National ID systems such as Aadhaar have been called out in the past by privacy experts and human rights groups as tools of surveillance and being used for profiling citizens on the basis of religion and caste. This is ironic as Aadhaar was created as a means of eliminating such discrimination which is inherent in the Indian system. But instead of being used for the intended purposes, Aadhaar databases have become a fount of new privacy headaches, thanks to data being submitted unwittingly by citizens.

Anivar Aravind, an Indian developer and executive director at a social analytics firm, has pulled our attention towards the hoarding of the Aadhaar data of as many as 9 crore (90 million) school students. This database is hosted on an archaic looking government website which belongs to U-DISE (Unified District Information System for Education) which has a database of 21 crore students across India.

Despite the current uncertainty about the legal status of Aadhaar, governments have instructed state-level schools to update the Aadhaar of each and every student. The pressure, in turn, comes onto the students and consequently, parents, who have to succumb to the orders of the school authorities amid the fear that non-compliance might affect their children’s education.

But from the looks of it, the website appears to be an easy chicken dinner for unethical actors. The fact that its server hold information of 9 crore children makes it a ticking bomb that could lead to another privacy disaster – something which systems holding Aadhaar data have been known to cause .

This system is managed by National Institute of Educational Planning and Administration (NIEPA) which is backed by the HRD Ministry. The purpose of the database is to track the performance of children and offer them scholarships, so it also has details about family income and demographic details, which is highly valuable data any which way you look at it.