Aadhaar contractor got funds from CIA

Discussion in 'Internal Security' started by SajeevJino, Dec 4, 2013.

  1. SajeevJino

    SajeevJino Long walk Elite Member

    Joined:
    Feb 21, 2012
    Messages:
    5,650
    Likes Received:
    3,031
    Location:
    Inside a Cage
    MongoDB startup hired by Aadhaar got funds from CIA VC arm



    [​IMG]


    Two weeks ago, Max Schireson, chief executive of MongoDB, a New York-based technology startup, was in New Delhi to sew up a very important contract for his company — with the Unique Identification Authority of India (UIDAI).

    The contract is yet to be announced but what could raise eyebrows is the fact that MongoDB is part-funded by the US' Central Intelligence Agency.

    The company is expected to help in capturing and analysing data related to the ambitious plan to issue a unique identity number — Aadhaar — to over a billion citizens.

    MongoDB, which makes software that helps manage large databases, especially unstructured data, has raised $231 million (Rs1,400 crore) since being founded in 2007. Some of its funding is from In-Q-Tel, the not-for-profit venture capital arm of CIA.

    While MongoDB lists In-Q-Tel as one of its investors on its website, the company has not disclosed the quantum of funding received from it. The fund's stated mission is to identify, adapt and deliver innovative technology solutions to support the missions of CIA and the broader US intelligence community.

    Besides CIA, In-Q-Tel works with National Geospatial-Intelligence Agency, Defense Intelligence Agency and Department of Homeland Security Science and Technology Directorate.

    Once an investment is made, IQT (the fund) works with the company and theintelligence community partner agency to complete a work program and facilitate solution delivery," the fund's website said. The quote describes IQT's relationship with any company in which it invests in and is not specific to MongoDB.

    Neither UIDAI nor MongoDB responded to queries from ET on whether the CIA link was considered before entering into a partnership. UIDAI Chairman Nandan Nilekani did not respond to emails, messages and phone calls.

    A senior UIDAI official confirmed the agency has entered into an agreement with MongoDB and that the company's database software is already being used for analysing the pace at which registration of new beneficiaries is taking place.

    It is not clear if MongoDB's vendor relationship would be with UID directly or with one of the system integrators that UID works with. Schireson, the CEO, was also one of the national co-chairs for Technology for Obama, an interest group that campaigned for the reelection of President Barack Obama after his first term.

    There is no evidence in the public domain that the firm is controlled or significantly influenced by the CIA in any manner.

    But the revelations of Edward Snowden, a former NSA contractor-turned-whistleblower that US intelligence agencies routinely intercepted communication in Europe and Asia, including in India has raised concerns. Experts said the UID's centralised design could pose a risk, where even a single mistake can make the whole system disproportionately vulnerable.

    "The risk exposure because of CIA involvement (could be that) if MongoDB is a data controller, then secret courts and secret court orders could be used to get access to the UID data," said Sunil Abraham, executive director at the Centre for Internet and Society.

    He added that even if UIDAI is only using the source code without getting into a commercial relationship with MongoDB, they should audit the source code to check if CIA has introduced any back doors. "This is because Snowden has told us that the army of mathematicians working for the US government has compromised some standards even though they were developed in an open, participatory and transparent fashion." MongoDB, whose name is a play on the word humongous, competes with OracleBSE -0.20 %, IBM and Microsoft.


    It has around 320 employees and some 600 customers. At its latest round of $150 million in fund-raising in October, the company was valued at about $1.2 billion, according to Bloomberg. Other investors include Intel Capital, Salesforce-.com, Red Hat and Sequoia.
     
  2.  
  3. pmaitra

    pmaitra Moderator Moderator

    Joined:
    Mar 10, 2009
    Messages:
    31,625
    Likes Received:
    17,101
    Location:
    EST, USA
    Please do not editorialize thread titles. I will change "Aadhaar got funds from CIA," which is untrue, to "Aadhaar contractor got funds from CIA."
     
    SajeevJino likes this.
  4. Free Karma

    Free Karma Senior Member Senior Member

    Joined:
    Oct 3, 2013
    Messages:
    2,372
    Likes Received:
    2,576
    Location:
    Chennai
    It's not really aadhar, but it's the parent company of the database company that supplies the db software. I wish Nandan or someone in charge had come out and clarified a few things so that it wouldnt get people paranoid,

    MongoDb itself is open source, like android, i.e you can download the source code, modify vast parts of it, and use to fit your purposes. Of course you can also buy an already built version which might have questionable components added to it (seeing how the article mentions they entered into an agreement, I guess they are going to go with some sort of assistance from mongodb). So it really depends on how they are using the software, what and how it's deployed etc.
     
    Last edited: Dec 4, 2013
  5. pmaitra

    pmaitra Moderator Moderator

    Joined:
    Mar 10, 2009
    Messages:
    31,625
    Likes Received:
    17,101
    Location:
    EST, USA
    So is this a Cloud-based application? Are they going to make a whole bunch of SOAP calls to interact with this MongoDB? Shouldn't this Unique Identification Number remain in safe hands and completely within India? The mention of CIA makes me paranoid.

    When Indian Railways started computerizing, they hired programmers, who built the servers for ticketing and reservation. Everything is self contained, with all the programmers hired as full-time employees, with no outside "contracts" to anyone. The name of the organization is CRIS (Centre for Railway Information Systems). Why couldn't UIDAI do the same with this Unique Identification Number?
     
    Tronic, SajeevJino and Free Karma like this.
  6. Free Karma

    Free Karma Senior Member Senior Member

    Joined:
    Oct 3, 2013
    Messages:
    2,372
    Likes Received:
    2,576
    Location:
    Chennai
    We'll never know unless the guys in charge come out and talk about the nature of the relationship, which they seem to not be doing. I hope more pressure is applied on them,especially in light of recent events.

    Also the top infosys guys give me the impression that they love being subservient to the U.S which kinda makes me feel uneasy, but being the head of such an important project, I really hope Nandan has his head in the right place,

    Mongodb skills are available in the country, it's a fairly common db, they couldve hired people from within the country...hmm ot sure why they had to goutside. But as far as the database itself is concerned, it is pretty good choice for large database systems.
     

Share This Page