Indian citizens’ data on Har Ghar Tiranga website raises privacy concerns

Published: Updated on – 15:18, Fri – 16 September 22

A now-viral report by Srishti Jaswal published by international non-profit journalism organization, Rest of World, quotes digital rights activists claiming that the Bharatiya Janata Party’s voter outreach program

Hyderabad: That Independence Day, when millions of Indians took to their rooftops to fly the tricolor as part of the central government Har Ghar Tiranga Programe, were they also waving their private data from the rooftop for the data sharks to gobble up?

A now-viral report by Srishti Jaswal published by international non-profit journalism organization, Rest of World, cites digital rights activists claiming that the Bharatiya Janata Party’s voter outreach program, first discussed at the BJP meeting in Hyderabad in July, was in fact a disguised ploy to collect citizens’ data, which could now be misused by private companies seeking to commercialize personal data.

The report said that after the program, which sparked a nationalist frenzy thanks to the aggressive social media campaigns of the BJP’s IT wings, on August 15 nearly 60 million Indian citizens had uploaded their photos with the national flag on the website, https://harghartiranga.comwith around 50 million of them geotagging the locations of their homes with their photos, in addition to sharing their phone numbers to register on the portal.

The report states that when the idea of ​​the program was first discussed at the BJP meeting in Hyderabad, BJP leader Vasundhara Raje said the party hoped to reach 200 million people through the campaign. On July 6, the Ministry of Culture was appointed as the nodal body for its implementation, and over the following weeks the government aggressively advertised the program, including changing the tunes of Indian callers on cellphones on August 15 in a post asking people to upload photos. , the report says, citing Srinivas Kodali, a researcher from the Free Software Movement of India, that no country had ever performed such a scale of geolocation of its own citizens.

“Previously, some fragmented attempts were made to geolocate citizens with an intention of digital commerce; however, not on this scale with electoral intent,” he said, adding that the photographs, many of which were uploaded with location information, were still publicly available on the website.

“While location information is not publicly available, it is retained by the website, which could lead to thefts, hacks and harassment. Where siled information, such as phone numbers, photographs and location, are processed with other data sets, such as constituency population and voter preferences, this can make citizens vulnerable to ‘geo-propaganda’,” Kodali said.

Jaswal’s report also points to a digital rights organization Internet Freedom Foundation (IFF) raised concerns about the privacy policy of the Har Ghar Tiranga website, particularly about who owns the submitted data and what it might be used for. The policy states that the data collected would be protected “within commercially acceptable limits”, which however is not defined. Besides listing unnamed advertising partners, the policy also suggests that Har Ghar Tiranga’s services and products can be purchased, although nothing is offered for sale.

The website also uses cookies that track users’ browsing habits.

“It’s a clear indicator that those behind the website are looking to collect additional data from users,” he says, adding that integrating a Google login with the website could also potentially allow creators of the website to collect additional personally identifiable information from citizens of India. using the website. By compiling many such metadata and personal indicators, one can eventually create a comprehensive demographic and psychological profile of the entire population.

Interestingly, the report notes, while most Indian government websites are hosted on official servers on, the Har Ghar Tiranga portal is hosted through Amazon web servers. He cites a International Asian News (ANI) press release that Tagbin, a private company based in India, Singapore and Dubai, is behind the website.

It is not known where the data collected by the website is stored. The website also shares its IP address with more than 15 other websites, some with country code extensions from other parts of the world, leaving the private data of Indian citizens vulnerable to hacking, he says.

The report also states that although the website states that it does not knowingly collect any personally identifiable information from children under the age of 18, many photos uploaded to the portal, all publicly available, show young children.

Jaswal concludes the report by saying that despite the website claiming that once the campaign is over all images and information collected will be deleted, the photographs were still publicly available on the website, a month after Independence Day .

Comments are closed.