LATEST CENTRAL GOVERNMENT WORKERS (EMPLOYEES) NEWS

CG WORKERS NEWS

Search This Blog

Lok Sabha Q&A - Breach Of Aadhaar Data

with 0 Comment
Breach of Aadhaar Data – Lok Sabha Q&A

GOVERNMENT OF INDIA 
MINISTRY OF ELECTRONICS AND INFORMATION TECHNOLOGY 
LOK SABHA

STARRED QUESTION NO: 64

ANSWERED ON:07.02.2018

Breach of Aadhaar Data

NINONG ERING

Will the Minister of ELECTRONICS AND INFORMATION TECHNOLOGY be pleased to state:

(a)the number and the details of incidents/cases where Aadhaar data was leaked/breached;

(b)whether any investigation has been conducted against the agencies which were responsible for the breach/leakage of Aadhaar data;

(c)if so; the details thereof along with the action taken against them;

(d)the extent to which the database of Aadhaar is secured along with the steps taken by the Government to ensure the privacy/security of Aadhaar data; and

(e)the mechanism put in place for usage of Aadhaar Data by the Government agencies and the accountability of officials in case of negligence on their part in handling of such data?

Will the Minister of ELECTRONICS AND INFORMATION TECHNOLOGY be pleased to state:-

ANSWER

(a) to (e): A statement is laid on the Table of the House.

STATEMENT REFERRED TO IN REPLY TO LOK SABHA STARRED QUESTION NO.*64 FOR 07.02.2018 REGARDING BREACH OF AADHAAR DATA

(a): As on date, no incident of data breach has been reported from Central Identities Data Repository (CIDR) of Unique Identification Authority of India (UIDAI).

(b) and (c): Does not arise in view of (a) above.

(d): UIDAI has a well-designed, multi-layered robust security system in place and the same is being constantly upgraded to maintain the highest level of data security and integrity. UIDAI has adequate legal, organizational and technological measures in place for the security of the data stored with UIDAI. Data Protection measures have also been mandated for the requesting entities and ecosystem partners to ensure the security of data. Government is fully alive to the need to maintain highest level of data security, privacy and is deploying the necessary technology and infrastructure. The architecture of Aadhaar ecosystem has been designed to ensure non-duplication, data integrity and other related management aspects of security & privacy in Aadhaar database. Additionally, various policies and procedures have been defined clearly which are reviewed and updated periodically, thereby, appropriately controlling and monitoring security of data. Some of the security measures adopted by UIDAI are as under:

Information security policy has been established based on the ISO 27001:2013 standard. The policy covers all areas of Information Security such as Organization of Information Security, Asset management, Access control, Technical vulnerability management, Change management, Patch management, Encryption, Service continuity, Operations security, Communications security, Supplier security, Human resources security etc.

Chief Information Security officer has been appointed to drive Information security measures in UIDAI along with a dedicated security team to implement the various security processes and technology to ensure security of CIDR.

UIDAI-CIDR is ISO 27001:2013 certified since 2015 and since then undergoes through yearly surveillance audits from STQC.

GRCP-SP (Governance, Risk, Compliance, Performance service provider) has been appointed to perform periodic monitoring of the security of internal and external ecosystem.

The security audit of UIDAI is conducted by three separate entity viz. Internal, External (GRCP) and STQC on a periodic basis.

Periodic assessments are conducted for the ecosystem partners to ensure compliance on the Information Security policy.

There are multiple layers of security at physical level in UIDAI Data Centres and is being managed by armed CISF personnel round the clock. Strengthening of security of data is an ongoing process and all possible steps are being taken in this regard. Further, Chapter VI (Protection of Information) of the Aadhaar (Targeted Delivery of Financial and other Subsidies, Benefits and Services) Act, 2016 (“The Aadhaar Act”) and the Aadhaar (Data Security) Regulations, 2016 framed there under, have been specifically drafted keeping in account the various security requirements in respect of data collected by UIDAI.

(e): The Aadhaar Act, 2016 and subsequent regulations framed thereunder, have adequate safeguards. Sharing of information or seeding of Aadhaar information with the authorised agencies is governed as per the provisions of the Aadhaar Act 2016. Section 29 (1) of the Aadhaar Act 2016 read together with Regulation 3(1)of the Aadhaar (Sharing of information) Regulations, 2016 categorically states that no core biometric information, collected or created under the Aadhaar Act, shall be shared with anyone for any reason whatsoever; or used for any purpose other than generation of Aadhaar numbers and authentication under the Act. Also, Regulation 4(1) of the Aadhaar (Sharing of information) Regulations, 2016 provides that core biometric information collected or captured by a requesting entity from Aadhaar number holder at the time of authentication shall not be shared for any reason whatsoever.

Regulation 4(2) of the Aadhaar (Sharing of information) Regulations, 2016 provides that identity information available with a requesting entity shall not be used for any purpose other than that specified to the Aadhaar number holder at the time of submitting identity information for authentication and shall not be disclosed further without the prior consent of the Aadhaar number holder. Further, Regulation (5) of the Aadhaar (Sharing of information) Regulations, 2016 ensures the responsibility of any agency or entity other than requesting entity with respect to Aadhaar number and subsequent Regulation (7) states that any contravention of the above mentioned regulations shall constitute a violation of sub-section (2) of Section 29 of the Act.

Section 30 of the Aadhaar Act, 2016 applies the rigours of the IT Act, 2000 and the rules there under whereby ‘Biometric information’ is deemed to be ‘sensitive personal information’. Additionally, Chapter VII of the Act lays down monetary penalties and imprisonment for unauthorized sharing of residents’ identity information. Any violation to the provisions of the Aadhaar Act, 2016 is a criminal offence.

Source: Lok Sabha

Ministry Of Railway - Training To 30000 Apprentices

with 0 Comment
Targets training of 30 thousand Apprentices in its 16 Zonal Units and 7 Production Units

As part of Skill India initiative, Ministry of Railways has been contributing in a big way to provide training to Apprentices in various disciplines training in categories like Fitter, Turner, Machinist, Welder, Painter, Carpenter, Electrician, Refrigerator and AC Mechanic, Mechanic (Motor Vehicle/Diesel) etc., since long. Ministry of Railways has kept a target of training of 30 thousand Apprentices in its 16 Zonal Units and 7 Production Units.

For the year 2017-18, about 26,000 training slots for Apprenticeship training have been notified. This is in addition to over 4000 persons already undergoing training in various establishments. An Employment Notification has been issued earlier in the week for recruitment of 62,907 staff in Level 1 pay scale and out of these, apprentices trained in Railway establishments will be given preference to the tune of over 12,000 vacancies which is in line with the recent amendments made in the Apprentices Act, 1961

With a large set up of Workshops and Production Units, Indian Railways has been in the forefront of implementation of the Apprentices Act, 1961. Railway Workshops have been imparting Apprentices. A large number of Apprentices were turned out from these Workshops and Production Units every year who were certified and granted the NCVT (National Council for Vocational Training) Certificate, making them employable for jobs in industry as well as for posts in Railways. In this way, the Indian Railways is contributing to Skill India.

Railway recognizes that skill development of the labour force is an important component of development of Human Resources. It is crucial for the industrial development of the country. Skill training imparted through formal institutions alone is not sufficient to make the labour force fully skilled. This needs to be supplemented by training in the actual work place.

Apprentices’ Training consists of Basic Training and On-the-Job Training/Practical Training at workplace. Basic training is an essential component of apprenticeship training for those who have not undergone any institutional training/skill before taking up on-the-job training/practical training. It counts for 20-30% of overall duration of Apprenticeship Training. The component of on-the-job training is performed and undertaken in the establishment itself

Source: PIB

Recent Links

Featured post

GDS Pay and Arrears Calculator (Updated June 2018)

GDS Pay and Arrears Calculator (Updated June 2018) Gramin Dak Sevaks Matrix Wage Arrears Calculator as per Cabinet Decision taken on 6....

TRENDING

Blog Archive

Total Pageviews