Thiruvananthapuram: Amid the debate over security of individuals’ private data, it was found that most of the government departments in Kerala have not incorporated the digital signature technology to their electronic file transactions, rendering them vulnerable to data theft and loss of privacy.
The data leak from Service and Payroll Repository of Kerala (SPARK), the database of over 5.5 lakh government employees and pensioners in the state, was primarily due to non-implementation of the digital signature system proposed by the government two years ago.
Though the state government had instructed the Drawing and Disbursing Officers (DDOs), numbering about 30,000, to obtain digital signatures from the Kerala State Electronics Development Corporation Limited (Keltron) for processing salaries through the SPARK, the response to the directive was underwhelming. The government issued a final warning to comply with its order, but not many DDOs have toed the line.
Digital signatures are as secure as wet signatures on paper. The DDOs would create a digital signature based on the personal information provided by a government servant and save it in a digital storage devise. To process monthly salaries, DDOs are required to log on to the SPARK portal and enter the confidential username and the password assigned to each employee.
After updating the salary particulars, the information would be uploaded on the Treasury website. To complete the process, they need to connect the storage devise to the computer and affix the signature of the individual on the document.
By introducing the digital signature technique, outsourcing of the works related to the preparation of salary bills to private agencies could be prevented to a certain extent.
Digital signature system from next year
In order to curb data leak from the Service and Payroll Repository of Kerala, digital signature would be made mandatory for e-file transactions from the next fiscal onward, said Treasury director A M Jafar.
“Strict instruction had been given to DDOs against revealing the usernames of password of salary accounts of employees to unauthorized persons. Action will be initiated against those who are found to be violating the norm,” he said.