In the wake of concerns raised by opposition parties, the Andhra Pradesh government gave a clarification that the data being collected by the Grama Sachivalayams and Ward Sachivalayams (GSWS) Volunteers from the citizens is safe, secured and stored at the State Data Centre (SDC), with state of the art technology. The government assured that there is no possibility for leak, loss or breach of the data.
In a fact check released by the office of Chief Minister Y.S. Jagan Mohan Reddy on July 31, maintained that “All the data protection laws are being followed in the development of software’s architecture. e-Gov team has gone through the architecture of data collection and vindicated its robustness.”
Data security aspects
In order to protect the integrity of data, the GSWS department has appointed Tata Consultancy Services (TCS) for the implementation of software applications. TCS develops and maintains various software components of the GSWS department, the Fact Check explained.
During the data collection, the demographic data of citizen is fetched from Aadhar server. After biometric authentication of citizen, all the data is encrypted and stored at the Government SDC. The data is sent to the SDC through Application Programming Interface (APIs) from the apps and is stored there with multiple layers of security protocols and encryption. All the apps are developed with high-level security features and the data is protected at all times.
Security protocols adopted
The Government further added that the SDC is located in a secure building with controlled access to the premises. Logical security measures are adopted to keep the systems from cyber-attacks. Two factor authentication, encryption, redundancy, and failover plans keep the data safe and secure. SDC uses advanced stateful packet and application-layer inspection firewall, virtual private network (VPN), and Web cache solution that enables internet clients to retrieve the static content from the cache by improving network security.
All the apps which collect data are compliant with the data protection laws stated by the Government of India. The data which is collected is shared with different departments in the state only after an agreement is signed with special terms and conditions in regard to data safety between GSWS and the respective department. And the data is shared through highly secure APIs only and not through any offline mode, the government explained.
The state government said that no data is being stored in the phone, so there is no loss of the collected data even if the mobile phones are lost and the data is safe in the SDC. The mobile apps have many security features like session timeout which restricts them from using unauthorized apps, so there is no misuse of data by the GSWS staff.
Biometrics for Aadhar authentication
Biometrics of the citizen are used in the Aadhar authentication process (eKYC) which is a standard procedure prescribed by UIDAI for identification of beneficiaries. These biometrics are one of the transparency mechanisms adopted by the government to prevent any duplication of the benefits and thus prevent loss of money to the exchequer, the government explained.
Data collection at GSWS
The basic information about the citizens is collected through various applications developed by the GSWS department. GSWS staff also take the eKYC of the citizen through biometric mode after getting consent from the citizen. The eKYC and data are collected from the field to check the eligibility of the citizens for the schemes.
Infographics
Parameter : Reason
Household members : To identify eligible beneficiaries for various schemes
Caste : To check eligibility of citizens in various caste-based schemes
Aadhar number : One Aadhar one benefit
Religion : For schemes e.g.: YSR Shaadi Thofa
Address : For communication & delivery of services
Mobile number : For communication & delivery of services (WhatsApp & SMS notifications)
Occupation : For schemes e.g.: Nethanna Nestham, Matsyakara Bharosa
Date of birth : Identifier of the citizens & validation for schemes, service delivery
Gender : To check eligibility of citizens in various schemes.
Relationships : For service delivery e.g.: Birth/Death, Integrated certificates
Marital Status : For service delivery, schemes validation e.g.: Marriage certificate, Kalyanamastu scheme
Source: Govt of Andhra Pradesh’s Fact Check
