chronology ]
  - Drew_Wilson (profile), 18 Jan 2018 @ 12:19am
    
    Re: Re:
    Was going to point that out myself, but you beat me to the punch. Nice. :)
    [ link to this | view in chronology ]
This comment has been flagged by the community. Click here to show it

indian black person, 17 Jan 2018 @ 3:49am

black indian liar
yes it was breached. Are we under the impression it was ever secure at all. I mean, you know the minute it touches the web all your passwords are in clear text. Oh i say, you didnt know that, well, sorry kiddies , its all clear text from point to point. It might be https during transit, but not at the points, no not at all my little prettys.
[ link to this | view in chronology ]
- Anonymous Coward, 17 Jan 2018 @ 4:37am
  
  Re: black indian liar
  Pretty racist and rude without any actual input. Have a report.
  [ link to this | view in chronology ]
- Anonymous Coward, 17 Jan 2018 @ 10:42am
  
  Re: black indian liar
  Wow you managed not only to be racist but wrong about your racism. Congratulations you’re dumb enough to be a GOP politician.
  [ link to this | view in chronology ]
- Cowardly Lion, 17 Jan 2018 @ 4:09pm
  
  Re: black indian liar
  "black indian liar"
  
  Your garbled title: What the fuck was that all about? Racist even?
  [ link to this | view in chronology ]
Bergman (profile), 18 Jan 2018 @ 6:55pm

Re: that is being exploited by an unknown group
Those are the key words here -- the reporter didn't report that there was a mere vulnerability, the reporter wrote an article about how there was already a breach by a criminal organization that was selling private or even classified data.

That's quite a difference, even if you think people who discover vulnerabilities should keep quiet about them to protect people.

I have to wonder though -- is the reason the government is prosecuting the reporter instead of the 'unknown group' that is actually stealing and selling data, because the group in question is a government agency?
[ link to this | view in chronology ]