Is Your Data Safe on the GST Network (GSTN)?
In July 2017, there were reports of the biggest ever data breach in India in which the personal data of more than 100 million customers got compromised. Sensitive information including customer details, like name, email addresses, date of activation, mobile numbers were found on a website. In a few instance even the Aadhaar or Unique Identification Number was also available. Though the company assured customers and clients that its subscriber data was protected by high levels of security, it filed a complaint alleging unlawful access of its systems.
Add to that the numerous media reports of personal details of Aadhaar holders getting leaked and in fact getting published on websites. In such a precarious situation, it’s anyone’s guess what can happen to the super sensitive details of the GSTN where apart from personal details there would be financial details and other monetary aspects. No wonder, the development has prompted calls for the country to adopt and install stronger laws and mechanism to protect consumers from data breaches and failures.
Scale of the GST rollout and implementation
India has 50 million SMEs and 3,100 startups. The GST Network (GSTN) will throw up 5 billion invoices a month; plus, the 15 million retailers that have to digitize sales. The scale is mind-boggling. However, looking at the level of data security that exists in India, a question mark hangs on the security of data when everything is online. Besides wilful crime there could be a data crash. What happens then?
The Goods and Services Tax Network (GSTN) is the nodal agency for providing IT services and infrastructure to the Central and State Governments along with the tax payers and other stakeholders for implementing the GST. With such sensitive information, it’s essential to have a robust security system in place to ensure foolproof protection of data and other tax-related information. The system must also have complete stability as well as backup.
Why is the data sensitive for businesses and enterprises?
Data security is of utmost importance for all, particularly for businesses and enterprises. Let’s take an example: If invoicing details get leaked it can be damaging for a business because in the invoice, the item cost is included. And in case a competitor gets to know the details it could be a substantial setback. Therefore, the GST information must be doubly encrypted and the best possible security system must be in place.
Data security standards in India’s Information Security Systems
India ranks 23rd among 165 countries on the Global Cybersecurity Index (GCI), released by the International Telecommunication Union (ITU), the UN telecommunications agency. The agency says that more effort is required in this critical area. The GCI measures a number of factors for its findings including the key areas of Legal, organizational, technical, capacity building and international cooperation.
Compared to companies in the European Union (EU), which have typically stringent data protection standards, Indian companies do not have to reveal data breaches to clients. This raises ethical questions of accountability and security. Moreover, if super sensitive information get leaked easily, there is very little reason to believe that the same cannot happen with the GSTN. Regular media reports of multiple leaks from the government’s end are not reassuring. Ministries and departments have been found to be sharing information, resulting in the disclosure of names, numbers, addresses as well as bank account numbers and details.
The Narendra Modi government has been pushing for digital governance and cashless economy through steps such as the GST. In this context, protection of official, private, and classified data assumes unparalleled significance. Governments must consider digital risks as a high-priority area and take effective steps to thwart data breaches and thefts. The image of a digital India becomes precarious with reports of frequent data breaches, debit card forgeries as well as cyber-attacks.
_20250103105141_original_image_12.webp)
