The National Telecommunication Monitoring Centre has closed the access of the Bangladesh Police’s Anti-Terrorism Unit and Rapid Action Battalion-6 to its National Intelligence Platform, allegedly for selling about 15,000 people’s personal data, including their National Identity Card details, call recordings, and SIM card data, to unidentified people by some officials.
The two security agencies now have to collect citizens’ personal data from their headquarters and mobile operators instead of the NTMC’s National Intelligence Platform, causing a delay in investigations, according to officials.
Confirming the matter to ¶¶Òõ¾«Æ· on Saturday, NTMC director general Major General Ziaul Ahsan said, ‘We have closed ATU and RAB-6’s access to our national intelligence platform for selling citizens’ personal data to others through messenger and telegram apps.’
‘The two agencies have lost trust. They have to collect data from police headquarters or mobile operators now,’ he said.
‘Anyone other than the designated persons can’t access our server,’ added the NTMC chief.
Asked if they had any information about where the data was sold, the NTMC director general said that they had no information about it.
‘We don’t know who is the buyer of the data, but whoever they might be transferring citizens’ personal data to any unauthorised person is unlawful,’ he said.
‘The two organisations have to find out where the data was sold,’ he added.
On April 28, NTMC sent a letter to the home ministry seeking action against ATU superintendent of police Farhana Yasmin and RAB-6 assistant superintendent of police Tarek Anam Banna for their alleged involvement in the act.Â
The letter said that the two officials had sold NID cards and call data records of mobile phones taken from March 25 and April 25 to others by taking money.
Although the NTMC, in their letter to the home ministry, did not mention the number of citizens whose data had been sold, NTMC director general Ziaul confirmed that the number might be around 15,000 people.
The ATU chief, additional inspector general of police SM Ruhul Amin, however, claimed that SP Farhana Yasmin had no connection with selling the citizens’ personal data and that ATU Cyber Crime wing constable Mritunjoy Chowdhury and Operations Wing constable Khairul Islam were involved in selling the citizens’ data.
‘We have suspended the two constables after conducting a two-day investigation when we came to know about the matter verbally from the NTMC. They had sold a few people’s data,’ Ruhul said, adding that the suspension took place before the NTMC sent the official letter to the home ministry.
He said that they had to suffer a delay in the investigation for not having access to the NTMC server.
Asked about the matter, RAB media and legal wing director, Commander Arafat Islam, said that they were investigating the allegation against the ASP.
‘We cannot say anything right now as the investigation is underway,’ he added.
This is not the first time that citizens’ personal data has been leaked or sold.
A government website earlier leaked personal information about citizens, including their full name, phone number, email address, and national ID number, according to a report by the United States-based tech news site TechCrunch published on July 7, 2023.
The report stated that Viktor Markopoulos, a researcher who works for Bitcrack Cyber Security, accidentally discovered the leak on June 27, and shortly after contacted the Bangladeshi e-Government Computer Incident Response Team.
The leak includes the data of several million Bangladeshi citizens, the report said, referring to Markopoulos.
In Bangladesh, everyone aged 18 and over is issued a National Identity Card, which assigns a unique ID to every citizen.
The card is mandatory for obtaining several services, such as a driver’s license, a passport, buying and selling land, and opening a bank account.
