wordpress blog stats
Connect with us

Hi, what are you looking for?

People’s biometric data with a private firm in Chennai poses the risk of identity theft

Biometric data of thousands of people is in possession of a private firm with no legal framework in place but the Chennai civic body denies it.

Update on January 7/1/23 :  Lok Sabha member Karti P Chidambaram has written a letter to the Chief Minister of Tamil Nadu M.K Stalin raising concerns over the absence of a legal contract or a tender under which Impact Technologies and the Greater Chennai Corporation have collaborated to collect people’s biometric data. The letter also questions whether data security safeguards have been put in place by the private company to deal with people’s sensitive personal data and to prevent data breaches and identity theft.

The lawmaker highlighted that in the absence of a data protection law, citizens’ data can be potentially misused and this can lead to a violation of their fundamental right to privacy.

Original story published on 2/1/23: Tender rules flouted, citizens’ biometric data in possession of a private firm with no legal framework in place, little to no risk assessment done, and the civic body’s denial of such a data collection exercise in Chennai—these highlights from a report by The News Minute  raise concerns about the government’s approach towards people’s data security.

What’s the news?

A private firm in Chennai had been collecting sensitive biometric data of thousands of people to authenticate beneficiaries of a welfare scheme for the Greater Chennai Corporation, but the civic body had no knowledge of such data collection since 2015, The News Minute reported.

The firm Impact Technologies is in possession of personal data such as fingerprints and iris scans of people from socio-economically backward communities, many of whom are also potential beneficiaries of the Resettlement and Rehabilitation scheme of the Tamil Nadu Urban Habitat Development Board (TNUHDB). The News Minute has found that the company was first hired in 2011 for data enumeration under the city’s urban development project and has since then been engaged for the same under several other schemes without any formal contract in place.

Advertisement. Scroll to continue reading.

The last formal agreement signed with the contractor was in 2015. The report states that the parties involved had not followed the tender process, a usual procedure for governments to engage with private contractors. This, reportedly, violates the Tamil Nadu Transparency in Tenders Act 1998 and The Tamil Nadu Transparency in Tenders Rules 2000.

FREE READ of the day by MediaNama: Click here to sign-up for our free-read of the day newsletter delivered daily before 9 AM in your inbox.

Why is this worrisome?

The data collection activity carried out by the private entity raises concerns of data breach and theft amidst no legal framework laying out the terms and conditions for collaborating with the government. MediaNama spoke to Srikanth L, a data privacy activist from the Cashless Consumer collective, who states that this primarily opens up avenues for misuse of biometric data, particularly identity theft, which is not merely restricted to stealing money from accounts as we have seen in the past.

“Using this raw biometric data, somebody can open a bank account, which can be further used to launder money and engage in other financial crime,” he explains. Additionally, with the Election Commission planning to launch a programme for remote voting, Srikanth says such cases of identity theft can, in future, also result in affected people losing the ability to vote.

In the absence of a formal contract, it is unclear who is to be held accountable in cases wherein the data can be misused. Speaking to The News Minute, Anushka Jain, policy counsel at Internet Freedom Foundation, said, “The entire exercise (of biometric data collection) is happening outside legal constraints that the government could put on the private actor. The private actor has no liability against the government because there is no contract.”

Advertisement. Scroll to continue reading.

Biometric data is not absolutely safe

While biometric authentication is increasingly being used for purposes other than those including government schemes, the security of such data, including Aadhaar, has been in question for years now. Instances of data leaks and financial frauds including Aadhaar Enabled Payment Systems have exposed the vulnerability of biometric data. However, the government has been denying such data breaches.

At a time when India does not have a data protection law, the conditions for data collection and processing by private and government firms remain unclear, thereby exposing people’s personal data to privacy issues and threats of surveillance without a set remedial recourse.

(This story was updated on 7/1/2023 at 11.40 to include the latest development.)

This post is released under a CC-BY-SA 4.0 license. Please feel free to republish on your site, with attribution and a link. Adaptation and rewriting, though allowed, should be true to the original.

Also Read:

Advertisement. Scroll to continue reading.
Written By

Curious about privacy, surveillance developments and the intersection of technology with education, caste and welfare rights.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Factors like Indus not charging developers any commission for in-app payments and antitrust orders issued by India's competition regulator against Google could contribute to...


Is open-sourcing of AI, and the use cases that come with it, a good starting point to discuss the responsibility and liability of AI?...


RBI Deputy Governor Rabi Shankar called for self-regulation in the fintech sector, but here's why we disagree with his stance.


Both the IT Minister and the IT Minister of State have chosen to avoid the actual concerns raised, and have instead defended against lesser...


The Central Board of Film Certification found power outside the Cinematograph Act and came to be known as the Censor Board. Are OTT self-regulating...

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ