ISLAMABAD: The National Database and Registration Authority (Nadra) has initiated criminal proceedings against its employees behind the saga involving unauthorised access to data of the family of Chief of Army Staff (COAS) Gen Asim Munir.

An informed source told Dawn that the elements on whose behest the breach took place were also being acted against. As many as six Nadra employees had been terminated from service for illegally accessing COAS’ family’s record, following four separate inquiries ordered by Nadra Chairman Tariq Malik on Dec 23, 2022, and March 2, 2023, the source disclosed.

A joint probe conducted by Nadra and a sensitive security agency in December last year discovered that Farooq Ahmed, a junior executive employee working on a project of the Benazir Income Support Programme, was the first person to have unlawfully accessed the data in question.

The high-powered inquiry committee on the direction of the incumbent chairman expanded the scope of the investigation by technically analysing logins, user IDs, system logs and IP addresses that were intact, reflecting the strength of the authority’s database.

This led to the identification of a total of 10 employees who illegally accessed record of the army chief’s family. After a fact-finding inquiry, the suspects were cross-examined and a detailed probe was launched.

Elements on whose behest the breach took place are also being acted against, after sacking of six employees

Hence, a charge sheet into the imputations of accessing COAS family’s data unauthorisedly and illegally was subsequently issued to the accused employees on Jan 6. As a result, in two inquiries the committee found six officials responsible. He said a committee imposed a major penalty of termination from service under the Government Servants (Efficiency & Discipline) Rules 1973 on these six employees.

Data security

He said Nadra introduced a number of additional security protocols to check on its own employees’ behaviour. A few months ago, an additional service, ‘Ijazat Aap Ki’, was introduced to roll out a consent regime that informs citizens and asks for their permission in form of an OTP (one-time password) if their personal data is accessed remotely.

He said Artificial Intelligence-based log access reviews now send alerts of suspicious activities of employees. Mr Malik is the first chairman who had taken unprecedented measures to secure data and focus on privacy of citizen’s personal data.

Meanwhile, in a message to Nadra employees, a copy of which is available with Dawn, the Nadra chairman has referred to various steps taken for their welfare, including a 65 per cent raise in salaries and a policy to reward those showing remarkable performance.

He said people trusted Nadra, which was a custodian of their personal and family information. He said there would be zero tolerance for any breach, adding that an AI-based system had been put in place and all possible steps had been taken to safeguard the public data.

Referring to some guiding principles, the chairman said no Nadra employee was authorised to use logins of any other colleague, no data entry operator had the permission to access personal data of any citizen and biometric of a family member was an essential requirement to access anybody’s family tree.

He said a comprehensive monitoring system was being developed to check any possible violation and as many as 131 had so far been dismissed in its light.

He made it clear that unauthorised access to somebody’s data was a grave violation of the law and under Section 28 of the act may entail imprisonment of up to five years, a fine up to Rs1 million or both.

He also alluded in the letter towards the incident involving data of COAS’ family and said six officials down from the level of a junior executive to director have been removed from service and criminal case against them were being filed.

He urged the employees to keep in mind the fundamental principle that be it a common citizen or an important office holder, the secrecy and security of their data should be the foremost priority.

He asked them not only to discharge their duties with honesty, but also to keep a vigilant eye on suspected individuals, and to inform their seniors in case somebody persuades them to access personal data of a citizen.

Published in Dawn, May 6th, 2023

Opinion

Editorial

A positive note
Updated 10 Feb, 2025

A positive note

With govt unable to press growth accelerator without upending fragile recovery, sufferings of low-middle-income households are unlikely to disappear soon.
Justice for all
10 Feb, 2025

Justice for all

ALONG with his domestic agenda, Donald Trump is busy ripping to shreds the post-World War II ‘rules-based...
Held back
10 Feb, 2025

Held back

IT is a crying shame how women are conspicuously absent from Pakistan’s civil services. Despite comprising half ...
Race against time
Updated 09 Feb, 2025

Race against time

While some bright spots emerged at Breathe Pakistan moot, we must streamline our climate governance.
Open door
09 Feb, 2025

Open door

THE door is still open for talks, National Assembly Speaker Ayaz Sadiq has reminded the PTI. What matters, however,...
Football suspension
09 Feb, 2025

Football suspension

ONCE again, Pakistan has been ousted from the global football family. FIFA recently suspended the Pakistan Football...