The Indian government has taken decisive action by blocking several websites that were found to be exposing sensitive personal identifiable information (PII) of citizens, including Aadhaar and PAN card details. This revelation came after an analysis by the Indian Computer Emergency Response Team (CERT-In), which identified security flaws in these sites.
The Unique Identification Authority of India (UIDAI) lodged a complaint with police authorities, citing violations of the Aadhaar Act concerning the public display of Aadhaar information. In response, CERT-In provided guidance to website owners on enhancing their ICT infrastructures and addressing vulnerabilities.
Furthermore, the IT Ministry emphasized the importance of adhering to the Information Technology Act, which prohibits the non-publication and non-disclosure of sensitive personal data. Affected parties are entitled to seek redress through the Adjudicating Officer under the IT Act.
The ministry also highlighted the ongoing development of the Digital Personal Data Protection Act, 2023, which aims to strengthen data protection measures. An awareness program is being initiated to educate stakeholders on responsible data use and to mitigate unnecessary exposure of personal information.