ISLAMABAD: The National Database and Registration Authority (Nadra) has initiated criminal proceedings against its employees behind the saga involving unauthorised access to data of the family of Chief of Army Staff (COAS) Gen Asim Munir.

An informed source told Dawn that the elements on whose behest the breach took place were also being acted against. As many as six Nadra employees had been terminated from service for illegally accessing COAS’ family’s record, following four separate inquiries ordered by Nadra Chairman Tariq Malik on Dec 23, 2022, and March 2, 2023, the source disclosed.

A joint probe conducted by Nadra and a sensitive security agency in December last year discovered that Farooq Ahmed, a junior executive employee working on a project of the Benazir Income Support Programme, was the first person to have unlawfully accessed the data in question.

The high-powered inquiry committee on the direction of the incumbent chairman expanded the scope of the investigation by technically analysing logins, user IDs, system logs and IP addresses that were intact, reflecting the strength of the authority’s database.

This led to the identification of a total of 10 employees who illegally accessed record of the army chief’s family. After a fact-finding inquiry, the suspects were cross-examined and a detailed probe was launched.

Elements on whose behest the breach took place are also being acted against, after sacking of six employees

Hence, a charge sheet into the imputations of accessing COAS family’s data unauthorisedly and illegally was subsequently issued to the accused employees on Jan 6. As a result, in two inquiries the committee found six officials responsible. He said a committee imposed a major penalty of termination from service under the Government Servants (Efficiency & Discipline) Rules 1973 on these six employees.

Data security

He said Nadra introduced a number of additional security protocols to check on its own employees’ behaviour. A few months ago, an additional service, ‘Ijazat Aap Ki’, was introduced to roll out a consent regime that informs citizens and asks for their permission in form of an OTP (one-time password) if their personal data is accessed remotely.

He said Artificial Intelligence-based log access reviews now send alerts of suspicious activities of employees. Mr Malik is the first chairman who had taken unprecedented measures to secure data and focus on privacy of citizen’s personal data.

Meanwhile, in a message to Nadra employees, a copy of which is available with Dawn, the Nadra chairman has referred to various steps taken for their welfare, including a 65 per cent raise in salaries and a policy to reward those showing remarkable performance.

He said people trusted Nadra, which was a custodian of their personal and family information. He said there would be zero tolerance for any breach, adding that an AI-based system had been put in place and all possible steps had been taken to safeguard the public data.

Referring to some guiding principles, the chairman said no Nadra employee was authorised to use logins of any other colleague, no data entry operator had the permission to access personal data of any citizen and biometric of a family member was an essential requirement to access anybody’s family tree.

He said a comprehensive monitoring system was being developed to check any possible violation and as many as 131 had so far been dismissed in its light.

He made it clear that unauthorised access to somebody’s data was a grave violation of the law and under Section 28 of the act may entail imprisonment of up to five years, a fine up to Rs1 million or both.

He also alluded in the letter towards the incident involving data of COAS’ family and said six officials down from the level of a junior executive to director have been removed from service and criminal case against them were being filed.

He urged the employees to keep in mind the fundamental principle that be it a common citizen or an important office holder, the secrecy and security of their data should be the foremost priority.

He asked them not only to discharge their duties with honesty, but also to keep a vigilant eye on suspected individuals, and to inform their seniors in case somebody persuades them to access personal data of a citizen.

Published in Dawn, May 6th, 2023

Opinion

Editorial

Strange claim
Updated 21 Dec, 2024

Strange claim

In all likelihood, Pakistan and US will continue to be ‘frenemies'.
Media strangulation
21 Dec, 2024

Media strangulation

AEMEND, in a recent statement, has only now drawn attention to the reality that has plagued Pakistani media for a...
Israeli rampage
21 Dec, 2024

Israeli rampage

ALONG with the genocide in Gaza, Israel has embarked on a regional rampage, attacking Arab and Muslim states with...
Tax amendments
Updated 20 Dec, 2024

Tax amendments

Bureaucracy gimmicks have not produced results, will not do so in the future.
Cricket breakthrough
20 Dec, 2024

Cricket breakthrough

IT had been made clear to Pakistan that a Champions Trophy without India was not even a distant possibility, even if...
Troubled waters
20 Dec, 2024

Troubled waters

LURCHING from one crisis to the next, the Pakistani state has been consistent in failing its vulnerable citizens....