US biometrics company that got UIDAI certification has been helping CIA snoop
WikiLeaks on Thursday revealed documents that exposes the CIA's cyber operations to collect information covertly. Incidentally, the tools that CIA uses for its snooping operations comes from the same company that supplies biometric devices for Aadhaar in India. Cross Match Technologies, Inc, provider of biometric identity solutions received certification from the UIDAI in 2011.
According to WikiLeaks, the CIA conducts covert operations under the project name 'ExpressLane' to snoop on other services like National Security Agency, the Department of Homeland Security and the Federal Bureau of Investigation. "The OTS (Office of Technical Services), a branch within the CIA, has a biometric collection system that is provided to liaison services around the world -- with the expectation for sharing of the biometric takes collected on the systems," says a release from WikiLeaks.
The expose adds that CIA has been using ExpressLane to collect information secretly under the garb of upgrading the biometric software. The core components of the OTS system are based on products from Cross Match. The same company provides equipment to the UIDAI. Incidentally, the company shot to fame in 2011 when reports suggested that US military used a Cross Match product to identify Osama bin Laden.
UIDAI servers have biometrics information of 1.1 million Indians
With privacy and data security fears looming large in the context of Aadhaar in India, the revelation may add to the worries. While many are still opposed to the idea of voluntarily consenting to share their biometrics, Unique Identification Authority of India server already has information of 1.1 million Indians and counting. The information is, according to cyber experts, enough to build the profile of a person.
Data mining algorithms can be used to analyse a list of attributes including Aadhaar numbers to identify and group the records of a citizen. The information can be used to track crime history or establish the relationships the person shares with others. While the government argues that the information is "minimum information, maximum use", the data can be used for any purpose once compromised. Perhaps, more reason to ensure data protection regime to protect the privacy of every individual.