Since Indian Government launched Aadhaar, many privacy organizations in the world are concerned about the digital security of Indian citizens, and rightly so. With Indian governments push to connect every other service including banking and finances, tax services, and mobile numbers to a person’s Aadhaar ID, the program basically turns into a single point of failure.

Mozilla Open Letter

That’s why many citizens and privacy organizations are concerned about the security risks associated with such a system, and Mozilla is the latest company to join the fray. Mozilla, the organization behind the Firefox browser is arguing that Aadhaar has the potential to become a privacy disaster.

Mozilla’s Executive Chairwoman Mitchell Baker wrote an open letter to Justice Srikrishna and the Members of the Ministry of Electronics and Information Technology Committee of Experts to convey the company’s concern. In the letter, Baker wrote,

“Data protection is a critical tool for guaranteeing fundamental rights of privacy. It is particularly important today as Aadhaar is being driven deeper into all aspects of life. Digital identity can bring many benefits, but it can also become a surveillance and privacy disaster.”

The letter further says strong policies are needed for protecting an individual’s digital privacy.

“Recently, a private citizen was able to buy access to all of the demographic data in the Aadhaar database for just 500 rupees. There have been countless leaks, security incidents, and instances where private Aadhaar data has been published online.”

While the government of India is pushing Aadhaar linkage to every possible service, the lack of data protection laws will hurt Indian citizens. In the letter Mozilla appreciates the steps taken by the team lead by Justice Srikrishna to suggest stricter laws, however, it also said that the company is concerned about several missing protections.

For one, the current proposal exempts biometric info from the definition of sensitive personal information, something which must especially be protected. The committee also exempts entire government agencies from any accountability and legal restrictions on how user data may be accessed and processed. This gives agencies the power to access and even misuse confidential Aadhaar data without any proper cause.

With its open letter that the company published in the February 9 edition of The Hindustan Times, Mozilla wants to create awareness about Aadhaar data security challenges and urge the government to create stricter digital identity protection laws.