Hyderabad: Data of newborns on web prone to theft

Hyderabad: The data of families applying for birth certificates for newborns in the Greater Hyderabad Municipal Corporation is gravely compromised. The data of birth certificates is being put online and can be accessed by anyone.

This has created scope for online fraudsters to steal such data, including details like residential address, parents’ names, registration numbers, address, registration number and birth date and time of birth.

In a few instances in the past, the corporation staff have allegedly deleted details of certain birth certificates and issued them to other applicants for bribes of up to Rs 20,000.

The corporation began issuing online certificates in view of the hardships that citizens have been facing with respect to obtaining birth and death certificates on time owing to the delay in communication of their details to the respective GHMC offices. The corporation has failed to secure the data of the applicants as a result of which anybody having a smartphone with the MYGHMC application can access family details as well as those of the newborn.

The corporation provides applicants with a one-time password (OTP) verification system to download the birth certificates of their children. But fraudsters can still access the data by simply entering the name. The GHMC has data pertaining has 256 hospitals which are linked with its database. The open source nature of the system has further increased the scope for irregularities and the involvement of middlemen who, in nexus with corporation officials, have been accused of deleting birth details of newborns from the GHMC database and issuing the certificates with the same details to other applicants in an effort to ensure that the number on their birth certificates do not differ with those on the system.

For instance, in April last year, a couple from the city, T. Jyothi and T. Yadagiri, who approached the GHMC Circle 8 office for the inclusion of their daughter’s name in the records, discovered that the details of her birth, which took place at the Koti maternity hospital, were missing.

It was later found that some GHMC personnel had deleted the name of the child and issued the certificate to another applicant who was in dire need of the document to apply for a passport.

A senior GHMC official on condition of anonymity said that following the guidelines in India’s data protection draft Bill of 2018, the corporation had recently incorporated the OTP system in order to secure the process of downloading birth certificates.

The official also said that the corporation was unaware of the fact that birth certificates could be copied by performing a ‘screeb grab’. and assured that the data security will be enhanced at the earliest.