Nadra wants FIA official’s explanation over remarks

Published November 27, 2021
People stand in a queue outside a Nadra office in Sialkot. — APP/File
People stand in a queue outside a Nadra office in Sialkot. — APP/File

ISLAMABAD: A day after remarks of a senior Federal Investigation Agency’s (FIA) official about security of the National Database Registration Authority’s (Nadra) data set off alarm bells, Nadra on Friday rejected as misleading the claim of citizens’ data being compromised.

Making it clear that Nadra’s data was not available online and had never been hacked or compromised, a senior Nadra official said the Authority does not provide unauthorised access either to its databases or citizen ID data.

“Instead, multi-layered control mechanisms and well-defined policies and practices have been implemented for the security and protection of all data that Nadra stores by taking all preventive measures”.

He said the Nadra management has taken a strong exception to what he called an irresponsible statement issued by a senior government official and has requested the relevant authorities to seek an explanation from the officer concerned.

Says its data is not available online and has never been hacked or compromised

“These baseless insinuations carry unintended consequences, including reputational damage to the organisation servicing foreign governments and clients as the leading system integrator.”

He regretted that as the irresponsible statement came at a critical juncture when Nadra after a lapse of six years was re-establishing its footprints as one of the leading ID solutions providers in the world and establishing prowess as trailblazer in ID world, such an allegation may result in hampering its efforts to regain market place in ID world.

He said Nadra, as the national registration authority, ensures through its design, policies and practices that privacy of citizens’ ID remains utmost priority.

In this regard, Nadra has always developed its products, services and infrastructure by incorporating security by default (SbD) protocols that ensures the protection of data at utmost level.

In addition, implementing a privacy-by-design-and-security-by-default (PbD &SbD) approach, Nadra deploys four types of controls in order to ensure privacy and protection of data. Moreover, Nadra IT and information security controls are aligned with world’s best information and security practices and standard ISO 27001 (ISMS).

The IT infrastructure of Nadra goes through regular internal and external security audits and vulnerability and penetration testing.

“Nadra uses the Defence in Depth (DiD) multi-layered approach to cyber security in which a series of defensive mechanisms are layered to protect citizens’ data and information. If one mechanism fails, another steps up immediately to thwart an attack,” he explained.

Nadra Chairman Tariq Malik, when contacted, linked malicious and baseless stories against Nadra with the attempts of Pakistan’s enemies to trigger creative chaos and create a trust deficit between the State and citizens.

He was disappointed to see how non-technical bureaucrats and some public servants play naively in furthering the agenda of enemies.

“Nadra’s data has been compromised, it has been hacked,” FIA Cybercrime Wing Additional Director Tariq Pervez claimed during a briefing to the National Assembly’s Standing Committee on Information Technology and Telecommunication on Thursday.

He subsequently attempted to clarify his remarks and said that all of Nadra’s data had not been hacked. “During the SIM verification process involving biometric data, Nadra’s biometric system is compromised,” he said, without providing further explanation.

Later on FIA retracted from the rem­arks of the additional director made during the meeting of the National Assembly Standing Committee on Information Technology and Telecommunication.

An official statement issued by FIA authorities said, “It is clarified that no such statement was given about the hacking of data which had been misrepresented”.

Denying any such hacking of biometric data, Nadra in an official statement issued immediately on Thursday said Nadra multi-biometric data is secure and well protected from any hacking attempt.

Published in Dawn, November 27th, 2021

Opinion

Editorial

Smog hazard
Updated 05 Nov, 2024

Smog hazard

The catastrophe unfolding in Lahore is a product of authorities’ repeated failure to recognise environmental impact of rapid urbanisation.
Monetary policy
05 Nov, 2024

Monetary policy

IN an aggressive move, the State Bank on Monday reduced its key policy rate by a hefty 250bps to 15pc. This is the...
Cultural power
05 Nov, 2024

Cultural power

AS vital modes of communication, art and culture have the power to overcome social and international barriers....
Disregarding CCI
Updated 04 Nov, 2024

Disregarding CCI

The failure to regularly convene CCI meetings means that the process of democratic decision-making is falling apart.
Defeating TB
04 Nov, 2024

Defeating TB

CONSIDERING the fact that Pakistan has the fifth highest burden of tuberculosis in the world as per the World Health...
Ceasefire charade
Updated 04 Nov, 2024

Ceasefire charade

The US talks of peace, while simultaneously arming and funding their Israeli allies, are doomed to fail, and are little more than a charade.