In an era where digital privacy has become a major concern worldwide, India has seen a rise in incidents where personal data, including sensitive information, is being easily accessed, misused or exposed. This issue has sparked debates about the safety of citizens private details, particularly related to vehicle registrations and driving licenses. The growing reach of mobile apps, social media platforms and Telegram bots has made it easier than ever for anyone to access a vast amount of personal data.
For Indian citizens, the reality of having their private information exposed online is no longer a distant fear. It has become a daily risk. This situation not only threatens personal privacy but also opens the door to more severe issues like identity theft, financial fraud and even social conflicts.
Navigate to This YouTube Video to Know More about This Article
The Role of Mobile Apps and Telegram Bots in Data Exposure
Mobile applications and Telegram bots are powerful tools for accessing personal data, frequently bypassing privacy safeguards. Telegram bots have been found providing alarming levels of detail about vehicle owners with just a vehicle registration number. These bots can access private information, such as an owner's name, address, engine and chassis numbers and other vehicle-related details. This easy access to private data highlights the vulnerability of citizens to potential misuse.
The Telegram bots are not the only ones tapping into this information. Numerous apps provide similar access, sharing sensitive data that can easily be used for malicious purposes, including financial fraud or targeted social and political actions.
Real-Time Proof of Vulnerability: A Telegram Bot Conversation Exposes Personal Data
A recent conversation with a Telegram bot, reveals the shocking ease with which personal data can be accessed. The bot offered to sell a massive database containing personal vehicle information such as full names, addresses and vehicle details.
In the chat, the bot confirmed that the database was 4.3TB + 1.2TB in size and updated every three months, offered for just 600 USD (approximately ₹50,000). It also offered a live database for new vehicles. The payment method? Cryptocurrency (USDT), indicating the unregulated nature of the transaction.
The bot shared the user’s full name, father’s name, address and vehicle details, exposing real time privacy risk caused by such apps. This serves as a wake-up call for stronger data protection laws to secure citizens sensitive information.
Government's Data Sharing Policies: A Double-Edged Sword
The role of the Indian government in making this data available has sparked concerns. In February 2021, the Ministry of Road Transport and Highways (MoRTH) revealed that the government had earned over Rs 100 crore by selling access to the Vahan and Sarathi databases to private entities. These databases contain critical information such as vehicle registration details and driving licenses.
According to the Ministry, over 170 private companies, including industry giants like Axis Bank, BMW India, Mercedes Benz and L&T Financial Services, were granted access to the data. These firms were charged between Rs 3 crore per year for access to the data and Rs 5 lakh for educational institutions using it for research. The government sold this information through the Bulk Data Sharing Policy, earning significant revenue until the policy was scrapped.
However, despite the discontinuation of this policy, a new policy known as "Policy for Providing Access to Information from the National Register" was introduced, allowing third parties continued access to personal data. This access, for a nominal fee of 50INR to 100INR, raises serious questions about data security and privacy. The government has even stated that it will not demand private firms to delete the data they have already received.
The Dark Side of Easy Access: Real-Life Example
A key example of the potential dangers posed by such access to personal information was highlighted during the Delhi communal riots. It was reported that criminals used these mobile apps to identify the religion of vehicle owners, which led to targeted attacks on specific communities. This incident clearly demonstrates how the misuse of personal data can escalate social tensions and create security risks.
In addition to this, these apps also provide access to sensitive financial details, such as insurance and loan information. When combined with other personal data, this can lead to serious privacy violations and expose individuals to financial fraud or even identity theft.
The Legal Petition and the Need for Stronger Privacy Laws
In September 2024, advocate Gopal Bansal filed a petition in the Delhi High Court, challenging the privacy breaches caused by these apps. The petition raised concerns about how easily sensitive information about vehicle owners is being shared with third parties without proper safety measures. The petition also underscored the risks of such data being misused, highlighting the need for urgent legal intervention.
Bansal argued that the sharing of personal data through these platforms could lead to major privacy violations, potentially putting citizens at risk of social discrimination, identity theft and even physical harm. He called for stricter enforcement of privacy laws and demanded that the government regulate or restrict the distribution of such personal information.
The Delhi High Court heard the petition, which highlighted the ease of access to vehicle owner data by private companies and selling it, along with its associated risks. The petition underlined the need for stronger regulations to ensure that such sensitive data is not misused.
What Needs to Change: Protecting Personal Data in the Digital Age
The increasing ease of access to personal data through mobile apps, Telegram bots and government policies highlights the urgent need for stronger data protection laws in India. While the government has taken steps to address these concerns, such as discontinuing the Bulk Data Sharing Policy, the introduction of new policies that allow continued access to sensitive information has left citizens vulnerable.
To safeguard Indian citizens privacy, strong data protection laws are urgently needed, with clear guidelines on the collection, storage and use of personal data. This law should include strict penalties for entities that misuse or mishandle personal information.
Additionally, there needs to be more transparency in how government data-sharing policies work. The public must be informed about how their information is being used and by whom. Only with greater accountability and stricter enforcement of privacy laws can citizens feel secure in the digital age.
