Anyone with your National ID number can get your address and names of people living in your house

You have probably heard about the different ways of checking if you are registered to vote for the next elections. But did you realise that the electoral commission actually allows anyone else to access some of your personal details just by entering your National ID Number?

Wanna give a try? -> http://electoral.govmu.org/portal/sites/electoral2014/default.jsp

Searching for an elector

Just enter the National ID card of the person you want to look for and click on the “Search” button :

Electoral Main Search

For those who did not know, that’s my name above.

Don’t look so surprised please. http://www.dooshiantsinghblogs.com was a bit long, so I opted for http://www.yashvinblogs.com instead. ^^

Other registered electors in the same household

Things get worse when they provide an additional feature : Get a list of all registered voters in the same household by clicking on the name in the previous result ;

Electoral Household

How can this be potentially dangerous?

While it does not sound alarming at first, it can be, depending on how these information can be used and manipulated for evil needs.

Marketing purposes

Let’s say that you purchased a mobile phone at a shop. The owner has most probably your ID card number. He keys in the ID card. He gets a list of everyone else in your household who is above 18 years old ( and also, registered to vote). He can already include the list of your family members in his next marketing strategy.

That’s how sometimes you can’t understand how Company X got your home address and name correct when you never purchased anything from them!

Getting hold of your home address

Someone gets hold of a bank of data containing list of National Identity cards. It isn’t quite difficult when you think about it. Even the government has publicly made available several similar lists on the governmental web sites. One of my blogger friend, Ish Sookun wrote about these problems when names were leaked on the Tourism Authority web site and same on the MNIS web site.

That person keys in the ID card number and VOILA! He now knows your home address and also, the names of other people living with you too. Now, he can plan his visit to your house.

The risk of getting the online database exploited

Without any offense to those government officers, we all know how reliable our governmental institutions and services can be. It has already been proven in the past especially with the vulnerabilities in the online servers and after the huge problem affecting all governmental web sites and email addresses. By connecting the database containing details of about approximately 900,000 electors to the internet, I have some doubts. It might probably be among one of the biggest online database connected to the internet through which queries are being made from a Mauritian governmental web site.

Is the IT structure secure enough? How can we be sure that hackers can’t get access to those thousands of records?

How it could be made more secure?

That can be a quite challenging practical issue we have here. Those who log in the MRA web site to submit their annual tax returns might recall that no password is needed. You just key in your Tax ID to log in the web site to fill in the tax. However, no personal information is displayed.

mra

The Electoral Commission should perhaps mask those details too. Taking into consideration that no authentification method is used and that anyone can access these details, why is there the need to display my own household members and the home address in this context?

A last point : Some might argue that those names are made available to the political agents during the election period. You have surely seen them in the corner of streets, drawing a line on the names of those heading towards the vote centers. Yes, that’s true but those lists are not available to the wide public, nor the names are grouped by households.

But don’t worry! The government has even further plans. Biometric National Identity Cards

Advertisements

12 thoughts on “Anyone with your National ID number can get your address and names of people living in your house

Add yours

  1. Well…nothing surprising..we all knew it was gonna be shit…soon we will be sold like cattle to foreigners who require slaves…fingerprints are already there…just incriminate you in a crime, blackmail you about your family members… kidnap them…or so.. (total extreme..but then…) 😛

    Like

  2. No capcha? You realize anyone can get all of these information about anybody by using a simple script right?

    Holy shit. We need a batman or a Mauritian Edward Snowden.

    Like

      1. Here the misuse of data will be from the marketer side. When you agreed to give your nid to the phone store, it becomes your responsibility as you decided to give that number voluntarily. As per data protection laws everywhere in the world, am organisation need to ask for the data only it needs for the purpose of the transaction and cannot store the data longer than needed. We may well ban the MT phonebooks too as it contain all such data.

        Sometime we have to make a choice. Either we stay secured in our house or we take a few risks (accidents, weather, personal safety etc ) and we step out of our fortress. Another example, The best way to keep a PC secure is to keep it isolated, not linked to internet, no usb/disc use. No virus, no hacking, no nothing. Then whats the use?The same applies in most fields including IT and internet. We have to see where we get more benefits. We cannot just find evil in all actions. I am an IT person in private sector and i am not siding on public IT officers. This is an open debate and i just expressed my views.

        Like

      2. Prior to giving access to these details through a public Web site, no one had access to the names of people living under my roof or even my address except of course the relevant authorities. Risks have already been detailed in my post.

        Like

  3. most people create facebook accounts and agree to have their information given to anyone whos willing to pay for it. yet we all happily upload our pics and info and private life. so in terms of marketing we are already all doing it anyway.

    Like

    1. HAven’t you heard of Privacy Settings? I’m on FB, and I have made everything visible only to a few friends. You can’t even find me if you search. It’s called using the brain.

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: