TN Health Dept. Leaks Personal Details of 1.5 Crore People
Irresponsible act of TN Public Health department leaks personal details of 1.5 crore citizens.
It is absolutely shocking that TamilNadu's Public Health Department has uploaded personally identifiable details (name, address, phone number) of 1.5 crore TN people, who are yet to take 2nd dose of COVID vaccine, to their website and made them publicly accessible.
Free Software Foundation TamilNadu strongly condemns this act. Even though the link to the web spreadsheet has been removed from the website now, the possibility of some malicious visitor copying the dataset cannot be ruled out.
Today, we know that there are underground market available for buying and selling of personal data. When govt's are already struggling to eradicate them, such a mistake by the govt. department cannot be tolerated.
Personal data has become very valuable today and there are many malicious cyber attackers and even political parties are aiming to collect such data. This endangers the privacy of the citizens and has proven to even disrupt the election results.
To cite an example, the IT Cell of BJP Puducherry had sent an SMS to every voters of multiple constituencies to join a group created for their constituency in WhatsApp. A PIL was filed against them in Chennai High Court questioning how did the party got access to such personally identifiable information. Chennai High Court highlighted serious privacy violation in this case.
A project titled, "State Family DataBase" is being actively developed by TN Govt. where the personal details of each and every family residing in TN is being collected and stored. Safety and security of our personal data are questionable due to Incidents like this. Without proper training and safeguard mechanisms to prevent misuse on sensitive data of citizens, govt. should not undertake such projects.
Therefore, we urge TamilNadu's Health Minister, Information Technology Minister & the Chief Minister of the state to immediately take actions on this matter and provide trainings to officials in each and every department to handle sensitive personal information with utmost care.