Narendra Modi’s Har Ghar Tiranga program worries Indian privacy advocates

Nearly 20 days before India’s 75th Independence Day, 34-year-old Bharatiya Janata Party (BJP) volunteer Vinod Kumar was summoned for a meeting by his supervisor. The meeting was organized to discuss the action plan of the ambitious Har Ghar Tiranga (“tricolor on every house”) program, under which Prime Minister Narendra Modi had asked Citizens of India hoist the tricolor at home, click a photo with it and upload the images, with geotagging, to a private hosted website under the banner of the Ministry of Culture, as part of the holiday celebrations of independence.

Kumar, a member of the BJP’s IT cell in Mandi district in Himachal Pradesh, and whose name has been changed due to concerns over a backlash from his party, was told he and his colleagues would have to convince people in their area to participate. . So he spent the next few days developing a social media policy, organizing WhatsApp messages for local BJP groups and helping party members design digital posters. He also created a tricolor frame that could be used on Facebook profile pictures. His colleagues organized Tiranga Stepsin different neighborhoods, distributing free flags to citizens.

Eventually, the team convinced nearly 4,000 people in the assigned area. Kumar he himself uploaded the details of almost 200 people who had no internet access. He was just one member of a vast army of BJP workers pushing the agenda. Mayank Goel, BJP Vice Chairman for Western Uttar Pradesh, one of India’s largest states, said Rest of the world that, in his region alone, 50,000 party activists were on the ground for the implementation of the system.

On August 15, India’s Independence Day, nearly 60 million Indian citizens had uploaded their photos with the national flag on the website. About 50 million had geotagged the location of their homes with their photos and had also shared their phone numbers to register on the portal.

Today, digital rights activists are sounding the alarm as they believe what appeared to be an innocent voter outreach program was a scheme to collect citizens’ data, which can be misused.

The idea of ​​the Har Ghar Tiranga program was first discussed at a BJP convention in the southern city of Hyderabad on July 2, 2022. The party hoped to reach 200 million people through the campaign, had BJP leader Vasundhara Raje said at the time. . On July 6, the Ministry of Culture was appointed as the nodal body for its implementation, and over the following weeks the government aggressively advertised the program, including changing the melodies of Indian callers on mobile phones on August 15 in a post asking people to upload photos. .

“No country has ever executed such a scale of geolocation of its own citizens as we see in the Har Ghar Tiranga said Srinivas Kodali, a researcher at the Free Software Movement of India. Rest of the world. “Previously, some fragmented attempts were made to geolocate citizens with an intention of digital commerce; however, not on this scale with electoral intent.

“No country has ever executed such a scale of geolocation of its own citizens.”

The photographs, many of which have been uploaded with location information, are still publicly available on the website. Although location information is not publicly available, it is retained by the website, which could lead to theft, hacking and harassment. When siled information, such as phone numbers, photographs, and location, is processed together with other data sets, such as constituency population and voter preferences, it can leave citizens vulnerable to “geo-propaganda,” Kodali said.

“Such minute details about individuals can be used to microtarget them in ways that we cannot even anticipate its impact. For example, this data can be used to target entire neighborhoods of Muslims or people of opposition political beliefs,” he added.

In 2015, Guyanese presidential candidate David Granger, who won the election, used location-based ad targeting for his campaign, according to researchers at the University of Texas at Austin. The researchers also noted that geolocation was used in the 2020 US presidential elections to identify Catholics who frequently attend church services. These people were then targeted with personalized ads by the Donald Trump campaign.

Digital rights organization Internet Freedom Foundation (IFF) has raised concerns about Har Ghar Tiranga’s privacy policy website – in particular who owns the submitted data and what it might be used for. “Privacy Policy [of the website] seems like a collection of boilerplate clauses that have been thrown together,” said Prateek Waghre, director of policy at IFF. Rest of the world. “As far as possible, politics tries to offload its responsibilities.”

For example, the Privacy Policy states that it “will protect [the data collected] within commercially acceptable limits. However, it does not define what these means are. Similarly, the language refers to a list of advertising partners, but their names are not disclosed. The policy also suggests that services and products can be purchased, but nothing is offered for sale. “It looks like if someone harvests data from this website, they won’t care what the privacy policy says,” Waghre said.

The website also uses cookies that track users’ browsing habits, said Ayushman Kaul, principal threat intelligence analyst at Logically, a technology company specializing in analyzing and countering disinformation. Rest of the world.

“It’s a clear indicator that those behind the website are looking to harvest additional data from users,” he said. “Furthermore, embedding a Google login into the website could also allow the creators of the website to collect additional personally identifiable information from citizens of India using the website. By compiling numerous such metadata and personal indicators , one can eventually create a comprehensive demographic and psychological profile of the entire population.

While most Indian government websites are hosted on official servers on nic.in, the Har Ghar Tiranga portal is hosted through Amazon web servers. According to a press release by Asian News International (ANI), Tagbin, a private company based in India, Singapore and Dubai, is behind the website. It is not known where the data collected by the website is stored. The website also shares its IP address with over 15 other websites, some with country code extensions from other parts of the world, leaving the private data of Indian citizens vulnerable to hacking. Tagbin did not respond to an email from Rest of the world.

The Har Ghar Tiranga The website states that it does not knowingly collect any personally identifiable information from children under the age of 18. However, many photos uploaded to the portal, all publicly available, show young children.

Asked about the potential misuse of these images, BJP’s Goel said Rest of the world that people upload their photos to Facebook or Instagram all the time without worrying about privacy. “When they upload it to Har Ghar Tiranga website, where does this talk about privacy come from? There is nothing private about it. All these photographs are uploaded with consent. Mode i called and the whole nation followed him,” Goel said.

National BJP spokespersons did not respond to requests for comment.

“Given the lack of a clear legal framework to protect personal data, this massive state-backed geolocation exercise should sound alarm bells.”

India currently lacks data protection laws that could protect its citizens from digital risks. In reality, August 3just a few days after the Har Ghar Tiranga program was launched, the Indian government unexpectedly withdrew a data protection bill, which had been slurring in parliament for nearly three years. “Given the absence of a clear and comprehensive legal framework to protect personal data in India, the implementation of this massive state-backed geo-tracking exercise should raise alarm bells over privacy and rights. digital citizens,” added Kaul from Logically. The Ministry of Culture did not respond to an email from Rest of the world.

Mamta, a 54-year-old teacher from Farrukhabad district, Uttar Pradesh, is among millions of Indians who have geotagged on the website, along with her husband and three other family members. As a token of appreciation, she, like everyone else who signed up and shared their location on the website, received a “Har Ghar Tiranga Certificate” from the Ministry of Culture.

This certificate was a great motivation for Mamta – almost as if it were proof of his nationalism. “I feel proud, as if I had won a war. This act goes towards the progress of our country, even if it is a small act,” she said. Rest of the world. “After all, Modi ji had asked to post and participate in this movement.”

Asked about potential privacy issues, she said: “I haven’t thought about it much.”

Like Mamta, millions of Indians shrugged off privacy concerns under the guise of nationalism – or under the influence of the massive publicity exercise where movie stars and cricketers encouraged participation in the program – and willingly uploaded their personal credentials to the Har Ghar Tiranga website.

The website claims that “once this campaign ends, all images and information collected will be deleted.” But, nearly a month after Independence Day, the photographs were still publicly available on the website at the time of publication.