Amidst data harvesting allegations, Karnataka CM Siddaramaiah pulls down his app
Shortly after the Cambridge Analytica controversy, the Congress and BJP traded accusations of data harvesting.
On Thursday, the Karnataka government announced that it was taking down its app ‘Siddaramaiah’.
And while the Karnataka CM that this was because of his pictures being there on the app violated the Election Commission’s Model Code of Conduct, he did not address the data harvesting allegations the Karnataka BJP had made against the Congress.
The CM’s app has several pictures of mine. Deleting them individually is not an option. So I had asked the e-Gov Dept to suspend the CM’s citizen connect app in order to remain compliant with the code of conduct. It can be revived after elections. https://t.co/OhbYnQg9iW
— Siddaramaiah (@siddaramaiah) March 29, 2018
In last 4 days,
— BJP Karnataka (@BJP4Karnataka) March 29, 2018
- Cong at Centre deleted their app
- Wylie named Cong as CA client
- Irrefutable evidence as Cong symbol found at Alexander Nix's office, & now,
- CM Siddu deletes his app.
Cong's hatred for democracy is stronger than Pak's obsession for Kashmir.
The app launched in October, 2017 used to promote the Karnataka government’s achievement and policies during the tenure of his government.
The Model Code of Conduct which has been in place since Tuesday when the dates for the Karnataka Assembly election were announced, dictate that no government platform can have photographs of candidates or messages promoting the government's achievements.
Due to this, the BBMP has also been actively removing government posters, and hoardings featuring government ads. Similarly, photos of the CM and other ministers have been removed from government websites.
Incidentally, the Congress party’s official app was also removed from Google and other app stores on March 26 after it came to light that the party may have been involved in misusing citizens’ data. Prime Minister Narendra Modi NaMo app, which is owned by a private company, has also come under scrutiny for allegedly sharing data with third parties without the users’ consent.
This is not the first time data misuse allegations have been made against the Siddaramaiah app. Bengaluru-based techie Shreeharsha Perla had alleged earlier it was sharing user data with third parties.
He also highlighted that the data is not sent through an insecure server.
Siddaramaiah APP, run by Government of Karnataka(unlike NM app) sends my details to a website owned by a private company.
— Shreeharsha Perla (@harshaperla) March 26, 2018
Data is not encrypted, sent as http instead https pic.twitter.com/xj2IGSdh2x
His expose was also partially corroborated by French data security researcher Baptiste Robert who tweets under the name Elliot Alderson. He said that he was unable to do a “dynamic analysis” due to technical issues.
He said, “I decompiled the app and found this code in the registration method. During the registration, the name, phone number, date of birth, gender of the user is sent to http://citizenoutreachapp.
3/ I decompiled the app and found this code in the registration method. During the registration, the name, phone number, date of birth, gender of the user is send to https://t.co/mYIwWi6Pf1. pic.twitter.com/PX2TdMAXnS
— Elliot Alderson (@fs0c131y) March 29, 2018
He did however back Shreeharsha Perla’s claims. “As a conclusion, the @harshaperla tweets seems to be true. I guess the owner of the app entered in panic mode just after his tweet and tried to remove the evidences.”
6/ As a conclusion, the @harshaperla tweets seems to be true. I guess the owner of the app entered in panic mode just after his tweet and tried to remove the evidences pic.twitter.com/Dmw05mUlVL
— Elliot Alderson (@fs0c131y) March 29, 2018
But this claim was refuted by Kumar Piyush, who built the CM’s app. Speaking with The Hindu, he said, “It was only during the test run that data was hosted in private servers. After the app was approved, all the data is with the State government itself,”